Files in the `/etc/sysconfig/` Directory

The following sections offer descriptions of files normally found in the /etc/sysconfig/ directory. Files not listed here, as well as extra file options, are found in the /usr/share/doc/initscripts-<version-number>/sysconfig.txt file (replace <version-number> with the version of the initscripts package). Alternatively, looking through the initscripts in the /etc/rc.d/ directory can prove helpful.

If some of the files listed here are not present in the /etc/sysconfig/ directory, then the corresponding program may not be installed.

`/etc/sysconfig/amd`

The /etc/sysconfig/amd file contains various parameters used by amd; these parameters allow for the automatic mounting and unmounting of file systems.

`/etc/sysconfig/apmd`

The /etc/sysconfig/apmd file is used by apmd to configure what power settings to start/stop/change on suspend or resume. This file configures how apmd functions at boot time, depending on whether the hardware supports Advanced Power Management (APM) or whether the user has configured the system to use it. The apm daemon is a monitoring program that works with power management code within the Linux kernel. It is capable of alerting users to low battery power on laptops and other power-related settings.

`/etc/sysconfig/arpwatch`

The /etc/sysconfig/arpwatch file is used to pass arguments to the arpwatch daemon at boot time. The arpwatch daemon maintains a table of Ethernet MAC addresses and their IP address pairings. By default, this file sets the owner of the arpwatch process to the user pcap and sends any messages to the root mail queue. For more information regarding available parameters for this file, refer to the arpwatch man page.

`/etc/sysconfig/authconfig`

The /etc/sysconfig/authconfig file sets the authorization to be used on the host. It contains one or more of the following lines:

USEMD5=<value>, where <value> is one of the following:

yes - MD5 is used for authentication.

no - MD5 is not used for authentication.

USEKERBEROS=<value>, where <value> is one of the following:
- yes - Kerberos is used for authentication.
no - Kerberos is not used for authentication.

USELDAPAUTH=<value>, where <value> is one of the following:
- yes - LDAP is used for authentication.
no - LDAP is not used for authentication.

`/etc/sysconfig/autofs`

The /etc/sysconfig/autofs file defines custom options for the automatic mounting of devices. This file controls the operation of the automount daemons, which automatically mount file systems when you use them and unmount them after a period of inactivity. File systems can include network file systems, CD-ROMs, diskettes, and other media.

The /etc/sysconfig/autofs file may contain the following:

LOCALOPTIONS="<value>", where <value> is a string for defining machine-specific automount rules. The default value is an empty string ("").

DAEMONOPTIONS="<value>", where <value> is the timeout length in seconds before unmounting the device. The default value is 60 seconds ("--timeout=60").
UNDERSCORETODOT=<value>, where <value> is a binary value that controls whether to convert underscores in file names into dots. For example, auto_home to auto.home and auto_mnt to auto.mnt. The default value is 1 (true).
DISABLE_DIRECT=<value>, where <value> is a binary value that controls whether to disable direct mount support, as the Linux implementation does not conform to the Sun Microsystems' automounter behavior. The default value is 1 (true), and allows for compatibility with the Sun automounter options specification syntax.

`/etc/sysconfig/clock`

The /etc/sysconfig/clock file controls the interpretation of values read from the system hardware clock.

The correct values are:

UTC=<value>, where <value> is one of the following boolean values:

true or yes - The hardware clock is set to Universal Time.

false or no - The hardware clock is set to local time.

ARC=<value>, where <value> is the following:
- false or no - This value indicates that the normal UNIX epoch is in use. Other values are used by systems not supported by Community Enterprise Linux.

SRM=<value>, where <value> is the following:
- false or no - This value indicates that the normal UNIX epoch is in use. Other values are used by systems not supported by Community Enterprise Linux.

ZONE=<filename> - The time zone file under /usr/share/zoneinfo that /etc/localtime is a copy of. The file contains information such as:
```
ZONE="America/New York"
```
Note that the ZONE parameter is read by the Time and Date Properties Tool (system-config-date), and manually editing it does not change the system timezone.

Earlier releases of Community Enterprise Linux used the following values (which are deprecated):

CLOCKMODE=<value>, where <value> is one of the following:

GMT - The clock is set to Universal Time (Greenwich Mean Time).

ARC - The ARC console's 42-year time offset is in effect (for Alpha-based systems only).

`/etc/sysconfig/desktop`

The /etc/sysconfig/desktop file specifies the desktop for new users and the display manager to run when entering runlevel 5.

Correct values are:

DESKTOP="<value>", where "<value>" is one of the following:

GNOME - Selects the GNOME desktop environment.

KDE - Selects the KDE desktop environment.

DISPLAYMANAGER="<value>", where "<value>" is one of the following:
- GNOME - Selects the GNOME Display Manager.
KDE - Selects the KDE Display Manager.
XDM - Selects the X Display Manager.

For more information, refer to The X Window System.

`/etc/sysconfig/dhcpd`

The /etc/sysconfig/dhcpd file is used to pass arguments to the dhcpd daemon at boot time. The dhcpd daemon implements the Dynamic Host Configuration Protocol (DHCP) and the Internet Bootstrap Protocol (BOOTP). DHCP and BOOTP assign hostnames to machines on the network. For more information about what parameters are available in this file, refer to the dhcpd man page.

`/etc/sysconfig/exim`

The /etc/sysconfig/exim file allows messages to be sent to one or more clients, routing the messages over whatever networks are necessary. The file sets the default values for exim to run. Its default values are set to run as a background daemon and to check its queue each hour in case something has backed up.

The values include:

DAEMON=<value>, where <value> is one of the following:

yes - exim should be configured to listen to port 25 for incoming mail. yes implies the use of the Exim's -bd options.

no - exim should not be configured to listen to port 25 for incoming mail.

QUEUE=1h which is given to exim as -q$QUEUE. The -q option is not given to exim if /etc/sysconfig/exim exists and QUEUE is empty or undefined.

`/etc/sysconfig/firstboot`

The first time the system boots, the /sbin/init program calls the etc/rc.d/init.d/firstboot script, which in turn launches the Setup Agent. This application allows the user to install the latest updates as well as additional applications and documentation.

The /etc/sysconfig/firstboot file tells the Setup Agent application not to run on subsequent reboots. To run it the next time the system boots, remove /etc/sysconfig/firstboot and execute chkconfig --level 5 firstboot on.

`/etc/sysconfig/gpm`

The /etc/sysconfig/gpm file is used to pass arguments to the gpm daemon at boot time. The gpm daemon is the mouse server which allows mouse acceleration and middle-click pasting. For more information about what parameters are available for this file, refer to the gpm man page. By default, the DEVICE directive is set to /dev/input/mice.

`/etc/sysconfig/hwconf`

The /etc/sysconfig/hwconf file lists all the hardware that kudzu detected on the system, as well as the drivers used, vendor ID, and device ID information. The kudzu program detects and configures new and/or changed hardware on a system. The /etc/sysconfig/hwconf file is not meant to be manually edited. If edited, devices could suddenly show up as being added or removed.

`/etc/sysconfig/i18n`

The /etc/sysconfig/i18n file sets the default language, any supported languages, and the default system font. For example:

LANG="en_US.UTF-8"
SUPPORTED="en_US.UTF-8:en_US:en"
SYSFONT="latarcyrheb-sun16"

`/etc/sysconfig/init`

The /etc/sysconfig/init file controls how the system appears and functions during the boot process.

The following values may be used:

BOOTUP=<value>, where <value> is one of the following:

color - The standard color boot display, where the success or failure of devices and services starting up is shown in different colors.

verbose - An old style display which provides more information than purely a message of success or failure.
Anything else means a new display, but without ANSI-formatting.

RES_COL=<value>, where <value> is the number of the column of the screen to start status labels. The default is set to 60.
MOVE_TO_COL=<value>, where <value> moves the cursor to the value in the RES_COL line via the echo -en command.
SETCOLOR_SUCCESS=<value>, where <value> sets the success color via the echo -en command. The default color is set to green.
SETCOLOR_FAILURE=<value>, where <value> sets the failure color via the echo -en command. The default color is set to red.
SETCOLOR_WARNING=<value>, where <value> sets the warning color via the echo -en command. The default color is set to yellow.
SETCOLOR_NORMAL=<value>, where <value> resets the color to "normal" via the echo -en.
LOGLEVEL=<value>, where <value> sets the initial console logging level for the kernel. The default is 3; 8 means everything (including debugging), while 1 means only kernel panics. The syslogd daemon overrides this setting once started.
PROMPT=<value>, where <value> is one of the following boolean values:
- yes - Enables the key check for interactive mode.
no - Disables the key check for interactive mode.

`/etc/sysconfig/ip6tables-config`

The /etc/sysconfig/ip6tables-config file stores information used by the kernel to set up IPv6 packet filtering at boot time or whenever the ip6tables service is started.

Do not modify this file by hand unless familiar with how to construct ip6tables rules. Rules also can be created manually using the /sbin/ip6tables command. Once created, add the rules to the /etc/sysconfig/ip6tables file by typing the following command:

service ip6tables save

Once this file exists, any firewall rules saved in it persists through a system reboot or a service restart.

For more information on ip6tables, refer to "IPTables".

`/etc/sysconfig/iptables-config`

The /etc/sysconfig/iptables-config file stores information used by the kernel to set up packet filtering services at boot time or whenever the service is started.

Do not modify this file by hand unless you are familiar with constructing iptables rules. The easiest way to add rules is to use the Security Level Configuration Tool (system-config-securitylevel) application to create a firewall. These applications automatically edit this file at the end of the process.

Rules can also be created manually using the /sbin/iptables command. Once created, add the rule(s) to the /etc/sysconfig/iptables file by typing the following command:

service iptables save

Once this file exists, any firewall rules saved in it persists through a system reboot or a service restart.

For more information on iptables, refer to "IPTables".

`/etc/sysconfig/irda`

The /etc/sysconfig/irda file controls how infrared devices on the system are configured at startup.

The following values may be used:

IRDA=<value>, where <value> is one of the following boolean values:

yes - irattach runs and periodically checks to see if anything is trying to connect to the infrared port, such as another notebook computer trying to make a network connection. For infrared devices to work on the system, this line must be set to yes.

no - irattach does not run, preventing infrared device communication.

DEVICE=<value>, where <value> is the device (usually a serial port) that handles infrared connections. A sample serial device entry could be /dev/ttyS2.
DONGLE=<value>, where <value> specifies the type of dongle being used for infrared communication. This setting exists for people who use serial dongles rather than real infrared ports. A dongle is a device that is attached to a traditional serial port to communicate via infrared. This line is commented out by default because notebooks with real infrared ports are far more common than computers with add-on dongles. A sample dongle entry could be actisys+.
DISCOVERY=<value>, where <value> is one of the following boolean values:
- yes - Starts irattach in discovery mode, meaning it actively checks for other infrared devices. This must be turned on for the machine to actively look for an infrared connection (meaning the peer that does not initiate the connection).
no - Does not start irattach in discovery mode.

`/etc/sysconfig/keyboard`

The /etc/sysconfig/keyboard file controls the behavior of the keyboard. The following values may be used:

KEYBOARDTYPE="sun|pc" where sun means a Sun keyboard is attached on /dev/kbd, or pc means a PS/2 keyboard connected to a PS/2 port.

KEYTABLE="<file>", where <file> is the name of a keytable file.
For example: KEYTABLE="us". The files that can be used as keytables start in /lib/kbd/keymaps/i386 and branch into different keyboard layouts from there, all labeled <file>.kmap.gz. The first file found beneath /lib/kbd/keymaps/i386 that matches the KEYTABLE setting is used.

`/etc/sysconfig/kudzu`

The /etc/sysconfig/kuzdu file triggers a safe probe of the system hardware by kudzu at boot time. A safe probe is one that disables serial port probing.

SAFE=<value>, where <value> is one of the following:

yes - kuzdu does a safe probe.

no - kuzdu does a normal probe.

`/etc/sysconfig/named`

The /etc/sysconfig/named file is used to pass arguments to the named daemon at boot time. The named daemon is a Domain Name System (DNS) server which implements the Berkeley Internet Name Domain (BIND) version 9 distribution. This server maintains a table of which hostnames are associated with IP addresses on the network.

Currently, only the following values may be used:

ROOTDIR="</some/where>", where </some/where> refers to the full directory path of a configured chroot environment under which named runs. This chroot environment must first be configured. Type info chroot for more information.

OPTIONS="<value>", where <value> is any option listed in the man page for named except -t. In place of -t, use the ROOTDIR line above.

For more information about available parameters for this file, refer to the named man page. For detailed information on how to configure a BIND DNS server, refer to Berkeley Internet Name Domain (BIND). By default, the file contains no parameters.

`/etc/sysconfig/network`

The /etc/sysconfig/network file is used to specify information about the desired network configuration. The following values may be used:

NETWORKING=<value>, where <value> is one of the following boolean values:

yes - Networking should be configured.

no - Networking should not be configured.

HOSTNAME=<value>, where <value> should be the Fully Qualified Domain Name (FQDN), such as hostname.expample.com, but can be whatever hostname is necessary.
GATEWAY=<value>, where <value> is the IP address of the network's gateway.
GATEWAYDEV=<value>, where <value> is the gateway device, such as eth0. Configure this option if you have multiple interfaces on the same subnet, and require one of those interfaces to be the preferred route to the default gateway.
NISDOMAIN=<value>, where <value> is the NIS domain name.
NOZEROCONF=<value>, where setting <value> to true disables the zeroconf route.
By default, the zeroconf route (169.254.0.0) is enabled when the system boots. For more information about zeroconf, refer to http://www.zeroconf.org/.

Do not use custom initscripts to configure network settings. When performing a post-boot network service restart, custom initscripts configuring network settings that are run outside of the network init script lead to unpredictable results.

`/etc/sysconfig/nfs`

NFS requires portmap, which dynamically assigns ports for RPC services. This causes problems for configuring firewall rules. To overcome this problem, use the /etc/sysconfig/nfs file to control which ports the required RPC services run on.

The /etc/sysconfig/nfs may not exist by default on all systems. If it does not exist, create it and add the following variables (alternatively, if the file exists, un-comment and change the default entries as required):

MOUNTD_PORT=x: control which TCP and UDP port mountd (rpc.mountd) uses. Replace x with an unused port number.

STATD_PORT=x: control which TCP and UDP port status (rpc.statd) uses. Replace x with an unused port number.
LOCKD_TCPPORT=x: control which TCP port nlockmgr (rpc.lockd) uses. Replace x with an unused port number.
LOCKD_UDPPORT=x: control which UDP port nlockmgr (rpc.lockd) uses. Replace x with an unused port number.

If NFS fails to start, check /var/log/messages. Normally, NFS will fail to start if you specify a port number that is already in use. After editing /etc/sysconfig/nfs restart the NFS service by running the service nfs restart command. Run the rpcinfo -p command to confirm the changes.

To configure a firewall to allow NFS:

Allow TCP and UDP port 2049 for NFS.

Allow TCP and UDP port 111 (portmap/sunrpc).
Allow the TCP and UDP port specified with MOUNTD_PORT="x"
Allow the TCP and UDP port specified with STATD_PORT="x"
Allow the TCP port specified with LOCKD_TCPPORT="x"
Allow the UDP port specified with LOCKD_UDPPORT="x"

`/etc/sysconfig/ntpd`

The /etc/sysconfig/ntpd file is used to pass arguments to the ntpd daemon at boot time. The ntpd daemon sets and maintains the system clock to synchronize with an Internet standard time server. It implements version 4 of the Network Time Protocol (NTP). For more information about what parameters are available for this file, use a Web browser to view the following file: /usr/share/doc/ntp-<version>/ntpd.htm (where <version> is the version number of ntpd). By default, this file sets the owner of the ntpd process to the user ntp.

`/etc/sysconfig/radvd`

The /etc/sysconfig/radvd file is used to pass arguments to the radvd daemon at boot time. The radvd daemon listens for router requests and sends router advertisements for the IP version 6 protocol. This service allows hosts on a network to dynamically change their default routers based on these router advertisements. For more information about available parameters for this file, refer to the radvd man page. By default, this file sets the owner of the radvd process to the user radvd.

`/etc/sysconfig/samba`

The /etc/sysconfig/samba file is used to pass arguments to the smbd and the nmbd daemons at boot time. The smbd daemon offers file sharing connectivity for Windows clients on the network. The nmbd daemon offers NetBIOS over IP naming services. For more information about what parameters are available for this file, refer to the smbd man page. By default, this file sets smbd and nmbd to run in daemon mode.

`/etc/sysconfig/selinux`

The /etc/sysconfig/selinux file contains the basic configuration options for SELinux. This file is a symbolic link to /etc/selinux/config.

`/etc/sysconfig/sendmail`

The /etc/sysconfig/sendmail file allows messages to be sent to one or more clients, routing the messages over whatever networks are necessary. The file sets the default values for the Sendmail application to run. Its default values are set to run as a background daemon and to check its queue each hour in case something has backed up.

Values include:

DAEMON=<value>, where <value> is one of the following:

yes - Sendmail should be configured to listen to port 25 for incoming mail. yes implies the use of Sendmail's -bd options.

no - Sendmail should not be configured to listen to port 25 for incoming mail.

QUEUE=1h which is given to Sendmail as -q$QUEUE. The -q option is not given to Sendmail if /etc/sysconfig/sendmail exists and QUEUE is empty or undefined.

`/etc/sysconfig/spamassassin`

The /etc/sysconfig/spamassassin file is used to pass arguments to the spamd daemon (a daemonized version of Spamassassin) at boot time. Spamassassin is an email spam filter application. For a list of available options, refer to the spamd man page. By default, it configures spamd to run in daemon mode, create user preferences, and auto-create whitelists (allowed bulk senders).

For more information about Spamassassin, refer to "Spam Filters".

`/etc/sysconfig/squid`

The /etc/sysconfig/squid file is used to pass arguments to the squid daemon at boot time. The squid daemon is a proxy caching server for Web client applications. For more information on configuring a squid proxy server, use a Web browser to open the /usr/share/doc/squid-<version>/ directory (replace <version> with the squid version number installed on the system). By default, this file sets squid to start in daemon mode and sets the amount of time before it shuts itself down.

`/etc/sysconfig/system-config-securitylevel`

The /etc/sysconfig/system-config-securitylevel file contains all options chosen by the user the last time the Security Level Configuration Tool (system-config-securitylevel) was run. Users should not modify this file by hand. For more information about the Security Level Configuration Tool, refer to "Basic Firewall Configuration".

`/etc/sysconfig/system-config-selinux`

The /etc/sysconfig/system-config-selinux file contains all options chosen by the user the last time the SELinux Administration Tool (system-config-selinux) was run. Users should not modify this file by hand. For more information about the SELinux Administration Tool and SELinux in general, refer to "Introduction to SELinux".

`/etc/sysconfig/system-config-users`

The /etc/sysconfig/system-config-users file is the configuration file for the graphical application, User Manager. This file is used to filter out system users such as root, daemon, or lp. This file is edited by the Preferences > Filter system users and groups pull-down menu in the User Manager application and should never be edited by hand. For more information on using this application, refer to "User and Group Configuration".

`/etc/sysconfig/system-logviewer`

The /etc/sysconfig/system-logviewer file is the configuration file for the graphical, interactive log viewing application, Log Viewer. This file is edited by the Edit > Preferences pull-down menu in the Log Viewer application and should not be edited by hand. For more information on using this application, refer to Log Files.

`/etc/sysconfig/tux`

The /etc/sysconfig/tux file is the configuration file for the CentOS Content Accelerator (formerly known as TUX), the kernel-based Web server. For more information on configuring the CentOS Content Accelerator, use a Web browser to open the /usr/share/doc/tux-<version>/tux/index.html file (replace <version> with the version number of TUX installed on the system). The parameters available for this file are listed in /usr/share/doc/tux-<version>/tux/parameters.html.

`/etc/sysconfig/vncservers`

The /etc/sysconfig/vncservers file configures the way the Virtual Network Computing (VNC) server starts up.

VNC is a remote display system which allows users to view the desktop environment not only on the machine where it is running but across different networks on a variety of architectures.

It may contain the following:

VNCSERVERS=<value>, where <value> is set to something like "1:fred", to indicate that a VNC server should be started for user fred on display :1. User fred must have set a VNC password using the vncpasswd command before attempting to connect to the remote VNC server.

`/etc/sysconfig/xinetd`

The /etc/sysconfig/xinetd file is used to pass arguments to the xinetd daemon at boot time. The xinetd daemon starts programs that provide Internet services when a request to the port for that service is received. For more information about available parameters for this file, refer to the xinetd man page. For more information on the xinetd service, refer to "xinetd".