HardenedBSD/stand/defaults/loader.conf
Warner Losh 71dcf98ddf Properly backout r362998
Correct a small mistake in r363060's backaout of r362998 by reverse-applying
r362998 by hand to loader.conf.

Differential Revision: https://reviews.freebsd.org/D25606
2020-07-10 00:24:06 +00:00

177 lines
8.8 KiB
Plaintext

# This is loader.conf - a file full of useful variables that you can
# set to change the default load behavior of your system. You should
# not edit this file! Put any overrides into one of the
# loader_conf_files instead and you will be able to update these
# defaults later without spamming your local configuration information.
#
# All arguments must be in double quotes.
#
# $FreeBSD$
### Basic configuration options ############################
exec="echo Loading /boot/defaults/loader.conf"
kernel="kernel" # /boot sub-directory containing kernel and modules
bootfile="kernel" # Kernel name (possibly absolute path)
kernel_options="" # Flags to be passed to the kernel
loader_conf_files="/boot/device.hints /boot/loader.conf /boot/loader.conf.local"
nextboot_conf="/boot/nextboot.conf"
nextboot_enable="NO"
verbose_loading="NO" # Set to YES for verbose loader output
### Splash screen configuration ############################
splash_bmp_load="NO" # Set this to YES for bmp splash screen!
splash_pcx_load="NO" # Set this to YES for pcx splash screen!
splash_txt_load="NO" # Set this to YES for TheDraw splash screen!
vesa_load="NO" # Set this to YES to load the vesa module
bitmap_load="NO" # Set this to YES if you want splash screen!
bitmap_name="splash.bmp" # Set this to the name of the file
bitmap_type="splash_image_data" # and place it on the module_path
### Screen saver modules ###################################
# This is best done in rc.conf
screensave_load="NO" # Set to YES to load a screensaver module
screensave_name="green_saver" # Set to the name of the screensaver module
### Early hostid configuration ############################
hostuuid_load="YES"
hostuuid_name="/etc/hostid"
hostuuid_type="hostuuid"
### Random number generator configuration ##################
# See rc.conf(5). The entropy_boot_file config variable must agree with the
# settings below.
entropy_cache_load="YES" # Set this to NO to disable loading
# entropy at boot time
entropy_cache_name="/boot/entropy" # Set this to the name of the file
entropy_cache_type="boot_entropy_cache" # Required for the kernel to find
# the boot-time entropy cache. This
# must not change value even if the
# _name above does change!
### RAM Blacklist configuration ############################
ram_blacklist_load="NO" # Set this to YES to load a file
# containing a list of addresses to
# exclude from the running system.
ram_blacklist_name="/boot/blacklist.txt" # Set this to the name of the file
ram_blacklist_type="ram_blacklist" # Required for the kernel to find
# the blacklist module
### Microcode loading configuration ########################
cpu_microcode_load="NO" # Set this to YES to load and apply a
# microcode update file during boot.
cpu_microcode_name="/boot/firmware/ucode.bin" # Set this to the microcode
# update file path.
cpu_microcode_type="cpu_microcode" # Required for the kernel to find
# the microcode update file.
### ACPI settings ##########################################
acpi_dsdt_load="NO" # DSDT Overriding
acpi_dsdt_type="acpi_dsdt" # Don't change this
acpi_dsdt_name="/boot/acpi_dsdt.aml"
# Override DSDT in BIOS by this file
acpi_video_load="NO" # Load the ACPI video extension driver
### Audit settings #########################################
audit_event_load="NO" # Preload audit_event config
audit_event_name="/etc/security/audit_event"
audit_event_type="etc_security_audit_event"
### Initial memory disk settings ###########################
#mdroot_load="YES" # The "mdroot" prefix is arbitrary.
#mdroot_type="md_image" # Create md(4) disk at boot.
#mdroot_name="/boot/root.img" # Path to a file containing the image.
#rootdev="ufs:/dev/md0" # Set the root filesystem to md(4) device.
### Loader settings ########################################
#loader_delay="3" # Delay in seconds before loading anything.
# Default is unset and disabled (no delay).
#autoboot_delay="10" # Delay in seconds before autobooting,
# -1 for no user interrupts, NO to disable
#password="" # Prevent changes to boot options
#bootlock_password="" # Prevent booting (see check-password.4th(8))
#geom_eli_passphrase_prompt="NO" # Prompt for geli(8) passphrase to mount root
bootenv_autolist="YES" # Auto populate the list of ZFS Boot Environments
#beastie_disable="NO" # Turn the beastie boot menu on and off
efi_max_resolution="1x1" # Set the max resolution for EFI loader to use:
# 480p, 720p, 1080p, 2160p/4k, 5k, or specify
# WidthxHeight (e.g. 1920x1080)
#kernels="kernel kernel.old" # Kernels to display in the boot menu
kernels_autodetect="YES" # Auto-detect kernel directories in /boot
#loader_logo="orbbw" # Desired logo: orbbw, orb, fbsdbw, beastiebw, beastie, none
#comconsole_speed="9600" # Set the current serial console speed
#console="vidconsole" # A comma separated list of console(s)
#currdev="disk1s1a" # Set the current device
module_path="/boot/modules;/boot/dtb;/boot/dtb/overlays" # Set the module search path
module_blacklist="drm drm2 radeonkms i915kms amdgpu" # Loader module blacklist
#prompt="\\${interpret}" # Set the command prompt
#root_disk_unit="0" # Force the root disk unit number
#rootdev="disk1s1a" # Set the root filesystem
#dumpdev="disk1s1b" # Set a dump device early in the boot process
#tftp.blksize="1428" # Set the RFC 2348 TFTP block size.
# If the TFTP server does not support RFC 2348,
# the block size is set to 512. Valid: (8,9007)
#twiddle_divisor="1" # >1 means slow down the progress indicator.
### Kernel settings ########################################
# The following boot_ variables are enabled by setting them to any value.
# Their presence in the kernel environment (see kenv(1)) has the same
# effect as setting the given boot flag (see boot(8)).
#boot_askname="" # -a: Prompt the user for the name of the root device
#boot_cdrom="" # -C: Attempt to mount root file system from CD-ROM
#boot_ddb="" # -d: Instructs the kernel to start in the DDB debugger
#boot_dfltroot="" # -r: Use the statically configured root file system
#boot_gdb="" # -g: Selects gdb-remote mode for the kernel debugger
#boot_multicons="" # -D: Use multiple consoles
#boot_mute="" # -m: Mute the console
#boot_pause="" # -p: Pause after each line during device probing
#boot_serial="" # -h: Use serial console
#boot_single="" # -s: Start system in single-user mode
#boot_verbose="" # -v: Causes extra debugging information to be printed
#init_path="/sbin/init:/sbin/oinit:/sbin/init.bak:/rescue/init"
# Sets the list of init candidates
#init_shell="/bin/sh" # The shell binary used by init(8).
#init_script="" # Initial script to run by init(8) before chrooting.
#init_chroot="" # Directory for init(8) to chroot into.
### Kernel tunables ########################################
#hw.physmem="1G" # Limit physical memory. See loader(8)
#kern.dfldsiz="" # Set the initial data size limit
#kern.dflssiz="" # Set the initial stack size limit
#kern.hz="100" # Set the kernel interval timer rate
#kern.maxbcache="" # Set the max buffer cache KVA storage
#kern.maxdsiz="" # Set the max data size
#kern.maxfiles="" # Set the sys. wide open files limit
#kern.maxproc="" # Set the maximum # of processes
#kern.maxssiz="" # Set the max stack size
#kern.maxswzone="" # Set the max swmeta KVA storage
#kern.maxtsiz="" # Set the max text size
#kern.maxusers="32" # Set size of various static tables
#kern.msgbufsize="65536" # Set size of kernel message buffer
#kern.nbuf="" # Set the number of buffer headers
#kern.ncallout="" # Set the maximum # of timer events
#kern.ngroups="1023" # Set the maximum # of supplemental groups
#kern.sgrowsiz="" # Set the amount to grow stack
#kern.cam.boot_delay="10000" # Delay (in ms) of root mount for CAM bus
# registration, useful for USB sticks as root
#kern.cam.scsi_delay="2000" # Delay (in ms) before probing SCSI
#kern.ipc.maxsockets="" # Set the maximum number of sockets available
#kern.ipc.nmbclusters="" # Set the number of mbuf clusters
#kern.ipc.nsfbufs="" # Set the number of sendfile(2) bufs
#net.inet.tcp.tcbhashsize="" # Set the value of TCBHASHSIZE
#vfs.root.mountfrom="" # Specify root partition
#vm.kmem_size="" # Sets the size of kernel memory (bytes)
#debug.kdb.break_to_debugger="0" # Allow console to break into debugger.
#debug.ktr.cpumask="0xf" # Bitmask of CPUs to enable KTR on
#debug.ktr.mask="0x1200" # Bitmask of KTR events to enable
#debug.ktr.verbose="1" # Enable console dump of KTR events
### Module loading syntax example ##########################
#module_load="YES" # loads module "module"
#module_name="realname" # uses "realname" instead of "module"
#module_type="type" # passes "-t type" to load
#module_flags="flags" # passes "flags" to the module
#module_before="cmd" # executes "cmd" before loading the module
#module_after="cmd" # executes "cmd" after loading the module
#module_error="cmd" # executes "cmd" if load fails