Difference between revisions of "Sysctl"
(Created page with "== Sysctl == Sysctl is a representation of the kernel parameters that are editable at runtime. It consists of two parts - a binary, and a config tree. You can view sysctl fie...") |
(No difference)
|
Revision as of 09:51, 22 January 2018
Sysctl
Sysctl is a representation of the kernel parameters that are editable at runtime. It consists of two parts - a binary, and a config tree. You can view sysctl fields at any time with:
sysctl -a
And update them live with:
sysctl -w [entry] [setting]
Actually, this is all parallel to the /proc/sys virtual filesystem. You can access the same entries in a more UNIX-y fashion by accessing the files contained within, for example:
net.ipv4.ip_forward
is accessible also as:
/proc/sys/net/ipv4/ip_forward
sysctl.conf
In most distributions sysctl loads, in order,
/etc/sysctl.d/* /etc/sysctl.conf
So anything in /etc/sysctl.conf overrides /etc/sysctl.d.
On WUR managed servers, Puppet controls /etc/sysctl.conf and only fills it with hard, security-related sysctl entries. it also fills /etc/sysctl.d/00-wur-defaults.conf with some overridable defaults that aren't security related, but make your life easier. As a superuser, you may update the contents of /etc/sysctl.d with more files (starting with numbers greater than 00!) that can override these custom for your server, and they will be used at the next reboot.
Once you've installed them, to reread the config files, simply run:
sysctl --system
One confusing caveat:
"Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored."