sysctl - get or set kernel state
sysctl [-n] variable ...
sysctl [-nqw] variable=value ...
sysctl [-n] -Aa
The sysctl utility retrieves kernel state and allows processes with appropriate
privilege to set kernel state. The state to be
retrieved or
set is described using a ``Management Information Base''
(MIB) style
name, described as a dotted set of components.
When setting a variable, the MIB name should be followed by
an equal sign
and the new value. Variables are set implicitly using the
variable=value
syntax, or explicitly with the -w option. Both forms are
identical.
The options are as follows:
-A List all the known MIB names including tables. Those
with string or
integer values will be printed as with the -a flag; for
the table
values, the name of the utility to retrieve them is
given.
-a List all the currently available string or integer values.
-n Suppress printing of the field name, only output the
field value.
Useful for setting shell variables. For example, to
set the psize
shell variable to the pagesize of the hardware:
# set psize=`sysctl -n hw.pagesize`
-q Suppress all output when setting a variable. This option overrides
the behaviour of -n.
-w Set a variable. It must be followed by a
variable=value assignment.
The -w flag is optional when setting a variable.
The information available from sysctl consists of integers,
strings, and
tables. The tabular information can only be retrieved by
special purpose
programs such as ps, systat, and netstat. The string and
integer information
is summarized below. For a detailed description of
these variables,
see sysctl(3). The changeable column indicates
whether a process
with appropriate privilege can change the value.
Name Type kern.ostype string no
kern.osrelease string no
kern.osrevision integer no
kern.version string no
kern.maxvnodes integer yes
kern.maxproc integer yes
kern.maxfiles integer yes
kern.argmax integer no
kern.securelevel integer raise
only
kern.hostname string yes
kern.hostid u_int yes
kern.clockrate struct no
kern.posix1version integer no
kern.ngroups integer no
kern.job_control integer no
kern.saved_ids integer no
kern.boottime struct no
kern.domainname string yes
kern.maxpartitions integer no
kern.rawpartition integer no
kern.osversion string no
kern.somaxconn integer yes
kern.sominconn integer yes
kern.usermount integer yes
kern.random struct no
kern.nosuidcoredump integer yes
kern.fsync integer no
kern.sysvmsg integer no
kern.sysvsem integer no
kern.sysvshm integer no
kern.arandom u_int no
kern.msgbufsize integer no
kern.malloc.buckets string no
kern.malloc.bucket.<sz> string no
kern.malloc.kmemnames string no
kern.malloc.kmemstat.<name> string no
kern.cp_time struct no
kern.nchstats struct no
kern.forkstat struct no
kern.nselcoll integer no
kern.tty.tk_nin int64_t no
kern.tty.tk_nout int64_t no
kern.tty.tk_rawcc int64_t no
kern.tty.tk_cancc int64_t no
kern.tty.ttyinfo struct no
kern.tty.maxptys integer yes
kern.tty.nptys integer no
kern.ccpu u_int no
kern.fscale integer no
kern.nprocs integer no
kern.stackgap_random integer yes
kern.usercrypto integer yes
kern.cryptodevallowsoft integer yes
kern.splassert integer yes
kern.nfiles integer no
kern.ttycount integer no
kern.numvnodes integer no
kern.userasymcrypto integer yes
kern.seminfo.semmni integer yes
kern.seminfo.semmns integer yes
kern.seminfo.semmnu integer yes
kern.seminfo.semmsl integer yes
kern.seminfo.semopm integer yes
kern.seminfo.semume integer no
kern.seminfo.semusz integer no
kern.seminfo.semvmx integer no
kern.seminfo.semaem integer no
kern.shminfo.shmmax integer yes
kern.shminfo.shmmin integer yes
kern.shminfo.shmmni integer yes
kern.shminfo.shmseg integer yes
kern.shminfo.shmall integer yes
kern.watchdog.period integer yes
kern.watchdog.auto integer yes
kern.emul.nemuls integer no
kern.emul.other integer yes
kern.maxclusters integer yes
kern.timecounter.tick integer no
kern.timecounter.timestepwarnings integer no
kern.timecounter.hardware string yes
kern.timecounter.choice string no
vm.vmmeter struct no
vm.loadavg struct no
vm.psstrings struct no
vm.uvmexp struct no
vm.swapencrypt.enable integer yes
vm.swapencrypt.keyscreated integer no
vm.swapencrypt.keysdeleted integer no
vm.nkmempages integer no
vm.anonmin integer yes
vm.vtextmin integer yes
vm.vnodemin integer yes
vm.maxslp integer no
vm.uspace integer no
fs.posix.setuid integer yes
net.inet.ip.forwarding integer yes
net.inet.ip.redirect integer yes
net.inet.ip.ttl integer yes
net.inet.ip.sourceroute integer yes
net.inet.ip.directed-broadcast integer yes
net.inet.ip.portfirst integer yes
net.inet.ip.portlast integer yes
net.inet.ip.porthifirst integer yes
net.inet.ip.porthilast integer yes
net.inet.ip.maxqueue integer yes
net.inet.ip.encdebug integer yes
net.inet.ip.ipsec-expire-acquire integer yes
net.inet.ip.ipsec-invalid-life integer yes
net.inet.ip.ipsec-pfs integer yes
net.inet.ip.ipsec-soft-allocs integer yes
net.inet.ip.ipsec-allocs integer yes
net.inet.ip.ipsec-soft-bytes integer yes
net.inet.ip.ipsec-bytes integer yes
net.inet.ip.ipsec-timeout integer yes
net.inet.ip.ipsec-soft-timeout integer yes
net.inet.ip.ipsec-soft-firstuse integer yes
net.inet.ip.ipsec-firstuse integer yes
net.inet.ip.ipsec-enc-alg string yes
net.inet.ip.ipsec-auth-alg string yes
net.inet.ip.mtudisc integer yes
net.inet.ip.mtudisctimeout integer yes
net.inet.ip.ipsec-comp-alg string yes
net.inet.icmp.maskrepl integer yes
net.inet.icmp.bmcastecho integer yes
net.inet.icmp.errppslimit integer yes
net.inet.icmp.rediraccept integer yes
net.inet.icmp.redirtimeout integer yes
net.inet.icmp.tstamprepl integer yes
net.inet.ipip.allow integer yes
net.inet.tcp.rfc1323 integer yes
net.inet.tcp.keepinittime integer yes
net.inet.tcp.keepidle integer yes
net.inet.tcp.keepintvl integer yes
net.inet.tcp.slowhz integer no
net.inet.tcp.baddynamic array yes
net.inet.tcp.recvspace integer yes
net.inet.tcp.sendspace integer yes
net.inet.tcp.sack integer yes
net.inet.tcp.mssdflt integer yes
net.inet.tcp.rstppslimit integer yes
net.inet.tcp.ackonpush integer yes
net.inet.tcp.ecn integer yes
net.inet.tcp.syncachelimit integer yes
net.inet.tcp.synbucketlimit integer yes
net.inet.tcp.rfc3390 integer yes
net.inet.tcp.reasslimit integer yes
net.inet.udp.checksum integer yes
net.inet.udp.baddynamic array yes
net.inet.udp.recvspace integer yes
net.inet.udp.sendspace integer yes
net.inet.gre.allow integer yes
net.inet.gre.wccp integer yes
net.inet.esp.enable integer yes
net.inet.esp.udpencap integer yes
net.inet.esp.udpencap_port integer yes
net.inet.ah.enable integer yes
net.inet.mobileip.allow integer yes
net.inet.etherip.allow integer yes
net.inet.ipcomp.enable integer yes
net.inet.carp.allow integer yes
net.inet.carp.preempt integer yes
net.inet.carp.log integer yes
net.inet.carp.arpbalance integer yes
net.inet6.ip6.forwarding integer yes
net.inet6.ip6.redirect integer yes
net.inet6.ip6.hlim integer yes
net.inet6.ip6.maxfragpackets integer yes
net.inet6.ip6.accept_rtadv integer yes
net.inet6.ip6.keepfaith integer yes
net.inet6.ip6.log_interval integer yes
net.inet6.ip6.hdrnestlimit integer yes
net.inet6.ip6.dad_count integer yes
net.inet6.ip6.auto_flowlabel integer yes
net.inet6.ip6.defmcasthlim integer yes
net.inet6.ip6.kame_version string no
net.inet6.ip6.use_deprecated integer yes
net.inet6.ip6.rr_prune integer yes
net.inet6.ip6.v6only integer no
net.inet6.ip6.maxfrags integer yes
net.inet6.icmp6.rediraccept integer yes
net.inet6.icmp6.redirtimeout integer yes
net.inet6.icmp6.nd6_prune integer yes
net.inet6.icmp6.nd6_delay integer yes
net.inet6.icmp6.nd6_umaxtries integer yes
net.inet6.icmp6.nd6_mmaxtries integer yes
net.inet6.icmp6.nd6_useloopback integer yes
net.inet6.icmp6.nodeinfo integer yes
net.inet6.icmp6.errppslimit integer yes
net.inet6.icmp6.nd6_maxnudhint integer yes
net.inet6.icmp6.mtudisc_hiwat integer yes
net.inet6.icmp6.mtudisc_lowat integer yes
net.inet6.icmp6.nd6_debug integer yes
net.ipx.ipx.checksum integer yes
net.ipx.ipx.forwarding integer yes
net.ipx.ipx.netbios integer yes
net.ipx.ipx.recvspace integer yes
net.ipx.ipx.sendspace integer yes
debug.syncprt integer yes
debug.busyprt integer yes
debug.doclusterread integer yes
debug.doclusterwrite integer yes
debug.doreallocblks integer yes
debug.doasyncfree integer yes
debug.prtrealloc integer yes
hw.machine string no
hw.model string no
hw.ncpu integer no
hw.byteorder integer no
hw.physmem integer no
hw.usermem integer no
hw.pagesize integer no
hw.diskstats struct no
hw.disknames string no
hw.diskcount integer no
hw.sensors struct no
hw.cpuspeed integer no
hw.setperf integer yes
machdep.console_device dev_t no
machdep.unaligned_print integer yes
(alpha only)
machdep.unaligned_fix integer yes
(alpha only)
machdep.unaligned_sigbus integer yes
(alpha only)
machdep.apmwarn integer yes
(i386 only)
machdep.apmhalt integer yes
(i386 only)
machdep.kbdreset integer yes
(i386 only)
machdep.userldt integer yes
(i386 only)
machdep.osxsfr integer no
(i386 only)
machdep.sse integer no
(i386 only)
machdep.sse2 integer no
(i386 only)
machdep.xcrypt integer no
(i386 only)
machdep.allowaperture integer yes
(XFree86)
machdep.led_blink integer yes
(sparc/sparc64)
machdep.ceccerrs integer no
(sparc64)
machdep.cecclast quad no
(sparc64)
user.cs_path string no
user.bc_base_max integer no
user.bc_dim_max integer no
user.bc_scale_max integer no
user.bc_string_max integer no
user.coll_weights_max integer no
user.expr_nest_max integer no
user.line_max integer no
user.re_dup_max integer no
user.posix2_version integer no
user.posix2_c_bind integer no
user.posix2_c_dev integer no
user.posix2_char_term integer no
user.posix2_fort_dev integer no
user.posix2_fort_run integer no
user.posix2_localedef integer no
user.posix2_sw_dev integer no
user.posix2_upe integer no
user.stream_max integer no
user.tzname_max integer no
ddb.radix integer yes
ddb.max_width integer yes
ddb.max_line integer yes
ddb.tab_stop_width integer yes
ddb.panic integer yes
ddb.console integer yes
ddb.log integer yes
vfs.mounts.* struct no
vfs.ffs.doclusterread integer yes
vfs.ffs.doclusterwrite integer yes
vfs.ffs.doreallocblks integer yes
vfs.ffs.doasyncfree integer yes
vfs.ffs.max_softdeps integer yes
vfs.ffs.sd_tickdelay integer yes
vfs.ffs.sd_worklist_push integer no
vfs.ffs.sd_blk_limit_push integer no
vfs.ffs.sd_ino_limit_push integer no
vfs.ffs.sd_blk_limit_hit integer no
vfs.ffs.sd_ino_limit_hit integer no
vfs.ffs.sd_sync_limit_hit integer no
vfs.ffs.sd_indir_blk_ptrs integer no
vfs.ffs.sd_inode_bitmap integer no
vfs.ffs.sd_direct_blk_ptrs integer no
vfs.ffs.sd_dir_entry integer no
vfs.ffs.dirhash_dirsize integer yes
vfs.ffs.dirhash_maxmem integer yes
vfs.ffs.dirhash_mem integer no
vfs.nfs.iothreads integer yes
The sysctl program can get or set debugging variables that
have been
identified for its display. This information can be obtained by using
the command:
$ sysctl debug
In addition, sysctl can extract information about the
filesystems that
have been compiled into the running system. This information can be obtained
by using the command:
$ sysctl vfs.mounts
By default, only filesystems that are actively being used
are listed.
Use of the -A flag lists all the filesystems compiled into
the running
kernel.
<sys/sysctl.h> definitions for top level identifiers, second
level kernel and hardware identifiers, and user
level identifiers
<dev/rndvar.h> definitions for random(4) device's
statistics
structure
<sys/socket.h> definitions for second level network identifiers
<sys/gmon.h> definitions for third level profiling identifiers
<uvm/uvm_param.h> definitions for second level virtual memory
identifiers
<uvm/uvm_swap_encrypt.h> definitions for third level virtual memory
identifiers
<netinet/in.h> definitions for third level
IPv4/v6 identifiers
and fourth level IPv4/v6 identifiers
<netinet/icmp_var.h> definitions for fourth level ICMP
identifiers
<netinet6/icmp6.h> definitions for fourth level ICMPv6 identifiers
<netinet/tcp_var.h> definitions for fourth level TCP
identifiers
<netinet/udp_var.h> definitions for fourth level UDP
identifiers
<netipx/ipx_var.h> definitions for third level IPX
identifiers and
fourth level IPX identifiers
<ddb/db_var.h> definitions for second level ddb
identifiers
<sys/mount.h> definitions for second level vfs
identifiers
<nfs/nfs.h> definitions for third level NFS
identifiers
<ufs/ffs/ffs_extern.h> definitions for third level FFS
identifiers
To retrieve the maximum number of processes allowed in the
system:
$ sysctl kern.maxproc
To set the maximum number of processes allowed in the system
to 1000:
# sysctl kern.maxproc=1000
To retrieve information about the system clock rate:
$ sysctl kern.clockrate
To retrieve information about the load average history:
$ sysctl vm.loadavg
To make the chown(2) system call use traditional BSD semantics (don't
clear setuid/setgid bits):
# sysctl fs.posix.setuid=0
To set the list of reserved TCP ports that should not be allocated by the
kernel dynamically:
# sysctl net.inet.tcp.baddynamic=749,750,751,760,761,871
This can be used to keep daemons from stealing a specific
port that another
program needs to function. List elements may be separated by commas
and/or whitespace.
It is also possible to add or remove ports from the current
list:
# sysctl net.inet.tcp.baddynamic=+748
# sysctl net.inet.tcp.baddynamic=-871
To adjust the number of kernel nfsio threads used to service
asynchronous
I/O requests on an NFS client machine:
# sysctl vfs.nfs.iothreads=4
The number of 4 is the default, 20 is the maximum. See nfssvc(2) and
nfsd(8) for further discussion.
To set the amount of shared memory available in the system
and the maximum
number of shared memory segments:
# sysctl kern.shminfo.shmmax=33554432
# sysctl kern.shminfo.shmseg=32
sysctl(3), sysctl.conf(5)
sysctl first appeared in 4.4BSD.
OpenBSD 3.6 December 18, 2002
[ Back ] | 