9.6. The Configuration File

9.6. The Configuration File
Prev	Chapter 9. Configuring the FreeBSD Kernel	Next

Updated by Joel Dahl.

The general format of a configuration file is quite simple. Each line contains a keyword and one or more arguments. For simplicity, most lines only contain one argument. Anything following a # is considered a comment and ignored. The following sections describe each keyword, in the order they are listed in GENERIC. For an exhaustive list of architecture dependent options and devices, refer to NOTES in the same directory as GENERIC for that architecture. For architecture independent options, refer to /usr/src/sys/conf/NOTES.

An include directive is available for use in configuration files. This allows another configuration file to be included in the current one, making it easy to maintain small changes relative to an existing file. For example, if only a small number of additional options or drivers are required, this allows a delta to be maintained with respect to GENERIC:

include GENERIC ident MYKERNEL options IPFIREWALL options DUMMYNET options IPFIREWALL_DEFAULT_TO_ACCEPT options IPDIVERT

Using this method, the local configuration file expresses local differences from a GENERIC kernel. As upgrades are performed, new features added to GENERIC will be also be added to the local kernel unless they are specifically prevented using nooptions or nodevice. A comprehensive list of configuration directives and their descriptions may be found in config(5).

The remainder of this chapter addresses the contents of a typical configuration file and the role various options and devices play.

Note:

To build a file which contains all available options, run the following command as root:

# cd /usr/src/sys/i386/conf && make LINT

The following is an example of the GENERIC kernel configuration file with various additional comments where needed for clarity. This example should match the copy in /usr/src/sys/i386/conf/GENERIC fairly closely.

machine i386

This is the machine architecture. It must be either amd64, i386, ia64, pc98, powerpc, or sparc64.

cpu I486_CPU cpu I586_CPU cpu I686_CPU

This option specifies the type of CPU. It is fine to have multiple instances of the CPU entries, but for a custom kernel it is best to specify the CPU. To determine the CPU type, review the boot messages in /var/run/dmesg.boot.

ident GENERIC

This is the identification of the kernel. Change this to the new kernel name, such as MYKERNEL. The value in the ident string will print when the kernel boots.

#To statically compile in device wiring instead of /boot/device.hints #hints "GENERIC.hints" # Default places to look for devices.

device.hints(5) is used to configure options for device drivers. The default location is /boot/device.hints. The hints option compiles these hints statically into the kernel so that there is no need to create /boot/device.hints.

makeoptions DEBUG=-g # Build kernel with gdb(1) debug symbols

This option enables debugging information when passed to gcc(1).

options SCHED_ULE # ULE scheduler

The default system scheduler for FreeBSD. Keep this.

options PREEMPTION # Enable kernel thread preemption

Allows kernel threads to be preempted by higher priority threads. This helps with interactivity and allows interrupt threads to run sooner rather than waiting.

options INET # InterNETworking

Networking support. This is mandatory as most programs require at least loopback networking.

options INET6 # IPv6 communications protocols

This enables the IPv6 communication protocols.

options FFS # Berkeley Fast Filesystem

This is the basic hard drive file system. Leave it in if the system boots from the hard disk.

options SOFTUPDATES # Enable FFS Soft Updates support

This option enables Soft Updates in the kernel which helps to speed up write access on the disks. Even when this functionality is provided by the kernel, it must be turned on for specific disks. Review the output of mount(8) to determine if Soft Updates is enabled. If the soft-updates option is not in the output, it can be activated using tunefs(8) for existing file systems or newfs(8) for new file systems.

options UFS_ACL # Support for access control lists

This option enables kernel support for access control lists (ACLs). This relies on the use of extended attributes and UFS2, and the feature is described in detail in Section 15.11, “Filesystem Access Control Lists (ACL)s”. ACLs are enabled by default and should not be disabled in the kernel if they have been used previously on a file system, as this will remove the ACLs, changing the way files are protected in unpredictable ways.

options UFS_DIRHASH # Improve performance on big directories

This option includes functionality to speed up disk operations on large directories, at the expense of using additional memory. Keep this for a large server or interactive workstation, and remove it from smaller systems where memory is at a premium and disk access speed is less important, such as a firewall.

options MD_ROOT # MD is a potential root device

This option enables support for a memory backed virtual disk used as a root device.

options NFSCLIENT # Network Filesystem Client options NFSSERVER # Network Filesystem Server options NFS_ROOT # NFS usable as /, requires NFSCLIENT

The network file system (NFS). These lines can be commented unless the system needs to mount partitions from a NFS file server over TCP/IP.

options MSDOSFS # MSDOS Filesystem

The MS-DOS® file system. Unless the system needs to mount a DOS formatted hard drive partition at boot time, comment this out. It will be automatically loaded the first time a DOS partition is mounted. The emulators/mtools package allows access to DOS floppies without having to mount and unmount them and does not require MSDOSFS.

options CD9660 # ISO 9660 Filesystem

The ISO 9660 file system for CDROMs. Comment it out if the system does not have a CDROM drive or only mounts data CDs occasionally since it will be dynamically loaded the first time a data CD is mounted. Audio CDs do not need this file system.

options PROCFS # Process filesystem (requires PSEUDOFS)

The process file system. This is a “pretend” file system mounted on /proc which allows some programs to provide more information on what processes are running. Use of PROCFS is not required under most circumstances, as most debugging and monitoring tools have been adapted to run without PROCFS. The default installation will not mount this file system by default.

options PSEUDOFS # Pseudo-filesystem framework

Kernels making use of PROCFS must also include support for PSEUDOFS.

options GEOM_PART_GPT # GUID Partition Tables.

Adds support for GUID Partition Tables (GPT). GPT provides the ability to have a large number of partitions per disk, 128 in the standard configuration.

options COMPAT_43 # Compatible with BSD 4.3 [KEEP THIS!]

Compatibility with 4.3BSD. Leave this in as some programs will act strangely if this is commented out.

options COMPAT_FREEBSD4 # Compatible with FreeBSD4

This option is required to support applications compiled on older versions of FreeBSD that use older system call interfaces. It is recommended that this option be used on all i386™ systems that may run older applications. Platforms that gained support after FreeBSD 4.X, such as ia64 and SPARC64®, do not require this option.

options COMPAT_FREEBSD5 # Compatible with FreeBSD5

This option is required to support applications compiled on FreeBSD 5.X versions that use FreeBSD 5.X system call interfaces.

options COMPAT_FREEBSD6 # Compatible with FreeBSD6

This option is required to support applications compiled on FreeBSD 6.X versions that use FreeBSD 6.X system call interfaces.

options COMPAT_FREEBSD7 # Compatible with FreeBSD7

This option is required on FreeBSD 8 and above to support applications compiled on FreeBSD 7.X versions that use FreeBSD 7.X system call interfaces.

options SCSI_DELAY=5000 # Delay (in ms) before probing SCSI

This causes the kernel to pause for 5 seconds before probing each SCSI device in the system. If the system only has IDE hard drives, ignore this or lower the number to speed up booting. However, if FreeBSD has trouble recognizing the SCSI devices, the number will have to be raised again.

options KTRACE # ktrace(1) support

This enables kernel process tracing, which is useful in debugging.

options SYSVSHM # SYSV-style shared memory

This option provides for System V shared memory. The most common use of this is the XSHM extension in X, which many graphics-intensive programs will automatically take advantage of for extra speed. If Xorg is installed, include this.

options SYSVMSG # SYSV-style message queues

Support for System V messages. This option only adds a few hundred bytes to the kernel.

options SYSVSEM # SYSV-style semaphores

Support for System V semaphores. Less commonly used, but only adds a few hundred bytes to the kernel.

Note:

Using -p with ipcs(1) will list any processes using each of these System V facilities.

options _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions

Real-time extensions added in the 1993 POSIX®. Certain applications in the Ports Collection use these.

options KBD_INSTALL_CDEV # install a CDEV entry in /dev

This option is required to allow the creation of keyboard device nodes in /dev.

device apic # I/O APIC

This device enables the use of the I/O APIC for interrupt delivery. It can be used in both uni-processor and SMP kernels, but is required for SMP kernels. Add options SMP to include support for multiple processors.

Note:

This device exists only on the i386 architecture and this configuration line should not be used on other architectures.

device eisa

Include this for systems with an EISA motherboard. This enables auto-detection and configuration support for all devices on the EISA bus.

device pci

Include this for systems with a PCI motherboard. This enables auto-detection of PCI cards and gatewaying from the PCI to ISA bus.

# Floppy drives device fdc

This is the floppy drive controller.

# ATA and ATAPI devices device ata

This driver supports all ATA and ATAPI devices. Only one device ata line is needed for the kernel to detect all PCI ATA/ATAPI devices on modern machines.

device atadisk # ATA disk drives

This is needed along with device ata for ATA disk drives.

device ataraid # ATA RAID drives

This is needed along with device ata for ATA RAID drives.

device atapicd # ATAPI CDROM drives

This is needed along with device ata for ATAPI CDROM drives.

device atapifd # ATAPI floppy drives

This is needed along with device ata for ATAPI floppy drives.

device atapist # ATAPI tape drives

This is needed along with device ata for ATAPI tape drives.

options ATA_STATIC_ID # Static device numbering

This makes the controller number static. Without this, the device numbers are dynamically allocated.

# SCSI Controllers device ahb # EISA AHA1742 family device ahc # AHA2940 and onboard AIC7xxx devices options AHC_REG_PRETTY_PRINT # Print register bitfields in debug # output. Adds ~128k to driver. device ahd # AHA39320/29320 and onboard AIC79xx devices options AHD_REG_PRETTY_PRINT # Print register bitfields in debug # output. Adds ~215k to driver. device amd # AMD 53C974 (Teckram DC-390(T)) device isp # Qlogic family #device ispfw # Firmware for QLogic HBAs- normally a module device mpt # LSI-Logic MPT-Fusion #device ncr # NCR/Symbios Logic device sym # NCR/Symbios Logic (newer chipsets + those of `ncr') device trm # Tekram DC395U/UW/F DC315U adapters device adv # Advansys SCSI adapters device adw # Advansys wide SCSI adapters device aha # Adaptec 154x SCSI adapters device aic # Adaptec 15[012]x SCSI adapters, AIC-6[23]60. device bt # Buslogic/Mylex MultiMaster SCSI adapters device ncv # NCR 53C500 device nsp # Workbit Ninja SCSI-3 device stg # TMC 18C30/18C50

In this section, comment out any SCSI controllers not on the system. For an IDE only system, these lines can be removed. The *_REG_PRETTY_PRINT lines are debugging options for their respective drivers.

# SCSI peripherals device scbus # SCSI bus (required for SCSI) device ch # SCSI media changers device da # Direct Access (disks) device sa # Sequential Access (tape etc) device cd # CD device pass # Passthrough device (direct SCSI access) device ses # SCSI Environmental Services (and SAF-TE)

Comment out any SCSI peripherals not on the system. If the system only has IDE hardware, these lines can be removed completely.

Note:

The USB umass(4) driver and a few other drivers use the SCSI subsystem even though they are not real SCSI devices. Do not remove SCSI support if any such drivers are included in the kernel configuration.

# RAID controllers interfaced to the SCSI subsystem device amr # AMI MegaRAID device arcmsr # Areca SATA II RAID device asr # DPT SmartRAID V, VI and Adaptec SCSI RAID device ciss # Compaq Smart RAID 5* device dpt # DPT Smartcache III, IV - See NOTES for options device hptmv # Highpoint RocketRAID 182x device hptrr # Highpoint RocketRAID 17xx, 22xx, 23xx, 25xx device iir # Intel Integrated RAID device ips # IBM (Adaptec) ServeRAID device mly # Mylex AcceleRAID/eXtremeRAID device twa # 3ware 9000 series PATA/SATA RAID # RAID controllers device aac # Adaptec FSA RAID device aacp # SCSI passthrough for aac (requires CAM) device ida # Compaq Smart RAID device mfi # LSI MegaRAID SAS device mlx # Mylex DAC960 family device pst # Promise Supertrak SX6000 device twe # 3ware ATA RAID

Supported RAID controllers. If the system does not have any of these, comment them out or remove them.

# atkbdc0 controls both the keyboard and the PS/2 mouse device atkbdc # AT keyboard controller

The atkbdc keyboard controller provides I/O services for the AT keyboard and PS/2 style pointing devices. This controller is required by atkbd(4) and psm(4).

device atkbd # AT keyboard

The atkbd(4) driver, together with the atkbdc(4) controller, provides access to the AT 84 keyboard or the AT enhanced keyboard which is connected to the AT keyboard controller.

device psm # PS/2 mouse

Use this device if the mouse plugs into the PS/2 mouse port.

device kbdmux # keyboard multiplexer

Basic support for keyboard multiplexing. If the system does not use more than one keyboard, this line can be safely removed.

device vga # VGA video card driver

The vga(4) video card driver.

device splash # Splash screen and screen saver support

Required by the boot splash screen and screen savers.

# syscons is the default console driver, resembling an SCO console device sc

sc(4) is the default console driver and resembles a SCO console. Since most full-screen programs access the console through a terminal database library like termcap, it should not matter whether this or vt, the VT220 compatible console driver, is used. When a user logs in, the TERM variable can be set to scoansi if full-screen programs have trouble running under this console.

# Enable this for the pcvt (VT220 compatible) console driver #device vt #options XSERVER # support for X server on a vt console #options FAT_CURSOR # start with block cursor

This is a VT220-compatible console driver, backward compatible to VT100/102. It works well on some laptops which have hardware incompatibilities with sc. Users may need to set TERM to vt100 or vt220 after login. This driver is useful when connecting to a large number of different machines over the network, where termcap or terminfo entries for the sc device are not available as vt100 should be available on virtually any platform.

device agp

Include this if the system has an AGP card. This will enable support for AGP and AGP GART for boards which have these features.

# Add suspend/resume support for the i8254. device pmtimer

Timer device driver for power management events, such as APM and ACPI.

# PCCARD (PCMCIA) support # PCMCIA and cardbus bridge support device cbb # cardbus (yenta) bridge device pccard # PC Card (16-bit) bus device cardbus # CardBus (32-bit) bus

PCMCIA support. Keep this on laptop systems.

# Serial (COM) ports device sio # 8250, 16[45]50 based serial ports

These are the serial ports referred to as COM ports in Windows®.

Note:

If the system has an internal modem on COM4 and a serial port at COM2, change the IRQ of the modem to 2. For a multiport serial card, refer to sio(4) for more information on the proper values to add to /boot/device.hints. Some video cards, notably those based on S3 chips, use I/O addresses in the form of 0x*2e8. Since many cheap serial cards do not fully decode the 16-bit I/O address space, they clash with these cards, making the COM4 port practically unavailable.

Each serial port is required to have a unique IRQ and the default IRQs for COM3 and COM4 cannot be used. The exception is multiport cards where shared interrupts are supported.

# Parallel port device ppc

This is the ISA bus parallel port interface.

device ppbus # Parallel port bus (required)

Provides support for the parallel port bus.

device lpt # Printer

Adds support for parallel port printers.

Note:

All three of the above are required to enable parallel printer support.

device ppi # Parallel port interface device

The general-purpose I/O (“geek port”) + IEEE1284 I/O.

#device vpo # Requires scbus and da

This is for an Iomega Zip drive. It requires scbus and da support. Best performance is achieved with ports in EPP 1.9 mode.

#device puc

Uncomment this device if the system has a “dumb” serial or parallel PCI card that is supported by the puc(4) glue driver.

# PCI Ethernet NICs. device de # DEC/Intel DC21x4x (“Tulip”) device em # Intel PRO/1000 adapter Gigabit Ethernet Card device ixgb # Intel PRO/10GbE Ethernet Card device txp # 3Com 3cR990 (“Typhoon”) device vx # 3Com 3c590, 3c595 (“Vortex”)

Various PCI network card drivers. Comment out or remove any of these which are not present in the system.

# PCI Ethernet NICs that use the common MII bus controller code. # NOTE: Be sure to keep the 'device miibus' line in order to use these NICs! device miibus # MII bus support

MII bus support is required for some PCI 10/100 Ethernet NICs, namely those which use MII-compliant transceivers or implement transceiver control interfaces that operate like an MII. Adding device miibus to the kernel config pulls in support for the generic miibus API and all of the PHY drivers, including a generic one for PHYs that are not specifically handled by an individual driver.

device bce # Broadcom BCM5706/BCM5708 Gigabit Ethernet device bfe # Broadcom BCM440x 10/100 Ethernet device bge # Broadcom BCM570xx Gigabit Ethernet device dc # DEC/Intel 21143 and various workalikes device fxp # Intel EtherExpress PRO/100B (82557, 82558) device lge # Level 1 LXT1001 gigabit ethernet device msk # Marvell/SysKonnect Yukon II Gigabit Ethernet device nge # NatSemi DP83820 gigabit ethernet device nve # nVidia nForce MCP on-board Ethernet Networking device pcn # AMD Am79C97x PCI 10/100 (precedence over 'lnc') device re # RealTek 8139C+/8169/8169S/8110S device rl # RealTek 8129/8139 device sf # Adaptec AIC-6915 (“Starfire”) device sis # Silicon Integrated Systems SiS 900/SiS 7016 device sk # SysKonnect SK-984x & SK-982x gigabit Ethernet device ste # Sundance ST201 (D-Link DFE-550TX) device stge # Sundance/Tamarack TC9021 gigabit Ethernet device ti # Alteon Networks Tigon I/II gigabit Ethernet device tl # Texas Instruments ThunderLAN device tx # SMC EtherPower II (83c170 “EPIC”) device vge # VIA VT612x gigabit ethernet device vr # VIA Rhine, Rhine II device wb # Winbond W89C840F device xl # 3Com 3c90x (“Boomerang”, “Cyclone”)

Drivers that use the MII bus controller code.

# ISA Ethernet NICs. pccard NICs included. device cs # Crystal Semiconductor CS89x0 NIC # 'device ed' requires 'device miibus' device ed # NE[12]000, SMC Ultra, 3c503, DS8390 cards device ex # Intel EtherExpress Pro/10 and Pro/10+ device ep # Etherlink III based cards device fe # Fujitsu MB8696x based cards device ie # EtherExpress 8/16, 3C507, StarLAN 10 etc. device lnc # NE2100, NE32-VL Lance Ethernet cards device sn # SMC's 9000 series of Ethernet chips device xe # Xircom pccard Ethernet # ISA devices that use the old ISA shims #device le

ISA Ethernet drivers. See /usr/src/sys/i386/conf/NOTES for details of which cards are supported by which driver.

# Wireless NIC cards device wlan # 802.11 support

Generic 802.11 support. This line is required for wireless networking.

device wlan_wep # 802.11 WEP support device wlan_ccmp # 802.11 CCMP support device wlan_tkip # 802.11 TKIP support

Crypto support for 802.11 devices. These lines are needed on systems which use encryption and 802.11i security protocols.

device an # Aironet 4500/4800 802.11 wireless NICs. device ath # Atheros pci/cardbus NIC's device ath_hal # Atheros HAL (Hardware Access Layer) device ath_rate_sample # SampleRate tx rate control for ath device awi # BayStack 660 and others device ral # Ralink Technology RT2500 wireless NICs. device wi # WaveLAN/Intersil/Symbol 802.11 wireless NICs. #device wl # Older non 802.11 Wavelan wireless NIC.

Support for various wireless cards.

# Pseudo devices device loop # Network loopback

This is the generic loopback device for TCP/IP. This is mandatory.

device random # Entropy device

Cryptographically secure random number generator.

device ether # Ethernet support

ether is only needed if the system has an Ethernet card. It includes generic Ethernet protocol code.

device sl # Kernel SLIP

sl provides SLIP support. This has been almost entirely supplanted by PPP, which is easier to set up, better suited for modem-to-modem connection, and more powerful.

device ppp # Kernel PPP

This is for kernel PPP support for dial-up connections. There is also a version of PPP implemented as a userland application that uses tun and offers more flexibility and features such as demand dialing.

device tun # Packet tunnel.

This is used by the userland PPP software. See the PPP section of the Handbook for more information.

device pty # Pseudo-ttys (telnet etc)

This is a “pseudo-terminal” or simulated login port. It is used by incoming telnet and rlogin sessions, xterm, and some other applications such as Emacs.

device md # Memory “disks”

Memory disk pseudo-devices.

device gif # IPv6 and IPv4 tunneling

This implements IPv6 over IPv4 tunneling, IPv4 over IPv6 tunneling, IPv4 over IPv4 tunneling, and IPv6 over IPv6 tunneling. The gif device is “auto-cloning”, and will create device nodes as needed.

device faith # IPv6-to-IPv4 relaying (translation)

This pseudo-device captures packets that are sent to it and diverts them to the IPv4/IPv6 translation daemon.

# The `bpf' device enables the Berkeley Packet Filter. # Be aware of the administrative consequences of enabling this! # Note that 'bpf' is required for DHCP. device bpf # Berkeley packet filter

The Berkeley Packet Filter pseudo-device allows network interfaces to be placed in promiscuous mode, capturing every packet on a broadcast network such as an Ethernet network. These packets can be captured to disk and or examined using tcpdump(1).

Note:

The bpf(4) device is also used by dhclient(8). If DHCP is used, leave this uncommented.

# USB support device uhci # UHCI PCI->USB interface device ohci # OHCI PCI->USB interface device ehci # EHCI PCI->USB interface (USB 2.0) device usb # USB Bus (required) #device udbp # USB Double Bulk Pipe devices device ugen # Generic device uhid # “Human Interface Devices” device ukbd # Keyboard device ulpt # Printer device umass # Disks/Mass storage - Requires scbus and da device ums # Mouse device ural # Ralink Technology RT2500USB wireless NICs device urio # Diamond Rio 500 MP3 player device uscanner # Scanners # USB Ethernet, requires mii device aue # ADMtek USB Ethernet device axe # ASIX Electronics USB Ethernet device cdce # Generic USB over Ethernet device cue # CATC USB Ethernet device kue # Kawasaki LSI USB Ethernet device rue # RealTek RTL8150 USB Ethernet

Support for various USB devices.

# FireWire support device firewire # FireWire bus code device sbp # SCSI over FireWire (Requires scbus and da) device fwe # Ethernet over FireWire (non-standard!)

Support for various Firewire devices.

For more information and additional devices supported by FreeBSD, see /usr/src/sys/i386/conf/NOTES.

9.6.1. Large Memory Configurations (PAE)

Large memory configuration machines require access to more than the 4 gigabyte limit on User+Kernel Virtual Address (KVA) space. Due to this limitation, Intel added support for 36-bit physical address space access in the Pentium® Pro and later line of CPUs.

The Physical Address Extension (PAE) capability of the Intel® Pentium® Pro and later CPUs allows memory configurations of up to 64 gigabytes. FreeBSD provides support for this capability via the PAE kernel configuration option, available in all current release versions of FreeBSD. Due to the limitations of the Intel memory architecture, no distinction is made for memory above or below 4 gigabytes. Memory allocated above 4 gigabytes is simply added to the pool of available memory.

To enable PAE support in the kernel, add the following line to the kernel configuration file:

options PAE

Note:

The PAE support in FreeBSD is only available for Intel® IA-32 processors. It should also be noted that the PAE support in FreeBSD has not received wide testing, and should be considered beta quality compared to other stable features of FreeBSD.

PAE support in FreeBSD has a few limitations:

A process is not able to access more than 4 gigabytes of virtual memory space.
Device drivers that do not use the bus_dma(9) interface will cause data corruption in a PAE enabled kernel and are not recommended for use. For this reason, a PAE kernel configuration file is provided in FreeBSD which excludes all drivers not known to work in a PAE enabled kernel.
Some system tunables determine memory resource usage by the amount of available physical memory. Such tunables can unnecessarily over-allocate due to the large memory nature of a PAE system. One such example is the kern.maxvnodes sysctl, which controls the maximum number of vnodes allowed in the kernel. It is advised to adjust this and other such tunables to a reasonable value.
It might be necessary to increase the kernel virtual address (KVA) space or to reduce the amount of specific kernel resource that is heavily used in order to avoid KVA exhaustion. The KVA_PAGES kernel option can be used for increasing the KVA space.

For performance and stability concerns, it is advised to consult tuning(7). pae(4) contains up-to-date information on FreeBSD's PAE support.

Prev	Up	Next
9.5. Building and Installing a Custom Kernel	Home	9.7. If Something Goes Wrong