Red Hat Summit Red Hat SummitSupportConsoleDevelopersStart a trialContact

Appendix D. The sysconfig Directory

This appendix outlines some of the files and directories found in the /etc/sysconfig/ directory, their function, and their contents. The information in this appendix is not intended to be complete, as many of these files have a variety of options that are only used in very specific or rare circumstances.

Note

The actual content of your /etc/sysconfig/ directory depends on the programs you have installed on your machine. To find the name of the package the configuration file belongs to, type the following at a shell prompt: 
~]$ yum provides /etc/sysconfig/filename
Copy to Clipboard
See Section 8.2.4, “Installing Packages” for more information on how to install new packages in Red Hat Enterprise Linux.

D.1. Files in the /etc/sysconfig/ Directory

The following sections offer descriptions of files normally found in the /etc/sysconfig/ directory.

D.1.1. /etc/sysconfig/arpwatch

The /etc/sysconfig/arpwatch file is used to pass arguments to the arpwatch daemon at boot time. By default, it contains the following option:
OPTIONS=value
Additional options to be passed to the arpwatch daemon. For example: 
OPTIONS="-u arpwatch -e root -s 'root (Arpwatch)'"
Copy to Clipboard

D.1.2. /etc/sysconfig/authconfig

The /etc/sysconfig/authconfig file sets the authorization to be used on the host. By default, it contains the following options:
USEMKHOMEDIR=boolean
A Boolean to enable (yes) or disable (no) creating a home directory for a user on the first login. For example: 
USEMKHOMEDIR=no
Copy to Clipboard
USEPAMACCESS=boolean
A Boolean to enable (yes) or disable (no) the PAM authentication. For example: 
USEPAMACCESS=no
Copy to Clipboard
USESSSDAUTH=boolean
A Boolean to enable (yes) or disable (no) the SSSD authentication. For example: 
USESSSDAUTH=no
Copy to Clipboard
USESHADOW=boolean
A Boolean to enable (yes) or disable (no) shadow passwords. For example: 
USESHADOW=yes
Copy to Clipboard
USEWINBIND=boolean
A Boolean to enable (yes) or disable (no) using Winbind for user account configuration. For example: 
USEWINBIND=no
Copy to Clipboard
USEDB=boolean
A Boolean to enable (yes) or disable (no) the FAS authentication. For example: 
USEDB=no
Copy to Clipboard
USEFPRINTD=boolean
A Boolean to enable (yes) or disable (no) the fingerprint authentication. For example: 
USEFPRINTD=yes
Copy to Clipboard
FORCESMARTCARD=boolean
A Boolean to enable (yes) or disable (no) enforcing the smart card authentication. For example: 
FORCESMARTCARD=no
Copy to Clipboard
PASSWDALGORITHM=value
The password algorithm. The value can be bigcrypt, descrypt, md5, sha256, or sha512. For example: 
PASSWDALGORITHM=sha512
Copy to Clipboard
USELDAPAUTH=boolean
A Boolean to enable (yes) or disable (no) the LDAP authentication. For example: 
USELDAPAUTH=no
Copy to Clipboard
USELOCAUTHORIZE=boolean
A Boolean to enable (yes) or disable (no) the local authorization for local users. For example: 
USELOCAUTHORIZE=yes
Copy to Clipboard
USECRACKLIB=boolean
A Boolean to enable (yes) or disable (no) using the CrackLib. For example: 
USECRACKLIB=yes
Copy to Clipboard
USEWINBINDAUTH=boolean
A Boolean to enable (yes) or disable (no) the Winbind authentication. For example: 
USEWINBINDAUTH=no
Copy to Clipboard
USESMARTCARD=boolean
A Boolean to enable (yes) or disable (no) the smart card authentication. For example: 
USESMARTCARD=no
Copy to Clipboard
USELDAP=boolean
A Boolean to enable (yes) or disable (no) using LDAP for user account configuration. For example: 
USELDAP=no
Copy to Clipboard
USENIS=boolean
A Boolean to enable (yes) or disable (no) using NIS for user account configuration. For example: 
USENIS=no
Copy to Clipboard
USEKERBEROS=boolean
A Boolean to enable (yes) or disable (no) the Kerberos authentication. For example: 
USEKERBEROS=no
Copy to Clipboard
USESYSNETAUTH=boolean
A Boolean to enable (yes) or disable (no) authenticating system accounts with network services. For example: 
USESYSNETAUTH=no
Copy to Clipboard
USESMBAUTH=boolean
A Boolean to enable (yes) or disable (no) the SMB authentication. For example: 
USESMBAUTH=no
Copy to Clipboard
USESSSD=boolean
A Boolean to enable (yes) or disable (no) using SSSD for obtaining user information. For example: 
USESSSD=no
Copy to Clipboard
USEHESIOD=boolean
A Boolean to enable (yes) or disable (no) using the Hesoid name service. For example: 
USEHESIOD=no
Copy to Clipboard
See Chapter 13, Configuring Authentication for more information on this topic.

D.1.3. /etc/sysconfig/autofs

The /etc/sysconfig/autofs file defines custom options for the automatic mounting of devices. This file controls the operation of the automount daemons, which automatically mount file systems when you use them and unmount them after a period of inactivity. File systems can include network file systems, CD-ROM drives, diskettes, and other media.
By default, it contains the following options:
MASTER_MAP_NAME=value
The default name for the master map. For example: 
MASTER_MAP_NAME="auto.master"
Copy to Clipboard
TIMEOUT=value
The default mount timeout. For example: 
TIMEOUT=300
Copy to Clipboard
NEGATIVE_TIMEOUT=value
The default negative timeout for unsuccessful mount attempts. For example: 
NEGATIVE_TIMEOUT=60
Copy to Clipboard
MOUNT_WAIT=value
The time to wait for a response from mount. For example: 
MOUNT_WAIT=-1
Copy to Clipboard
UMOUNT_WAIT=value
The time to wait for a response from umount. For example: 
UMOUNT_WAIT=12
Copy to Clipboard
BROWSE_MODE=boolean
A Boolean to enable (yes) or disable (no) browsing the maps. For example: 
BROWSE_MODE="no"
Copy to Clipboard
MOUNT_NFS_DEFAULT_PROTOCOL=value
The default protocol to be used by mount.nfs. For example: 
MOUNT_NFS_DEFAULT_PROTOCOL=4
Copy to Clipboard
APPEND_OPTIONS=boolean
A Boolean to enable (yes) or disable (no) appending the global options instead of replacing them. For example: 
APPEND_OPTIONS="yes"
Copy to Clipboard
LOGGING=value
The default logging level. The value has to be either none, verbose, or debug. For example: 
LOGGING="none"
Copy to Clipboard
LDAP_URI=value
A space-separated list of server URIs in the form of protocol://server. For example: 
LDAP_URI="ldaps://ldap.example.com/"
Copy to Clipboard
LDAP_TIMEOUT=value
The synchronous API calls timeout. For example: 
LDAP_TIMEOUT=-1
Copy to Clipboard
LDAP_NETWORK_TIMEOUT=value
The network response timeout. For example: 
LDAP_NETWORK_TIMEOUT=8
Copy to Clipboard
SEARCH_BASE=value
The base Distinguished Name (DN) for the map search. For example: 
SEARCH_BASE=""
Copy to Clipboard
AUTH_CONF_FILE=value
The default location of the SASL authentication configuration file. For example: 
AUTH_CONF_FILE="/etc/autofs_ldap_auth.conf"
Copy to Clipboard
MAP_HASH_TABLE_SIZE=value
The hash table size for the map cache. For example: 
MAP_HASH_TABLE_SIZE=1024
Copy to Clipboard
USE_MISC_DEVICE=boolean
A Boolean to enable (yes) or disable (no) using the autofs miscellaneous device. For example: 
USE_MISC_DEVICE="yes"
Copy to Clipboard
OPTIONS=value
Additional options to be passed to the LDAP daemon. For example: 
OPTIONS=""
Copy to Clipboard

D.1.4. /etc/sysconfig/clock

The /etc/sysconfig/clock file controls the interpretation of values read from the system hardware clock. It is used by the Date/Time Properties tool, and should not be edited by hand. By default, it contains the following option:
ZONE=value
The time zone file under /usr/share/zoneinfo that /etc/localtime is a copy of. For example: 
ZONE="Europe/Prague"
Copy to Clipboard
See Section 2.1, “Date/Time Properties Tool” for more information on the Date/Time Properties tool and its usage.

D.1.5. /etc/sysconfig/dhcpd

The /etc/sysconfig/dhcpd file is used to pass arguments to the dhcpd daemon at boot time. By default, it contains the following options:
DHCPDARGS=value
Additional options to be passed to the dhcpd daemon. For example: 
DHCPDARGS=
Copy to Clipboard
See Chapter 16, DHCP Servers for more information on DHCP and its usage.

D.1.6. /etc/sysconfig/firstboot

The /etc/sysconfig/firstboot file defines whether to run the firstboot utility. By default, it contains the following option:
RUN_FIRSTBOOT=boolean
A Boolean to enable (YES) or disable (NO) running the firstboot program. For example: 
RUN_FIRSTBOOT=NO
Copy to Clipboard
The first time the system boots, the init program calls the /etc/rc.d/init.d/firstboot script, which looks for the /etc/sysconfig/firstboot file. If this file does not contain the RUN_FIRSTBOOT=NO option, the firstboot program is run, guiding a user through the initial configuration of the system.

Note

To start the firstboot program the next time the system boots, change the value of RUN_FIRSTBOOT option to YES, and type the following at a shell prompt: 
~]# chkconfig firstboot on
Copy to Clipboard

D.1.7. /etc/sysconfig/i18n

The /etc/sysconfig/i18n configuration file defines the default language, any supported languages, and the default system font. By default, it contains the following options:
LANG=value
The default language. For example: 
LANG="en_US.UTF-8"
Copy to Clipboard
SUPPORTED=value
A colon-separated list of supported languages. For example: 
SUPPORTED="en_US.UTF-8:en_US:en"
Copy to Clipboard
SYSFONT=value
The default system font. For example: 
SYSFONT="latarcyrheb-sun16"
Copy to Clipboard

D.1.8. /etc/sysconfig/init

The /etc/sysconfig/init file controls how the system appears and functions during the boot process. By default, it contains the following options:
BOOTUP=value
The bootup style. The value has to be either color (the standard color boot display), verbose (an old style display which provides more information), or anything else for the new style display, but without ANSI formatting. For example: 
BOOTUP=color
Copy to Clipboard
RES_COL=value
The number of the column in which the status labels start. For example: 
RES_COL=60
Copy to Clipboard
MOVE_TO_COL=value
The terminal sequence to move the cursor to the column specified in RES_COL (see above). For example: 
MOVE_TO_COL="echo -en \\033[${RES_COL}G"
Copy to Clipboard
SETCOLOR_SUCCESS=value
The terminal sequence to set the success color. For example: 
SETCOLOR_SUCCESS="echo -en \\033[0;32m"
Copy to Clipboard
SETCOLOR_FAILURE=value
The terminal sequence to set the failure color. For example: 
SETCOLOR_FAILURE="echo -en \\033[0;31m"
Copy to Clipboard
SETCOLOR_WARNING=value
The terminal sequence to set the warning color. For example: 
SETCOLOR_WARNING="echo -en \\033[0;33m"
Copy to Clipboard
SETCOLOR_NORMAL=value
The terminal sequence to set the default color. For example: 
SETCOLOR_NORMAL="echo -en \\033[0;39m"
Copy to Clipboard
LOGLEVEL=value
The initial console logging level. The value has to be in the range from 1 (kernel panics only) to 8 (everything, including the debugging information). For example: 
LOGLEVEL=3
Copy to Clipboard
PROMPT=boolean
A Boolean to enable (yes) or disable (no) the hotkey interactive startup. For example: 
PROMPT=yes
Copy to Clipboard
AUTOSWAP=boolean
A Boolean to enable (yes) or disable (no) probing for devices with swap signatures. For example: 
AUTOSWAP=no
Copy to Clipboard
ACTIVE_CONSOLES=value
The list of active consoles. For example: 
ACTIVE_CONSOLES=/dev/tty[1-6]
Copy to Clipboard
SINGLE=value
The single-user mode type. The value has to be either /sbin/sulogin (a user will be prompted for a password to log in), or /sbin/sushell (the user will be logged in directly). For example: 
SINGLE=/sbin/sushell
Copy to Clipboard

D.1.9. /etc/sysconfig/ip6tables-config

The /etc/sysconfig/ip6tables-config file stores information used by the kernel to set up IPv6 packet filtering at boot time or whenever the ip6tables service is started. Note that you should not modify it unless you are familiar with ip6tables rules. By default, it contains the following options:
IP6TABLES_MODULES=value
A space-separated list of helpers to be loaded after the firewall rules are applied. For example: 
IP6TABLES_MODULES="ip_nat_ftp ip_nat_irc"
Copy to Clipboard
IP6TABLES_MODULES_UNLOAD=boolean
A Boolean to enable (yes) or disable (no) module unloading when the firewall is stopped or restarted. For example: 
IP6TABLES_MODULES_UNLOAD="yes"
Copy to Clipboard
IP6TABLES_SAVE_ON_STOP=boolean
A Boolean to enable (yes) or disable (no) saving the current firewall rules when the firewall is stopped. For example: 
IP6TABLES_SAVE_ON_STOP="no"
Copy to Clipboard
IP6TABLES_SAVE_ON_RESTART=boolean
A Boolean to enable (yes) or disable (no) saving the current firewall rules when the firewall is restarted. For example: 
IP6TABLES_SAVE_ON_RESTART="no"
Copy to Clipboard
IP6TABLES_SAVE_COUNTER=boolean
A Boolean to enable (yes) or disable (no) saving the rule and chain counters. For example: 
IP6TABLES_SAVE_COUNTER="no"
Copy to Clipboard
IP6TABLES_STATUS_NUMERIC=boolean
A Boolean to enable (yes) or disable (no) printing IP addresses and port numbers in a numeric format in the status output. For example: 
IP6TABLES_STATUS_NUMERIC="yes"
Copy to Clipboard
IP6TABLES_STATUS_VERBOSE=boolean
A Boolean to enable (yes) or disable (no) printing information about the number of packets and bytes in the status output. For example: 
IP6TABLES_STATUS_VERBOSE="no"
Copy to Clipboard
IP6TABLES_STATUS_LINENUMBERS=boolean
A Boolean to enable (yes) or disable (no) printing line numbers in the status output. For example: 
IP6TABLES_STATUS_LINENUMBERS="yes"
Copy to Clipboard

Note

You can create the rules manually using the ip6tables command. Once created, type the following at a shell prompt: 
~]# service ip6tables save
Copy to Clipboard
This will add the rules to /etc/sysconfig/ip6tables. Once this file exists, any firewall rules saved in it persist through a system reboot or a service restart.

D.1.10. /etc/sysconfig/kernel

The /etc/sysconfig/kernel configuration file controls the kernel selection at boot by using these two options:
UPDATEDEFAULT=yes
This option makes a newly installed kernel as the default in the boot entry selection.
DEFAULTKERNEL=kernel
This option specifies what package type will be used as the default.

D.1.10.1. Keeping an old kernel version as the default

To keep an old kernel version as the default in the boot entry selection:
  • Comment out the UPDATEDEFAULT option in /etc/sysconfig/kernel as follows: 
                                # UPDATEDEFAULT=yes
    Copy to Clipboard

D.1.10.2. Setting a kernel debugger as the default kernel

To set kernel debugger as the default kernel in boot entry selection:
  • Edit the /etc/sysconfig/kernel configuration file as follows: 
                                DEFAULTKERNEL=kernel-debug
    Copy to Clipboard

D.1.11. /etc/sysconfig/keyboard

The /etc/sysconfig/keyboard file controls the behavior of the keyboard. By default, it contains the following options:
KEYTABLE=value
The name of a keytable file. The files that can be used as keytables start in the /lib/kbd/keymaps/i386/ directory, and branch into different keyboard layouts from there, all labeled value.kmap.gz. The first file name that matches the KEYTABLE setting is used. For example: 
KEYTABLE="us"
Copy to Clipboard
MODEL=value
The keyboard model. For example: 
MODEL="pc105+inet"
Copy to Clipboard
LAYOUT=value
The keyboard layout. For example: 
LAYOUT="us"
Copy to Clipboard
KEYBOARDTYPE=value
The keyboard type. Allowed values are pc (a PS/2 keyboard), or sun (a Sun keyboard). For example: 
KEYBOARDTYPE="pc"
Copy to Clipboard

D.1.12. /etc/sysconfig/ldap

The /etc/sysconfig/ldap file holds the basic configuration for the LDAP server. By default, it contains the following options:
SLAPD_OPTIONS=value
Additional options to be passed to the slapd daemon. For example: 
SLAPD_OPTIONS="-4"
Copy to Clipboard
SLURPD_OPTIONS=value
Additional options to be passed to the slurpd daemon. For example: 
SLURPD_OPTIONS=""
Copy to Clipboard
SLAPD_LDAP=boolean
A Boolean to enable (yes) or disable (no) using the LDAP over TCP (that is, ldap:///). For example: 
SLAPD_LDAP="yes"
Copy to Clipboard
SLAPD_LDAPI=boolean
A Boolean to enable (yes) or disable (no) using the LDAP over IPC (that is, ldapi:///). For example: 
SLAPD_LDAPI="no"
Copy to Clipboard
SLAPD_LDAPS=boolean
A Boolean to enable (yes) or disable (no) using the LDAP over TLS (that is, ldaps:///). For example: 
SLAPD_LDAPS="no"
Copy to Clipboard
SLAPD_URLS=value
A space-separated list of URLs. For example: 
SLAPD_URLS="ldapi:///var/lib/ldap_root/ldapi ldapi:/// ldaps:///"
Copy to Clipboard
SLAPD_SHUTDOWN_TIMEOUT=value
The time to wait for slapd to shut down. For example: 
SLAPD_SHUTDOWN_TIMEOUT=3
Copy to Clipboard
SLAPD_ULIMIT_SETTINGS=value
The parameters to be passed to ulimit before the slapd daemon is started. For example: 
SLAPD_ULIMIT_SETTINGS=""
Copy to Clipboard
See Section 20.1, “OpenLDAP” for more information on LDAP and its configuration.

D.1.13. /etc/sysconfig/named

The /etc/sysconfig/named file is used to pass arguments to the named daemon at boot time. By default, it contains the following options:
ROOTDIR=value
The chroot environment under which the named daemon runs. The value has to be a full directory path. For example: 
ROOTDIR="/var/named/chroot"
Copy to Clipboard
Note that the chroot environment has to be configured first (type info chroot at a shell prompt for more information).
OPTIONS=value
Additional options to be passed to named. For example: 
OPTIONS="-6"
Copy to Clipboard
Note that you should not use the -t option. Instead, use ROOTDIR as described above.
KEYTAB_FILE=value
The keytab file name. For example: 
KEYTAB_FILE="/etc/named.keytab"
Copy to Clipboard
See Section 17.2, “BIND” for more information on the BIND DNS server and its configuration.

D.1.14. /etc/sysconfig/network

The /etc/sysconfig/network file is used to specify information about the desired network configuration. By default, it contains the following options:
NETWORKING=boolean
A Boolean to enable (yes) or disable (no) networking. For example: 
NETWORKING=yes
Copy to Clipboard
HOSTNAME=value
The host name of the machine. For example: 
HOSTNAME=penguin.example.com
Copy to Clipboard
The file may also contain some of the following options:
GATEWAY=value
The IP address of the network's gateway. For example: 
GATEWAY=192.168.1.1
Copy to Clipboard
This is used as the default gateway when there is no GATEWAY directive in an interface's ifcfg file.
NM_BOND_VLAN_ENABLED=boolean
A Boolean to allow (yes) or disallow (no) the NetworkManager application from detecting and managing bonding, bridging, and VLAN interfaces. For example: 
NM_BOND_VLAN_ENABLED=yes
Copy to Clipboard
The NM_CONTROLLED directive is dependent on this option.

Note

If you want to completely disable IPv6, you should add these lines to /etc/sysctl.conf: 
net.ipv6.conf.all.disable_ipv6=1
Copy to Clipboard 
net.ipv6.conf.default.disable_ipv6=1
Copy to Clipboard
In addition, adding ipv6.disable=1 to the kernel command line will disable the kernel module net-pf-10 which implements IPv6.

Warning

Do not use custom init scripts to configure network settings. When performing a post-boot network service restart, custom init scripts configuring network settings that are run outside of the network init script lead to unpredictable results.

D.1.15. /etc/sysconfig/ntpd

The /etc/sysconfig/ntpd file is used to pass arguments to the ntpd daemon at boot time. By default, it contains the following option:
OPTIONS=value
Additional options to be passed to ntpd. For example: 
OPTIONS="-u ntp:ntp -p /var/run/ntpd.pid -g"
Copy to Clipboard
See Section 2.1.2, “Network Time Protocol Properties” or Section 2.2.2, “Network Time Protocol Setup” for more information on how to configure the ntpd daemon.

D.1.16. /etc/sysconfig/quagga

The /etc/sysconfig/quagga file holds the basic configuration for Quagga daemons. By default, it contains the following options:
QCONFDIR=value
The directory with the configuration files for Quagga daemons. For example: 
QCONFDIR="/etc/quagga"
Copy to Clipboard
BGPD_OPTS=value
Additional options to be passed to the bgpd daemon. For example: 
BGPD_OPTS="-A 127.0.0.1 -f ${QCONFDIR}/bgpd.conf"
Copy to Clipboard
OSPF6D_OPTS=value
Additional options to be passed to the ospf6d daemon. For example: 
OSPF6D_OPTS="-A ::1 -f ${QCONFDIR}/ospf6d.conf"
Copy to Clipboard
OSPFD_OPTS=value
Additional options to be passed to the ospfd daemon. For example: 
OSPFD_OPTS="-A 127.0.0.1 -f ${QCONFDIR}/ospfd.conf"
Copy to Clipboard
RIPD_OPTS=value
Additional options to be passed to the ripd daemon. For example: 
RIPD_OPTS="-A 127.0.0.1 -f ${QCONFDIR}/ripd.conf"
Copy to Clipboard
RIPNGD_OPTS=value
Additional options to be passed to the ripngd daemon. For example: 
RIPNGD_OPTS="-A ::1 -f ${QCONFDIR}/ripngd.conf"
Copy to Clipboard
ZEBRA_OPTS=value
Additional options to be passed to the zebra daemon. For example: 
ZEBRA_OPTS="-A 127.0.0.1 -f ${QCONFDIR}/zebra.conf"
Copy to Clipboard
ISISD_OPTS=value
Additional options to be passed to the isisd daemon. For example: 
ISISD_OPTS="-A ::1 -f ${QCONFDIR}/isisd.conf"
Copy to Clipboard
WATCH_OPTS=value
Additional options to be passed to the watchquagga daemon. For example: 
WATCH_OPTS="-Az -b_ -r/sbin/service_%s_restart -s/sbin/service_%s_start -k/sbin/service_%s_stop"
Copy to Clipboard
WATCH_DAEMONS=value
A space separated list of monitored daemons. For example: 
WATCH_DAEMONS="zebra bgpd ospfd ospf6d ripd ripngd"
Copy to Clipboard

D.1.17. /etc/sysconfig/radvd

The /etc/sysconfig/radvd file is used to pass arguments to the radvd daemon at boot time. By default, it contains the following option:
OPTIONS=value
Additional options to be passed to the radvd daemon. For example: 
OPTIONS="-u radvd"
Copy to Clipboard

D.1.18. /etc/sysconfig/samba

The /etc/sysconfig/samba file is used to pass arguments to the Samba daemons at boot time. By default, it contains the following options:
SMBDOPTIONS=value
Additional options to be passed to smbd. For example: 
SMBDOPTIONS="-D"
Copy to Clipboard
NMBDOPTIONS=value
Additional options to be passed to nmbd. For example: 
NMBDOPTIONS="-D"
Copy to Clipboard
WINBINDOPTIONS=value
Additional options to be passed to winbindd. For example: 
WINBINDOPTIONS=""
Copy to Clipboard
See Section 21.1, “Samba” for more information on Samba and its configuration.

D.1.19. /etc/sysconfig/saslauthd

The /etc/sysconfig/saslauthd file is used to control which arguments are passed to saslauthd, the SASL authentication server. By default, it contains the following options:
SOCKETDIR=value
The directory for the saslauthd's listening socket. For example: 
SOCKETDIR=/var/run/saslauthd
Copy to Clipboard
MECH=value
The authentication mechanism to use to verify user passwords. For example: 
MECH=pam
Copy to Clipboard
DAEMONOPTS=value
Options to be passed to the daemon() function that is used by the /etc/rc.d/init.d/saslauthd init script to start the saslauthd service. For example: 
DAEMONOPTS="--user saslauth"
Copy to Clipboard
FLAGS=value
Additional options to be passed to the saslauthd service. For example: 
FLAGS=
Copy to Clipboard

D.1.20. /etc/sysconfig/selinux

The /etc/sysconfig/selinux file contains the basic configuration options for SELinux. It is a symbolic link to /etc/selinux/config, and by default, it contains the following options:
SELINUX=value
The security policy. The value can be either enforcing (the security policy is always enforced), permissive (instead of enforcing the policy, appropriate warnings are displayed), or disabled (no policy is used). For example: 
SELINUX=enforcing
Copy to Clipboard
SELINUXTYPE=value
The protection type. The value can be either targeted (the targeted processes are protected), or mls (the Multi Level Security protection). For example: 
SELINUXTYPE=targeted
Copy to Clipboard

D.1.21. /etc/sysconfig/sendmail

The /etc/sysconfig/sendmail is used to set the default values for the Sendmail application. By default, it contains the following values:
DAEMON=boolean
A Boolean to enable (yes) or disable (no) running sendmail as a daemon. For example: 
DAEMON=yes
Copy to Clipboard
QUEUE=value
The interval at which the messages are to be processed. For example: 
QUEUE=1h
Copy to Clipboard
See Section 19.3.2, “Sendmail” for more information on Sendmail and its configuration.

D.1.22. /etc/sysconfig/spamassassin

The /etc/sysconfig/spamassassin file is used to pass arguments to the spamd daemon (a daemonized version of Spamassassin) at boot time. By default, it contains the following option:
SPAMDOPTIONS=value
Additional options to be passed to the spamd daemon. For example: 
SPAMDOPTIONS="-d -c -m5 -H"
Copy to Clipboard
See Section 19.4.2.6, “Spam Filters” for more information on Spamassassin and its configuration.

D.1.23. /etc/sysconfig/squid

The /etc/sysconfig/squid file is used to pass arguments to the squid daemon at boot time. By default, it contains the following options:
SQUID_OPTS=value
Additional options to be passed to the squid daemon. For example: 
SQUID_OPTS=""
Copy to Clipboard
SQUID_SHUTDOWN_TIMEOUT=value
The time to wait for squid daemon to shut down. For example: 
SQUID_SHUTDOWN_TIMEOUT=100
Copy to Clipboard
SQUID_CONF=value
The default configuration file. For example: 
SQUID_CONF="/etc/squid/squid.conf"
Copy to Clipboard

D.1.24. /etc/sysconfig/system-config-users

The /etc/sysconfig/system-config-users file is the configuration file for the User Manager utility, and should not be edited by hand. By default, it contains the following options:
FILTER=boolean
A Boolean to enable (true) or disable (false) filtering of system users. For example: 
FILTER=true
Copy to Clipboard
ASSIGN_HIGHEST_UID=boolean
A Boolean to enable (true) or disable (false) assigning the highest available UID to newly added users. For example: 
ASSIGN_HIGHEST_UID=true
Copy to Clipboard
ASSIGN_HIGHEST_GID=boolean
A Boolean to enable (true) or disable (false) assigning the highest available GID to newly added groups. For example: 
ASSIGN_HIGHEST_GID=true
Copy to Clipboard
PREFER_SAME_UID_GID=boolean
A Boolean to enable (true) or disable (false) using the same UID and GID for newly added users when possible. For example: 
PREFER_SAME_UID_GID=true
Copy to Clipboard
See Section 3.2, “Managing Users via the User Manager Application” for more information on User Manager and its usage.

D.1.25. /etc/sysconfig/vncservers

The /etc/sysconfig/vncservers file configures the way the Virtual Network Computing (VNC) server starts up. By default, it contains the following options:
VNCSERVERS=value
A list of space separated display:username pairs. For example: 
VNCSERVERS="2:myusername"
Copy to Clipboard
VNCSERVERARGS[display]=value
Additional arguments to be passed to the VNC server running on the specified display. For example: 
VNCSERVERARGS[2]="-geometry 800x600 -nolisten tcp -localhost"
Copy to Clipboard

D.1.26. /etc/sysconfig/xinetd

The /etc/sysconfig/xinetd file is used to pass arguments to the xinetd daemon at boot time. By default, it contains the following options:
EXTRAOPTIONS=value
Additional options to be passed to xinetd. For example: 
EXTRAOPTIONS=""
Copy to Clipboard
XINETD_LANG=value
The locale information to be passed to every service started by xinetd. Note that to remove locale information from the xinetd environment, you can use an empty string ("") or none. For example: 
XINETD_LANG="en_US"
Copy to Clipboard
See Chapter 12, Services and Daemons for more information on how to configure the xinetd services.
Back to top
Red Hat logoGithubredditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust. Explore our recent updates.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

Theme

© 2025 Red Hat