2 .\" The Regents of the University of California. All rights reserved.
4 .\" Redistribution and use in source and binary forms, with or without
5 .\" modification, are permitted provided that the following conditions
7 .\" 1. Redistributions of source code must retain the above copyright
8 .\" notice, this list of conditions and the following disclaimer.
9 .\" 2. Redistributions in binary form must reproduce the above copyright
10 .\" notice, this list of conditions and the following disclaimer in the
11 .\" documentation and/or other materials provided with the distribution.
12 .\" 4. Neither the name of the University nor the names of its contributors
13 .\" may be used to endorse or promote products derived from this software
14 .\" without specific prior written permission.
16 .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
17 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
20 .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28 .\" From: @(#)sysctl.8 8.1 (Berkeley) 6/6/93
36 .Nd get or set kernel state
40 .Ar name Ns Op = Ns Ar value
48 utility retrieves kernel state and allows processes with appropriate
49 privilege to set kernel state.
50 The state to be retrieved or set is described using a
51 .Dq Management Information Base
53 style name, described as a dotted set of
56 The following options are available:
57 .Bl -tag -width indent
63 List all the currently available non-opaque values.
64 This option is ignored if one or more variable names are specified on
67 Force the value of the variable(s) to be output in raw, binary format.
68 No names are printed and no terminating newlines are output.
69 This is mostly useful with a single variable.
71 Print the description of the variable instead of its value.
73 Separate the name and the value of the variable(s) with
75 This is useful for producing output which can be fed back to the
78 This option is ignored if either
82 is specified, or a variable is being set.
84 Format output for human, rather than machine, readability.
87 The purpose is to make use of
89 for collecting data from a variety of machines (not all of which
90 are necessarily running exactly the same software) easier.
92 Show only variable names, not their values.
93 This is particularly useful with shells that offer programmable
95 To enable completion of variable names in
96 .Xr zsh 1 Pq Pa ports/shells/zsh ,
97 use the following code:
98 .Bd -literal -offset indent
99 listsysctls () { set -A reply $(sysctl -AN ${1%.*}) }
100 compctl -K listsysctls sysctl
103 To enable completion of variable names in
107 .Dl "complete sysctl 'n/*/`sysctl -Na`/'"
109 Show only variable values, not their names.
110 This option is useful for setting shell variables.
111 For instance, to save the pagesize in variable
115 .Dl "set psize=`sysctl -n hw.pagesize`"
117 Show opaque variables (which are normally suppressed).
118 The format and length are printed, as well as a hex dump of the first
119 sixteen bytes of the value.
121 Suppress some warnings generated by
131 but prints a hex dump of the entire value instead of just the first
135 The information available from
137 consists of integers, strings, and opaque types.
141 only knows about a couple of opaque types, and will resort to hexdumps
143 The opaque information is much more useful if retrieved by special
144 purpose programs such as
150 Some of the variables which cannot be modified during normal system
151 operation can be initialized via
154 This can for example be done by setting them in
158 for more information on which tunables are available and how to set them.
160 The string and integer information is summarized below.
161 For a detailed description of these variable see
164 The changeable column indicates whether a process with appropriate
165 privilege can change the value.
166 String and integer values can be set using
168 .Bl -column security.bsd.unprivileged_read_msgbuf integerxxx
169 .It Sy "Name Type Changeable
170 .It "kern.ostype string no
171 .It "kern.osrelease string no
172 .It "kern.osrevision integer no
173 .It "kern.version string no
174 .It "kern.maxvnodes integer yes
175 .It "kern.maxproc integer no
176 .It "kern.maxprocperuid integer yes
177 .It "kern.maxfiles integer yes
178 .It "kern.maxfilesperproc integer yes
179 .It "kern.argmax integer no
180 .It "kern.securelevel integer raise only
181 .It "kern.hostname string yes
182 .It "kern.hostid integer yes
183 .It "kern.clockrate struct no
184 .It "kern.posix1version integer no
185 .It "kern.ngroups integer no
186 .It "kern.job_control integer no
187 .It "kern.saved_ids integer no
188 .It "kern.boottime struct no
189 .It "kern.domainname string yes
190 .It "kern.filedelay integer yes
191 .It "kern.dirdelay integer yes
192 .It "kern.metadelay integer yes
193 .It "kern.osreldate string no
194 .It "kern.bootfile string yes
195 .It "kern.corefile string yes
196 .It "kern.logsigexit integer yes
197 .It "security.bsd.suser_enabled integer yes
198 .It "security.bsd.see_other_uids integer yes
199 .It "security.bsd.unprivileged_proc_debug integer yes
200 .It "security.bsd.unprivileged_read_msgbuf integer yes
201 .It "vm.loadavg struct no
202 .It "hw.machine string no
203 .It "hw.model string no
204 .It "hw.ncpu integer no
205 .It "hw.byteorder integer no
206 .It "hw.physmem integer no
207 .It "hw.usermem integer no
208 .It "hw.pagesize integer no
209 .It "hw.floatingpoint integer no
210 .It "hw.machine_arch string no
211 .It "hw.realmem integer no
212 .It "machdep.adjkerntz integer yes
213 .It "machdep.disable_rtc_set integer yes
214 .It "machdep.guessed_bootdev string no
215 .It "user.cs_path string no
216 .It "user.bc_base_max integer no
217 .It "user.bc_dim_max integer no
218 .It "user.bc_scale_max integer no
219 .It "user.bc_string_max integer no
220 .It "user.coll_weights_max integer no
221 .It "user.expr_nest_max integer no
222 .It "user.line_max integer no
223 .It "user.re_dup_max integer no
224 .It "user.posix2_version integer no
225 .It "user.posix2_c_bind integer no
226 .It "user.posix2_c_dev integer no
227 .It "user.posix2_char_term integer no
228 .It "user.posix2_fort_dev integer no
229 .It "user.posix2_fort_run integer no
230 .It "user.posix2_localedef integer no
231 .It "user.posix2_sw_dev integer no
232 .It "user.posix2_upe integer no
233 .It "user.stream_max integer no
234 .It "user.tzname_max integer no
237 .Bl -tag -width ".In netinet/icmp_var.h" -compact
239 definitions for top level identifiers, second level kernel and hardware
240 identifiers, and user level identifiers
242 definitions for second level network identifiers
244 definitions for third level profiling identifiers
246 definitions for second level virtual memory identifiers
248 definitions for third level Internet identifiers and
249 fourth level IP identifiers
250 .It In netinet/icmp_var.h
251 definitions for fourth level ICMP identifiers
252 .It In netinet/udp_var.h
253 definitions for fourth level UDP identifiers
256 For example, to retrieve the maximum number of processes allowed
257 in the system, one would use the following request:
259 .Dl "sysctl kern.maxproc"
261 To set the maximum number of processes allowed
262 per uid to 1000, one would use the following request:
264 .Dl "sysctl kern.maxprocperuid=1000"
266 Information about the system clock rate may be obtained with:
268 .Dl "sysctl kern.clockrate"
270 Information about the load average history may be obtained with:
272 .Dl "sysctl vm.loadavg"
274 More variables than these exist, and the best and likely only place
275 to search for their deeper meaning is undoubtedly the source where
280 option has been deprecated and is silently ignored.
289 utility first appeared in
295 was significantly remodeled.
299 utility presently exploits an undocumented interface to the kernel
300 sysctl facility to traverse the sysctl tree and to retrieve format
301 and name information.
302 This correct interface is being thought about for the time being.