path: root/sbin/sysctl/sysctl.8

.\" Copyright (c) 1993
.\"	The Regents of the University of California.  All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\"    notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\"    notice, this list of conditions and the following disclaimer in the
.\"    documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of the University nor the names of its contributors
.\"    may be used to endorse or promote products derived from this software
.\"    without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\"	From: @(#)sysctl.8	8.1 (Berkeley) 6/6/93
.\" $FreeBSD$
.\"
.Dd October 30, 2020
.Dt SYSCTL 8
.Os
.Sh NAME
.Nm sysctl
.Nd get or set kernel state
.Sh SYNOPSIS
.Nm
.Op Fl bdehiNnoTtqWx
.Op Fl B Ar bufsize
.Op Fl f Ar filename
.Ar name Ns Op = Ns Ar value Ns Op , Ns Ar value
.Ar ...
.Nm
.Op Fl bdehNnoTtqWx
.Op Fl B Ar bufsize
.Fl a
.Sh DESCRIPTION
The
.Nm
utility retrieves kernel state and allows processes with appropriate
privilege to set kernel state.
The state to be retrieved or set is described using a
.Dq Management Information Base
.Pq Dq MIB
style name, described as a dotted set of
components.
.Pp
The following options are available:
.Bl -tag -width indent
.It Fl A
Equivalent to
.Fl o a
(for compatibility).
.It Fl a
List all the currently available non-opaque values.
This option is ignored if one or more variable names are specified on
the command line.
.It Fl b
Force the value of the variable(s) to be output in raw, binary format.
No names are printed and no terminating newlines are output.
This is mostly useful with a single variable.
.It Fl B Ar bufsize
Set the buffer size to read from the
.Nm
to
.Ar bufsize .
This is necessary for a
.Nm
that has variable length, and the probe value of 0 is a valid length, such as
.Va kern.arandom .
.It Fl d
Print the description of the variable instead of its value.
.It Fl e
Separate the name and the value of the variable(s) with
.Ql = .
This is useful for producing output which can be fed back to the
.Nm
utility.
This option is ignored if either
.Fl N
or
.Fl n
is specified, or a variable is being set.
.It Fl f Ar filename
Specify a file which contains a pair of name and value in each line.
.Nm
reads and processes the specified file first and then processes the name
and value pairs in the command line argument.
.It Fl h
Format output for human, rather than machine, readability.
.It Fl i
Ignore unknown OIDs.
The purpose is to make use of
.Nm
for collecting data from a variety of machines (not all of which
are necessarily running exactly the same software) easier.
.It Fl N
Show only variable names, not their values.
This is particularly useful with shells that offer programmable
completion.
To enable completion of variable names in
.Xr zsh 1 Pq Pa ports/shells/zsh ,
use the following code:
.Bd -literal -offset indent
listsysctls () { set -A reply $(sysctl -AN ${1%.*}) }
compctl -K listsysctls sysctl
.Ed
.Pp
To enable completion of variable names in
.Xr tcsh 1 ,
use:
.Pp
.Dl "complete sysctl 'n/*/`sysctl -Na`/'"
.It Fl n
Do not show variable names.
This option is useful for setting shell variables.
For instance, to save the pagesize in variable
.Va psize ,
use:
.Pp
.Dl "set psize=`sysctl -n hw.pagesize`"
.It Fl o
Show opaque variables (which are normally suppressed).
The format and length are printed, as well as a hex dump of the first
sixteen bytes of the value.
.It Fl q
Suppress some warnings generated by
.Nm
to standard error.
.It Fl T
Display only variables that are settable via loader (CTLFLAG_TUN).
.It Fl t
Print the type of the variable.
.It Fl W
Display only writable variables that are not statistical.
Useful for determining the set of runtime tunable sysctls.
.It Fl X
Equivalent to
.Fl x a
(for compatibility).
.It Fl x
As
.Fl o ,
but prints a hex dump of the entire value instead of just the first
few bytes.
.El
.Pp
The information available from
.Nm
consists of integers, strings, and opaque types.
The
.Nm
utility
only knows about a couple of opaque types, and will resort to hexdumps
for the rest.
The opaque information is much more useful if retrieved by special
purpose programs such as
.Xr ps 1 ,
.Xr systat 1 ,
and
.Xr netstat 1 .
.Pp
Some of the variables which cannot be modified during normal system
operation can be initialized via
.Xr loader 8
tunables.
This can for example be done by setting them in
.Xr loader.conf 5 .
Please refer to
.Xr loader.conf 5
for more information on which tunables are available and how to set them.
.Pp
The string and integer information is summarized below.
For a detailed description of these variable see
.Xr sysctl 3 .
.Pp
The changeable column indicates whether a process with appropriate
privilege can change the value.
String and integer values can be set using
.Nm .
.Bl -column security.bsd.unprivileged_read_msgbuf integerxxx
.It Sy "Name	Type	Changeable"
.It "kern.ostype	string	no"
.It "kern.osrelease	string	no"
.It "kern.osrevision	integer	no"
.It "kern.version	string	no"
.It "kern.maxvnodes	integer	yes"
.It "kern.maxproc	integer	no"
.It "kern.maxprocperuid	integer	yes"
.It "kern.maxfiles	integer	yes"
.It "kern.maxfilesperproc	integer	yes"
.It "kern.argmax	integer	no"
.It "kern.securelevel	integer	raise only"
.It "kern.hostname	string	yes"
.It "kern.hostid	integer	yes"
.It "kern.clockrate	struct	no"
.It "kern.posix1version	integer	no"
.It "kern.ngroups	integer	no"
.It "kern.job_control	integer	no"
.It "kern.saved_ids	integer	no"
.It "kern.boottime	struct	no"
.It "kern.domainname	string	yes"
.It "kern.filedelay	integer	yes"
.It "kern.dirdelay	integer	yes"
.It "kern.metadelay	integer	yes"
.It "kern.osreldate	integer	no"
.It "kern.bootfile	string	yes"
.It "kern.corefile	string	yes"
.It "kern.logsigexit	integer	yes"
.It "security.bsd.suser_enabled	integer	yes"
.It "security.bsd.see_other_uids	integer	yes"
.It "security.bsd.unprivileged_proc_debug	integer	yes"
.It "security.bsd.unprivileged_read_msgbuf	integer	yes"
.It "vm.loadavg	struct	no"
.It "hw.machine	string	no"
.It "hw.model	string	no"
.It "hw.ncpu	integer	no"
.It "hw.byteorder	integer	no"
.It "hw.physmem	integer	no"
.It "hw.usermem	integer	no"
.It "hw.pagesize	integer	no"
.It "hw.floatingpoint	integer	no"
.It "hw.machine_arch	string	no"
.It "hw.realmem	integer	no"
.It "machdep.adjkerntz	integer	yes"
.It "machdep.disable_rtc_set	integer	yes"
.It "machdep.guessed_bootdev	string	no"
.It "user.cs_path	string	no"
.It "user.bc_base_max	integer	no"
.It "user.bc_dim_max	integer	no"
.It "user.bc_scale_max	integer	no"
.It "user.bc_string_max	integer	no"
.It "user.coll_weights_max	integer	no"
.It "user.expr_nest_max	integer	no"
.It "user.line_max	integer	no"
.It "user.re_dup_max	integer	no"
.It "user.posix2_version	integer	no"
.It "user.posix2_c_bind	integer	no"
.It "user.posix2_c_dev	integer	no"
.It "user.posix2_char_term	integer	no"
.It "user.posix2_fort_dev	integer	no"
.It "user.posix2_fort_run	integer	no"
.It "user.posix2_localedef	integer	no"
.It "user.posix2_sw_dev	integer	no"
.It "user.posix2_upe	integer	no"
.It "user.stream_max	integer	no"
.It "user.tzname_max	integer	no"
.It "user.localbase	string	no"
.El
.Sh FILES
.Bl -tag -width ".In netinet/icmp_var.h" -compact
.It In sys/sysctl.h
definitions for top level identifiers, second level kernel and hardware
identifiers, and user level identifiers
.It In sys/socket.h
definitions for second level network identifiers
.It In sys/gmon.h
definitions for third level profiling identifiers
.It In vm/vm_param.h
definitions for second level virtual memory identifiers
.It In netinet/in.h
definitions for third level Internet identifiers and
fourth level IP identifiers
.It In netinet/icmp_var.h
definitions for fourth level ICMP identifiers
.It In netinet/udp_var.h
definitions for fourth level UDP identifiers
.El
.Sh EXIT STATUS
.Ex -std
.Sh EXAMPLES
For example, to retrieve the maximum number of processes allowed
in the system, one would use the following request:
.Pp
.Dl "sysctl kern.maxproc"
.Pp
To set the maximum number of processes allowed
per uid to 1000, one would use the following request:
.Pp
.Dl "sysctl kern.maxprocperuid=1000"
.Pp
Information about the system clock rate may be obtained with:
.Pp
.Dl "sysctl kern.clockrate"
.Pp
Information about the load average history may be obtained with:
.Pp
.Dl "sysctl vm.loadavg"
.Pp
More variables than these exist, and the best and likely only place
to search for their deeper meaning is undoubtedly the source where
they are defined.
.Sh COMPATIBILITY
The
.Fl w
option has been deprecated and is silently ignored.
.Sh SEE ALSO
.Xr sysctl 3 ,
.Xr loader.conf 5 ,
.Xr sysctl.conf 5 ,
.Xr loader 8
.Sh HISTORY
A
.Nm
utility first appeared in
.Bx 4.4 .
.Pp
In
.Fx 2.2 ,
.Nm
was significantly remodeled.
.Sh BUGS
The
.Nm
utility presently exploits an undocumented interface to the kernel
sysctl facility to traverse the sysctl tree and to retrieve format
and name information.
This correct interface is being thought about for the time being.