SYSCTL(8)                   System Manager's Manual                  SYSCTL(8)


     sysctl - get or set kernel state


     sysctl [-Aan]
     sysctl [-n] name ...
     sysctl [-nq] name=value ...


     The sysctl utility retrieves kernel state and allows processes with
     appropriate privilege to set kernel state.  The state to be retrieved or
     set is described using a ``Management Information Base'' (MIB) style
     name, described as a dotted set of components.

     When retrieving a variable, a subset of the MIB name may be specified to
     retrieve a list of variables in that subset.  For example, to list all
     the machdep variables:

           $ sysctl machdep

     When setting a variable, the MIB name should be followed by an equal sign
     and the new value.

     The options are as follows:

     -A   List all the known MIB names including tables.  Those with string or
          integer values will be printed as with the -a flag; for the table
          values, the name of the utility to retrieve them is given.

     -a   List all the currently available string or integer values.  This is
          the default, if no parameters are given to sysctl.

     -n   Suppress printing of the field name, only output the field value.
          Useful for setting shell variables.  For example, to set the psize
          shell variable to the pagesize of the hardware:

                # set psize=`sysctl -n hw.pagesize`

     -q   Suppress all output when setting a variable.  This option overrides
          the behaviour of -n.

          Attempt to set the specified variable name to value.

     The information available from sysctl consists of integers, strings, and
     tables.  The tabular information can only be retrieved by special purpose
     programs such as ps(1), systat(1), and netstat(1).  The string and
     integer information is summarized below.  For a detailed description of
     these variables, see sysctl(3).  The changeable column indicates whether
     a process with appropriate privilege can change the value.

     Note: not all of the variables are relevant to all architectures, and a
     few require a kernel compiled with non-standard options(4).

     Name                                 Type       Changeable
     kern.ostype                          string     no
     kern.osrelease                       string     no
     kern.osrevision                      integer    no
     kern.version                         string     no
     kern.maxvnodes                       integer    yes
     kern.maxproc                         integer    yes
     kern.maxfiles                        integer    yes
     kern.argmax                          integer    no
     kern.securelevel                     integer    raise only
     kern.hostname                        string     yes
     kern.hostid                          u_int      yes
     kern.clockrate                       struct     no
     kern.posix1version                   integer    no
     kern.ngroups                         integer    no
     kern.job_control                     integer    no
     kern.saved_ids                       integer    no
     kern.boottime                        struct     no
     kern.domainname                      string     yes
     kern.maxpartitions                   integer    no
     kern.rawpartition                    integer    no
     kern.maxthread                       integer    yes
     kern.nthreads                        integer    no
     kern.osversion                       string     no
     kern.somaxconn                       integer    yes
     kern.sominconn                       integer    yes
     kern.usermount                       integer    yes
     kern.random                          struct     no
     kern.nosuidcoredump                  integer    yes
     kern.fsync                           integer    no
     kern.sysvmsg                         integer    no
     kern.sysvsem                         integer    no
     kern.sysvshm                         integer    no
     kern.arandom                         u_int      no
     kern.msgbufsize                      integer    no
     kern.malloc.buckets                  string     no
     kern.malloc.bucket.<sz>              string     no
     kern.malloc.kmemnames                string     no
     kern.malloc.kmemstat.<name>          string     no
     kern.cp_time                         struct     no
     kern.nchstats                        struct     no
     kern.forkstat                        struct     no
     kern.nselcoll                        integer    no
     kern.tty.tk_nin                      int64_t    no
     kern.tty.tk_nout                     int64_t    no
     kern.tty.tk_rawcc                    int64_t    no
     kern.tty.tk_cancc                    int64_t    no
     kern.tty.ttyinfo                     struct     no
     kern.tty.maxptys                     integer    yes
     kern.tty.nptys                       integer    no
     kern.ccpu                            u_int      no
     kern.fscale                          integer    no
     kern.nprocs                          integer    no
     kern.stackgap_random                 integer    yes
     kern.splassert                       integer    yes
     kern.nfiles                          integer    no
     kern.ttycount                        integer    no
     kern.numvnodes                       integer    no
     kern.seminfo.semmni                  integer    yes
     kern.seminfo.semmns                  integer    yes
     kern.seminfo.semmnu                  integer    yes
     kern.seminfo.semmsl                  integer    yes
     kern.seminfo.semopm                  integer    yes
     kern.seminfo.semume                  integer    no
     kern.seminfo.semusz                  integer    no
     kern.seminfo.semvmx                  integer    no
     kern.seminfo.semaem                  integer    no
     kern.shminfo.shmmax                  integer    yes
     kern.shminfo.shmmin                  integer    yes
     kern.shminfo.shmmni                  integer    yes
     kern.shminfo.shmseg                  integer    yes
     kern.shminfo.shmall                  integer    yes
     kern.watchdog.period                 integer    yes                   integer    yes
     kern.emul.nemuls                     integer    no
     kern.emul.other                      integer    yes
     kern.maxclusters                     integer    yes
     kern.timecounter.tick                integer    no
     kern.timecounter.timestepwarnings    integer    yes
     kern.timecounter.hardware            string     yes
     kern.timecounter.choice              string     no
     kern.maxlocksperuid                  integer    yes
     kern.bufcachepercent                 integer    yes
     kern.consdev                         string     no
     kern.global_ptrace                   integer    yes
     vm.vmmeter                           struct     no
     vm.loadavg                           struct     no
     vm.psstrings                         struct     no
     vm.uvmexp                            struct     no
     vm.swapencrypt.enable                integer    yes
     vm.swapencrypt.keyscreated           integer    no
     vm.swapencrypt.keysdeleted           integer    no
     vm.nkmempages                        integer    no
     vm.anonmin                           integer    yes
     vm.vtextmin                          integer    yes
     vm.vnodemin                          integer    yes
     vm.maxslp                            integer    no
     vm.uspace                            integer    no
     fs.posix.setuid                      integer    yes
     net.inet.divert.recvspace            integer    yes
     net.inet.divert.sendspace            integer    yes
     net.inet.ip.forwarding               integer    yes
     net.inet.ip.redirect                 integer    yes
     net.inet.ip.ttl                      integer    yes
     net.inet.ip.sourceroute              integer    yes
     net.inet.ip.directed-broadcast       integer    yes
     net.inet.ip.portfirst                integer    yes
     net.inet.ip.portlast                 integer    yes
     net.inet.ip.porthifirst              integer    yes
     net.inet.ip.porthilast               integer    yes
     net.inet.ip.maxqueue                 integer    yes
     net.inet.ip.encdebug                 integer    yes
     net.inet.ip.ipsec-expire-acquire     integer    yes
     net.inet.ip.ipsec-invalid-life       integer    yes
     net.inet.ip.ipsec-pfs                integer    yes
     net.inet.ip.ipsec-soft-allocs        integer    yes
     net.inet.ip.ipsec-allocs             integer    yes
     net.inet.ip.ipsec-soft-bytes         integer    yes
     net.inet.ip.ipsec-bytes              integer    yes
     net.inet.ip.ipsec-timeout            integer    yes
     net.inet.ip.ipsec-soft-timeout       integer    yes
     net.inet.ip.ipsec-soft-firstuse      integer    yes
     net.inet.ip.ipsec-firstuse           integer    yes
     net.inet.ip.ipsec-enc-alg            string     yes
     net.inet.ip.ipsec-auth-alg           string     yes
     net.inet.ip.mtudisc                  integer    yes
     net.inet.ip.mtudisctimeout           integer    yes
     net.inet.ip.ipsec-comp-alg           string     yes
     net.inet.ip.ifq.len                  integer    no
     net.inet.ip.ifq.maxlen               integer    yes
     net.inet.ip.ifq.drops                integer    no
     net.inet.ip.mforwarding              integer    yes
     net.inet.ip.multipath                integer    yes
     net.inet.icmp.maskrepl               integer    yes
     net.inet.icmp.bmcastecho             integer    yes
     net.inet.icmp.errppslimit            integer    yes
     net.inet.icmp.rediraccept            integer    yes
     net.inet.icmp.redirtimeout           integer    yes
     net.inet.icmp.tstamprepl             integer    yes
     net.inet.ipip.allow                  integer    yes
     net.inet.tcp.rfc1323                 integer    yes
     net.inet.tcp.keepinittime            integer    yes
     net.inet.tcp.keepidle                integer    yes
     net.inet.tcp.keepintvl               integer    yes
     net.inet.tcp.always_keepalive        integer    yes
     net.inet.tcp.slowhz                  integer    no
     net.inet.tcp.baddynamic              array      yes
     net.inet.tcp.sack                    integer    yes
     net.inet.tcp.mssdflt                 integer    yes
     net.inet.tcp.rstppslimit             integer    yes
     net.inet.tcp.ackonpush               integer    yes
     net.inet.tcp.ecn                     integer    yes
     net.inet.tcp.syncachelimit           integer    yes
     net.inet.tcp.synbucketlimit          integer    yes
     net.inet.tcp.rfc3390                 integer    yes
     net.inet.tcp.reasslimit              integer    yes
     net.inet.udp.checksum                integer    yes
     net.inet.udp.baddynamic              array      yes
     net.inet.udp.recvspace               integer    yes
     net.inet.udp.sendspace               integer    yes
     net.inet.gre.allow                   integer    yes
     net.inet.gre.wccp                    integer    yes
     net.inet.esp.enable                  integer    yes
     net.inet.esp.udpencap                integer    yes
     net.inet.esp.udpencap_port           integer    yes
     net.inet.ah.enable                   integer    yes
     net.inet.mobileip.allow              integer    yes
     net.inet.etherip.allow               integer    yes
     net.inet.ipcomp.enable               integer    yes
     net.inet.carp.allow                  integer    yes
     net.inet.carp.preempt                integer    yes
     net.inet.carp.log                    integer    yes
     net.inet6.ip6.forwarding             integer    yes
     net.inet6.ip6.redirect               integer    yes
     net.inet6.ip6.hlim                   integer    yes
     net.inet6.ip6.maxfragpackets         integer    yes
     net.inet6.ip6.log_interval           integer    yes
     net.inet6.ip6.hdrnestlimit           integer    yes
     net.inet6.ip6.dad_count              integer    yes
     net.inet6.ip6.auto_flowlabel         integer    yes
     net.inet6.ip6.defmcasthlim           integer    yes
     net.inet6.ip6.use_deprecated         integer    yes
     net.inet6.ip6.rr_prune               integer    yes
     net.inet6.ip6.v6only                 integer    no
     net.inet6.ip6.maxfrags               integer    yes
     net.inet6.ip6.mforwarding            integer    yes
     net.inet6.ip6.multipath              integer    yes
     net.inet6.ip6.multicast_mtudisc      integer    yes
     net.inet6.ip6.neighborgcthresh       integer    yes
     net.inet6.ip6.maxifprefixes          integer    yes
     net.inet6.ip6.maxifdefrouters        integer    yes
     net.inet6.ip6.maxdynroutes           integer    yes
     net.inet6.ip6.dad_pending            integer    yes
     net.inet6.ip6.mtudisctimeout         integer    yes
     net.inet6.ip6.ifq.len                integer    no
     net.inet6.ip6.ifq.maxlen             integer    yes
     net.inet6.ip6.ifq.drops              integer    no
     net.inet6.icmp6.redirtimeout         integer    yes
     net.inet6.icmp6.nd6_prune            integer    yes
     net.inet6.icmp6.nd6_delay            integer    yes
     net.inet6.icmp6.nd6_umaxtries        integer    yes
     net.inet6.icmp6.nd6_mmaxtries        integer    yes
     net.inet6.icmp6.errppslimit          integer    yes
     net.inet6.icmp6.nd6_maxnudhint       integer    yes
     net.inet6.icmp6.mtudisc_hiwat        integer    yes
     net.inet6.icmp6.mtudisc_lowat        integer    yes
     net.inet6.icmp6.nd6_debug            integer    yes
     net.mpls.ttl                         integer    yes
     net.mpls.ifq.len                     integer    no
     net.mpls.ifq.maxlen                  integer    yes
     net.mpls.ifq.drops                   integer    no
     net.mpls.maxloop_inkernel            integer    yes
     net.mpls.mapttl_ip                   integer    yes
     net.mpls.mapttl_ip6                  integer    yes
     net.pipex.enable                     integer    yes
     net.pipex.inq.len                    integer    no
     net.pipex.inq.maxlen                 integer    yes
     net.pipex.inq.drops                  integer    no
     net.pipex.outq.len                   integer    no
     net.pipex.outq.maxlen                integer    yes
     net.pipex.outq.drops=0               integer    no
     debug.syncprt                        integer    yes
     debug.busyprt                        integer    yes
     debug.doclusterread                  integer    yes
     debug.doclusterwrite                 integer    yes
     debug.doreallocblks                  integer    yes
     debug.doasyncfree                    integer    yes
     debug.prtrealloc                     integer    yes
     hw.machine                           string     no
     hw.model                             string     no
     hw.ncpu                              integer    no
     hw.byteorder                         integer    no
     hw.physmem                           int64_t    no
     hw.usermem                           int64_t    no
     hw.pagesize                          integer    no
     hw.diskstats                         struct     no
     hw.disknames                         string     no
     hw.diskcount                         integer    no
     hw.sensors.<xname>.<type><numt>      struct     no
     hw.cpuspeed                          integer    no
     hw.setperf                           integer    yes
     hw.vendor                            string     no
     hw.product                           string     no
     hw.version                           string     no
     hw.serialno                          string     no
     hw.uuid                              string     no
     hw.ncpufound                         integer    no
     hw.allowpowerdown                    integer    yes
     hw.perfpolicy                        string     yes
     machdep.console_device               dev_t      no
     machdep.unaligned_print              integer    yes
     machdep.unaligned_fix                integer    yes
     machdep.unaligned_sigbus             integer    yes
     machdep.apmwarn                      integer    yes
     machdep.apmhalt                      integer    yes
     machdep.kbdreset                     integer    yes
     machdep.userldt                      integer    yes
     machdep.osfxsr                       integer    no
     machdep.sse                          integer    no
     machdep.sse2                         integer    no
     machdep.xcrypt                       integer    no
     machdep.allowaperture                integer    yes
     machdep.led_blink                    integer    yes
     machdep.ceccerrs                     integer    no
     machdep.cecclast                     quad       no
     ddb.radix                            integer    yes
     ddb.max_width                        integer    yes
     ddb.max_line                         integer    yes
     ddb.tab_stop_width                   integer    yes
     ddb.panic                            integer    yes
     ddb.console                          integer    yes
     ddb.log                              integer    yes
     ddb.trigger                          integer    yes
     vfs.mounts.*                         struct     no
     vfs.ffs.doclusterread                integer    yes
     vfs.ffs.doclusterwrite               integer    yes
     vfs.ffs.doreallocblks                integer    yes
     vfs.ffs.doasyncfree                  integer    yes
     vfs.ffs.max_softdeps                 integer    yes
     vfs.ffs.sd_tickdelay                 integer    yes
     vfs.ffs.sd_worklist_push             integer    no
     vfs.ffs.sd_blk_limit_push            integer    no
     vfs.ffs.sd_ino_limit_push            integer    no
     vfs.ffs.sd_blk_limit_hit             integer    no
     vfs.ffs.sd_ino_limit_hit             integer    no
     vfs.ffs.sd_sync_limit_hit            integer    no
     vfs.ffs.sd_indir_blk_ptrs            integer    no
     vfs.ffs.sd_inode_bitmap              integer    no
     vfs.ffs.sd_direct_blk_ptrs           integer    no
     vfs.ffs.sd_dir_entry                 integer    no
     vfs.ffs.dirhash_dirsize              integer    yes
     vfs.ffs.dirhash_maxmem               integer    yes
     vfs.ffs.dirhash_mem                  integer    no
     vfs.nfs.iothreads                    integer    yes
     vfs.fuse.fusefs_open_devices         integer    no
     vfs.fuse.fusefs_fbufs_in             integer    no
     vfs.fuse.fusefs_fbufs_wait           integer    no
     vfs.fuse.fusefs_pool_pages           integer    no

     The sysctl program can extract information about the filesystems that
     have been compiled into the running system.  This information can be
     obtained by using the command:

           $ sysctl vfs.mounts

     By default, only filesystems that are actively being used are listed.
     Use of the -A flag lists all the filesystems compiled into the running


     <sys/sysctl.h>            definitions for top level identifiers and
                               second level kernel and hardware identifiers
     <dev/rndvar.h>            definitions for random(4) device's statistics
     <sys/socket.h>            definitions for second level network
     <sys/gmon.h>              definitions for third level profiling
     <uvm/uvm_param.h>         definitions for second level virtual memory
     <uvm/uvm_swap_encrypt.h>  definitions for third level virtual memory
     <netinet/in.h>            definitions for third level IPv4/v6 identifiers
                               and fourth level IPv4/v6 identifiers
     <netinet/ip_divert.h>     definitions for fourth level divert identifiers
     <netinet/icmp_var.h>      definitions for fourth level ICMP identifiers
     <netinet6/icmp6.h>        definitions for fourth level ICMPv6 identifiers
     <netinet/tcp_var.h>       definitions for fourth level TCP identifiers
     <netinet/udp_var.h>       definitions for fourth level UDP identifiers
     <ddb/db_var.h>            definitions for second level ddb identifiers
     <sys/mount.h>             definitions for second level vfs identifiers
     <nfs/nfs.h>               definitions for third level NFS identifiers
     <miscfs/fuse/fusefs.h>    definitions for third level fusefs identifiers
     <ufs/ffs/ffs_extern.h>    definitions for third level FFS identifiers
     <machine/cpu.h>           definitions for second level CPU identifiers


     To retrieve the maximum number of processes allowed in the system:

           $ sysctl kern.maxproc

     To set the maximum number of processes allowed in the system to 1000:

           # sysctl kern.maxproc=1000

     To retrieve information about the system clock rate:

           $ sysctl kern.clockrate

     To retrieve information about the load average history:

           $ sysctl vm.loadavg

     To make the chown(2) system call use traditional BSD semantics (don't
     clear setuid/setgid bits):

           # sysctl fs.posix.setuid=0

     To set the list of reserved TCP ports that should not be allocated by the
     kernel dynamically:

           # sysctl net.inet.tcp.baddynamic=749,750,751,760,761,871
           # sysctl net.inet.udp.baddynamic=749,750,751,760,761,871,1024-2048

     This can be used to keep daemons from stealing a specific port that
     another program needs to function.  List elements may be separated by
     commas and/or whitespace; a hyphen may be used to specify a range of

     It is also possible to add or remove ports from the current list:

           # sysctl net.inet.tcp.baddynamic=+748,6000-6999
           # sysctl net.inet.tcp.baddynamic=-871

     To set the amount of shared memory available in the system and the
     maximum number of shared memory segments:

           # sysctl kern.shminfo.shmmax=33554432
           # sysctl kern.shminfo.shmseg=32

     To place core dumps from issetugid(2) programs (in this example bgpd(8))
     into a safe place for debugging purposes:

           # mkdir -m 700 /var/crash/bgpd
           # sysctl kern.nosuidcoredump=3


     sysctl(3), options(4), sysctl.conf(5)


     sysctl first appeared in 4.4BSD.

OpenBSD 5.9                    November 5, 2015                    OpenBSD 5.9

[Unix Hosting | Open-Source | Contact Us]
[Engineering & Automation | Software Development | Server Applications]