-
Notifications
You must be signed in to change notification settings - Fork 81
Expand file tree
/
Copy pathsysctl.8
More file actions
473 lines (473 loc) · 15.9 KB
/
sysctl.8
File metadata and controls
473 lines (473 loc) · 15.9 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
.\" $NetBSD: sysctl.8,v 1.79 2002/05/29 23:30:50 msaitoh Exp $
.\"
.\" Copyright (c) 1993
.\" The Regents of the University of California. All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. All advertising materials mentioning features or use of this software
.\" must display the following acknowledgement:
.\" This product includes software developed by the University of
.\" California, Berkeley and its contributors.
.\" 4. Neither the name of the University nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" @(#)sysctl.8 8.1 (Berkeley) 6/6/93
.\"
.Dd June 6, 1993
.Dt SYSCTL 8
.Os
.Sh NAME
.Nm sysctl
.Nd get or set kernel state
.Sh SYNOPSIS
.Nm sysctl
.Op Fl n
.Ar name ...
.Nm sysctl
.Op Fl n
.Op Fl q
.Fl w
.Ar name Ns Li = Ns Ar value ...
.Nm sysctl
.Op Fl n
.Fl a
.Nm sysctl
.Op Fl n
.Fl A
.Nm sysctl
.Op Fl n
.Op Fl q
.Fl f
.Ar file
.Sh DESCRIPTION
The
.Nm sysctl
utility retrieves kernel state and allows processes with
appropriate privilege to set kernel state.
The state to be retrieved or set is described using a
``Management Information Base'' (``MIB'') style name,
described as a dotted set of components.
The
.Fl a
flag can be used to list all the currently available string or integer values.
The
.Fl A
flag will list all the known MIB names including tables.
Those with string or integer values will be printed as with the
.Fl a
flag; for the table values,
the name of the utility to retrieve them is given.
.Pp
The
.Fl n
flag specifies that the printing of the field name should be
suppressed and that only its value should be output.
This flag is useful for setting shell variables.
For example, to save the pagesize in variable psize, use:
.Bd -literal -offset indent -compact
set psize=`sysctl -n hw.pagesize`
.Ed
.Pp
If just a MIB style name is given,
the corresponding value is retrieved.
If a value is to be set, the
.Fl w
flag must be specified and the MIB name followed
by an equal sign and the new value to be used.
.Pp
The
.Fl f
flag specifies the name of a file to read and process. Blank lines and
comments (beginning with
.Ql # )
are ignored. Line continuations with
.Ql \e
are permitted. Remaining lines are processed similarly to
command line arguments of the form
.Ar name
or
.Ar name Ns Li = Ns Ar value .
The
.Fl w
flag is implied by
.Fl f .
.Pp
The
.Fl q
flag may be used with
.Fl f
and
.Fl w
to indicate that nothing should be printed for writes unless an error is
detected.
.Pp
The
.Ql proc
top-level MIB has a special semantic: it represent per-process values
and as such may differ from one process to another. The second-level name
is the pid of the process (in decimal form), or the special word
.Ql curproc .
For variables below
.Ql proc.\*[Lt]pid\*[Gt].rlimit ,
the integer value may be replaced
with the string
.Ql unlimited
if it matches the magic value used to disable
a limit.
.Pp
The information available from
.Nm sysctl
consists of integers, strings, and tables.
The tabular information can only be retrieved by special
purpose programs such as
.Nm ps ,
.Nm systat ,
and
.Nm netstat .
The string and integer information is summarized below.
For a detailed description of these variable see
.Xr sysctl 3 .
The changeable column indicates whether a process with appropriate
privilege can change the value.
.Bl -column proc.\*[Lt]pid\*[Gt].rlimit.coredumpsize.hardxxxxxx integerxxx
.It Sy Name Type Changeable
.It ddb.fromconsole integer yes
.It ddb.lines integer yes
.It ddb.maxoff integer yes
.It ddb.maxwidth integer yes
.It ddb.onpanic integer yes
.It ddb.radix integer yes
.It ddb.tabstops integer yes
.It hw.alignbytes integer no
.It hw.byteorder integer no
.It hw.disknames string no
.It hw.diskstats struct no
.It hw.machine string no
.It hw.machine_arch string no
.It hw.model string no
.It hw.ncpu integer no
.It hw.pagesize integer no
.It hw.physmem integer no
.It hw.usermem integer no
.It hw.cnmagic string yes
.It kern.argmax integer no
.It kern.autonicetime integer yes
.It kern.autoniceval integer yes
.It kern.boottime struct no
.It kern.chown_restricted integer no
.It kern.clockrate struct no
.It kern.defcorename string yes
.It kern.fsync integer no
.It kern.hostid integer yes
.It kern.hostname string yes
.It kern.iov_max integer no
.It kern.job_control integer no
.It kern.link_max integer no
.It kern.login_name_max integer no
.It kern.logsigexit integer yes
.It kern.max_canon integer no
.It kern.max_input integer no
.It kern.maxfiles integer yes
.It kern.maxpartitions integer no
.It kern.maxproc integer yes
.It kern.maxptys integer yes, special
.It kern.maxvnodes integer raise only
.It kern.mapped_files integer no
.It kern.memlock integer no
.It kern.memlock_rage integer no
.It kern.memory_protection integer no
.It kern.mbuf.mblowat integer yes
.It kern.mbuf.mcllowat integer yes
.It kern.mbuf.mclsize integer no
.It kern.mbuf.msize integer no
.It kern.mbuf.nmbclusters integer raise only
.It kern.msgbufsize integer no
.It kern.name_max integer no
.It kern.ngroups integer no
.It kern.no_trunc integer no
.It kern.osrelease string no
.It kern.osrevision integer no
.It kern.ostype string no
.It kern.path_max integer no
.It kern.pipe.maxkvasz integer yes
.It kern.pipe.maxloankvasz integer yes
.It kern.pipe.maxbigpipes integer yes
.It kern.pipe.nbigpipes integer no
.It kern.pipe.kvasize integer no
.It kern.posix1version integer no
.It kern.rawpartition integer no
.It kern.saved_ids integer no
.It kern.securelevel integer raise only
.It kern.synchronized_io integer no
.It kern.sysvmsg integer no
.It kern.sysvsem integer no
.It kern.sysvshm integer no
.It kern.tkstat.nin quad no
.It kern.tkstat.nout quad no
.It kern.tkstat.cancc quad no
.It kern.tkstat.rawcc quad no
.It kern.vdisable integer no
.It kern.version string no
.It machdep.console_device dev_t no
.It net.inet.icmp.maskrepl integer yes
.It net.inet.icmp.errppslimit integer yes
.It net.inet.icmp.rediraccept integer yes
.It net.inet.icmp.redirtimeout integer yes
.It net.inet.ip.allowsrcrt integer yes
.It net.inet.ip.anonportmax integer yes
.It net.inet.ip.anonportmin integer yes
.It net.inet.ip.directed-broadcast integer yes
.It net.inet.ip.forwarding integer yes
.It net.inet.ip.forwsrcrt integer yes
.It net.inet.ip.maxfragpacket integer yes
.It net.inet.ip.lowportmax integer yes
.It net.inet.ip.lowportmin integer yes
.It net.inet.ip.mtudisc integer yes
.It net.inet.ip.mtudisctimeout integer yes
.It net.inet.ip.redirect integer yes
.It net.inet.ip.subnetsarelocal integer yes
.It net.inet.ip.ttl integer yes
.It net.inet.ipsec.ah_cleartos integer yes
.It net.inet.ipsec.ah_net_deflev integer yes
.It net.inet.ipsec.ah_offsetmask integer yes
.It net.inet.ipsec.ah_trans_deflev integer yes
.It net.inet.ipsec.def_policy integer yes
.It net.inet.ipsec.dfbit integer yes
.It net.inet.ipsec.ecn integer yes
.It net.inet.ipsec.esp_net_deflev integer yes
.It net.inet.ipsec.esp_trans_deflev integer yes
.It net.inet.ipsec.inbound_call_ike integer yes
.It net.inet.tcp.ack_on_push integer yes
.It net.inet.tcp.compat_42 integer yes
.It net.inet.tcp.cwm integer yes
.It net.inet.tcp.cwm_burstsize integer yes
.It net.inet.tcp.init_win integer yes
.It net.inet.tcp.keepcnt integer yes
.It net.inet.tcp.keepidle integer yes
.It net.inet.tcp.keepintvl integer yes
.It net.inet.tcp.log_refused integer yes
.It net.inet.tcp.mss_ifmtu integer yes
.It net.inet.tcp.mssdflt integer yes
.It net.inet.tcp.recvspace integer yes
.It net.inet.tcp.rfc1323 integer yes
.It net.inet.tcp.rstppslimit integer yes
.It net.inet.tcp.sack integer yes
.It net.inet.tcp.sendspace integer yes
.It net.inet.tcp.slowhz integer no
.It net.inet.tcp.syn_bucket_limit integer yes
.It net.inet.tcp.syn_cache_interval integer yes
.It net.inet.tcp.syn_cache_limit integer yes
.It net.inet.tcp.timestamps integer yes
.It net.inet.tcp.win_scale integer yes
.It net.inet.udp.checksum integer yes
.It net.inet.udp.recvspace integer yes
.It net.inet.udp.sendspace integer yes
.It net.inet6.icmp6.errppslimit integer yes
.It net.inet6.icmp6.mtudisc_hiwat integer yes
.It net.inet6.icmp6.mtudisc_lowat integer yes
.It net.inet6.icmp6.nd6_debug integer yes
.It net.inet6.icmp6.nd6_delay integer yes
.It net.inet6.icmp6.nd6_maxnudhint integer yes
.It net.inet6.icmp6.nd6_mmaxtries integer yes
.It net.inet6.icmp6.nd6_prune integer yes
.It net.inet6.icmp6.nd6_umaxtries integer yes
.It net.inet6.icmp6.nd6_useloopback integer yes
.It net.inet6.icmp6.nodeinfo integer yes
.It net.inet6.icmp6.rediraccept integer yes
.It net.inet6.icmp6.redirtimeout integer yes
.It net.inet6.ip6.accept_rtadv integer yes
.It net.inet6.ip6.anonportmax integer yes
.It net.inet6.ip6.anonportmin integer yes
.It net.inet6.ip6.auto_flowlabel integer yes
.It net.inet6.ip6.v6only integer yes
.It net.inet6.ip6.dad_count integer yes
.It net.inet6.ip6.defmcasthlim integer yes
.It net.inet6.ip6.forwarding integer yes
.It net.inet6.ip6.gif_hlim integer yes
.It net.inet6.ip6.hdrnestlimit integer yes
.It net.inet6.ip6.hlim integer yes
.It net.inet6.ip6.kame_version string no
.It net.inet6.ip6.keepfaith integer yes
.It net.inet6.ip6.log_interval integer yes
.It net.inet6.ip6.lowportmax integer yes
.It net.inet6.ip6.lowportmin integer yes
.It net.inet6.ip6.maxfragpackets integer yes
.It net.inet6.ip6.maxfrags integer yes
.It net.inet6.ip6.redirect integer yes
.It net.inet6.ip6.rr_prune integer yes
.It net.inet6.ip6.use_deprecated integer yes
.It net.inet6.ipsec6.ah_net_deflev integer yes
.It net.inet6.ipsec6.ah_trans_deflev integer yes
.It net.inet6.ipsec6.def_policy integer yes
.It net.inet6.ipsec6.ecn integer yes
.It net.inet6.ipsec6.esp_net_deflev integer yes
.It net.inet6.ipsec6.esp_trans_deflev integer yes
.It net.inet6.ipsec6.inbound_call_ike integer yes
.It net.inet6.udp6.recvspace integer yes
.It net.inet6.udp6.sendspace integer yes
.It net.key.acq_exp_int integer yes
.It net.key.acq_maxtime integer yes
.It net.key.ah_keymin integer yes
.It net.key.debug integer yes
.It net.key.esp_auth integer yes
.It net.key.esp_keymin integer yes
.It net.key.kill_int integer yes
.It net.key.random_int integer yes
.It net.key.spi_max_value integer yes
.It net.key.spi_min_value integer yes
.It net.key.spi_try integer yes
.It proc.\*[Lt]pid\*[Gt].corename string yes
.It proc.\*[Lt]pid\*[Gt].rlimit.coredumpsize.hard integer yes
.It proc.\*[Lt]pid\*[Gt].rlimit.coredumpsize.soft integer yes
.It proc.\*[Lt]pid\*[Gt].rlimit.cputime.hard integer yes
.It proc.\*[Lt]pid\*[Gt].rlimit.cputime.soft integer yes
.It proc.\*[Lt]pid\*[Gt].rlimit.datasize.hard integer yes
.It proc.\*[Lt]pid\*[Gt].rlimit.datasize.soft integer yes
.It proc.\*[Lt]pid\*[Gt].rlimit.filesize.hard integer yes
.It proc.\*[Lt]pid\*[Gt].rlimit.filesize.soft integer yes
.It proc.\*[Lt]pid\*[Gt].rlimit.maxproc.hard integer yes
.It proc.\*[Lt]pid\*[Gt].rlimit.maxproc.soft integer yes
.It proc.\*[Lt]pid\*[Gt].rlimit.memorylocked.hard integer yes
.It proc.\*[Lt]pid\*[Gt].rlimit.memorylocked.soft integer yes
.It proc.\*[Lt]pid\*[Gt].rlimit.memoryuse.hard integer yes
.It proc.\*[Lt]pid\*[Gt].rlimit.memoryuse.soft integer yes
.It proc.\*[Lt]pid\*[Gt].rlimit.stacksize.hard integer yes
.It proc.\*[Lt]pid\*[Gt].rlimit.stacksize.soft integer yes
.It user.bc_base_max integer no
.It user.bc_dim_max integer no
.It user.bc_scale_max integer no
.It user.bc_string_max integer no
.It user.coll_weights_max integer no
.It user.cs_path string no
.It user.expr_nest_max integer no
.It user.line_max integer no
.It user.posix2_c_bind integer no
.It user.posix2_c_dev integer no
.It user.posix2_char_term integer no
.It user.posix2_fort_dev integer no
.It user.posix2_fort_run integer no
.It user.posix2_localedef integer no
.It user.posix2_sw_dev integer no
.It user.posix2_upe integer no
.It user.posix2_version integer no
.It user.re_dup_max integer no
.It vendor.\*[Lt]vendor\*[Gt].* ? vendor specific
.It vfs.generic.usermount integer yes
.It vfs.nfs.iothreads integer yes
.It vm.anonmax integer yes
.It vm.anonmin integer yes
.It vm.execmax integer yes
.It vm.execmin integer yes
.It vm.filemax integer yes
.It vm.filemin integer yes
.It vm.loadavg struct no
.It vm.nkmempages integer no
.It vm.uvmexp struct no
.It vm.uvmexp2 struct no
.It vm.vmmeter struct no
.El
.Pp
Entries found under
.Dq vendor.\*[Lt]vendor\*[Gt]
are left to be specified (and used) by vendors
using the
.Nx
operating system in their products.
Values and structure are vendor-defined, and no registry
exists right now.
.Sh FILES
.Bl -tag -width \*[Lt]netinet6/udp6Xvar.h\*[Gt] -compact
.It Pa \*[Lt]sys/sysctl.h\*[Gt]
definitions for top level identifiers, second level kernel and hardware
identifiers, and user level identifiers
.It Pa \*[Lt]sys/socket.h\*[Gt]
definitions for second level network identifiers
.It Pa \*[Lt]sys/gmon.h\*[Gt]
definitions for third level profiling identifiers
.It Pa \*[Lt]uvm/uvm_param.h\*[Gt]
definitions for second level virtual memory identifiers
.It Pa \*[Lt]netinet/in.h\*[Gt]
definitions for third level IPv4/v6 identifiers and
fourth level IPv4/v6 identifiers
.It Pa \*[Lt]netinet/icmp_var.h\*[Gt]
definitions for fourth level ICMP identifiers
.It Pa \*[Lt]netinet/icmp6.h\*[Gt]
definitions for fourth level ICMPv6 identifiers
.It Pa \*[Lt]netinet/tcp_var.h\*[Gt]
definitions for fourth level TCP identifiers
.It Pa \*[Lt]netinet/udp_var.h\*[Gt]
definitions for fourth level UDP identifiers
.It Pa \*[Lt]netinet6/udp6_var.h\*[Gt]
definitions for fourth level IPv6 UDP identifiers
.It Pa \*[Lt]netinet6/ipsec.h\*[Gt]
definitions for fourth level IPsec identifiers
.It Pa \*[Lt]netkey/key_var.h\*[Gt]
definitions for third level PF_KEY identifiers
.El
.Sh EXAMPLES
For example, to retrieve the maximum number of processes allowed
in the system, one would use the following request:
.Bd -literal -offset indent -compact
sysctl kern.maxproc
.Ed
.Pp
To set the maximum number of processes allowed
in the system to 1000, one would use the following request:
.Bd -literal -offset indent -compact
sysctl -w kern.maxproc=1000
.Ed
.Pp
Information about the system clock rate may be obtained with:
.Bd -literal -offset indent -compact
sysctl kern.clockrate
.Ed
.Pp
Information about the load average history may be obtained with:
.Bd -literal -offset indent -compact
sysctl vm.loadavg
.Ed
.Pp
To view the values of the per-process variables of the current shell,
the request:
.Bd -literal -offset indent -compact
sysctl proc.$$
.Ed
can be used if the shell interpreter replaces $$ with it's pid (this is true
for most shells).
.Pp
To redirect core dumps to the /var/tmp/\*[Lt]username\*[Gt] directory,
.Bd -literal -offset indent -compact
sysctl -w proc.$$.corename=/var/tmp/%u/%n.core
.Ed
Shall be used.
.Bd -literal -offset indent -compact
sysctl -w proc.curproc.corename=/var/tmp/%u/%n.core
.Ed
changes the value for the sysctl process itself, and will not have the desired
effect.
.Sh SEE ALSO
.Xr sysctl 3
.Sh HISTORY
.Nm sysctl
first appeared in
.Bx 4.4 .