SYSCTL(8) OpenBSD System Manager's Manual SYSCTL(8)
NAME
sysctl - get or set kernel state
SYNOPSIS
sysctl [-n] variable ...
sysctl [-nq] -w variable=value ...
sysctl -aA [-n]
DESCRIPTION
The sysctl utility retrieves kernel state and allows processes with ap-
propriate privilege to set kernel state. The state to be retrieved or
set is described using a ``Management Information Base'' (MIB) style
name, described as a dotted set of components.
The options are as follows:
-a List all the currently available string or integer values.
-A List all the known MIB names including tables. Those with string or
integer values will be printed as with the -a flag; for the table
values, the name of the utility to retrieve them is given.
-n Suppress printing of the field name, only output the field value.
Useful for setting shell variables. For example, to set the psize
shell variable to the pagesize of the hardware:
# set psize=`sysctl -n hw.pagesize`
-q Suppress all output when setting a variable. This option overrides
the behaviour of -n.
-w Required to set a variable. The MIB name should be followed by an
equal sign and the new value.
The information available from sysctl consists of integers, strings, and
tables. The tabular information can only be retrieved by special purpose
programs such as ps, systat, and netstat. The string and integer infor-
mation is summarized below. For a detailed description of these variable
see sysctl(3). The changeable column indicates whether a process with
appropriate privilege can change the value.
Name Type Changeable
kern.ostype string no
kern.osrelease string no
kern.osrevision integer no
kern.version string no
kern.maxvnodes integer yes
kern.maxproc integer yes
kern.maxfiles integer yes
kern.argmax integer no
kern.securelevel integer raise only
kern.hostname string yes
kern.hostid u_int yes
kern.clockrate struct no
kern.posix1version integer no
kern.ngroups integer no
kern.job_control integer no
kern.saved_ids integer no
kern.boottime struct no
kern.domainname string yes
kern.maxpartitions integer no
kern.rawpartition integer no
kern.osversion string no
kern.somaxconn integer yes
kern.sominconn integer yes
kern.usermount integer yes
kern.random struct no
kern.nosuidcoredump integer yes
kern.fsync integer no
kern.sysvmsg integer no
kern.sysvsem integer no
kern.sysvshm integer no
kern.arandom u_int no
kern.msgbufsize integer no
kern.malloc.buckets string no
kern.malloc.bucket.<sz> string no
kern.malloc.kmemnames string no
kern.malloc.kmemstat.<name> string no
kern.cp_time struct no
kern.nchstats struct no
kern.forkstat struct no
kern.nselcoll integer no
kern.tty.tk_nin int64_t no
kern.tty.tk_nout int64_t no
kern.tty.tk_rawcc int64_t no
kern.tty.tk_cancc int64_t no
kern.ccpu u_int no
kern.fscale integer no
kern.nprocs integer no
kern.stackgap_random integer yes
kern.usercrypto integer yes
kern.cryptodevallowsoft integer yes
kern.splassert integer yes
kern.nfiles integer no
kern.ttycount integer no
kern.numvnodes integer no
kern.userasymcrypto integer yes
kern.seminfo.semmni integer yes
kern.seminfo.semmns integer yes
kern.seminfo.semmnu integer yes
kern.seminfo.semmsl integer yes
kern.seminfo.semopm integer yes
kern.seminfo.semume integer no
kern.seminfo.semusz integer no
kern.seminfo.semvmx integer no
kern.seminfo.semaem integer no
kern.shminfo.shmmax integer yes
kern.shminfo.shmmin integer yes
kern.shminfo.shmmni integer yes
kern.shminfo.shmseg integer yes
kern.shminfo.shmall integer yes
kern.watchdog.period integer yes
kern.watchdog.auto integer yes
kern.emul.nemuls integer no
kern.emul.other integer yes
vm.vmmeter struct no
vm.loadavg struct no
vm.psstrings struct no
vm.uvmexp struct no
vm.swapencrypt.enable integer yes
vm.swapencrypt.keyscreated integer no
vm.swapencrypt.keysdeleted integer no
vm.nkmempages integer no
vm.anonmin integer yes
vm.vtextmin integer yes
vm.vnodemin integer yes
vm.maxslp integer no
vm.uspace integer no
fs.posix.setuid integer yes
net.inet.ip.forwarding integer yes
net.inet.ip.redirect integer yes
net.inet.ip.ttl integer yes
net.inet.ip.sourceroute integer yes
net.inet.ip.directed-broadcast integer yes
net.inet.ip.portfirst integer yes
net.inet.ip.portlast integer yes
net.inet.ip.porthifirst integer yes
net.inet.ip.porthilast integer yes
net.inet.ip.maxqueue integer yes
net.inet.ip.encdebug integer yes
net.inet.ip.ipsec-expire-acquire integer yes
net.inet.ip.ipsec-invalid-life integer yes
net.inet.ip.ipsec-pfs integer yes
net.inet.ip.ipsec-soft-allocs integer yes
net.inet.ip.ipsec-allocs integer yes
net.inet.ip.ipsec-soft-bytes integer yes
net.inet.ip.ipsec-bytes integer yes
net.inet.ip.ipsec-timeout integer yes
net.inet.ip.ipsec-soft-timeout integer yes
net.inet.ip.ipsec-soft-firstuse integer yes
net.inet.ip.ipsec-firstuse integer yes
net.inet.ip.ipsec-enc-alg string yes
net.inet.ip.ipsec-auth-alg string yes
net.inet.ip.mtudisc integer yes
net.inet.ip.mtudisctimeout integer yes
net.inet.ip.ipsec-comp-alg string yes
net.inet.icmp.maskrepl integer yes
net.inet.icmp.bmcastecho integer yes
net.inet.icmp.errppslimit integer yes
net.inet.icmp.rediraccept integer yes
net.inet.icmp.redirtimeout integer yes
net.inet.icmp.tstamprepl integer yes
net.inet.ipip.allow integer yes
net.inet.tcp.rfc1323 integer yes
net.inet.tcp.keepinittime integer yes
net.inet.tcp.keepidle integer yes
net.inet.tcp.keepintvl integer yes
net.inet.tcp.slowhz integer no
net.inet.tcp.baddynamic array yes
net.inet.tcp.recvspace integer yes
net.inet.tcp.sendspace integer yes
net.inet.tcp.sack integer yes
net.inet.tcp.mssdflt integer yes
net.inet.tcp.rstppslimit integer yes
net.inet.tcp.ackonpush integer yes
net.inet.tcp.ecn integer yes
net.inet.udp.checksum integer yes
net.inet.udp.baddynamic array yes
net.inet.udp.recvspace integer yes
net.inet.udp.sendspace integer yes
net.inet.gre.allow integer yes
net.inet.gre.wccp integer yes
net.inet.esp.enable integer yes
net.inet.ah.enable integer yes
net.inet.mobileip.allow integer yes
net.inet.etherip.allow integer yes
net.inet.ipcomp.enable integer yes
net.inet6.ip6.forwarding integer yes
net.inet6.ip6.redirect integer yes
net.inet6.ip6.hlim integer yes
net.inet6.ip6.maxfragpackets integer yes
net.inet6.ip6.accept_rtadv integer yes
net.inet6.ip6.keepfaith integer yes
net.inet6.ip6.log_interval integer yes
net.inet6.ip6.hdrnestlimit integer yes
net.inet6.ip6.dad_count integer yes
net.inet6.ip6.auto_flowlabel integer yes
net.inet6.ip6.defmcasthlim integer yes
net.inet6.ip6.kame_version string no
net.inet6.ip6.use_deprecated integer yes
net.inet6.ip6.rr_prune integer yes
net.inet6.ip6.v6only integer no
net.inet6.ip6.maxfrags integer yes
net.inet6.icmp6.rediraccept integer yes
net.inet6.icmp6.redirtimeout integer yes
net.inet6.icmp6.nd6_prune integer yes
net.inet6.icmp6.nd6_delay integer yes
net.inet6.icmp6.nd6_umaxtries integer yes
net.inet6.icmp6.nd6_mmaxtries integer yes
net.inet6.icmp6.nd6_useloopback integer yes
net.inet6.icmp6.nodeinfo integer yes
net.inet6.icmp6.errppslimit integer yes
net.inet6.icmp6.nd6_maxnudhint integer yes
net.inet6.icmp6.mtudisc_hiwat integer yes
net.inet6.icmp6.mtudisc_lowat integer yes
net.inet6.icmp6.nd6_debug integer yes
net.ipx.ipx.checksum integer yes
net.ipx.ipx.forwarding integer yes
net.ipx.ipx.netbios integer yes
net.ipx.ipx.recvspace integer yes
net.ipx.ipx.sendspace integer yes
debug.syncprt integer yes
debug.busyprt integer yes
debug.doclusterread integer yes
debug.doclusterwrite integer yes
debug.doreallocblks integer yes
debug.doasyncfree integer yes
debug.prtrealloc integer yes
hw.machine string no
hw.model string no
hw.ncpu integer no
hw.byteorder integer no
hw.physmem integer no
hw.usermem integer no
hw.pagesize integer no
hw.diskstats struct no
hw.disknames string no
hw.diskcount integer no
hw.sensors struct no
machdep.console_device dev_t no
machdep.unaligned_print integer yes (alpha only)
machdep.unaligned_fix integer yes (alpha only)
machdep.unaligned_sigbus integer yes (alpha only)
machdep.apmwarn integer yes (i386 only)
machdep.apmhalt integer yes (i386 only)
machdep.kbdreset integer yes (i386 only)
machdep.userldt integer yes (i386 only)
machdep.allowaperture integer yes (XFree86)
machdep.led_blink integer yes (sparc/sparc64)
machdep.ceccerrs integer no (sparc64)
machdep.cecclast quad no (sparc64)
user.cs_path string no
user.bc_base_max integer no
user.bc_dim_max integer no
user.bc_scale_max integer no
user.bc_string_max integer no
user.coll_weights_max integer no
user.expr_nest_max integer no
user.line_max integer no
user.re_dup_max integer no
user.posix2_version integer no
user.posix2_c_bind integer no
user.posix2_c_dev integer no
user.posix2_char_term integer no
user.posix2_fort_dev integer no
user.posix2_fort_run integer no
user.posix2_localedef integer no
user.posix2_sw_dev integer no
user.posix2_upe integer no
user.stream_max integer no
user.tzname_max integer no
ddb.radix integer yes
ddb.max_width integer yes
ddb.max_line integer yes
ddb.tab_stop_width integer yes
ddb.panic integer yes
ddb.console integer yes
ddb.log integer yes
vfs.mounts.* struct no
vfs.ffs.doclusterread integer yes
vfs.ffs.doclusterwrite integer yes
vfs.ffs.doreallocblks integer yes
vfs.ffs.doasyncfree integer yes
vfs.ffs.max_softdeps integer yes
vfs.ffs.sd_tickdelay integer yes
vfs.ffs.sd_worklist_push integer no
vfs.ffs.sd_blk_limit_push integer no
vfs.ffs.sd_ino_limit_push integer no
vfs.ffs.sd_blk_limit_hit integer no
vfs.ffs.sd_ino_limit_hit integer no
vfs.ffs.sd_sync_limit_hit integer no
vfs.ffs.sd_indir_blk_ptrs integer no
vfs.ffs.sd_inode_bitmap integer no
vfs.ffs.sd_direct_blk_ptrs integer no
vfs.ffs.sd_dir_entry integer no
vfs.nfs.iothreads integer yes
The sysctl program can get or set debugging variables that have been
identified for its display. This information can be obtained by using
the command:
$ sysctl debug
In addition, sysctl can extract information about the filesystems that
have been compiled into the running system. This information can be ob-
tained by using the command:
$ sysctl vfs.mounts
By default, only filesystems that are actively being used are listed.
Use of the -A flag lists all the filesystems compiled into the running
kernel.
FILES
<sys/sysctl.h> definitions for top level identifiers, second
level kernel and hardware identifiers, and user
level identifiers
<dev/rndvar.h> definitions for random(4) device's statistics
structure
<sys/socket.h> definitions for second level network identi-
fiers
<sys/gmon.h> definitions for third level profiling identi-
fiers
<uvm/uvm_param.h> definitions for second level virtual memory
identifiers
<uvm/uvm_swap_encrypt.h> definitions for third level virtual memory
identifiers
<netinet/in.h> definitions for third level IPv4/v6 identifiers
and fourth level IPv4/v6 identifiers
<netinet/icmp_var.h> definitions for fourth level ICMP identifiers
<netinet6/icmp6.h> definitions for fourth level ICMPv6 identifiers
<netinet/tcp_var.h> definitions for fourth level TCP identifiers
<netinet/udp_var.h> definitions for fourth level UDP identifiers
<netipx/ipx_var.h> definitions for third level IPX identifiers and
fourth level IPX identifiers
<ddb/db_var.h> definitions for second level ddb identifiers
<sys/mount.h> definitions for second level vfs identifiers
<nfs/nfs.h> definitions for third level NFS identifiers
<ufs/ffs/ffs_extern.h> definitions for third level FFS identifiers
EXAMPLES
To retrieve the maximum number of processes allowed in the system:
$ sysctl kern.maxproc
To set the maximum number of processes allowed in the system to 1000:
# sysctl -w kern.maxproc=1000
To retrieve information about the system clock rate:
$ sysctl kern.clockrate
To retrieve information about the load average history:
$ sysctl vm.loadavg
To make the chown(2) system call use traditional BSD semantics (don't
clear setuid/setgid bits):
# sysctl -w fs.posix.setuid=0
To set the list of reserved TCP ports that should not be allocated by the
kernel dynamically:
# sysctl -w net.inet.tcp.baddynamic=749,750,751,760,761,871
This can be used to keep daemons from stealing a specific port that an-
other program needs to function. List elements may be separated by com-
mas and/or whitespace.
It is also possible to add or remove ports from the current list:
# sysctl -w net.inet.tcp.baddynamic=+748
# sysctl -w net.inet.tcp.baddynamic=-871
To adjust the number of kernel nfsio threads used to service asynchronous
I/O requests on an NFS client machine:
# sysctl -w vfs.nfs.iothreads=4
The number of 4 is the default, 20 is the maximum. See nfssvc(2) and
nfsd(8) for further discussion.
To set the amount of shared memory available in the system and the maxi-
mum number of shared memory segments:
# sysctl -w kern.shminfo.shmmax=33554432
# sysctl -w kern.shminfo.shmseg=32
SEE ALSO
sysctl(3), sysctl.conf(5)
HISTORY
sysctl first appeared in 4.4BSD.
OpenBSD 3.4 December 18, 2002 7