aboutsummaryrefslogtreecommitdiffstats
path: root/doc/sysconfig.txt
diff options
context:
space:
mode:
Diffstat (limited to 'doc/sysconfig.txt')
-rw-r--r--doc/sysconfig.txt1120
1 files changed, 1120 insertions, 0 deletions
diff --git a/doc/sysconfig.txt b/doc/sysconfig.txt
new file mode 100644
index 00000000..908f6893
--- /dev/null
+++ b/doc/sysconfig.txt
@@ -0,0 +1,1120 @@
+
+=======================
+
+Generic options:
+
+/etc/sysconfig/authconfig
+
+ used by authconfig to store information about the system's user
+ information and authentication setup; changes made to this file
+ have no effect until the next time authconfig is run
+
+ USEHESIOD=no
+ Whether or not the hesiod naming service is in use. If not set,
+ authconfig examines the passwd setting in /etc/nsswitch.conf.
+ USELDAP=no
+ Whether or not LDAP is used as a naming service. If not set,
+ authconfig examines the passwd setting in /etc/nsswitch.conf.
+ USENIS=no
+ Whether or not NIS is in use. If not set, authconfig examines
+ the passwd setting in /etc/nsswitch.conf.
+
+ USEKERBEROS=no
+ Whether or not Kerberos is in use. If not set, authconfig examines
+ the settings in /etc/pam.d/system-auth.
+ USELDAPAUTH=no
+ Whether or not LDAP is being used for authentication. If not set,
+ authconfig examines the settings in /etc/pam.d/system-auth. Note
+ that this option is separate from USELDAP, and that neither implies
+ the other.
+ USEMD5=no
+ Whether or not MD5-based hashing should be used when setting passwords.
+ If not set, authconfig examines the settings in /etc/pam.d/system-auth.
+ This option affects authentication using both local files and LDAP.
+ USESHADOW=no
+ Whether or not shadow passwords are in use. If not set, authconfig
+ checks for the existence of /etc/shadow.
+ USESMBAUTH=no
+ Whether or not SMB authentication is in use. If not set, authconfig
+ examines the settings in /etc/pam.d/system-auth.
+
+/etc/sysconfig/autofsck
+
+ does not normally exist; if it does, it can influence a choice
+ whether or not to fsck after a crash
+
+ AUTOFSCK_DEF_CHECK=no
+ If the user does not respond, choose whether or not to fsck
+ AUTOFSCK_SINGLEUSER=
+ If this is set, drop to single user mode before fsck.
+
+/etc/sysconfig/init:
+
+ BOOTUP=<some bootup mode>
+ BOOTUP=graphical means use X Windows graphical boot up
+ BOOTUP=color means colorized text mode boot display.
+ BOOTUP=verbose means old style display
+ Anything else means simplified display, but without color or ANSI-formatting
+ LOGLEVEL=<a number>
+ Sets the initial console logging level for the kernel.
+ The default is 7. 8 means everything (including debugging);
+ 1 means nothing except kernel panics. syslogd will override
+ this once it starts.
+ RES_COL=<a number>
+ Column of the screen to start status labels at. Defaults to 60
+ MOVE_TO_COL=<a command>
+ A command to move the cursor to $RES_COL. Defaults to nasty
+ ANSI sequences output by echo -e.
+ SETCOLOR_SUCCESS=<a command>
+ A command to set the color to a color indicating success.
+ Defaults to nasty ANSI sequences output by echo -e setting
+ the color to green.
+ SETCOLOR_FAILURE=<a command>
+ A command to set the color to a color indicating failure.
+ Defaults to nasty ANSI sequences output by echo -e setting
+ the color to red.
+ SETCOLOR_WARNING=<a command>
+ A command to set the color to a color indicating warning.
+ Defaults to nasty ANSI sequences output by echo -e setting
+ the color to yellow.
+ SETCOLOR_NORMAL=<a command>
+ A command to set the color to 'normal'. Defaults to nasty
+ ANSI sequences output by echo -e.
+ PROMPT=yes|no
+ Set to 'yes' to enable the key check for interactive mode as well as
+ asking if a filesystem check should be done. Default is 'no' and
+ the kernel command line option "forcefsck" can be used to check the
+ filesystems and "confirm" can be used to enable interactive startup
+ questions.
+
+ Mageia specific values:
+
+ BRLTTY=yes|no
+ Set to 'no' to disable automatic startup of brltty if it is present
+
+ obsoleted values from earlier releases:
+
+ MAGIC_SYSRQ=yes|no
+ Setting this to 'no' used to disable the magic sysrq key and
+ Stop-A (break on serial console) on SPARC. This setting has been
+ moved into kernel.sysrq and kernel.stop-a settings respectively in
+ sysctl.d/00-system.conf. Setting either of them there to 0 disables
+ it, setting it to 1 enables it.
+ STOP_A=yes|no
+ Setting this to 'no' used to disable the Stop-A (break on
+ serial console) key on SPARC.
+ This setting has been moved into kernel.stop-a setting in
+ sysctl.d/00-system.conf. Setting it there to 0 disables it,
+ setting it to 1 enables it. The setting should be present
+ on SPARC only.
+
+/etc/sysconfig/keyboard:
+
+ KEYTABLE=<keytable file>
+ for example: KEYTABLE="/usr/lib/kbd/keytables/us.map"
+
+ If you dump a keymap (using 'dumpkeys') to
+ /etc/sysconfig/console/default.kmap
+ it will be loaded on bootup before filesystems are mounted/checked.
+ This could be useful if you need to emergency type the root password.
+ This has to be a dumped keymap, as opposed to copying the shipped
+ keymap files, as the shipped files include other maps from the
+ /usr/lib/kbd/keytables directory.
+
+ KEYBOARDTYPE=sun|pc
+ on SPARC only, sun means a sun keyboard is attached on /dev/kbd,
+ pc means a PS/2 keyboard is on ps/2 port.
+
+/etc/sysconfig/system:
+
+ SECURE_TMP=yes|no
+ Set to 'yes' to have TMPDIR and TMP set to a secure temporary directory
+
+/etc/sysconfig/mouse:
+
+ MOUSETYPE=microsoft|mouseman|mousesystems|ps/2|msbm|logibm|atibm|
+ logitech|mmseries|mmhittab
+ XEMU3=yes|no (emulate three buttons with two buttons whenever
+ necessary, most notably in X)
+ DEVICE=<a device node> (the device of the mouse)
+
+ In addition, /dev/mouse points to the mouse device.
+
+/etc/sysconfig/network:
+
+ NETWORKING=yes|no
+ GATEWAY=<gateway IP>
+ GATEWAYDEV=<gateway device to use, when multiple devices have GATEWAY=> (e.g. eth0)
+ NISDOMAIN=<nis domain name>
+ IFPLUGD_ARGS="<args to pass to ifplugd>" default to "-w -b"
+ NOZEROCONF=
+ Set this to not set a route for dynamic link-local addresses.
+
+ NETWORKDELAY=<delay in seconds>
+ Delay in seconds after all network interfaces are initialized. Useful if
+ network has spanning tree running and must wait for STP convergence.
+ Default: 20
+
+ DEFAULT_LINK_DETECTION_DELAY=<time in seconds>
+ The default value used for link detection delay if the interface
+ configuration file does not specify it. After this time an interface with
+ missing link beat is considered to be unplugged.
+ Default: 2
+
+ MIN_LINK_DETECTION_DELAY=<delay in seconds>
+ Force minimum link detection delay on all interfaces.
+ Default: 0
+
+ WAIT_UNTIL_REACHABLE=<IP address|DNS name>
+ Network initscript will wait until specified target is reachable.
+ It starts to reaching passed IP address or DNS name every second until it reach it sucessfully or until it reach preset delay NETWORKDELAY (default 30).
+ It works with both IPv4 and IPv6 adress and also with DNS name.
+ Example: WAIT_UNTIL_REACHABLE=8.8.8.8
+ Default: (not set)
+
+ IFDOWN_ON_SHUTDOWN=yes|no
+ If yes, do bring interfaces down during system shutdown. If no, leave them
+ in their current state (this is only supported on hosts using systemd).
+ Default: yes (bring interfaces down)
+
+
+ IPV6FORWARDING=yes|no
+ Enable or disable global forwarding of incoming IPv6 packets
+ on all interfaces.
+ Note: Actual packet forwarding cannot be controlled per-device, use netfilter6 for such issues
+ Default: no
+
+ IPV6_AUTOCONF=yes|no
+ Sets the default for device-based autoconfiguration.
+ Default: yes if IPV6FORWARDING=no, no if IPV6FORWARDING=yes
+ IPV6_ROUTER=yes|no
+ Sets the default for device-based Host/Router behaviour.
+ Default: yes if IPV6FORWARDING=yes, no if IPV6FORWARDING=no
+ IPV6_AUTOTUNNEL=yes|no
+ Controls automatic IPv6 tunneling.
+ Default: no
+
+ IPV6_DEFAULTGW=<IPv6 address[%interface]> (optional)
+ Add a default route through specified gateway
+ An interface can be specified: required for link-local addresses
+ Examples:
+ IPV6_DEFAULTGW="3ffe:ffff:1234:5678::1"
+ Add default route through 3ffe:ffff:1234:5678::1
+ IPV6_DEFAULTGW="3ffe:ffff:1234:5678::1%eth0"
+ Add default route through 3ffe:ffff:1234:5678::1 and device eth0
+ IPV6_DEFAULTGW="fe80::1%eth0"
+ Add default route through fe80::1 and device eth0
+
+ Note: if IPV6_DEFAULTGW is specified with %interface scope and it
+ doesn't match IPV6_DEFAULTDEV, IPV6_DEFAULTDEV is ignored.
+ Note: it's preferred to use %interface for all addresses, not
+ just link-local if you have multiple IPv6-enabled interfaces.
+
+ IPV6_DEFAULTDEV=<interface> (optional)
+ Add a default route through specified interface without specifying next hop
+ Type of interface will be tested whether this is allowed
+ Examples:
+ IPV6_DEFAULTDEV="eth0" INVALID example!
+ IPV6_DEFAULTDEV="ppp0"
+ IPV6_DEFAULTDEV="sit1"
+ Examples for 6to4
+ IPV6_DEFAULTDEV="tun6to4"
+ Add default route through dedicated 6to4 tunnel device "tun6to4", if configured
+
+ Note: "tun6to4" does not support an additional IPV6_DEFAULTGW.
+ Other interfaces prefer IPV6_DEFAULTGW, if specified.
+
+ IPV6_RADVD_PIDFILE=<pid-file> (optional)
+ Location of PID file for controlling radvd, see IPV6_CONTROL_RADVD
+ Default: "/run/radvd/radvd.pid"
+ Example:
+ IPV6_RADVD_PIDFILE="/some/other/location/radvd.pid"
+ IPV6TO4_RADVD_PIDFILE=<pid-file> (obsolete)
+ As above, still supported for a while for backward compatibility.
+ IPV6_RADVD_TRIGGER_ACTION=startstop|reload|restart|SIGHUP (optional)
+ How to trigger radvd in case of 6to4 or PPP action
+ startstop: radvd starts if interface goes up and stops
+ if interface goes down using initscript call of radvd with related parameter
+ reload|restart: initscript of radvd is called with this parameter
+ SIGHUP: signal HUP is sent to radvd, pidfile must be specified, if not the default
+ Default: SIGHUP
+
+ IPv6 options above can be overridden in interface-specific configuration.
+
+ obsoleted values from earlier releases:
+
+ FORWARD_IPV4=yes|no
+ Create a new file in /etc/sysctl.d/ with the net.ipv4.ip_forward
+ setting instead. Setting it to 1 there enables IP forwarding,
+ setting it to 0 disables it (which is the default for RFC compliance).
+
+ NETWORKWAIT=yes|no
+ This is not used with the move to systemd.
+
+ HOSTNAME=<fqdn by default, but whatever hostname you want>
+ This is now configured in /etc/hostname.
+
+/etc/sysconfig/static-routes-ipv6:
+ Contains lines of the form:
+
+ <device> IPv6-network IPv6-gateway
+ <tunneldevice> IPv6-network
+
+ <device> must be a device name to have the route brought up and
+ down with the device
+
+ For example:
+
+ eth0 fec0:0:0:2::/64 fec0:0:0:1:0:0:0:20
+ adds a route for IPv6 network fec0:0:0:2::/64 through fec0:0:0:1:0:0:0:20
+
+ eth0 2000::/3 3ffe:ffff:0:1::1
+ so-called "default" routes for clients
+
+ sit1 2000::/3
+ adds routes through dedicated tunnel interface sit1
+
+ tun6to4 3ffe:ffff:1234::/56
+ adds routes through hardwired 6to4 tunnel interface tun6to4
+ tun6to4 3ffe:ffff:5678::/56 ::5.6.7.8
+ adds routes through hardwired 6to4 tunnel interface tun6to4,
+ specifying next hop
+
+ Notes:
+ * default routes (such as the "2000::/3" shown above) should be set with
+ IPV6_DEFAULTGW and IPV6_DEFAULTDEV, see more above.
+ * tunnel device "sit0" is not supported here, routes will never be applied
+
+/etc/sysconfig/routed:
+
+ SILENT=yes|no
+ EXPORT_GATEWAY=yes|no
+
+/etc/sysconfig/rawdevices:
+
+ This is used for setting up raw device to block device mappings.
+ It has the format:
+ <rawdev> <major> <minor>
+ <rawdev> <blockdev>
+ For example:
+ /dev/raw/raw1 /dev/sda1
+ /dev/raw/raw2 8 5
+
+/etc/sysconfig/pcmcia:
+
+ PCMCIA=yes|no
+ PCIC=i82365|tcic
+ PCIC_OPTS=<socket driver (i82365 or tcic) timing parameters>
+ CORE_OPTS=<pcmcia_core options>
+ CARDMGR_OPTS=<cardmgr options>
+
+/etc/sysconfig/amd:
+
+ ADIR=/.automount (normally never changed)
+ MOUNTPTS='/net /etc/amd.conf' (standard automount stuff)
+ AMDOPTS= (extra options for AMD)
+
+/etc/sysconfig/tape:
+
+ DEV=/dev/nst0
+ Tape device. Use the non-rewinding one for these scripts.
+
+ For SCSI tapes this is /dev/nst#, where # is the number of the
+ tape drive you want to use. If you only have one then use
+ nst0.
+
+ For IDE tapes you use /dev/ht#, where # is the number of the tape
+ drive you want to use (usually ht0).
+
+ For floppy tape drives use /dev/ftape.
+
+ ADMIN=root
+ Person to mail to if the backup fails for any reason
+
+ SLEEP=5
+ Time to sleep between tape operations. Some drives need a bit
+ more than others, but 5 seems to work for 8mm, 4mm, and DLT
+
+ BLOCKSIZE=32768
+ This worked fine for 8mm, then 4mm, and now DLT. An optimal
+ setting is probably however much data your drive writes at one
+ time.
+
+ SHORTDATE=$(date +%y:%m:%d:%H:%M)
+ A short date string, used in backup log filenames.
+
+ DAY=$(date +log-%y:%m:%d)
+ This is used for the log file directory.
+
+ DATE=$(date)
+ Regular date string, used in log files.
+
+ LOGROOT=/var/log/backup
+ Root of the logging directory
+
+ LIST=$LOGROOT/incremental-list
+ This is the file name the incremental backup will use to store
+ the incremental list. It will be $LIST-{some number}.
+
+ DOTCOUNT=$LOGROOT/.count
+ For counting as you go to know which incremental list to use
+
+ COUNTER=$LOGROOT/counter-file
+ For rewinding when done...might not use.
+
+ BACKUPTAB=/etc/backuptab
+ The file in which we keep our list of backup(s) we want to make.
+
+/etc/sysconfig/saslauthd:
+
+ used by the saslauthd init script (part of the cyrus-sasl package) to
+ control which arguments are passed to saslauthd at startup time; changes
+ made to this file have no effect until saslauthd is restarted
+
+ MECH=shadow
+ controls which data source saslauthd will consult when checking user
+ passwords; run 'saslauthd -v' to get a full list of available
+ authentication mechanisms
+ SOCKETDIR=/run/saslauthd
+ controls in which directory saslauthd will be directed to create its
+ listening socket; any change to this value will require a corresponding
+ change in client configuration files
+
+/etc/sysconfig/sendmail:
+ DAEMON=yes|no
+ yes implies -bd (i.e., listen on port 25 for new mail)
+ QUEUE=1h
+ given to sendmail as -q$QUEUE
+ -q option is not given to sendmail if /etc/sysconfig/sendmail
+ exists and QUEUE is empty or undefined.
+
+/etc/locale.conf
+
+ A configutration file for locale settings. See locale.conf(5) for
+ more details.
+
+ LANG= set locale for all categories, can be any two letter ISO
+ language code
+ LC_CTYPE= locale data configuration for classification and conversion
+ of characters
+ LC_COLLATE= locale data configuration for collation (sort order) of
+ strings
+ LC_MESSAGES= locale data configuration for translation of messages
+ LC_NUMERIC= locale data configuration for non-monetary numeric data
+ LC_MONETARY= locale data configuration for monetary data
+ LC_TIME= locale data configuration for date and time
+ LC_ALL= locale data configuration overriding all of the above
+ LANGUAGE= can be a : separated list of ISO language codes
+ LINGUAS= can be a ' ' separated list of ISO language codes
+
+ The above variables are used in /etc/profile.d/lang.sh.
+
+ If ~/.i18n exists, it is used in addition to /etc/locale.conf and
+ for per-user customization of the locales.
+
+/etc/vconsole.conf:
+
+ SYSFONT= Console font. Fonts are found in /usr/lib/kbd/consolefonts.
+
+ UNIMAP= Unicode font map. Most fonts have these built-in. Font maps
+ can be found in /usr/lib/kbd/unimaps. These are applied via setfont's
+ -u option.
+
+ SYSFONTACM= Console map. These are applied via setfont's -m option,
+ and are found in /usr/lib/kbd/consoletrans.
+
+ The above are used to set up the keyboard at boot time. For more
+ information, see vconsole.conf(5).
+
+Files in /etc/sysconfig/network-scripts/
+========================================
+
+/etc/sysconfig/network-scripts/ifup:
+/etc/sysconfig/network-scripts/ifdown:
+
+ Symlinks to /sbin/ifup and /sbin/ifdown, respectively.
+ These are the only two scripts "in" this directory that should
+ be called directly; these two scripts call all the other
+ scripts as needed. These symlinks are here for legacy purposes --
+ only /sbin/ifup and /sbin/ifdown should currently be used
+ at the user level.
+
+ These scripts take one argument normally: the name of the device
+ (e.g. eth0). They are called with a second argument of "boot"
+ during the boot sequence so that devices that are not meant to
+ be brought up on boot (ONBOOT=no, see below) can be ignored at
+ that time.
+
+ Also, interfaces may be brought up via the hotplug scripts;
+ in this case, HOTPLUG=no needs to be set to no to avoid this.
+ This is useful e.g. to prevent bonding device activation by merely
+ loading the bonding kernel module.
+
+/etc/sysconfig/network-scripts/init.ipv6-global:
+ Not really a public file. Contains different basic settings that
+ are set from /etc/[rc.d]/init.d/network at different stages of
+ network initialization.
+
+/etc/sysconfig/network-scripts/network-functions:
+
+ Not really a public file. Contains functions which the scripts use
+ for bringing interfaces up and down. In particular, it contains
+ most of the code for handling alternative interface configurations.
+
+/etc/sysconfig/network-scripts/network-functions-ipv6:
+
+ Not really a public file. Contains functions which the scripts use
+ for bringing IPv6 on interfaces up and down, like addresses, routes,
+ forwarding handling and static or automatic tunneling.
+
+/etc/sysconfig/network-scripts/ifcfg-<interface-name> and
+/etc/sysconfig/network-scripts/ifcfg-<interface-name>:<alias-name>:
+
+ The first defines an interface, and the second contains
+ only the parts of the definition that are different in a
+ "alias" (or alternative) interface. For example, the
+ network numbers might be different, but everything else
+ might be the same, so only the network numbers would be
+ in the alias file, but all the device information would
+ be in the base ifcfg file.
+
+ The items that can be defined in an ifcfg file depend on the
+ interface type. The really obvious ones I'm not going to
+ bother to define; you can figure out what "IPADDR" is, I
+ think... :-)
+
+ Base items:
+ NAME=<friendly name for users to see>
+ Most important for PPP. Only used in front ends.
+ DEVICE=<name of physical device (except dynamically-allocated PPP
+ devices where it is the "logical name")>
+ IPADDR=
+ NETMASK=
+ GATEWAY=
+ METRIC=
+ Metric for the default route using GATEWAY
+ ONBOOT=yes|no (not valid for alias devices; use ONPARENT)
+ HOTPLUG=yes|no
+ USERCTL=yes|no
+ BOOTPROTO=none|bootp|dhcp
+ 'bootp' or 'dhcp' cause a DHCP client to run on the device. Any other
+ value causes any static configuration in the file to be applied.
+ VLAN=yes|no
+ MTU=
+ Default MTU for this device
+ WINDOW=
+ Default window for routes from this device
+ PEERDNS=yes|no
+ modify /etc/resolv.conf if peer uses msdns extension (PPP only) or
+ DNS{1,2} are set, or if using dhclient. default to "yes".
+ DNS{1,2}=<ip address>
+ provide DNS addresses that are dropped into the resolv.conf
+ file if PEERDNS is not set to "no".
+ SCOPE=
+ Set to "scope SCOPE-ID" to set a non-default scope for a statically
+ configured IP address.
+ SRCADDR=
+ use the specified source address for outgoing packets
+ MII_NOT_SUPPORTED=
+ if set don't try to use ifstatus to detect if the link is up.
+ METRIC=
+ if set, assign the route associated with this interface to this
+ metric using ifmetric.
+ HWADDR=
+ ethernet hardware address for this device
+ MACADDR=
+ Set the hardware address for this device to this.
+ Use of this in conjunction with HWADDR= may cause
+ unintended behavior.
+ NOZEROCONF=
+ Set this to not set a route for dynamic link-local addresses
+ over this device.
+ PERSISTENT_DHCLIENT=yes|no|1|0
+ Without this option, or if it is 'no'/'0', and BOOTPROTO=dhcp,
+ dhclient is run for the interface in "one-shot" mode; if the
+ dhcp server does not respond for a configurable timeout, then
+ dhclient exits and the interface is not brought up -
+ the '-1' option is given to dhclient.
+ If PERSISTENT_DHCLIENT=yes, then dhclient will keep on trying
+ to contact the dhcp server when it does not respond - no '-1'
+ option is given to dhclient. Note: this disables the automatic
+ checking for the presence of a link before starting dhclient.
+ DHCPRELEASE=yes|no|1|0
+ With this option set to 'yes' (1), when a dhcp configured
+ interface is brought down with 'ifdown', the lease will be
+ released. Otherwise, leases are not released.
+
+ NO_DHCP_HOSTNAME=yes|no|1|0
+ Tells initscripts to not obtain hostname from DHCP server in the ifup-post
+ phase. This option might be useful especially with static configuration of
+ the interface.
+ DHCP_SEND_HOSTNAME=yes|no|1|0
+ Tells initscripts whether the DHCP_HOSTNAME or DHCP_FQDN options (below)
+ should be sent to DHCP server.
+ DHCP_HOSTNAME=<hostname>
+ Sends the specified hostname to the DHCP server.
+ DHCP_FQDN=<fully.qualified.domain.name>
+ Sends the specified FQDN to the DHCP server.
+
+ Please note when both DHCP_HOSTNAME and DHCP_FQDN are specified,
+ only DHCP_FQDN will be used. (Same behaviour as with NetworkManager.)
+
+ DHCLIENT_IGNORE_GATEWAY=yes|no|1|0
+ If set to 'yes', it will cause dhclient-script to ignore any $GATEWAY
+ setting that may be in the ifcfg file for this interface.
+ Otherwise, the dhclient session which obtains an ip-address
+ on the same subnet as $GATEWAY will set the default route
+ to be via $GATEWAY, and no other dhclient session will set
+ the default route.
+ DHCLIENTARGS=
+ Any additional arguments to dhclient.
+ NM_CONTROLLED=yes|no
+ If set to 'no', NetworkManager will ignore this connection/device.
+ Defaults to 'yes'.
+ ZONE=
+ Network zone (trust level) of this connection.
+ If not set, default zone (specified in /etc/firewalld/firewalld.conf)
+ is used. To see all available zones, run 'firewall-cmd --get-zones'.
+ ARPCHECKn=yes|no
+ If set to 'no', ifup will not try to determine, if requested ip address
+ is used by other machine in network.
+ Defaults to 'yes'.
+ ARPUPDATE=yes|no
+ If set to 'no' the neighbours in current network will not be updated with
+ ARP information about this NIC. This is especially handy using LVS Load
+ Balancing with Direct Routing enabled.
+ Defaults to 'yes'.
+ IPV4_FAILURE_FATAL=yes|no
+ If set to yes, ifup-eth will end immediately after ipv4 dhclient fails.
+ Defaults to 'no'.
+
+ For dynamic addressing (BOOTPROTO=dhcp) only DEVICE needs to
+ be set; all the rest will be determined by the boot protocol.
+
+ IPV6_SET_SYSCTLS=yes|no
+ If set, network-scripts will attempt to set sysctls based on the setup
+ of the interface. For example, will try to set `accept_ra` for interfaces
+ where $IPV6_AUTOCONF is set to `yes`. Defaults to `yes`, set to `no` if you
+ want to manage these yourself.
+
+ You can specify which dhcp client to use with the DHCP_CLIENT, if
+ the DHCP_CLIENT is not specified we trying to launch in order :
+ /sbin/dhclient
+ /sbin/dhcpcd
+ /sbin/pump
+ /sbin/dhcpxd
+ if you have a preferred client define the DHCP_CLIENT variable.
+ When you use dhclient (which it is the default on a Mandrake-Linux
+ system) you can specify a timeout of waiting the answer from server,
+ the option is called DHCP_TIMEOUT the default is 60 sec.
+
+ Mageia specific items for DHCP clients:
+ DHCP_HOSTNAME=
+ This option specifies the hostname to request to the DHCP server.
+ The name may or may not be qualified with the local domain name.
+ NEEDHOSTNAME=yes|no
+ If set to 'yes', set hostname to the host-name option supplied
+ by the DHCP server.
+ PEERDNS=yes|no
+ If set to 'no', do not modify /etc/resolv.conf
+ PEERGATEWAY=yes|no
+ If set to 'no', do not add the gateway provided by DHCP server
+ in the routing table (does not work with dhcpxd).
+ PEERYP=yes|no
+ If set to 'yes', update /etc/yp.conf (specific to dhcpcd)
+ PEERNTPD=yes|no
+ If set to 'yes', update /etc/ntp.conf (specific to dhcpcd)
+ DOMAINNAME=
+ If specified and DHCP_HOSTNAME is not empty, strip DOMAINNAME
+ value in DHCP_HOSTNAME.
+ If empty and dhcpd is used, set the host domainname to the
+ domainname option supplied by DHCP server.
+ DHCP_TIMEOUT=
+ If not empty, this option specifies (in seconds) for how long
+ the DHCP client will try to get an IP address after its initial request
+ (specific to dhclient and dhcpcd, default is 60 seconds)
+
+ Mageia items:
+ LINK_DETECTION_DELAY=<time in seconds>
+ Delay after which a lack of link beat will be considered to
+ result from an unplugged interface, rather than just down
+
+ Base items being deprecated:
+ NETWORK=<will be calculated automatically with ipcalc>
+ BROADCAST=<will be calculated automatically with ipcalc>
+
+ Alias specific items:
+ ONPARENT=yes|no
+ Whether to bring up the device when the parent device is brought
+ up.
+ Default: yes
+
+ IPv6-only items for real interfaces:
+ IPV6INIT=yes|no
+ Enable or disable IPv6 static, DHCP, or autoconf configuration for this interface
+ Default: yes
+ IPV6FORWARDING=yes|no
+ Enable or disable global forwarding of incoming IPv6 packets
+ Note: Obsolete in interface specification!
+ Default: no
+ IPV6ADDR=<IPv6 address>[/<prefix length>]
+ Specify a primary static IPv6 address here
+ Optional, if normal host and a router advertisement daemon is on local link
+ Required, if node is a router and interface should route packets
+ Note: if prefix length is omitted, 64 is assumed
+ Example:
+ IPV6ADDR="3ffe:ffff:0:5::1"
+ IPV6ADDR="3ffe:ffff:0:1::1/128"
+ IPV6ADDR_SECONDARIES="<IPv6 address>[/<prefix length>] ..." (optional)
+ A list of secondary IPv6 addresses (e.g. useful for virtual hosting)
+ Example:
+ IPV6ADDR_SECONDARIES="3ffe:ffff:0:1::10 3ffe:ffff:0:2::11/128"
+ IPV6_MTU=<MTU of link> (optional)
+ Optional, dedicated MTU of this link
+ Note: Must be greater or equal to 1280.
+ Example:
+ IPV6_MTU="1280"
+ IPV6_PRIVACY=rfc3041
+ Enables RFC 3041 IPv6 privacy support if set.
+ Default: RFC 3041 support disabled
+ IPV6_FORCE_ACCEPT_RA=yes|no
+ By default network-scripts will set `accept_ra` only if $IPV6_AUTOCONF is
+ set to `yes`. If you don't want SLAAC addresses but do want to accept RA,
+ then set this to `yes`. Defaults to `no`.
+
+ Special configuration options for multi-homed hosts etc.
+ IPV6_ROUTER=yes|no: Controls IPv6 autoconfiguration
+ IPV6_AUTOCONF=yes|no: Controls IPv6 autoconfiguration
+ Defaults:
+ Global IPV6FORWARDING=yes: IPV6_AUTOCONF=no, IPV6_ROUTER=yes
+ Global IPV6FORWARDING=no: IPV6_AUTOCONF=yes
+
+ Optional settings for a 6to4 tunnel
+ IPV6TO4INIT=yes|no
+ Enable or disable 6to4 tunneling setup
+ Default: no
+ IPV6TO4_RELAY=<IPv4 address> (optional)
+ IPv4 address of the remote 6to4 relay
+ Note: if this is omitted, ::192.88.99.1 (the anycast relay address) is chosen
+ IPV6TO4_IPV4ADDR=<IPv6 address>[/<prefix length>] (optional)
+ Overwrite local IPv4 address which is accessible from the Internet
+ (optional, in case of static IPv4-NAT behind a router or other special scenarios)
+ IPV6TO4_MTU=<MTU for IPv6> (optional)
+ Controls IPv6 MTU for the 6to4 tunnel
+ Note: Must be greater or equal to 1280
+ Example:
+ IPV6TO4_MTU="1280"
+ Default: MTU of master device - 20
+ IPV6TO4_ROUTING="<device>-<suffix>/<prefix length> ..." (optional)
+ A list of routing tokens to setup proper IPv6 interfaces on the LAN
+ Example:
+ IPV6TO4_ROUTING="eth0-:0004::1/64 eth1-:0005::1/64"
+ Will create one address per eth0 and eth1, taking given SLA
+
+ Optional settings for a 6to4 tunnel or a ppp link
+ IPV6_CONTROL_RADVD=yes|no (optional)
+ Enable signaling radvd that the 6to4 prefix has been changed or a
+ preconfigured dynamic device is up or down
+ Default: no
+
+ IPv6-only items for static tunnel interface:
+ Interface name: sitX (X => 1)
+ IPV6INIT=yes|no
+ Enable or disable IPv6 configuration for this interface
+ Default: no
+ IPV6TUNNELIPV4=<IPv4 address>
+ Specify IPv4 address of a foreign IPv6-in-IPv4 tunnel endpoint
+ Example:
+ IPV6TUNNELIPV4="1.2.3.4"
+ IPV6TUNNELIPV4LOCAL=<IPv4 address>
+ Specify local IPv4 address of tunnel, useful on interfaces with multiple IPv4 addresses
+ IPV6ADDR=<IPv6 address>[/<prefix length>] (optional)
+ local IPv6 address of a numbered tunnel
+ IPV6ADDR_SECONDARIES="<IPv6 address>[/<prefix length>] ..." (optional)
+ A list of secondary IPv6 addresses (example see above)
+ IPV6_MTU=<MTU of tunnel> (optional)
+ Optional, dedicated MTU of this tunnel
+ Note: Must be greater or equal to 1280
+ Example:
+ IPV6_MTU="1280"
+
+ IPv6-only option to enable DHCPv6 client:
+ DHCPV6C=yes|no
+ This will enable the DHCPv6 client, dhcp6c, to be run for the interface.
+ See man dhcp6c(8) and dhcp6c.conf(5).
+ DHCPV6C_OPTIONS=...
+ This will pass given arguments to the DHCPv6 client. For example,
+ "-I" option will request network information (e.g., DNS addresses)
+ only, not IPv6 addresses.
+
+ Ethernet-only items:
+ ARP=yes|no (adds 'arp' flag to ip, for use with the
+ ethertap device)
+ LINKDELAY=<time in seconds>
+ Time that the system should pause after the specific interface is
+ enabled. This may be useful if one interface is connected to a
+ switch which has spanning tree enabled and must wait for STP to
+ converge before the interface should be considered usable.
+ BRIDGE=<br* device>
+ If set, the ethernet device is not assigned an address. It is added to
+ the specified bridge device instead.
+ EXTRA_ROUTE_OPTS=<string of route options>
+ Extra options to add to the interface route. For example, let's say you
+ wanted an interface route to have an mtu of 1480, but wanted the
+ interface to still have a route of 1500, you could set "mtu 1480" here.
+ Anything here is appended to the `ip route add` or `ip route replace`
+ command.
+
+ Deprecated, but supported:
+ ETHTOOL_OPTS=...
+ Any device-specific options supported by ethtool. For example,
+ if you wanted to force 100Mb full duplex:
+ ETHTOOL_OPTS="speed 100 duplex full autoneg off"
+ Note that changing speed or duplex settings almost always
+ requires disabling autonegotiation with 'autoneg off'.
+
+ Multiple options can also be set like so :
+ ETHTOOL_OPTS="-K ${DEVICE} tso on; -G ${DEVICE} rx 256 tx 256"
+
+ Long term, this should be done by sysadmin-written udev rules.
+
+ No longer supported:
+ PROMISC=yes|no (enable or disable promiscuous mode)
+ ALLMULTI=yes|no (enable or disable all-multicast mode)
+
+ To properly set these, use the packet socket interface.
+
+ Ethernet 802.1q VLAN items:
+ DEVICE=eth0.42
+ Initscripts use DEV_PLUS_VID_NO_PAD naming mode for VLAN
+ devices.
+ Example: eth0.42 for vlan 42 on device eth0.
+ Valid VLAN ID range is 0-4095. Most ethernet switches reserve
+ VLAN ID 1 to be used as management VLAN; starting from VLAN
+ ID 2 is recommended.
+ REORDER_HDR=yes|no
+ When enabled the VLAN device will move the ethernet header
+ around to make it look exactly like a real ethernet device.
+ This may help programs such as ISC dhcpd which read the raw
+ ethernet packet and make assumptions about the location of
+ bytes. If you don't need it turn it off because there
+ is a small performance penalty. Default is on.
+ GVRP=yes|no
+ When enabled, this will announce new vlan creation to a GVRP
+ enabled trunk port on a switch. Default is off.
+
+ PPP/SLIP items:
+ PERSIST=yes|no
+ MODEMPORT=<device, say /dev/modem>
+ LINESPEED=<speed, say 115200>
+ DEFABORT=yes|no (tells netcfg whether or not to put default
+ abort strings in when creating/editing the chat script and/or
+ dip script for this interface)
+ (meaningless with WVDIALSECT)
+
+ PPP-specific items
+ WVDIALSECT=<list of sections from wvdial.conf to use>
+ If this variable is set, then the chat script (if it
+ exists) is ignored, and wvdial is used to open the
+ PPP connection.
+ DEFROUTE=yes|no (set this interface as default route? yes is default)
+ DEBUG=yes|no (defaults to yes)
+ turns on/off pppd and chat (if used) debugging.
+ ESCAPECHARS=yes|no (simplified interface here doesn't let people
+ specify which characters to escape; almost everyone can use
+ asyncmap 00000000 anyway, and they can set PPPOPTIONS to
+ asyncmap foobar if they want to set options perfectly)
+ HARDFLOWCTL=yes|no (yes implies "modem crtscts" options)
+ PPPOPTIONS=<arbitrary option string; is placed last on the
+ command line, so it can override other options like asyncmap
+ that were specified differently>
+ PPPOE_EXTRA = any extra arguments to pass to pppoe
+ PPPD_EXTRA = any extra arguments to pass to pppd
+ PAPNAME=<"name $PAPNAME" on pppd command line> (note that
+ the "remotename" option is always specified as the logical
+ ppp device name, like "ppp0" (which might perhaps be the
+ physical device ppp1 if some other ppp device was brought
+ up earlier...), which makes it easy to manage pap/chap
+ files -- name/password pairs are associated with the
+ logical ppp device name so that they can be managed
+ together.
+ REMIP=<remote ip address, normally unspecified>
+ MTU=
+ MRU=
+ DISCONNECTTIMEOUT=<number of seconds, default currently 5>
+ (time to wait before re-establishing the connection after
+ a successfully-connected session terminates before attempting
+ to establish a new connection.)
+ RETRYTIMEOUT=<number of seconds, default currently 60>
+ (time to wait before re-attempting to establish a connection
+ after a previous attempt fails.)
+ RETRYCONNECT=yes|no (defaults to yes)
+ If this is yes, then we will re-run pppd if it exits with a
+ "connect script failed" status. Otherwise, only one attempt
+ is made to bring up the connection. Note that some connect
+ scripts (for example, wvdial) might do their own retries (such
+ as BUSY or NO DIALTONE conditions).
+ MAXFAIL=<number>
+ If this is set, this will cause ppp-watch to exit after
+ the specified number of attempts.
+ DEMAND=yes|no
+ Switches on demand-dialing mode using pppd's "demand" option.
+ IDLETIMEOUT=600
+ The amount of time the link needs to be inactive before pppd will
+ bring it down automatically.
+ BOOTTIMEOUT=30
+ The amount of time to wait at boot before giving up on the
+ connection.
+
+ IPPP-specific items (ISDN)
+ PROVIDER=<ProviderName>
+ USER=<Login>
+ PASSWORD=<Password>
+ ENCAP=[syncppp|]
+ DIALMODE=[manual|auto]
+ SECURE=off|on
+ MSN=<>
+ PHONE_IN=<Callback.Number>
+ AREACODE=<>
+ REGIONCODE=<>
+ PHONE_OUT=<PhoneNumber>
+ BUNDLING=off|on
+ HUPTIMEOUT=<number>
+ DNS1=<PrimaryDNS>
+ DNS2=<SecondaryDNS>
+ DOMAIN=""
+ LAYER=[HDLC|]
+ CALLBACK=off|on
+ CHARGEHUP=<number>
+ CHARGEINT=<number>
+ CBHUP=<number>
+ CBDELAY=<number>
+ DIALMAX=<number>
+ AUTH=[+pap] [-chap]
+ IHUP=<>
+ DELDEFAULTROUTE=[enabled|disabled]
+ CBCP=off|on
+ VJ=off|on
+ VJCCOMP=off|on
+ AC=off|on
+ PC=off|on
+ BSDCOMP=off|on
+ CCP=off|on
+ SLAVE_DEVICE=ippp[0-9]
+
+ ippp0 items being deprecated:
+ BOOT=[on|off] will be converted to ONBOOT=[yes|no] by netconf
+ LOCAL_IP= will be converted to IPADDR by netconf
+ REMOTE_IP= will be converted to GATEWAY by netconf
+
+ Wireless-specific items:
+ See iw(8) for additional information.
+ MODE=[Managed|Ad-Hoc|Monitor]
+ ESSID=
+ Required.
+ FREQ=
+ Required if MODE=Ad-Hoc.
+ KEY=<default WEP key>
+
+ IPSEC specific items
+ SRC=source address. Not required.
+ DST=destination address
+ TYPE=IPSEC
+ SRCNET=source net (for tunneling)
+ DSTNET=destination network (for tunneling)
+
+ Manual keying:
+
+ AH_PROTO{,_IN,_OUT}=protocol to use for AH (defaults to hmac-sha1)
+ ESP_PROTO{,_IN,_OUT}=protocol to use for ESP (defaults to 3des-cbc)
+ AESP_PROTO{,_IN,_OUT}=protocol to use for ESP authentication (defaults to
+ hmac-sha1)
+ KEY_AH{,_IN,_OUT}=AH key
+ KEY_ESP{,_IN,_OUT}=ESP encryption key
+ KEY_AESP{,_IN,_OUT}=ESP authentication key (optional)
+ SPI_{ESP,AH}_{IN,OUT}=SPIs to use
+
+ _IN and _OUT specifiers are for using different keys or protocols for
+ incoming and outgoing packets. If neither _IN or _OUT variants are set for
+ protocols or keys, the same will be used for both. Hexadecimal keys need to
+ be prefixed with "0x".
+
+ Automatic keying:
+
+ IKE_DHGROUP=<number> (defaults to 2)
+ IKE_METHOD=PSK|X509|GSSAPI
+ PSK=preshared keys (shared secret)
+ X509=X.509 certificates
+ GSSPI=GSSAPI authentication
+ IKE_AUTH=protocol to use for Phase 1 of SA (defaults to sha1)
+ IKE_ENC=protocol to use for Phase 1 of SA (defaults to 3des)
+ IKE_PSK=preshared key for this connection
+ IKE_CERTFILE=our certificate file name for X509 IKE
+ IKE_PEER_CERTFILE=peer public cert filename for X509 IKE
+ IKE_DNSSEC=retrieve peer public certs from DNS
+ (otherwise uses certificate information sent over IKE)
+
+ To manage the racoon configuration manually (e.g. when there is more than
+ one IPSEC configuration with the same DST), set KEYING=automatic and leave
+ all IKE_* parameters unspecified.
+
+ To override the identifier to use with a preshared key:
+
+ MYID_TYPE=address|fqdn|user_fqdn
+ MYID_VALUE=fqdn or user_fqdn string for this connection
+
+ Usage of AH or ESP may be disabled by setting {AH,ESP}_PROTO to "none".
+
+ Bonding-specific items
+
+ SLAVE=yes
+ Specifies device as a slave
+ MASTER=bondXX
+ Specifies master device to bind to
+ BONDING_OPTS=
+ A space-separated list of options to the bonding driver for this
+ interface, such as:
+
+ "mode=active-backup arp_interval=60 arp_ip_target=192.168.1.1,192.168.1.2"
+
+ Tunnel-specific items:
+ TYPE=GRE|GRE6|IPIP|IPIP6|EXTERNAL
+ External is a mode for ip6_tunnel interfaces (that cannot be set on
+ the primary ip6tnl0 interface), which permits unwrapping encapsulated
+ packets regardless of their internal IP (v4 or v6) provided the inner
+ address is on the interface. Use $MY_INNER_IPADDR for v4 addresses. Use
+ $IPV6ADDR and $IPV6ADDR_SECONDARIES as usual for v6 addresses.
+ MY_INNER_IPADDR=local IP address of the tunnel interface
+ PEER_OUTER_IPADDR=IP address of the remote tunnel endpoint
+ MY_OUTER_IPADDR=IP address of the local tunnel endpoint
+ If unspecified, an IP address is selected automatically for outgoing
+ tunnel packets, and incoming tunnel packets are accepted on all local
+ IP addresses.
+ PEER_INNER_IPADDR=IP address of the remote end of the tunnel interface
+ If this is specified, a route to PEER_INNER_IPADDR through the tunnel
+ is added automatically.
+ TTL=TTL value for tunnel packets
+ Default is to use the TTL of the packet transported through the tunnel
+
+ Bridge-specific items:
+ TYPE=Bridge
+ STP=off|on (see 'brctl stp')
+ DELAY=forward delay time in seconds (see 'brctl setfd')
+ BRIDGING_OPTS=
+ A space-separated list of bridging options for either the bridge
+ device, or the port device, such as:
+
+ BRIDGING_OPTS="hello_time=200 priority=65535"
+ for bridge devices, or
+ BRIDGING_OPTS="hairpin_mode=1"
+ for port devices.
+
+ TUN/TAP-specific items:
+ OWNER=<owner of the device>
+
+/etc/sysconfig/network-scripts/chat-<interface-name>:
+
+ chat script for PPP or SLIP connection intended to establish
+ the connection. For SLIP devices, a DIP script is written
+ from the chat script; for PPP devices, the chat script is used
+ directly.
+
+/etc/sysconfig/network-scripts/dip-<interface-name>
+
+ A write-only script created from the chat script by netcfg.
+ Do not modify this. In the future, this file may disappear
+ by default and created on-the-fly from the chat script if
+ it does not exist.
+
+/etc/sysconfig/network-scripts/ifup-post
+
+ Called when any network device EXCEPT a SLIP device comes
+ up. Calls /etc/sysconfig/network-scripts/ifup-routes to
+ bring up static routes that depend on that device. Calls
+ /etc/sysconfig/network-scripts/ifup-aliases to bring up
+ aliases for that device. Sets the hostname if it is not
+ already set and a hostname can be found for the IP for that
+ device. Sends SIGIO to any programs that have requested
+ notification of network events.
+
+ Could be extended to fix up nameservice configuration, call
+ arbitrary scripts, etc, as needed.
+
+/etc/sysconfig/network-scripts/ifup-routes
+
+ Set up static routes for a device.
+
+/etc/sysconfig/network-scripts/ifup-aliases
+
+ Bring up aliases for a device.
+
+/etc/sysconfig/network-scripts/ifdhcpc-done
+
+ Called by dhcpcd once dhcp configuration is complete; sets
+ up /etc/resolv.conf from the version dhcpcd dropped in
+ /etc/dhcpc/resolv.conf
+
+/etc/sysconfig/network-scripts/route-<interface-name>
+
+ Contains lines that specify additional routes that should be added when the
+ associated interface is brought up.
+
+ The files are processed by the ifup-routes script and uses the /sbin/ipcalc
+ utility for all network masks and numbers. Routes are specified using the
+ syntax:
+
+ ADDRESSn=<network>
+ NETMASKn=<network/prefix mask>
+ GATEWAYn=<next-hop router/gateway IP address>
+
+ The "n" is expected to be consecutive positive integers starting from 0.
+ For example:
+
+ ADDRESS0=192.168.2.0
+ NETMASK0=255.255.255.0
+ GATEWAY0=192.168.1.1
+
+ adds a network route to the 192.168.2.0 network via the gateway at
+ 192.168.1.1. Since you must already have a route to the network of the
+ gateway, there is no need to specify a device.
+
+ Note: The ifup-routes script also supports an older syntax designed to be
+ used directly as an argument to "/sbin/ip route add". This syntax is
+ deprecated, but if no "ADDRESSn" lines are found the following will still
+ work:
+
+ 192.168.2.0/24 dev ppp0
+
+ adds a network route to the 192.168.2.0 network through ppp0.
+
+/etc/sysconfig/network-scripts/route6-<interface-name>
+
+ Contains lines that are arguments to "/sbin/ip -6 route add"
+ For example:
+
+ site-local route for network fec0:0:0:2::/64
+ via gateway fec0:0:0:1:0:0:0:20 (e.g. on eth0):
+
+ fec0:0:0:2::/64 via fec0:0:0:1:0:0:0:20
+
+ additional prefix configured to be on-link on eth0:
+
+ 3ffe:fffe:1:2::/64 dev eth0
+
+ 6to4 route for network 3ffe:ffff:1::/48, either:
+
+ 3ffe:ffff:1::/48
+ 3ffe:ffff:1::/48 via ::192.168.1.2
+
+ Note the special case of 6to4 interface: 'via [relay]' is
+ automatically added if explicit 'via' wasn't specified.
+
+/etc/sysconfig/network-scripts/rule-<interface-name>
+/etc/sysconfig/network-scripts/rule6-<interface-name>
+
+ Contains lines that specify additional routing rules that should be added
+ when the associated interface is brought up.
+
+ Each non-comment line is used directly as an argument to "/sbin/ip rule add"
+ or "/sbin/ip -6 rule add" for rule6 files.
+