|
 |
|
| |
|
|
Red Hat Enterprise Linux 9 Essentials Book now available.
Purchase a copy of Red Hat Enterprise Linux 9 (RHEL 9) Essentials Red Hat Enterprise Linux 9 Essentials Print and eBook (PDF) editions contain 34 chapters and 298 pages
|
Chapter 18. The sysconfig Directory
This chapter outlines some of the files and directories found in the /etc/sysconfig/ directory, their function, and their contents. The information in this chapter is not intended to be complete, as many of these files have a variety of options that are only used in very specific or rare circumstances.
The actual content of your /etc/sysconfig/ directory depends on the programs you have installed on your machine. To find the name of the package the configuration file belongs to, type the following at a shell prompt:
~]$ yum provides /etc/sysconfig/filename
18.1. Files in the /etc/sysconfig/ Directory
The following sections offer descriptions of files normally found in the /etc/sysconfig/ directory.
18.1.1. /etc/sysconfig/arpwatch
The /etc/sysconfig/arpwatch file is used to pass arguments to the arpwatch daemon at boot time. By default, it contains the following option:
OPTIONS=value-
Additional options to be passed to the arpwatch daemon. For example:
OPTIONS="-u arpwatch -e root -s 'root (Arpwatch)'"
18.1.2. /etc/sysconfig/authconfig
The /etc/sysconfig/authconfig file sets the authorization to be used on the host. By default, it contains the following options:
USEMKHOMEDIR=boolean-
A boolean to enable (yes) or disable (no) creating a home directory for a user on the first login. For example:
USEMKHOMEDIR=no
USEPAMACCESS=boolean-
A boolean to enable (yes) or disable (no) the PAM authentication. For example:
USEPAMACCESS=no
USESSSDAUTH=boolean-
A boolean to enable (yes) or disable (no) the SSSD authentication. For example:
USESSSDAUTH=no
USESHADOW=boolean-
A boolean to enable (yes) or disable (no) shadow passwords. For example:
USESHADOW=yes
USEWINBIND=boolean-
A boolean to enable (yes) or disable (no) using Winbind for user account configuration. For example:
USEWINBIND=no
USEDB=boolean-
A boolean to enable (yes) or disable (no) the FAS authentication. For example:
USEDB=no
USEFPRINTD=boolean-
A boolean to enable (yes) or disable (no) the fingerprint authentication. For example:
USEFPRINTD=yes
FORCESMARTCARD=boolean-
A boolean to enable (yes) or disable (no) enforcing the smart card authentication. For example:
FORCESMARTCARD=no
PASSWDALGORITHM=value-
The password algorithm. The value can be bigcrypt, descrypt, md5, sha256, or sha512. For example:
PASSWDALGORITHM=sha512
USELDAPAUTH=boolean-
A boolean to enable (yes) or disable (no) the LDAP authentication. For example:
USELDAPAUTH=no
USELOCAUTHORIZE=boolean-
A boolean to enable (yes) or disable (no) the local authorization for local users. For example:
USELOCAUTHORIZE=yes
USECRACKLIB=boolean-
A boolean to enable (yes) or disable (no) using the CrackLib. For example:
USECRACKLIB=yes
USEWINBINDAUTH=boolean-
A boolean to enable (yes) or disable (no) the Winbind authentication. For example:
USEWINBINDAUTH=no
USESMARTCARD=boolean-
A boolean to enable (yes) or disable (no) the smart card authentication. For example:
USESMARTCARD=no
USELDAP=boolean-
A boolean to enable (yes) or disable (no) using LDAP for user account configuration. For example:
USELDAP=no
USENIS=boolean-
A boolean to enable (yes) or disable (no) using NIS for user account configuration. For example:
USENIS=no
USEKERBEROS=boolean-
A boolean to enable (yes) or disable (no) the Kerberos authentication. For example:
USEKERBEROS=no
USESYSNETAUTH=boolean-
A boolean to enable (yes) or disable (no) authenticating system accounts with network services. For example:
USESYSNETAUTH=no
USESMBAUTH=boolean-
A boolean to enable (yes) or disable (no) the SMB authentication. For example:
USESMBAUTH=no
USESSSD=boolean-
A boolean to enable (yes) or disable (no) using SSSD for obtaining user information. For example:
USESSSD=no
USEHESIOD=boolean-
A boolean to enable (yes) or disable (no) using the Hesoid name service. For example:
USEHESIOD=no
18.1.3. /etc/sysconfig/autofs
The /etc/sysconfig/autofs file defines custom options for the automatic mounting of devices. This file controls the operation of the automount daemons, which automatically mount file systems when you use them and unmount them after a period of inactivity. File systems can include network file systems, CD-ROM drives, diskettes, and other media.
By default, it contains the following options:
MASTER_MAP_NAME=value-
The default name for the master map. For example:
MASTER_MAP_NAME="auto.master"
TIMEOUT=value-
The default mount timeout. For example:
TIMEOUT=300
NEGATIVE_TIMEOUT=value-
The default negative timeout for unsuccessful mount attempts. For example:
NEGATIVE_TIMEOUT=60
MOUNT_WAIT=value-
The time to wait for a response from mount. For example:
MOUNT_WAIT=-1
UMOUNT_WAIT=value-
The time to wait for a response from umount. For example:
UMOUNT_WAIT=12
BROWSE_MODE=boolean-
A boolean to enable (yes) or disable (no) browsing the maps. For example:
BROWSE_MODE="no"
MOUNT_NFS_DEFAULT_PROTOCOL=value-
The default protocol to be used by mount.nfs. For example:
MOUNT_NFS_DEFAULT_PROTOCOL=4
APPEND_OPTIONS=boolean-
A boolean to enable (yes) or disable (no) appending the global options instead of replacing them. For example:
APPEND_OPTIONS="yes"
LOGGING=value-
The default logging level. The value has to be either none, verbose, or debug. For example:
LOGGING="none"
LDAP_URI=value-
A space-separated list of server URIs in the form of protocol://server
LDAP_URI="ldaps://ldap.example.com/"
LDAP_TIMEOUT=value-
The synchronous API calls timeout. For example:
LDAP_TIMEOUT=-1
LDAP_NETWORK_TIMEOUT=value-
The network response timeout. For example:
LDAP_NETWORK_TIMEOUT=8
SEARCH_BASE=value-
The base Distinguished Name (DN) for the map search. For example:
SEARCH_BASE=""
AUTH_CONF_FILE=value-
The default location of the SASL authentication configuration file. For example:
AUTH_CONF_FILE="/etc/autofs_ldap_auth.conf"
MAP_HASH_TABLE_SIZE=value-
The hash table size for the map cache. For example:
MAP_HASH_TABLE_SIZE=1024
USE_MISC_DEVICE=boolean-
A boolean to enable (yes) or disable (no) using the autofs miscellaneous device. For example:
USE_MISC_DEVICE="yes"
OPTIONS=value-
Additional options to be passed to the LDAP daemon. For example:
OPTIONS=""
18.1.4. /etc/sysconfig/clock
The /etc/sysconfig/clock file controls the interpretation of values read from the system hardware clock. It is used by the Date/Time Properties tool, and should not be edited by hand. By default, it contains the following option:
ZONE=value-
The time zone file under /usr/share/zoneinfo that /etc/localtime is a copy of. For example:
ZONE="Europe/Prague"
18.1.5. /etc/sysconfig/dhcpd
The /etc/sysconfig/dhcpd file is used to pass arguments to the dhcpd daemon at boot time. By default, it contains the following options:
DHCPDARGS=value-
Additional options to be passed to the dhcpd daemon. For example:
DHCPDARGS=
18.1.6. /etc/sysconfig/firstboot
The /etc/sysconfig/firstboot file defines whether to run the firstboot utility. By default, it contains the following option:
RUN_FIRSTBOOT=boolean-
A boolean to enable (YES) or disable (NO) running the firstboot program. For example:
RUN_FIRSTBOOT=NO
The first time the system boots, the init program calls the /etc/rc.d/init.d/firstboot script, which looks for the /etc/sysconfig/firstboot file. If this file does not contain the RUN_FIRSTBOOT=NO option, the firstboot program is run, guiding a user through the initial configuration of the system.
To start the firstboot program the next time the system boots, change the value of RUN_FIRSTBOOT option to YES, and type the following at a shell prompt:
~]# chkconfig firstboot on
18.1.7. /etc/sysconfig/i18n
The /etc/sysconfig/i18n configuration file defines the default language, any supported languages, and the default system font. By default, it contains the following options:
LANG=value-
The default language. For example:
LANG="en_US.UTF-8"
SUPPORTED=value-
A colon-separated list of supported languages. For example:
SUPPORTED="en_US.UTF-8:en_US:en"
SYSFONT=value-
The default system font. For example:
SYSFONT="latarcyrheb-sun16"
18.1.8. /etc/sysconfig/init
The /etc/sysconfig/init file controls how the system appears and functions during the boot process. By default, it contains the following options:
BOOTUP=value-
The bootup style. The value has to be either color (the standard color boot display), verbose (an old style display which provides more information), or anything else for the new style display, but without ANSI formatting. For example:
BOOTUP=color
RES_COL=value-
The number of the column in which the status labels start. For example:
RES_COL=60
MOVE_TO_COL=value-
The terminal sequence to move the cursor to the column specified in RES_COL (see above). For example:
MOVE_TO_COL="echo -en \\033[${RES_COL}G"
SETCOLOR_SUCCESS=value-
The terminal sequence to set the success color. For example:
SETCOLOR_SUCCESS="echo -en \\033[0;32m"
SETCOLOR_FAILURE=value-
The terminal sequence to set the failure color. For example:
SETCOLOR_FAILURE="echo -en \\033[0;31m"
SETCOLOR_WARNING=value-
The terminal sequence to set the warning color. For example:
SETCOLOR_WARNING="echo -en \\033[0;33m"
SETCOLOR_NORMAL=value-
The terminal sequence to set the default color. For example:
SETCOLOR_NORMAL="echo -en \\033[0;39m"
LOGLEVEL=value-
The initial console logging level. The value has to be in the range from 1 (kernel panics only) to 8 (everything, including the debugging information). For example:
LOGLEVEL=3
PROMPT=boolean-
A boolean to enable (yes) or disable (no) the hotkey interactive startup. For example:
PROMPT=yes
AUTOSWAP=boolean-
A boolean to enable (yes) or disable (no) probing for devices with swap signatures. For example:
AUTOSWAP=no
ACTIVE_CONSOLES=value-
The list of active consoles. For example:
ACTIVE_CONSOLES=/dev/tty[1-6]
SINGLE=value-
The single-user mode type. The value has to be either /sbin/sulogin (a user will be prompted for a password to log in), or /sbin/sushell (the user will be logged in directly). For example:
SINGLE=/sbin/sushell
18.1.9. /etc/sysconfig/ip6tables-config
The /etc/sysconfig/ip6tables-config file stores information used by the kernel to set up IPv6 packet filtering at boot time or whenever the ip6tables service is started. Note that you should not modify it unless you are familiar with ip6tables rules. By default, it contains the following options:
IP6TABLES_MODULES=value-
A space-separated list of helpers to be loaded after the firewall rules are applied. For example:
IP6TABLES_MODULES="ip_nat_ftp ip_nat_irc"
IP6TABLES_MODULES_UNLOAD=boolean-
A boolean to enable (yes) or disable (no) module unloading when the firewall is stopped or restarted. For example:
IP6TABLES_MODULES_UNLOAD="yes"
IP6TABLES_SAVE_ON_STOP=boolean-
A boolean to enable (yes) or disable (no) saving the current firewall rules when the firewall is stopped. For example:
IP6TABLES_SAVE_ON_STOP="no"
IP6TABLES_SAVE_ON_RESTART=boolean-
A boolean to enable (yes) or disable (no) saving the current firewall rules when the firewall is restarted. For example:
IP6TABLES_SAVE_ON_RESTART="no"
IP6TABLES_SAVE_COUNTER=boolean-
A boolean to enable (yes) or disable (no) saving the rule and chain counters. For example:
IP6TABLES_SAVE_COUNTER="no"
IP6TABLES_STATUS_NUMERIC=boolean-
A boolean to enable (yes) or disable (no) printing IP addresses and port numbers in a numeric format in the status output. For example:
IP6TABLES_STATUS_NUMERIC="yes"
IP6TABLES_STATUS_VERBOSE=boolean-
A boolean to enable (yes) or disable (no) printing information about the number of packets and bytes in the status output. For example:
IP6TABLES_STATUS_VERBOSE="no"
IP6TABLES_STATUS_LINENUMBERS=boolean-
A boolean to enable (yes) or disable (no) printing line numbers in the status output. For example:
IP6TABLES_STATUS_LINENUMBERS="yes"
You can create the rules manually using the ip6tables command. Once created, type the following at a shell prompt:
~]# service ip6tables save
This will add the rules to /etc/sysconfig/ip6tables. Once this file exists, any firewall rules saved in it persist through a system reboot or a service restart.
18.1.10. /etc/sysconfig/keyboard
The /etc/sysconfig/keyboard file controls the behavior of the keyboard. By default, it contains the following options:
KEYTABLE=value-
The name of a keytable file. The files that can be used as keytables start in the /lib/kbd/keymaps/i386/ directory, and branch into different keyboard layouts from there, all labeled value.kmap.gzKEYTABLE setting is used. For example:
KEYTABLE="us"
MODEL=value-
The keyboard model. For example:
MODEL="pc105+inet"
LAYOUT=value-
The keyboard layout. For example:
LAYOUT="us"
KEYBOARDTYPE=value-
The keyboard type. Allowed values are pc (a PS/2 keyboard), or sun (a Sun keyboard). For example:
KEYBOARDTYPE="pc"
18.1.11. /etc/sysconfig/ldap
The /etc/sysconfig/ldap file holds the basic configuration for the LDAP server. By default, it contains the following options:
SLAPD_OPTIONS=value-
Additional options to be passed to the slapd daemon. For example:
SLAPD_OPTIONS="-4"
SLURPD_OPTIONS=value-
Additional options to be passed to the slurpd daemon. For example:
SLURPD_OPTIONS=""
SLAPD_LDAP=boolean-
A boolean to enable (yes) or disable (no) using the LDAP over TCP (that is, ldap:///). For example:
SLAPD_LDAP="yes"
SLAPD_LDAPI=boolean-
A boolean to enable (yes) or disable (no) using the LDAP over IPC (that is, ldapi:///). For example:
SLAPD_LDAPI="no"
SLAPD_LDAPS=boolean-
A boolean to enable (yes) or disable (no) using the LDAP over TLS (that is, ldaps:///). For example:
SLAPD_LDAPS="no"
SLAPD_URLS=value-
A space-separated list of URLs. For example:
SLAPD_URLS="ldapi:///var/lib/ldap_root/ldapi ldapi:/// ldaps:///"
SLAPD_SHUTDOWN_TIMEOUT=value-
The time to wait for slapd to shut down. For example:
SLAPD_SHUTDOWN_TIMEOUT=3
SLAPD_ULIMIT_SETTINGS=value-
The parameters to be passed to ulimit before the slapd daemon is started. For example:
SLAPD_ULIMIT_SETTINGS=""
18.1.12. /etc/sysconfig/named
The /etc/sysconfig/named file is used to pass arguments to the named daemon at boot time. By default, it contains the following options:
ROOTDIR=value-
The chroot environment under which the named daemon runs. The value has to be a full directory path. For example:
ROOTDIR="/var/named/chroot"
Note that the chroot environment has to be configured first (type info chroot at a shell prompt for more information).
OPTIONS=value-
Additional options to be passed to named. For example:
OPTIONS="-6"
Note that you should not use the -t option. Instead, use ROOTDIR as described above.
KEYTAB_FILE=value-
The keytab filename. For example:
KEYTAB_FILE="/etc/named.keytab"
18.1.13. /etc/sysconfig/network
The /etc/sysconfig/network file is used to specify information about the desired network configuration. By default, it contains the following options:
NETWORKING=boolean-
A boolean to enable (yes) or disable (no) the networking. For example:
NETWORKING=yes
HOSTNAME=value-
The hostname of the machine. For example:
HOSTNAME=penguin.example.com
GATEWAY=value-
The IP address of the network's gateway. For example:
GATEWAY=192.168.1.0
Do not use custom init scripts to configure network settings. When performing a post-boot network service restart, custom init scripts configuring network settings that are run outside of the network init script lead to unpredictable results.
18.1.14. /etc/sysconfig/ntpd
The /etc/sysconfig/ntpd file is used to pass arguments to the ntpd daemon at boot time. By default, it contains the following option:
OPTIONS=value-
Additional options to be passed to ntpd. For example:
OPTIONS="-u ntp:ntp -p /var/run/ntpd.pid -g"
18.1.15. /etc/sysconfig/quagga
The /etc/sysconfig/quagga file holds the basic configuration for Quagga daemons. By default, it contains the following options:
QCONFDIR=value-
The directory with the configuration files for Quagga daemons. For example:
QCONFDIR="/etc/quagga"
BGPD_OPTS=value-
Additional options to be passed to the bgpd daemon. For example:
BGPD_OPTS="-A 127.0.0.1 -f ${QCONFDIR}/bgpd.conf"
OSPF6D_OPTS=value-
Additional options to be passed to the ospf6d daemon. For example:
OSPF6D_OPTS="-A ::1 -f ${QCONFDIR}/ospf6d.conf"
OSPFD_OPTS=value-
Additional options to be passed to the ospfd daemon. For example:
OSPFD_OPTS="-A 127.0.0.1 -f ${QCONFDIR}/ospfd.conf"
RIPD_OPTS=value-
Additional options to be passed to the ripd daemon. For example:
RIPD_OPTS="-A 127.0.0.1 -f ${QCONFDIR}/ripd.conf"
RIPNGD_OPTS=value-
Additional options to be passed to the ripngd daemon. For example:
RIPNGD_OPTS="-A ::1 -f ${QCONFDIR}/ripngd.conf"
ZEBRA_OPTS=value-
Additional options to be passed to the zebra daemon. For example:
ZEBRA_OPTS="-A 127.0.0.1 -f ${QCONFDIR}/zebra.conf"
ISISD_OPTS=value-
Additional options to be passed to the isisd daemon. For example:
ISISD_OPTS="-A ::1 -f ${QCONFDIR}/isisd.conf"
WATCH_OPTS=value-
Additional options to be passed to the watchquagga daemon. For example:
WATCH_OPTS="-Az -b_ -r/sbin/service_%s_restart -s/sbin/service_%s_start -k/sbin/service_%s_stop"
WATCH_DAEMONS=value-
A space separated list of monitored daemons. For example:
WATCH_DAEMONS="zebra bgpd ospfd ospf6d ripd ripngd"
18.1.16. /etc/sysconfig/radvd
The /etc/sysconfig/radvd file is used to pass arguments to the radvd daemon at boot time. By default, it contains the following option:
OPTIONS=value-
Additional options to be passed to the radvd daemon. For example:
OPTIONS="-u radvd"
18.1.17. /etc/sysconfig/samba
The /etc/sysconfig/samba file is used to pass arguments to the Samba daemons at boot time. By default, it contains the following options:
SMBDOPTIONS=value-
Additional options to be passed to smbd. For example:
SMBDOPTIONS="-D"
NMBDOPTIONS=value-
Additional options to be passed to nmbd. For example:
NMBDOPTIONS="-D"
WINBINDOPTIONS=value-
Additional options to be passed to winbindd. For example:
WINBINDOPTIONS=""
18.1.18. /etc/sysconfig/selinux
The /etc/sysconfig/selinux file contains the basic configuration options for SELinux. It is a symbolic link to /etc/selinux/config, and by default, it contains the following options:
SELINUX=value-
The security policy. The value can be either enforcing (the security policy is always enforced), permissive (instead of enforcing the policy, appropriate warnings are displayed), or disabled (no policy is used). For example:
SELINUX=enforcing
SELINUXTYPE=value-
The protection type. The value can be either targeted (the targeted processes are protected), or mls (the Multi Level Security protection). For example:
SELINUXTYPE=targeted
18.1.19. /etc/sysconfig/sendmail
The /etc/sysconfig/sendmail is used to set the default values for the Sendmail application. By default, it contains the following values:
DAEMON=boolean-
A boolean to enable (yes) or disable (no) running sendmail as a daemon. For example:
DAEMON=yes
QUEUE=value-
The interval at which the messages are to be processed. For example:
QUEUE=1h
18.1.20. /etc/sysconfig/spamassassin
The /etc/sysconfig/spamassassin file is used to pass arguments to the spamd daemon (a daemonized version of Spamassassin) at boot time. By default, it contains the following option:
SPAMDOPTIONS=value-
Additional options to be passed to the spamd daemon. For example:
SPAMDOPTIONS="-d -c -m5 -H"
18.1.21. /etc/sysconfig/squid
The /etc/sysconfig/squid file is used to pass arguments to the squid daemon at boot time. By default, it contains the following options:
SQUID_OPTS=value-
Additional options to be passed to the squid daemon. For example:
SQUID_OPTS=""
SQUID_SHUTDOWN_TIMEOUT=value-
The time to wait for squid daemon to shut down. For example:
SQUID_SHUTDOWN_TIMEOUT=100
SQUID_CONF=value-
The default configuration file. For example:
SQUID_CONF="/etc/squid/squid.conf"
18.1.22. /etc/sysconfig/system-config-users
The /etc/sysconfig/system-config-users file is the configuration file for the User Manager utility, and should not be edited by hand. By default, it contains the following options:
FILTER=boolean-
A boolean to enable (true) or disable (false) filtering of system users. For example:
FILTER=true
ASSIGN_HIGHEST_UID=boolean-
A boolean to enable (true) or disable (false) assigning the highest available UID to newly added users. For example:
ASSIGN_HIGHEST_UID=true
ASSIGN_HIGHEST_GID=boolean-
A boolean to enable (true) or disable (false) assigning the highest available GID to newly added groups. For example:
ASSIGN_HIGHEST_GID=true
PREFER_SAME_UID_GID=boolean-
A boolean to enable (true) or disable (false) using the same UID and GID for newly added users when possible. For example:
PREFER_SAME_UID_GID=true
18.1.23. /etc/sysconfig/vncservers
The /etc/sysconfig/vncservers file configures the way the Virtual Network Computing (VNC) server starts up. By default, it contains the following options:
VNCSERVERS=value-
A list of space separated display:username
VNCSERVERS="2:myusername"
VNCSERVERARGS[display]=value-
Additional arguments to be passed to the VNC server running on the specified display. For example:
VNCSERVERARGS[2]="-geometry 800x600 -nolisten tcp -localhost"
18.1.24. /etc/sysconfig/xinetd
The /etc/sysconfig/xinetd file is used to pass arguments to the xinetd daemon at boot time. By default, it contains the following options:
EXTRAOPTIONS=value-
Additional options to be passed to xinetd. For example:
EXTRAOPTIONS=""
XINETD_LANG=value-
The locale information to be passed to every service started by xinetd. Note that to remove locale information from the xinetd environment, you can use an empty string ("") or none. For example:
XINETD_LANG="en_US"
|
|
|
