Darwin Open Systems: OpenBSD: Administration Functionality

Warning: the OpenBSD man pages are very good! This is stated as a warning for those from certain other UNIX-like systems where man pages are a bottom priority. The OpenBSD developers' passion for completeness and accuracy shows in many facets of the system, including the man pages.

New administrators are particularly admonished to read the man page afterboot early on in your days as an OpenBSD administrator.

Also, remember to peruse the Frequently Asked Questions, since new administrators almost all ask the same questions.

Please use the mailing lists as a last resort, after consulting the man pages (perhaps aided and abetted by the table below), and RTFM (Read The FAQ, man).

This web page is copyright (c) 2000 by Ian F. Darwin. It may be printed or referred to for use in learning or using OpenBSD. It may not be copied for use with operating systems other than OpenBSD.

The following table is being reorganized to have separate columns for programs and config files; for now, take with grain of salt.
ServiceProgramEnable/Disable inConfig FileReloadNotes
Add useradduser(8)-/etc/adduser.conf-Interactive; useradd batch
AFS (Andrew File System)-rc.confafs=YES/etc/afs?-
AMD (Auto Mount Daemon)amd(8)rc.confamd=YES
Apachesee httpd
APM (APM daemon,
for notebooks and ATX PCs)
apmd(8)rc.conf
backupsdump(8), restore(8)---See also amanda in ports/packages
biff servicecomsat(8)inetd.conf-HUP inetd
BINDsee named
bootparamdbootparamd(8)rc.conf
bootpsbootps(8)inetd.conf?HUP inetd
CCD (Concat. Disk)-rc.conf/etc/ccd.conf
chargeninetd internalinetd.conf-HUP inetd
console loginsee tty login---Switch with CTRL/ALT/F[1-8]
daytime serviceinetd internalinetd.conf-HUP inetd
DHCP serverdhcpd(8)rc.confdhcpd.conf + dhcpd.interfaceHUP dhcpd
DHCP, clientdhclient(8)-/etc/dhclient.conf
discard serviceinetd internalinetd.conf-HUP inetd
DNSsee named
dns resolvernamed(8)/etc/resolv.conf/etc/resolv.conf
domain, settingdomainname-/etc/defaultdomain
echo serverinetd internalinetd.conf-HUP inetd
finger serverfingerd(8)inetd.conf-HUP inetd
firewallsee ip filtering
ftp, anonymoussee ftpd(8)
ftpdftpd(8)inetd.conf/rc.confvarious
Games, daytime limitations/usr/games/etc/dm.conf-
gatedgated(8)rc.confgated=YES
hostname, settinghostname(8)/etc/myname-hostname command
httpdhttpd(8)rc.conf/var/www/conf/apachectl restartApache 1.3.12
identdidentd(8)rc.conf or inetd.conf
IDS (Intrusion Detection)---See ports/net/{snort,nfr, ...}
inetdinetd(8)rc.confinetd.confHUP inetd
IP addressifconfig/etc/hostname.xxyifconfigMin. format: inet 192.168.1.44
IP aliasesifconfig/etc/ifaliasesifconfig alias
IP masqueradingSee NAT
ipfilteripfilter(8)rc.confipf.rulesrun itKernel option and sysctl.conf
IPMON logging-rc.conf
ipnatsee NAT
IPV6-rc.confvarious, and kernel config
isakmp key exchangeisakmpdrc.conf?
kauthkauthdinetd.conf-HUP inetd
kerberos serverkerbd?rc.conf?HUP inetdSee 'info kth-krb'
kernel configurationconfig(8)--config;make;rebootconfig(8)
kloginklogininetd.conf-HUP inetd
ksh (Korn shell)/bin/kshpdksh in base --See /usr/ports/shells after 2.7
kshell(Kerberos rsh)kshelld-inetd.confHUP inetd
kx (Kerberos X11)kxdinetd.conf-HUP inetd
lpdlpdrc.confprintcaplpcSee also ports/printing/lptng
mail transport, map names to commands--/etc/mailer.conf
man, sections, orderingman(1)-/etc/man.conf
mopd (DEC boot)mopd(8)rc.conf?
Multicast routingmrouted(8)rc.conf-- See also netstart
namednamed(8)rc.conf/var/named/namedb/*HUP named
NATipnat(8)rc.confipnat.rulesre-run itNeed ipfilter and sysctl.conf and kernel option; see man ipnat(8)
network addresssee IP address
network address translationsee NAT
network time protocolsee xntpd
NFS client-rc.conf fstabre-mountalso yp_init
NFS lockdlockd(8)rc.conf
nfs servermountd(8)rc.conf/etc/exportsHUP mountdalso yp_init
NISsee YP
nsswitch.conf-/etc/resolv.conf-Only "lookup"; see resolv.conf(5)
ntalkntalkd(8)inetd.conf-HUP inetd
NTPsee xntpd
Oakley key exchangesee iskamp
passwd commandpasswd(1)-/etc/passwd.conf-Multiple encryption algorithms
passwd file editvipw(8)---Edits master.passwd (extra fields, see master.passwd(5))
perlperl(1)---Included with base system
photuris key exchangephoturisd(8)rc.conf/etc/photuris/
PHP----Add from ports/packages /usr/ports/www/PHP3
POP3----Add from ports/packages /usr/ports/mail/?
printingsee lpd
python- /usr/ports/lang/pythonAdd from ports/packages
quotas-rc.conf-edquota each f/sys
quote of the day service-inetd.conf-HUP inetd
RARPrarpd(8)rc.conf/etc/ethers-
rbootdrbootd(8)rc.conf/etc/rbootd.conf
rexec-inetd.confHUP inetd
rlogin-inetd.confHUP inetd
root, becomesudo(8)-/etc/sudoerssudo or su
route, defaultroute(8)-/etc/defaultrouteroute add default-
routedrouted-rc.conf
RPCportmap(8)rc.conf /etc/rpcrestart portmapneeded for NFS, NIS, rusers, ...
rquotadinetd.confedquota in each filesystemHUP inetd
rshrshd(8)inetd.conf-HUP inetd
rstatdrstatd(8)inetd.conf-HUP inetd
rusersdrpc.rusersdinetd.conf-HUP inetd
rwho servicerwhodrc.conf-HUP inetd
sendmailsendmail(8)rc.conf/etc/mail/sendmail.cfHUP sendmail
shared libs, adding directoryrc.confshlib_dirs=
smtpfwddsmtpfwdd(8)rc.conf--And smtpd in inetd.conf
spraydsprayd(8)inetd.conf--HUP inetd
SSH servicesshd(8)rc.conf
syslog, message filing/etc/syslog.conf
syslog, rotation/etc/newsyslog.conf
system options-Kernel config, and /etc/sysctl.conf
Talk servicesee ntalkd
TCP options--/etc/sysctl.confsysctl -w
telnetdinetd.confHUP inetd
tftp servertftpd(8)inetd.confHUP inetd
time server, newSee xntpd
time server, oldSee timed
tty login/usr/libexec/getty-/etc/ttys-Set "insecure" to refuse root login, use sudo
user-see also passwd file
uucpdinetd.confHUP inetd
VPN-See vpn(8), isakmpd, photuris, ipsecadm
walld/usr/libexec/rpc.rwalldinetd.conf-HUP inetdportmap=yes in rc.conf
web serversee httpd
XDMrc.conf---maybe disable getty in ttys
xntp/usr/local/sbin/xntpdrc.conf/etc/ntp.confHUP xntpdInstall xntpd port/package
YP system/usr/sbin/ypinit--To disable, rm -r /var/yp/binding