Index: head/lib/libc/gen/sysctl.3 =================================================================== --- head/lib/libc/gen/sysctl.3 (revision 253661) +++ head/lib/libc/gen/sysctl.3 (revision 253662) @@ -1,874 +1,870 @@ .\" Copyright (c) 1993 .\" The Regents of the University of California. All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" 4. Neither the name of the University nor the names of its contributors .\" may be used to endorse or promote products derived from this software .\" without specific prior written permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" .\" @(#)sysctl.3 8.4 (Berkeley) 5/9/95 .\" $FreeBSD$ .\" .Dd May 17, 2013 .Dt SYSCTL 3 .Os .Sh NAME .Nm sysctl , .Nm sysctlbyname , .Nm sysctlnametomib .Nd get or set system information .Sh LIBRARY .Lb libc .Sh SYNOPSIS .In sys/types.h .In sys/sysctl.h .Ft int .Fn sysctl "const int *name" "u_int namelen" "void *oldp" "size_t *oldlenp" "const void *newp" "size_t newlen" .Ft int .Fn sysctlbyname "const char *name" "void *oldp" "size_t *oldlenp" "const void *newp" "size_t newlen" .Ft int .Fn sysctlnametomib "const char *name" "int *mibp" "size_t *sizep" .Sh DESCRIPTION The .Fn sysctl function retrieves system information and allows processes with appropriate privileges to set system information. The information available from .Fn sysctl consists of integers, strings, and tables. Information may be retrieved and set from the command interface using the .Xr sysctl 8 utility. .Pp Unless explicitly noted below, .Fn sysctl returns a consistent snapshot of the data requested. Consistency is obtained by locking the destination buffer into memory so that the data may be copied out without blocking. Calls to .Fn sysctl are serialized to avoid deadlock. .Pp The state is described using a ``Management Information Base'' (MIB) style name, listed in .Fa name , which is a .Fa namelen length array of integers. .Pp The .Fn sysctlbyname function accepts an ASCII representation of the name and internally looks up the integer name vector. Apart from that, it behaves the same as the standard .Fn sysctl function. .Pp The information is copied into the buffer specified by .Fa oldp . The size of the buffer is given by the location specified by .Fa oldlenp before the call, and that location gives the amount of data copied after a successful call and after a call that returns with the error code .Er ENOMEM . If the amount of data available is greater than the size of the buffer supplied, the call supplies as much data as fits in the buffer provided and returns with the error code .Er ENOMEM . If the old value is not desired, .Fa oldp and .Fa oldlenp should be set to NULL. .Pp The size of the available data can be determined by calling .Fn sysctl with the .Dv NULL argument for .Fa oldp . The size of the available data will be returned in the location pointed to by .Fa oldlenp . For some operations, the amount of space may change often. For these operations, the system attempts to round up so that the returned size is large enough for a call to return the data shortly thereafter. .Pp To set a new value, .Fa newp is set to point to a buffer of length .Fa newlen from which the requested value is to be taken. If a new value is not to be set, .Fa newp should be set to NULL and .Fa newlen set to 0. .Pp The .Fn sysctlnametomib function accepts an ASCII representation of the name, looks up the integer name vector, and returns the numeric representation in the mib array pointed to by .Fa mibp . The number of elements in the mib array is given by the location specified by .Fa sizep before the call, and that location gives the number of entries copied after a successful call. The resulting .Fa mib and .Fa size may be used in subsequent .Fn sysctl calls to get the data associated with the requested ASCII name. This interface is intended for use by applications that want to repeatedly request the same variable (the .Fn sysctl function runs in about a third the time as the same request made via the .Fn sysctlbyname function). The .Fn sysctlnametomib function is also useful for fetching mib prefixes and then adding a final component. For example, to fetch process information for processes with pid's less than 100: .Pp .Bd -literal -offset indent -compact int i, mib[4]; size_t len; struct kinfo_proc kp; /* Fill out the first three components of the mib */ len = 4; sysctlnametomib("kern.proc.pid", mib, &len); /* Fetch and print entries for pid's < 100 */ for (i = 0; i < 100; i++) { mib[3] = i; len = sizeof(kp); if (sysctl(mib, 4, &kp, &len, NULL, 0) == -1) perror("sysctl"); else if (len > 0) printkproc(&kp); } .Ed .Pp The top level names are defined with a CTL_ prefix in .In sys/sysctl.h , and are as follows. The next and subsequent levels down are found in the include files listed here, and described in separate sections below. .Bl -column CTLXMACHDEPXXX "Next level namesXXXXXX" -offset indent .It Sy "Name Next level names Description" .It "CTL_DEBUG sys/sysctl.h Debugging" .It "CTL_VFS sys/mount.h File system" .It "CTL_HW sys/sysctl.h Generic CPU, I/O" .It "CTL_KERN sys/sysctl.h High kernel limits" .It "CTL_MACHDEP sys/sysctl.h Machine dependent" .It "CTL_NET sys/socket.h Networking" .It "CTL_USER sys/sysctl.h User-level" .It "CTL_VM vm/vm_param.h Virtual memory" .El .Pp For example, the following retrieves the maximum number of processes allowed in the system: .Pp .Bd -literal -offset indent -compact int mib[2], maxproc; size_t len; mib[0] = CTL_KERN; mib[1] = KERN_MAXPROC; len = sizeof(maxproc); sysctl(mib, 2, &maxproc, &len, NULL, 0); .Ed .Pp To retrieve the standard search path for the system utilities: .Pp .Bd -literal -offset indent -compact int mib[2]; size_t len; char *p; mib[0] = CTL_USER; mib[1] = USER_CS_PATH; sysctl(mib, 2, NULL, &len, NULL, 0); p = malloc(len); sysctl(mib, 2, p, &len, NULL, 0); .Ed .Ss CTL_DEBUG The debugging variables vary from system to system. A debugging variable may be added or deleted without need to recompile .Fn sysctl to know about it. Each time it runs, .Fn sysctl gets the list of debugging variables from the kernel and displays their current values. The system defines twenty .Pq Vt "struct ctldebug" variables named .Va debug0 through .Va debug19 . They are declared as separate variables so that they can be individually initialized at the location of their associated variable. The loader prevents multiple use of the same variable by issuing errors if a variable is initialized in more than one place. For example, to export the variable .Va dospecialcheck as a debugging variable, the following declaration would be used: .Pp .Bd -literal -offset indent -compact int dospecialcheck = 1; struct ctldebug debug5 = { "dospecialcheck", &dospecialcheck }; .Ed .Ss CTL_VFS A distinguished second level name, VFS_GENERIC, is used to get general information about all file systems. One of its third level identifiers is VFS_MAXTYPENUM that gives the highest valid file system type number. Its other third level identifier is VFS_CONF that returns configuration information about the file system type given as a fourth level identifier (see .Xr getvfsbyname 3 as an example of its use). The remaining second level identifiers are the file system type number returned by a .Xr statfs 2 call or from VFS_CONF. The third level identifiers available for each file system are given in the header file that defines the mount argument structure for that file system. .Ss CTL_HW The string and integer information available for the CTL_HW level is detailed below. The changeable column shows whether a process with appropriate privilege may change the value. .Bl -column "Second level nameXXXXXX" integerXXX -offset indent .It Sy "Second level name Type Changeable" .It "HW_MACHINE string no" .It "HW_MODEL string no" .It "HW_NCPU integer no" .It "HW_BYTEORDER integer no" .It "HW_PHYSMEM integer no" .It "HW_USERMEM integer no" .It "HW_PAGESIZE integer no" .\".It "HW_DISKNAMES integer no" .\".It "HW_DISKSTATS integer no" .It "HW_FLOATINGPT integer no" .It "HW_MACHINE_ARCH string no" .It "HW_REALMEM integer no" .El .Bl -tag -width 6n .It Li HW_MACHINE The machine class. .It Li HW_MODEL The machine model .It Li HW_NCPU The number of cpus. .It Li HW_BYTEORDER The byteorder (4,321, or 1,234). .It Li HW_PHYSMEM The bytes of physical memory. .It Li HW_USERMEM The bytes of non-kernel memory. .It Li HW_PAGESIZE The software page size. .\".It Fa HW_DISKNAMES .\".It Fa HW_DISKSTATS .It Li HW_FLOATINGPT Nonzero if the floating point support is in hardware. .It Li HW_MACHINE_ARCH The machine dependent architecture type. .It Li HW_REALMEM The bytes of real memory. .El .Ss CTL_KERN The string and integer information available for the CTL_KERN level is detailed below. The changeable column shows whether a process with appropriate privilege may change the value. The types of data currently available are process information, system vnodes, the open file entries, routing table entries, virtual memory statistics, load average history, and clock rate information. .Bl -column "KERNXMAXFILESPERPROCXXX" "struct clockrateXXX" -offset indent .It Sy "Second level name Type Changeable" .It "KERN_ARGMAX integer no" .It "KERN_BOOTFILE string yes" .It "KERN_BOOTTIME struct timeval no" .It "KERN_CLOCKRATE struct clockinfo no" .It "KERN_FILE struct xfile no" .It "KERN_HOSTID integer yes" .It "KERN_HOSTUUID string yes" .It "KERN_HOSTNAME string yes" .It "KERN_JOB_CONTROL integer no" .It "KERN_MAXFILES integer yes" .It "KERN_MAXFILESPERPROC integer yes" .It "KERN_MAXPROC integer no" .It "KERN_MAXPROCPERUID integer yes" .It "KERN_MAXVNODES integer yes" .It "KERN_NGROUPS integer no" .It "KERN_NISDOMAINNAME string yes" .It "KERN_OSRELDATE integer no" .It "KERN_OSRELEASE string no" .It "KERN_OSREV integer no" .It "KERN_OSTYPE string no" .It "KERN_POSIX1 integer no" .It "KERN_PROC node not applicable" .It "KERN_PROF node not applicable" .It "KERN_QUANTUM integer yes" .It "KERN_SAVED_IDS integer no" .It "KERN_SECURELVL integer raise only" .It "KERN_UPDATEINTERVAL integer no" .It "KERN_VERSION string no" .It "KERN_VNODE struct xvnode no" .El .Bl -tag -width 6n .It Li KERN_ARGMAX The maximum bytes of argument to .Xr execve 2 . .It Li KERN_BOOTFILE The full pathname of the file from which the kernel was loaded. .It Li KERN_BOOTTIME A .Va struct timeval structure is returned. This structure contains the time that the system was booted. .It Li KERN_CLOCKRATE A .Va struct clockinfo structure is returned. This structure contains the clock, statistics clock and profiling clock frequencies, the number of micro-seconds per hz tick and the skew rate. .It Li KERN_FILE Return the entire file table. The returned data consists of an array of .Va struct xfile , whose size depends on the current number of such objects in the system. .It Li KERN_HOSTID Get or set the host ID. .It Li KERN_HOSTUUID Get or set the host's universally unique identifier (UUID). .It Li KERN_HOSTNAME Get or set the hostname. .It Li KERN_JOB_CONTROL Return 1 if job control is available on this system, otherwise 0. .It Li KERN_MAXFILES The maximum number of files that may be open in the system. .It Li KERN_MAXFILESPERPROC The maximum number of files that may be open for a single process. This limit only applies to processes with an effective uid of nonzero at the time of the open request. Files that have already been opened are not affected if the limit or the effective uid is changed. .It Li KERN_MAXPROC The maximum number of concurrent processes the system will allow. .It Li KERN_MAXPROCPERUID The maximum number of concurrent processes the system will allow for a single effective uid. This limit only applies to processes with an effective uid of nonzero at the time of a fork request. Processes that have already been started are not affected if the limit is changed. .It Li KERN_MAXVNODES The maximum number of vnodes available on the system. .It Li KERN_NGROUPS The maximum number of supplemental groups. .It Li KERN_NISDOMAINNAME The name of the current YP/NIS domain. .It Li KERN_OSRELDATE The kernel release version in the format .Ar M Ns Ar mm Ns Ar R Ns Ar xx , where .Ar M is the major version, .Ar mm is the two digit minor version, .Ar R is 0 if release branch, otherwise 1, and .Ar xx is updated when the available APIs change. .Pp The userland release version is available from .In osreldate.h ; parse this file if you need to get the release version of the currently installed userland. .It Li KERN_OSRELEASE The system release string. .It Li KERN_OSREV The system revision string. .It Li KERN_OSTYPE The system type string. .It Li KERN_POSIX1 The version of .St -p1003.1 with which the system attempts to comply. .It Li KERN_PROC Return selected information about specific running processes. .Pp For the following names, an array of .Va struct kinfo_proc structures is returned, whose size depends on the current number of such objects in the system. .Bl -column "Third level nameXXXXXX" "Fourth level is:XXXXXX" -offset indent .It "Third level name Fourth level is:" .It "KERN_PROC_ALL None" .It "KERN_PROC_PID A process ID" .It "KERN_PROC_PGRP A process group" .It "KERN_PROC_TTY A tty device" .It "KERN_PROC_UID A user ID" .It "KERN_PROC_RUID A real user ID" .El .Pp If the third level name is .Dv KERN_PROC_ARGS then the command line argument array is returned in a flattened form, i.e., zero-terminated arguments follow each other. The total size of array is returned. It is also possible for a process to set its own process title this way. If the third level name is .Dv KERN_PROC_PATHNAME , the path of the process' text file is stored. For .Dv KERN_PROC_PATHNAME , a process ID of .Li \-1 implies the current process. .Bl -column "Third level nameXXXXXX" "Fourth level is:XXXXXX" -offset indent .It Sy "Third level name Fourth level is:" .It Dv KERN_PROC_ARGS Ta "A process ID" .It Dv KERN_PROC_PATHNAME Ta "A process ID" .El .It Li KERN_PROF Return profiling information about the kernel. If the kernel is not compiled for profiling, attempts to retrieve any of the KERN_PROF values will fail with .Er ENOENT . The third level names for the string and integer profiling information is detailed below. The changeable column shows whether a process with appropriate privilege may change the value. .Bl -column "GPROFXGMONPARAMXXX" "struct gmonparamXXX" -offset indent .It Sy "Third level name Type Changeable" .It "GPROF_STATE integer yes" .It "GPROF_COUNT u_short[\|] yes" .It "GPROF_FROMS u_short[\|] yes" .It "GPROF_TOS struct tostruct yes" .It "GPROF_GMONPARAM struct gmonparam no" .El .Pp The variables are as follows: .Bl -tag -width 6n .It Li GPROF_STATE Returns GMON_PROF_ON or GMON_PROF_OFF to show that profiling is running or stopped. .It Li GPROF_COUNT Array of statistical program counter counts. .It Li GPROF_FROMS Array indexed by program counter of call-from points. .It Li GPROF_TOS Array of .Va struct tostruct describing destination of calls and their counts. .It Li GPROF_GMONPARAM Structure giving the sizes of the above arrays. .El .It Li KERN_QUANTUM The maximum period of time, in microseconds, for which a process is allowed to run without being preempted if other processes are in the run queue. .It Li KERN_SAVED_IDS Returns 1 if saved set-group and saved set-user ID is available. .It Li KERN_SECURELVL The system security level. This level may be raised by processes with appropriate privilege. It may not be lowered. .It Li KERN_VERSION The system version string. .It Li KERN_VNODE Return the entire vnode table. Note, the vnode table is not necessarily a consistent snapshot of the system. The returned data consists of an array whose size depends on the current number of such objects in the system. Each element of the array consists of a .Va struct xvnode . .El .Ss CTL_NET The string and integer information available for the CTL_NET level is detailed below. The changeable column shows whether a process with appropriate privilege may change the value. .Bl -column "Second level nameXXXXXX" "routing messagesXXX" -offset indent .It Sy "Second level name Type Changeable" .It "PF_ROUTE routing messages no" .It "PF_INET IPv4 values yes" .It "PF_INET6 IPv6 values yes" .El .Bl -tag -width 6n .It Li PF_ROUTE Return the entire routing table or a subset of it. The data is returned as a sequence of routing messages (see .Xr route 4 for the header file, format and meaning). The length of each message is contained in the message header. .Pp The third level name is a protocol number, which is currently always 0. The fourth level name is an address family, which may be set to 0 to select all address families. The fifth, sixth, and seventh level names are as follows: .Bl -column -offset indent "Fifth level Sixth level" "Seventh level" .It Sy "Fifth level Sixth level" Ta Sy "Seventh level" .It "NET_RT_FLAGS rtflags" Ta "None" .It "NET_RT_DUMP None" Ta "None or fib number" .It "NET_RT_IFLIST 0 or if_index" Ta None .It "NET_RT_IFMALIST 0 or if_index" Ta None .It "NET_RT_IFLISTL 0 or if_index" Ta None .El .Pp The .Dv NET_RT_IFMALIST name returns information about multicast group memberships on all interfaces if 0 is specified, or for the interface specified by .Va if_index . .Pp The .Dv NET_RT_IFLISTL is like .Dv NET_RT_IFLIST , just returning message header structs with additional fields allowing the interface to be extended without breaking binary compatibility. The .Dv NET_RT_IFLISTL uses 'l' versions of the message header structures: .Va struct if_msghdrl and .Va struct ifa_msghdrl . .It Li PF_INET Get or set various global information about the IPv4 (Internet Protocol version 4). The third level name is the protocol. The fourth level name is the variable name. The currently defined protocols and names are: .Bl -column ProtocolXX VariableXX TypeXX ChangeableXX .It Sy "Protocol Variable Type Changeable" .It "icmp bmcastecho integer yes" .It "icmp maskrepl integer yes" .It "ip forwarding integer yes" .It "ip redirect integer yes" .It "ip ttl integer yes" .It "udp checksum integer yes" .El .Pp The variables are as follows: .Bl -tag -width 6n .It Li icmp.bmcastecho Returns 1 if an ICMP echo request to a broadcast or multicast address is to be answered. .It Li icmp.maskrepl Returns 1 if ICMP network mask requests are to be answered. .It Li ip.forwarding Returns 1 when IP forwarding is enabled for the host, meaning that the host is acting as a router. .It Li ip.redirect Returns 1 when ICMP redirects may be sent by the host. This option is ignored unless the host is routing IP packets, and should normally be enabled on all systems. .It Li ip.ttl The maximum time-to-live (hop count) value for an IP packet sourced by the system. This value applies to normal transport protocols, not to ICMP. .It Li udp.checksum Returns 1 when UDP checksums are being computed and checked. Disabling UDP checksums is strongly discouraged. .Pp For variables net.inet.*.ipsec, please refer to .Xr ipsec 4 . .El .It Li PF_INET6 Get or set various global information about the IPv6 (Internet Protocol version 6). The third level name is the protocol. The fourth level name is the variable name. .Pp For variables net.inet6.* please refer to .Xr inet6 4 . For variables net.inet6.*.ipsec6, please refer to .Xr ipsec 4 . .El .Ss CTL_USER The string and integer information available for the CTL_USER level is detailed below. The changeable column shows whether a process with appropriate privilege may change the value. .Bl -column "USER_COLL_WEIGHTS_MAXXXX" "integerXXX" -offset indent .It Sy "Second level name Type Changeable" .It "USER_BC_BASE_MAX integer no" .It "USER_BC_DIM_MAX integer no" .It "USER_BC_SCALE_MAX integer no" .It "USER_BC_STRING_MAX integer no" .It "USER_COLL_WEIGHTS_MAX integer no" .It "USER_CS_PATH string no" .It "USER_EXPR_NEST_MAX integer no" .It "USER_LINE_MAX integer no" .It "USER_POSIX2_CHAR_TERM integer no" .It "USER_POSIX2_C_BIND integer no" .It "USER_POSIX2_C_DEV integer no" .It "USER_POSIX2_FORT_DEV integer no" .It "USER_POSIX2_FORT_RUN integer no" .It "USER_POSIX2_LOCALEDEF integer no" .It "USER_POSIX2_SW_DEV integer no" .It "USER_POSIX2_UPE integer no" .It "USER_POSIX2_VERSION integer no" .It "USER_RE_DUP_MAX integer no" .It "USER_STREAM_MAX integer no" .It "USER_TZNAME_MAX integer no" .El .Bl -tag -width 6n .It Li USER_BC_BASE_MAX The maximum ibase/obase values in the .Xr bc 1 utility. .It Li USER_BC_DIM_MAX The maximum array size in the .Xr bc 1 utility. .It Li USER_BC_SCALE_MAX The maximum scale value in the .Xr bc 1 utility. .It Li USER_BC_STRING_MAX The maximum string length in the .Xr bc 1 utility. .It Li USER_COLL_WEIGHTS_MAX The maximum number of weights that can be assigned to any entry of the LC_COLLATE order keyword in the locale definition file. .It Li USER_CS_PATH Return a value for the .Ev PATH environment variable that finds all the standard utilities. .It Li USER_EXPR_NEST_MAX The maximum number of expressions that can be nested within parenthesis by the .Xr expr 1 utility. .It Li USER_LINE_MAX The maximum length in bytes of a text-processing utility's input line. .It Li USER_POSIX2_CHAR_TERM Return 1 if the system supports at least one terminal type capable of all operations described in .St -p1003.2 , otherwise 0. .It Li USER_POSIX2_C_BIND Return 1 if the system's C-language development facilities support the C-Language Bindings Option, otherwise 0. .It Li USER_POSIX2_C_DEV Return 1 if the system supports the C-Language Development Utilities Option, otherwise 0. .It Li USER_POSIX2_FORT_DEV Return 1 if the system supports the FORTRAN Development Utilities Option, otherwise 0. .It Li USER_POSIX2_FORT_RUN Return 1 if the system supports the FORTRAN Runtime Utilities Option, otherwise 0. .It Li USER_POSIX2_LOCALEDEF Return 1 if the system supports the creation of locales, otherwise 0. .It Li USER_POSIX2_SW_DEV Return 1 if the system supports the Software Development Utilities Option, otherwise 0. .It Li USER_POSIX2_UPE Return 1 if the system supports the User Portability Utilities Option, otherwise 0. .It Li USER_POSIX2_VERSION The version of .St -p1003.2 with which the system attempts to comply. .It Li USER_RE_DUP_MAX The maximum number of repeated occurrences of a regular expression permitted when using interval notation. .It Li USER_STREAM_MAX The minimum maximum number of streams that a process may have open at any one time. .It Li USER_TZNAME_MAX The minimum maximum number of types supported for the name of a timezone. .El .Ss CTL_VM The string and integer information available for the CTL_VM level is detailed below. The changeable column shows whether a process with appropriate privilege may change the value. .Bl -column "Second level nameXXXXXX" "struct loadavgXXX" -offset indent .It Sy "Second level name Type Changeable" .It "VM_LOADAVG struct loadavg no" .It "VM_TOTAL struct vmtotal no" -.It "VM_PAGEOUT_ALGORITHM integer yes" .It "VM_SWAPPING_ENABLED integer maybe" .It "VM_V_CACHE_MAX integer yes" .It "VM_V_CACHE_MIN integer yes" .It "VM_V_FREE_MIN integer yes" .It "VM_V_FREE_RESERVED integer yes" .It "VM_V_FREE_TARGET integer yes" .It "VM_V_INACTIVE_TARGET integer yes" .It "VM_V_PAGEOUT_FREE_MIN integer yes" .El .Bl -tag -width 6n .It Li VM_LOADAVG Return the load average history. The returned data consists of a .Va struct loadavg . .It Li VM_TOTAL Return the system wide virtual memory statistics. The returned data consists of a .Va struct vmtotal . -.It Li VM_PAGEOUT_ALGORITHM -0 if the statistics-based page management algorithm is in use -or 1 if the near-LRU algorithm is in use. .It Li VM_SWAPPING_ENABLED 1 if process swapping is enabled or 0 if disabled. This variable is permanently set to 0 if the kernel was built with swapping disabled. .It Li VM_V_CACHE_MAX Maximum desired size of the cache queue. .It Li VM_V_CACHE_MIN Minimum desired size of the cache queue. If the cache queue size falls very far below this value, the pageout daemon is awakened. .It Li VM_V_FREE_MIN Minimum amount of memory (cache memory plus free memory) required to be available before a process waiting on memory will be awakened. .It Li VM_V_FREE_RESERVED Processes will awaken the pageout daemon and wait for memory if the number of free and cached pages drops below this value. .It Li VM_V_FREE_TARGET The total amount of free memory (including cache memory) that the pageout daemon tries to maintain. .It Li VM_V_INACTIVE_TARGET The desired number of inactive pages that the pageout daemon should achieve when it runs. Inactive pages can be quickly inserted into process address space when needed. .It Li VM_V_PAGEOUT_FREE_MIN If the amount of free and cache memory falls below this value, the pageout daemon will enter "memory conserving mode" to avoid deadlock. .El .Sh RETURN VALUES .Rv -std .Sh FILES .Bl -tag -width -compact .It In sys/sysctl.h definitions for top level identifiers, second level kernel and hardware identifiers, and user level identifiers .It In sys/socket.h definitions for second level network identifiers .It In sys/gmon.h definitions for third level profiling identifiers .It In vm/vm_param.h definitions for second level virtual memory identifiers .It In netinet/in.h definitions for third level IPv4/IPv6 identifiers and fourth level IPv4/v6 identifiers .It In netinet/icmp_var.h definitions for fourth level ICMP identifiers .It In netinet/icmp6.h definitions for fourth level ICMPv6 identifiers .It In netinet/udp_var.h definitions for fourth level UDP identifiers .El .Sh ERRORS The following errors may be reported: .Bl -tag -width Er .It Bq Er EFAULT The buffer .Fa name , .Fa oldp , .Fa newp , or length pointer .Fa oldlenp contains an invalid address. .It Bq Er EINVAL The .Fa name array is less than two or greater than CTL_MAXNAME. .It Bq Er EINVAL A non-null .Fa newp is given and its specified length in .Fa newlen is too large or too small. .It Bq Er ENOMEM The length pointed to by .Fa oldlenp is too short to hold the requested value. .It Bq Er ENOMEM The smaller of either the length pointed to by .Fa oldlenp or the estimated size of the returned data exceeds the system limit on locked memory. .It Bq Er ENOMEM Locking the buffer .Fa oldp , or a portion of the buffer if the estimated size of the data to be returned is smaller, would cause the process to exceed its per-process locked memory limit. .It Bq Er ENOTDIR The .Fa name array specifies an intermediate rather than terminal name. .It Bq Er EISDIR The .Fa name array specifies a terminal name, but the actual name is not terminal. .It Bq Er ENOENT The .Fa name array specifies a value that is unknown. .It Bq Er EPERM An attempt is made to set a read-only value. .It Bq Er EPERM A process without appropriate privilege attempts to set a value. .El .Sh SEE ALSO .Xr confstr 3 , .Xr kvm 3 , .Xr sysconf 3 , .Xr sysctl 8 .Sh HISTORY The .Fn sysctl function first appeared in .Bx 4.4 . Index: head/sys/vm/vm_param.h =================================================================== --- head/sys/vm/vm_param.h (revision 253661) +++ head/sys/vm/vm_param.h (revision 253662) @@ -1,149 +1,147 @@ /*- * Copyright (c) 1991, 1993 * The Regents of the University of California. All rights reserved. * * This code is derived from software contributed to Berkeley by * The Mach Operating System project at Carnegie-Mellon University. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 4. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * from: @(#)vm_param.h 8.1 (Berkeley) 6/11/93 * * * Copyright (c) 1987, 1990 Carnegie-Mellon University. * All rights reserved. * * Authors: Avadis Tevanian, Jr., Michael Wayne Young * * Permission to use, copy, modify and distribute this software and * its documentation is hereby granted, provided that both the copyright * notice and this permission notice appear in all copies of the * software, derivative works or modified versions, and any portions * thereof, and that both notices appear in supporting documentation. * * CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS "AS IS" * CONDITION. CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND * FOR ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE. * * Carnegie Mellon requests users of this software to return to * * Software Distribution Coordinator or Software.Distribution@CS.CMU.EDU * School of Computer Science * Carnegie Mellon University * Pittsburgh PA 15213-3890 * * any improvements or extensions that they make and grant Carnegie the * rights to redistribute these changes. * * $FreeBSD$ */ /* * Machine independent virtual memory parameters. */ #ifndef _VM_PARAM_ #define _VM_PARAM_ #include /* * CTL_VM identifiers */ #define VM_TOTAL 1 /* struct vmtotal */ #define VM_METER VM_TOTAL/* deprecated, use VM_TOTAL */ #define VM_LOADAVG 2 /* struct loadavg */ #define VM_V_FREE_MIN 3 /* cnt.v_free_min */ #define VM_V_FREE_TARGET 4 /* cnt.v_free_target */ #define VM_V_FREE_RESERVED 5 /* cnt.v_free_reserved */ #define VM_V_INACTIVE_TARGET 6 /* cnt.v_inactive_target */ #define VM_V_CACHE_MIN 7 /* cnt.v_cache_min */ #define VM_V_CACHE_MAX 8 /* cnt.v_cache_max */ #define VM_V_PAGEOUT_FREE_MIN 9 /* cnt.v_pageout_free_min */ -#define VM_PAGEOUT_ALGORITHM 10 /* pageout algorithm */ -#define VM_SWAPPING_ENABLED 11 /* swapping enabled */ -#define VM_MAXID 12 /* number of valid vm ids */ +#define VM_SWAPPING_ENABLED 10 /* swapping enabled */ +#define VM_MAXID 11 /* number of valid vm ids */ #define CTL_VM_NAMES { \ { 0, 0 }, \ { "vmtotal", CTLTYPE_STRUCT }, \ { "loadavg", CTLTYPE_STRUCT }, \ { "v_free_min", CTLTYPE_UINT }, \ { "v_free_target", CTLTYPE_UINT }, \ { "v_free_reserved", CTLTYPE_UINT }, \ { "v_inactive_target", CTLTYPE_UINT }, \ { "v_cache_min", CTLTYPE_UINT }, \ { "v_cache_max", CTLTYPE_UINT }, \ { "v_pageout_free_min", CTLTYPE_UINT}, \ - { "pageout_algorithm", CTLTYPE_INT}, \ { "swap_enabled", CTLTYPE_INT},\ } /* * Structure for swap device statistics */ #define XSWDEV_VERSION 1 struct xswdev { u_int xsw_version; dev_t xsw_dev; int xsw_flags; int xsw_nblks; int xsw_used; }; /* * Return values from the VM routines. */ #define KERN_SUCCESS 0 #define KERN_INVALID_ADDRESS 1 #define KERN_PROTECTION_FAILURE 2 #define KERN_NO_SPACE 3 #define KERN_INVALID_ARGUMENT 4 #define KERN_FAILURE 5 #define KERN_RESOURCE_SHORTAGE 6 #define KERN_NOT_RECEIVER 7 #define KERN_NO_ACCESS 8 #ifndef PA_LOCK_COUNT #ifdef SMP #define PA_LOCK_COUNT 32 #else #define PA_LOCK_COUNT 1 #endif /* !SMP */ #endif /* !PA_LOCK_COUNT */ #ifndef ASSEMBLER #ifdef _KERNEL #define num_pages(x) \ ((vm_offset_t)((((vm_offset_t)(x)) + PAGE_MASK) >> PAGE_SHIFT)) extern unsigned long maxtsiz; extern unsigned long dfldsiz; extern unsigned long maxdsiz; extern unsigned long dflssiz; extern unsigned long maxssiz; extern unsigned long sgrowsiz; #endif /* _KERNEL */ #endif /* ASSEMBLER */ #endif /* _VM_PARAM_ */ Index: head/tools/tools/sysdoc/tunables.mdoc =================================================================== --- head/tools/tools/sysdoc/tunables.mdoc (revision 253661) +++ head/tools/tools/sysdoc/tunables.mdoc (revision 253662) @@ -1,2410 +1,2407 @@ # $FreeBSD$ --- debug.disablecwd bool Determines whether or not the .Xr getwcd 3 system call should be allowed. --- debug.disablefullpath bool Determines whether or not the .Fn vn_fullpath function may be used. --- debug.dobkgrdwrite bool Determines if background writes should be performed. --- debug.hashstat.nchash struct Displays nchash chain lengths. This is a read-only variable. --- debug.hashstat.rawnchash --- debug.ieee80211 bool This .Nm allows you to enable or disable debugging for 802.11 devices. --- debug.kdb.available variable Used to retrieve a list of currently available debugger backends. --- debug.kdb.current variable Allows for the selection of the debugger backend which is used to handle debugger requests. --- debug.kdb.enter variable When written to, the system should break to the debugger. --- debug.malloc.failure_count bool Number of times a coerced malloc failure has occurred as a result of .Va debug.malloc.failure_rate . Useful for tracking what might have happened and whether failures are being generated. --- debug.malloc.failure_rate bool Debugging feature causing .Dv M_NOWAIT allocations to fail at a specified rate. How often to generate a failure: if set to 0 (default), this feature is disabled. In other words if set to 10 (one in ten .Xr malloc 3 calls will fail). --- debug.rman_debug bool This .Nm allows you to enable or disable debugging for .Xr rman 9 , the .Fx resource manager. --- debug.sizeof.bio --- debug.sizeof.buf --- debug.sizeof.cdev --- debug.sizeof.devstat --- debug.sizeof.kinfo_proc --- debug.sizeof.proc --- debug.sizeof.vnode --- debug.vnlru_nowhere --- hw.acpi.cpu.current_speed bool Display the current CPU speed. This is adjustable, but doing so is not recommended. --- hw.acpi.cpu.max_speed int Allows you to change the stepping for processor speed on machines which support .Xr acpi 4 . --- hw.acpi.disable_on_poweroff bool Some systems using .Xr acpi 4 have problems powering off when shutting down with .Xr acpi 4 enabled. This .Nm disables .Xr acpi 4 when rebooting and shutting down. --- hw.acpi.s4bios bool This .Nm determines whether or not the S4BIOS sleep implementation should be used. --- hw.acpi.sleep_delay int Set the sleep delay for .Xr acpi 4 . --- hw.acpi.supported_sleep_state bool List supported .Tn ACPI sleep states --- hw.acpi.thermal.min_runtime --- hw.acpi.thermal.polling_rate int The interval in seconds that should be used to check the current system temperature. --- hw.acpi.thermal.tz0.temperature str Displays the current temperature. This is a read-only variable. --- hw.acpi.thermal.tz0.thermal_flags --- hw.acpi.verbose bool Determines whether or not .Xr acpi 4 should be verbose. --- hw.ata.ata_dma bool Allows the enabling and disabling of DMA for ATA devices. --- hw.ata.atapi_dma bool Allows the enabling and disabling of DMA for atapi devices, such as CD-ROM drives. --- hw.ata.tags bool An experimental feature for IDE hard drives which allows write caching to be turned on. Please read the .Xr tuning 7 manual page carefully before using this. --- hw.ata.wc bool Determines whether or not IDE write caching should be turned on or off. See .Xr tuning 7 for more information. --- hw.bus.devctl_disable bool This can be used to turn off .Xr devctl 4 when no .Xr devd 8 is running. --- hw.bus.devices --- hw.bus.info int This is an internally used function that returns the kernel bus interface version. --- hw.bus.rman --- hw.busdmafree_bpages --- hw.busdma.reserved_bpages --- hw.busdma.active_bpages --- hw.busdma.total_bpages --- hw.busdma.total_bounced --- hw.busdma.total_deferred --- hw.byteorder int Returns the system byte order. This is a read-only variable. --- hw.cardbus.cis_debug --- hw.cardbus.debug --- hw.cbb.debug --- hw.cbb.start_16_io --- hw.cbb.start_32_io --- hw.cbb.start_memory --- hw.floatingpoint bool Reports true if the machine has a floating point processor. This is a read-only variable. --- hw.fxp0.bundle_max int Controls the receive interrupt microcode bundle size limit for the .Xr fxp 4 device. --- hw.fxp0.int_delay int Controls the receive interrupt microcode bundling delay for the .Xr fxp 4 device. --- hw.fxp_noflow bool Disables flow control support on .Xr fxp 4 cards. When flow control is enabled, and if the operating system does not acknowledge the packet buffer filling, the card will begin to generate Ethernet quench packets, but appears to get into a feedback loop of some sort, hosing local switches. This is a workaround for this issue. --- hw.fxp_rnr int Set the amount of times that a no-resource condition may occur before the .Xr fxp 4 device may restart. --- hw.instruction_sse bool Returns true if SSE support is enabled in the kernel. This is a read-only variable. --- hw.intrcnt bool Displays a list of interrupt counters. This is a read-only variable. --- hw.intrnames str Displays a list of zero-terminated interrupt names. This is a read-only variable. --- hw.kbd.keymap_restrict_change bool This sysctl acts as a sort of secure-level, allowing control of the console keymap. Giving this a value of 1 means that only the root user can change restricted keys (like boot, panic...). A value of 2 means that only root can change restricted keys and regular keys. Regular users still can change accents and function keys. A value of 3 means only root can change restricted, regular and accent keys, while a value of 4 means that no changes to the keymap are allowed by anyone other than the root user. --- hw.machine str Displays the machine class. This is a read-only variable. --- hw.machine_arch str Displays the current architecture. This is a read-only variable. --- hw.model str Displays the model information of the current running hardware. This is a read-only variable. --- hw.ncpu bool Report the number of CPU's in the system. This is a read-only variable. --- hw.pagesize int Displays the current .Xr pagesize 1 . This is a read-only variable. --- hw.pccard.cis_debug int Allows debugging to be turned on or off for CIS. --- hw.pccard.debug bool Determines whether or not to use debugging for the PC Card bus driver. --- hw.pci.allow_unsupported_io_range bool Some machines do not detect their CardBus slots correctly because they use unsupported I/O ranges. This .Nm allows FreeBSD to use those ranges. --- hw.pci.enable_io_modes --- hw.snd.pcm0.ac97rate --- hw.snd.verbose int Control the level of verbosity for the .Pa /dev/sndstat device. See the .Xr pcm 4 man page for more information on debug levels. --- hw.snd.report_soft_formats bool Controls the internal format conversion if it is available transparently to the application software. See .Xr pcm 4 for more information. --- hw.syscons.bell bool Allows you to control whether or not to use the 'bell' while using the console. This is turned on by default. --- hw.syscons.saver.keybonly bool This variable tells the system that the screen saver may only wake up if the keyboard is used. This means that log messages that are pushed to the console will not cause the screen saver to stop, and display the log message will not display. This can be disabled to mimic the behavior of older syscons. --- hw.syscons.sc_no_suspend_vtswitch bool Disables switching between virtual terminals during suspend or resume. See .Xr syscons 4 for more information. --- hw.wi.debug bool Controls the level of debugging for .Xr wi 4 devices. --- hw.wi.txerate int This value allows controls the maximum amount of error messages per second. Giving this .Nm a value of 0 (zero) disables error messages completely. --- kern.acct_chkfreq int Specifies the frequency (in minutes) with which free disk space should be checked. This is used in conjunction with .Va kern.acct_resume and .Va kern.acct_suspend. --- kern.acct_resume int The percentage of free disk space above which process accounting will resume. --- kern.acct_suspend int The percentage of free disk space below which process accounting stops. --- kern.argmax bool The maximum number of bytes that can be used in an argument to .Xr execve 2 . This is basically the maximum number of characters which can be used in a single command line. On some rare occasions, this value needs altering. If so, please check out the .Xr xargs 1 utility. --- kern.bootfile str The kernel which was used to boot the system. --- kern.boottime str The time at which the current kernel became active after the system booted. This is a read-only variable. --- kern.chroot_allow_open_directories bool Depending on the setting of this variable, open file descriptors which reference directories will fail. If set to .Em 0 , .Xr chroot 8 will always fail with .Er EPERM if there are any directories open. If set to .Em 1 (the default), .Xr chroot 8 will fail with .Er EPERM if there are any directories open and the process is already subject to the .Xr chroot 8 system call. Any other value will bypass the check for open directories. Please see the .Xr chroot 2 man page for more information. --- kern.clockrate struct Displays information about the system clock. This is a read-only variable. --- kern.console --- kern.coredump bool Determines where the kernel should dump a core file in the event of a kernel panic. --- kern.corefile str Describes the file name that a core image should be stored to. See the .Xr core 5 man page for more information on this variable. --- kern.cp_time struct Contains CPU time statistics. This is a read-only variable. --- kern.devname struct An internally used .Nm that returns suitable device names for the .Fn devname function. See the .Xr devname 3 manual page for more information. --- kern.devstat.all struct An internally used .Nm that returns current devstat statistics as well as the current devstat generation number. See the .Xr devstat 3 man page for more information. --- kern.devstat.generation --- kern.devstat.numdevs --- kern.devstat.version int Displays the devstat list version number. This is a read-only variable. --- kern.disks str Display disk devices that the kernel is currently aware of. This is a read-only variable. --- kern.domainname str This shows the name of the current YP/NIS domain. --- kern.drainwait int The time to wait after dropping DTR to the given number. The units are measured in hundredths of a second. The default is 300 hundredths, i.e., 3 seconds. This option is needed mainly to set proper recover time after modem resets. --- kern.elf32.fallback_brand --- kern.fallback_elf_brand --- kern.file struct Returns the entire file structure. --- kern.function_list struct Returns all functions names in the kernel. --- kern.geom.confdot --- kern.geom.conftxt --- kern.geom.confxml --- kern.hostid int This .Nm may contain the IP address of the system. --- kern.hostname str Display the system hostname. This can be modified with the .Xr hostname 1 utility. --- kern.init_path string The path to search for the .Xr init 8 process. This is a read-only variable. --- kern.iov_max --- kern.ipc.clust_hiwm --- kern.ipc.clust_lowm --- kern.ipc.maxsockbuf int The maximum buffer size that may be allocated for sockets. See .Xr getsockopt 2 for more information. --- kern.ipc.maxsockets int The maximum number of sockets available. --- kern.ipc.mb_statpcpu --- kern.ipc.mbstat --- kern.ipc.mbuf_hiwm --- kern.ipc.mbuf_lowm --- kern.ipc.mbuf_wait --- kern.ipc.msqids --- kern.ipc.nmbclusters bool Maximum number of mbuf clusters available. The kernel uses a preallocated pool of .Dq mbuf clusters for the .Xr mbuf 9 allocator. The pool size is tuned by the kernel during boot. That size is set to a value which seems appropriate for the current system. --- kern.ipc.nmbcnt --- kern.ipc.nmbufs --- kern.ipc.nsfbufs --- kern.ipc.numopensockets --- kern.ipc.somaxconn int The maximum pending socket connection queue size. --- kern.ipc.zero_copy.receive bool When set to a non-zero value, zero copy is enabled for received packets. This reduces copying of data around for outgoing packets and can significantly improve throughput for network connections. --- kern.ipc.zero_copy.send bool When set to a non-zero value, zero copy is enabled for sent packets. This reduces copying of data around for outgoing packets and can significantly improve throughput for network connections. --- kern.job_control bool Reports whether or not job control is available. This is a read-only variable. --- kern.kq_calloutmax --- kern.lastpid int Displays the last PID used by a process. This is a read-only variable. --- kern.logsigexit bool Tells the kernel whether or not to log fatal signal exits. --- kern.malloc str Displays how memory is currently being allocated. This is a read-only variable. --- kern.maxfiles int The maximum number of files allowed for all the processes of the running kernel. You can override the default value which the kernel calculates by explicitly setting this to a non-zero value. Also see the .Xr tuning 7 man page for more information. --- kern.maxfilesperproc int The maximum number of files any one process can open. See the .Xr ps 1 utility for more information on monitoring processes. --- kern.maxproc int The maximum number of processes that the system can be running at any time. See the .Xr ps 1 utility for more information on monitoring processes. --- kern.maxprocperuid int The maximum number of processes one user ID can run. See the .Xr ps 1 utility for more information on monitoring processes. --- kern.maxusers int Controls the scaling of a number of static system tables, including defaults for the maximum number of open files, sizing of network memory resources, etc. See the .Xr tuning 7 man page for more information. This .Nm cannot be set using .Xr sysctl 8 . Use .Xr loader 8 instead to set this at boot time. --- kern.maxvnodes bool The maximum number of .Em vnodes (virtual file system nodes) the system can have open simultaneously. --- kern.minvnodes bool The minimun number of .Em vnodes (virtual file system nodes) the system can have open simultaneously. --- kern.module_path str This .Nm holds a colon-separated list of directories in which the kernel will search for loadable kernel modules. This path is search when using commands such as .Xr kldload 8 and .Xr kldunload 8 . --- kern.msgbuf string Contains the kernel message buffer. --- kern.msgbuf_clear bool Giving this .Nm a value of 1 (one) will cause the kernel message buffer to be cleared. It should be noted though, that the .Nm will then automatically revert back to it's original value of 0 (zero). --- kern.ngroups int Contains the maximum number of groups that a user may belong to. This is a read-only variable. --- kern.openfiles int Shows the current amount of system-wide open files. This is useful when used in conjunction with .Va kern.maxfiles for tuning your system. This is a read-only variable. --- kern.osreldate string Displays the kernel release date. This is a read-only variable. --- kern.osrelease str Displays the current version of .Fx running. This is a read-only variable. --- kern.osrevision string Displays the operating system revision. This is a read-only variable. --- kern.ostype str Alter the name of the current operating system. Changing this will change the output from the .Xr uname 1 utility. Changing the default is not recommended. --- kern.posix1version string Returns the version of .Tn POSIX that the system is attempting to comply with. This is a read-only variable. --- kern.proc.all --- kern.proc.args int Allows a process to retrieve the argument list or process title for another process without looking in the address space of another program. This is a read-only variable. --- kern.proc.pgrp --- kern.proc.pid struct This internally used .Nm may be used to extract process information. See .Xr sysctl 3 for an example. --- kern.proc.ruid --- kern.proc.tty --- kern.proc.uid --- kern.ps_argsopen bool By setting this to 0, command line arguments are hidden for processes which you are not running. This is useful on multi-user machines where things like passwords might accidentally be added to command line programs. --- kern.quantum --- kern.random.sys.burst --- kern.random.sys.harvest.ethernet --- kern.random.sys.harvest.interrupt --- kern.random.sys.harvest.point_to_point --- kern.random.sys.harvest.swi --- kern.random.sys.seeded --- kern.random.yarrow.bins --- kern.random.yarrow.fastthresh --- kern.random.yarrow.gengateinterval --- kern.random.yarrow.slowoverthresh --- kern.random.yarrow.slowthresh --- kern.randompid --- kern.rootdev string Displays the current root file system device. This is a read-only variable. --- kern.saved_ids bool Displays whether or not saved set-group/user ID is available. This is a read-only variable. --- kern.securelevel bool The current kernel security level. See the .Xr init 8 manual page for a good description about what a security level is. --- kern.sugid_coredump bool By default, a process that changes user or group credentials whether real or effective will not create a corefile. This behavior can be changed to generate a core dump by setting this variable to 1. --- kern.sync_on_panic bool In the event of a panic, this variable controls whether or not the system should try and .Xr sync 8 . In some circumstances, this could cause a double panic, and as a result, this may be turned off if needed. --- kern.threads.debug bool Determines whether to use debugging for kernel threads. This is useful for testing. --- kern.threads.max_groups_per_proc --- kern.threads.max_threads_hits --- kern.threads.max_threads_per_proc --- kern.threads.virtual_cpu int The maximum amount of virtual CPU's that be used for threading. --- kern.tty_nin --- kern.tty_nout --- kern.ttys bool Used internally by the .Xr pstat 8 command. This is a read-only variable. --- kern.version str Displays the current kernel version information. This is a read-only variable. --- machdep.acpi_root --- machdep.cpu_idle_hlt bool Halt idle CPUs. This is good for an SMP system. --- machdep.disable_mtrrs --- machdep.guessed_bootdev --- machdep.hyperthreading_allowed bool Setting this tunable to zero disables the use of additional logical processors provided by Intel HTT technology. --- machdep.panic_on_nmi --- machdep.siots --- net.inet.accf.unloadable --- net.inet.icmp.bmcastecho --- net.inet.icmp.drop_redirect --- net.inet.icmp.icmplim --- net.inet.icmp.icmplim_output --- net.inet.icmp.log_redirect --- net.inet.icmp.maskfake --- net.inet.icmp.maskrepl --- net.inet.ip.accept_sourceroute bool Controls forwarding of source-routed IP packets. --- net.inet.ip.check_interface bool This .Nm verifies that packets arrive on the correct interfaces. --- net.inet.ip.fastforwarding bool When fast forwarding is enabled, IP packets are forwarded directly to the appropriate network interface with a minimal validity checking, which greatly improves throughput. Please see the .Xr inet 4 man page for more information. --- net.inet.ip.forwarding bool Act as a gateway machine and forward packets. This can also be configured using the gateway_enable value in .Pa /etc/rc.conf --- net.inet.ip.fw.one_pass int --- net.inet.ip.intr_queue_drops --- net.inet.ip.intr_queue_maxlen --- net.inet.ip.keepfaith bool This is used in conjunction with .Xr faithd 8 to control the FAITH IPv6/v4 translator daemon. --- net.inet.ip.maxfragpackets --- net.inet.ip.maxfragsperpacket --- net.inet.ip.redirect bool Controls the sending of ICMP redirects in response to unforwardable IP packets. --- net.inet.ip.rtexpire int Lifetime in seconds of protocol-cloned IP routes after the last reference drops (default one hour). --- net.inet.ip.rtmaxcache int Trigger level of cached, unreferenced, protocol-cloned routes which initiates dynamic adaptation. --- net.inet.ip.rtminexpire int See .Xr inet 4 for more information. --- net.inet.ip.sendsourcequench bool This .Nm enables or disables the transmission of source quench packets. --- net.inet.ip.sourceroute bool Determines whether or not source routed IP packets should be forwarded. --- net.inet.ip.stats --- net.inet.ip.ttl int The TTL (time-to-live) to use for outgoing packets. --- net.inet.raw.maxdgram --- net.inet.raw.olddiverterror --- net.inet.raw.pcblist --- net.inet.raw.recvspace --- net.inet.tcp.always_keepalive bool Determines whether or not to attempt to detect dead TCP connections by sending 'keepalives' intermittently. This is enabled by default and can also be configured using the tcp_keepalive value in .Pa /etc/rc.conf --- net.inet.tcp.blackhole bool Manipulates system behavior when connection requests are received on a TCP port without a socket listening. See the .Xr blackhole 4 man page for more information. --- net.inet.tcp.delacktime --- net.inet.tcp.delayed_ack bool Historically speaking, this feature was designed to allow the acknowledgment to transmitted data to be returned along with the response. See the .Xr tuning 7 man page for more information. --- net.inet.tcp.do_tcpdrain --- net.inet.tcp.getcred --- net.inet.tcp.icmp_may_rst --- net.inet.tcp.inflight_debug bool Control debugging for the .Va net.inet.tcp.inflight_enable .Nm . Please see the .Xr tuning 7 man page for more information. --- net.inet.tcp.inflight_enable bool Turns on bandwidth delay product limiting for all TCP connections. Please see the .Xr tuning 7 man page for more information. --- net.inet.tcp.inflight_max bool .Em double check The maximum amount of data that may be queued for bandwidth delay product limiting. --- net.inet.tcp.inflight_min bool .Em double check The minimum amount of data that may be queued for bandwidth delay product limiting. --- net.inet.tcp.inflight_stab bool This parameter represents the maximal packets added to the bandwidth delay product window calculation. Changing this is not recommended. --- net.inet.tcp.isn_reseed_interval --- net.inet.tcp.local_slowstart_flightsize --- net.inet.tcp.log_in_vain bool Allows the system to log connections to TCP ports that do not have sockets listening. This variable can also be tuned by changing the value for log_in_vain in .Pa /etc/rc.conf --- net.inet.tcp.minmss bool Enable for network link optimization TCP can adjust its MSS and thus packet size according to the observed path MTU. This is done dynamically based on feedback from the remote host and network components along the packet path. This information can be abused to pretend an extremely low path MTU. --- net.inet.tcp.minmssoverload bool The PSS rate for the .Va net.inet.tcp.minmss sysctl. Setting this will force packets to be reset and dropped, this should hinder the availability of DoS attacks on WWW servers using POST attacks. --- net.inet.tcp.msl --- net.inet.tcp.mssdflt bool This is the default TCP Maximum Segment Size for TCP packets. The default setting is recommended in most cases. --- net.inet.tcp.v6mssdflt bool This is the default TCP Maximum Segment Size for TCP IPv6 packets. The default setting is recommend in most cases. --- net.inet.tcp.newreno --- net.inet.tcp.path_mtu_discovery --- net.inet.tcp.pcbcount --- net.inet.tcp.pcblist --- net.inet.tcp.recvspace bool This variables controls the amount of receive buffer space for any given TCP connection. This can be particularly useful when tuning network applications. See the .Xr tuning 7 man page for more information. --- net.inet.tcp.rexmit_min --- net.inet.tcp.rexmit_slop --- net.inet.tcp.rfc1323 bool Determines whether support for RFC1323 (TCP Extensions for High Performance) should be enabled. This variable can also be tuned by changing the value for tcp_extensions in .Pa /etc/rc.conf --- net.inet.tcp.rfc1644 --- net.inet.tcp.rfc3042 --- net.inet.tcp.rfc3390 --- net.inet.tcp.sendspace bool This variables controls the amount of send buffer space for any given TCP connection. This can be particularly useful when tuning network applications. See the .Xr tuning 7 manual page for more information. --- net.inet.tcp.slowstart_flightsize --- net.inet.tcp.stats --- net.inet.tcp.syncache.bucketlimit --- net.inet.tcp.syncache.cachelimit --- net.inet.tcp.syncache.count --- net.inet.tcp.syncache.hashsize --- net.inet.tcp.syncache.rexmtlimit --- net.inet.tcp.syncookies --- net.inet.tcp.tcbhashsize --- net.inet.tcp.v6mssdflt --- net.inet.udp.blackhole bool Manipulates system behavior when connection requests are received on a UDP port. See the .Xr blackhole 4 man page for more information. --- net.inet.udp.getcred --- net.inet.udp.log_in_vain bool Allows the system to log connections to UDP ports that do not have sockets listening. This variable can also be tuned by changing the value for log_in_vain in .Pa /etc/rc.conf --- net.inet.udp.maxdgram --- net.inet.udp.pcblist --- net.inet.udp.recvspace --- net.inet.udp.stats --- net.inet6.icmp6.errppslimit --- net.inet6.icmp6.nd6_debug --- net.inet6.icmp6.nd6_delay --- net.inet6.icmp6.nd6_maxnudhint --- net.inet6.icmp6.nd6_mmaxtries --- net.inet6.icmp6.nd6_prune --- net.inet6.icmp6.nd6_umaxtries --- net.inet6.icmp6.nd6_useloopback --- net.inet6.icmp6.nodeinfo --- net.inet6.icmp6.rediraccept --- net.inet6.icmp6.redirtimeout --- net.inet6.tcp6.getcred --- net.inet6.udp6.getcred --- net.isr.enable --- net.link.ether.inet.log_arp_movements --- net.link.ether.inet.log_arp_wrong_iface --- net.link.ether.ipfw --- net.link.generic.ifdata --- net.link.generic.system.ifcount --- net.link.gif.max_nesting bool Determines whether to allow recursive tunnels or not. --- net.link.gif.parallel_tunnels bool Determines whether to allow parallel tunnels or not. --- net.local.dgram.pcblist --- net.local.stream.pcblist --- security.bsd.see_other_uids bool Turning this option on will prevent users from viewing information about processes running under other user id numbers (UIDs). --- security.bsd.suser_enabled --- security.bsd.unprivileged_proc_debug --- security.bsd.unprivileged_read_msgbuf --- security.jail.set_hostname_allowed bool Determines whether or not the root user within the jail can set the hostname. --- security.jail.socket_unixiproute_only --- security.jail.sysvipc_allowed --- security.mac.biba.enabled bool Enables enforcement of the Biba integrity policy. --- security.mac.biba.ptys_equal bool Label .Sm off .Xr pty 4 s .Sm on as .Dq biba/equal upon creation. --- security.mac.biba.revocation_enabled bool Revoke access to objects if the label is changed to dominate the subject. --- security.mac.enforce_fs bool Enforce MAC policies for file system accesses. --- security.mac.enforce_kld bool Enforce MAC policies on .Xr kld 4 . --- security.mac.enforce_network bool Enforce MAC policies on network interfaces. --- security.mac.enforce_pipe bool Enforce MAC policies on pipes. --- security.mac.enforce_process bool Enforce MAC policies between system processes (e.g. .Xr ps 1 , .Xr ktrace 2 ). --- security.mac.enforce_socket bool Enforce MAC policies on sockets. --- security.mac.enforce_system bool Enforce MAC policies on system-related items (e.g. .Xr kenv 1 , .Xr acct 2 , .Xr reboot 2 ). --- security.mac.enforce_vm bool Enforce MAC policies on .Xr mmap 2 and .Xr mprotect 2 . --- security.mac.ifoff.lo_enabled bool Use this too disable network traffic over the loopback .Xr lo 4 interface. See .Xr mac_ifoff 4 for more information. --- security.mac.ifoff.other_enabled bool Use this to enable network traffic over other interfaces. See .Xr mac_ifoff 4 for more information. --- security.mac.ifoff.bpfrecv_enabled bool Use this too allow .Xr bpf 4 traffic to be received, even while other traffic is disabled. --- security.mac.mls.enabled bool Enables the enforcement of the MLS confidentiality policy, see .Xr mac_mls 4 for more information. --- security.mac.mls.ptys_equal bool Label .Sm off .Xr pty 4 s .Sm on as .Dq mls/equal upon creation. --- security.mac.mls.revocation_enabled bool Revoke access to objects if the label is changed to a more sensitive level than the subject. --- security.mac.portacl.rules str The port access control list is specified in the following format: .Sy idtype .Li : .Sy id .Li : .Sy protocol .Li : .Sy port .Li [, .Sy idtype .Li : .Sy id .Li : .Sy protocol .Li : .Sy port .Li ,...] .Sy idtype Describes the type of subject match to be performed. Either .Li uid for userid matching, or .Li gid for group ID matching. .Sy id The user or group ID (depending on .Sy idtype ) allowed to bind to the specified port. .Bf -emphasis NOTE: User and group names are not valid; only the actual ID numbers may be used. .Ef .Sy protocol Describes which protocol this entry applies to. Either .Li tcp or .Li udp are supported. .Sy port Describes which port this entry applies to. .Bf -emphasis NOTE: MAC security policies may not override other security system policies by allowing accesses that they may deny, such as .Va net.inet.ip.portrange.reservedlow / .Va net.inet.ip.portrange.reservedhigh . .Ef --- security.mac.seeotheruids.enabled bool Enable/disable .Va security.mac.seeotheruids See .Xr mac_seeotheruids 4 for more information. --- security.mac.seeotheruids.primarygroup_enabled bool Allow users to see processes and sockets owned by the same primary group. --- security.mac.seeotheruids.specificgid_enabled bool Allow processes with a specific group ID to be exempt from the policy, set this to .Li 1 and set .Va security.mac.seeotheruids.specificgid to the gid to be exempted. --- security.mac_test str Used for debugging. See .Xr mac_test 4 for more information. --- user.bc_base_max --- user.bc_dim_max --- user.bc_scale_max --- user.bc_string_max --- user.coll_weights_max --- user.cs_path --- user.line_max --- user.posix2_c_bind --- user.posix2_c_dev --- user.posix2_fort_dev --- user.posix2_fort_run --- user.posix2_localedef --- user.posix2_sw_dev --- user.posix2_upe --- user.posix2_version --- user.re_dup_max --- user.stream_max --- user.tzname_max --- vfs.altbufferflushes --- vfs.bufdefragcnt --- vfs.buffreekvacnt --- vfs.bufmallocspace --- vfs.bufreusecnt --- vfs.bufspace --- vfs.cache.nchstats --- vfs.conflist --- vfs.devfs.generation --- vfs.devfs.inodes --- vfs.devfs.noverflow --- vfs.devfs.topinode --- vfs.dirtybufferflushes --- vfs.dirtybufthresh --- vfs.ffs.adjblkcnt --- vfs.ffs.adjrefcnt --- vfs.ffs.freeblks --- vfs.ffs.freedirs --- vfs.ffs.freefiles --- vfs.ffs.setflags --- vfs.flushwithdeps --- vfs.getnewbufcalls --- vfs.getnewbufrestarts --- vfs.hibufspace --- vfs.hidirtybuffers --- vfs.hifreebuffers --- vfs.hirunningspace --- vfs.lobufspace --- vfs.lodirtybuffers --- vfs.lofreebuffers --- vfs.lorunningspace --- vfs.maxbufspace --- vfs.maxmallocbufspace --- vfs.numdirtybuffers --- vfs.numfreebuffers --- vfs.opv_numops --- vfs.pfs.vncache.entries --- vfs.pfs.vncache.hits --- vfs.pfs.vncache.maxentries --- vfs.pfs.vncache.misses --- vfs.read_max --- vfs.recursiveflushes --- vfs.runningbufspace --- vfs.ufs.dirhash_docheck --- vfs.ufs.dirhash_maxmem --- vfs.ufs.dirhash_mem --- vfs.ufs.dirhash_minsize --- vfs.usermount bool This .Nm allows the root user to grant access to non-root users so that they may mount floppy and CD-ROM drives. --- vfs.vmiodirenable bool Controls how directories are cached by the system. This is turned on by default. See the .Xr tuning 7 man page for a more detailed explanation on this variable. --- vfs.write_behind bool Tells the file system to issue media writes as full clusters are collected, which typically occurs when writing large sequential files. This is turned on by default, but under certain circumstances may stall processes and can therefore be turned off. --- vm.defer_swapspace_pageouts --- vm.disable_swapspace_pageouts --- vm.dmmax --- vm.kvm_free --- vm.kvm_size --- vm.loadavg struct Displays the load average history. This is a read-only variable. --- vm.max_launder --- vm.nswapdev int Displays the number of swap devices available to the system. This is a read-only variable. --- -vm.pageout_algorithm - ---- vm.pageout_full_stats_interval --- vm.pageout_lock_miss --- vm.pageout_stats_free_max --- vm.pageout_stats_interval --- vm.pageout_stats_max --- vm.stats.sys.v_intr --- vm.stats.sys.v_soft --- vm.stats.sys.v_swtch --- vm.stats.sys.v_syscall --- vm.stats.sys.v_trap --- vm.stats.vm.v_cow_faults --- vm.stats.vm.v_cow_optim --- vm.stats.vm.v_forkpages --- vm.stats.vm.v_forks --- vm.stats.vm.v_intrans --- vm.stats.vm.v_kthreadpages --- vm.stats.vm.v_kthreads --- vm.stats.vm.v_ozfod --- vm.stats.vm.v_pdpages --- vm.stats.vm.v_pdwakeups --- vm.stats.vm.v_reactivated --- vm.stats.vm.v_rforkpages --- vm.stats.vm.v_rforks --- vm.stats.vm.v_swapin --- vm.stats.vm.v_swapout --- vm.stats.vm.v_swappgsin --- vm.stats.vm.v_swappgsout --- vm.stats.vm.v_vforkpages --- vm.stats.vm.v_vforks --- vm.stats.vm.v_vm_faults --- vm.stats.vm.v_vnodein --- vm.stats.vm.v_vnodeout --- vm.stats.vm.v_vnodepgsin --- vm.stats.vm.v_vnodepgsout --- vm.stats.vm.v_zfod --- vm.swap_async_max int The maximum number of in-progress async operations that may be performed. --- vm.swap_enabled bool Determines whether or not processes may swap. --- vm.swap_idle_enabled See .Xr tuning 7 for a detailed explanation of this .Nm . --- vm.swap_info --- vm.vmtotal string Displays virtual memory statistics which are collected at five second intervals. --- vm.zone string Shows memory used by the kernel zone allocator, by zone. This information can also be found by using the .Xr vmstat 8 command. ---