Hi,
Currently, values set in /etc/sysctl.conf are set on boot when sysctl -p -e is called. This happens in /etc/network. Of course, setting values for kernel modules not loaded at that point has no effect.
This caught me out recently, as I tried to set a value for one of the conntrack modules. Because the relevant module wasn't loaded until shorewall started on my system, and because shorewall is started after the network, the setting didn't do anything. The way I fixed it is by adding sysctl -e -p to rc.local, so that it is ran after all the other init scripts. However, I could see that this approach might be unwise since the nfs script uses sysctl to change some values, and potentially that could be undone by bad settings in sysctl.conf.
My question then is: should there not be a service that runs sysctl on boot, as the last thing before rc.local? I have seen this on other distributions. This would make the following statement true: If you want to make a change to /proc/sys persistent across reboots, then add it to /etc/sysctl.conf. It currently isn't always true due to the timing of systl being run, but that statement is, for many, expected behaviour.
Thoughts?
Jonathan.
On 29/09/2007, Jonathan Underwood jonathan.underwood@gmail.com wrote:
Hi,
Currently, values set in /etc/sysctl.conf are set on boot when sysctl -p -e is called. This happens in /etc/network. Of course, setting
er, that should be /etc/init.d/network.
On Sat, Sep 29, 2007 at 11:48:25PM +0100, Jonathan Underwood wrote:
Currently, values set in /etc/sysctl.conf are set on boot when sysctl -p -e is called. This happens in /etc/network. Of course, setting values for kernel modules not loaded at that point has no effect.
FWIW: It is also called in an earlier stage, in rc.sysinit. Of course, this doesn't solve your complaint...
On 01/10/2007, Bill Nottingham notting@redhat.com wrote:
Jonathan Underwood (jonathan.underwood@gmail.com) said:
Thoughts?
As modules could be loaded at any time, it would seem the most correct way would be to do it via a modprobe.d or udev rule.
I see your point. But, taken to it's logical conclusion, we'd scrap sysctl.conf completely.
Actually, that would be the right thing to do - it's currently a badly defined ad hock kludge.
I presume this issue will be shaken out during the initscripts reworking and NetworkManager revisions in any case.
J.
(In stereo :)
On Mon, Oct 01, 2007 at 11:26:54PM +0100, Jonathan Underwood wrote:
On 01/10/2007, Bill Nottingham notting@redhat.com wrote:
Jonathan Underwood (jonathan.underwood@gmail.com) said:
Thoughts?
As modules could be loaded at any time, it would seem the most correct way would be to do it via a modprobe.d or udev rule.
I see your point. But, taken to it's logical conclusion, we'd scrap sysctl.conf completely.
Actually, that would be the right thing to do - it's currently a badly defined ad hock kludge.
How many modules export sysctls instead of module parameters?
Matt Domsch wrote:
How many modules export sysctls instead of module parameters?
Those are not really exported in a special way for sysctl. They are simply proc nodes (files) under /proc/sys, and a *lot* of modules put stuff in there for runtime configuration. I have 615 files in there on this laptop.
/Thomas
On 02/10/2007, Thomas M Steenholdt tmus@tmus.dk wrote:
Matt Domsch wrote:
How many modules export sysctls instead of module parameters?
Those are not really exported in a special way for sysctl. They are simply proc nodes (files) under /proc/sys, and a *lot* of modules put stuff in there for runtime configuration. I have 615 files in there on this laptop.
I could be wrong, but I don't think anything exports a seetting that is only changeable with sysctl that is not also changeable by echo'ing to a file under /proc/sys - sysctl seems rather obsolete in this respect.
Hi.
On Tue, 2 Oct 2007 10:27:10 +0100, Jonathan Underwood wrote:
I could be wrong, but I don't think anything exports a seetting that is only changeable with sysctl that is not also changeable by echo'ing to a file under /proc/sys - sysctl seems rather obsolete in this respect.
Personally, I prefer sysctl for that. Works better with sudo.
Ralf Ertzinger wrote:
Hi.
On Tue, 2 Oct 2007 10:27:10 +0100, Jonathan Underwood wrote:
I could be wrong, but I don't think anything exports a seetting that is only changeable with sysctl that is not also changeable by echo'ing to a file under /proc/sys - sysctl seems rather obsolete in this respect.
Personally, I prefer sysctl for that. Works better with sudo.
I agree that sysctl (or a similar tool - i'm not religious in this area) is probably wanted, albeit not required on a system. Like I stated somewhere else, sysctl "only" modifies things in /proc/sys that you could easili do with something else. There is nothing that you can do with sysctl that you can't do with echo, cat and find. Apart from having a simple way to set a lot of different values in one go.
/Thomas
/Thomas
Jonathan Underwood wrote:
On 01/10/2007, Bill Nottingham notting@redhat.com wrote:
Jonathan Underwood (jonathan.underwood@gmail.com) said:
Thoughts?
As modules could be loaded at any time, it would seem the most correct way would be to do it via a modprobe.d or udev rule.
I see your point. But, taken to it's logical conclusion, we'd scrap sysctl.conf completely.
Actually, that would be the right thing to do - it's currently a badly defined ad hock kludge.
I presume this issue will be shaken out during the initscripts reworking and NetworkManager revisions in any case.
As discussed in the bug https://bugzilla.redhat.com/show_bug.cgi?id=312481 , we might be able to solve this in a good way, with a few updated tools. I'll outline the thoughts here and let everybody join the discussion...
What Jonathan and I discussed, was the possibility of having the module loading mechanism (modprobe) figure out what proc nodes a newly loaded module provides and selectively, apply settings to those nodes only.
That would make it possible to have a single, system-wide sysctl.conf file with settings for all sorts of modules, and we would no longer need to worry, that perhaps our modules isn't loaded when the settings are applied etc. Also, it makes sure that manually applied settings are not touched. See the following sniplet from the bugzilla discussion for an example:
-- snip -- My system is configured with net.ipv4.ip_forward = 0... But I'm plying with routing so I did an echo -n 1 >/proc/sys/net/ipv4/ip_forward to enable forwarding. Now I plug in my USB disk and modules gets loaded. It's really important that ip_forward is still "1" at this point -- snap --
This should work for boot, randomly loading and unloading modules, manually changing /proc/sys settings at runtime etc.
Perhaps the heuristic needs to be: when loading a module, modprobe should (using sysctl or otherwise) look at sysctl.conf and set any values for entries created by the loading of this module, and disregard all others. sysctl -p would then serve the purpose of resetting all values to those in sysctl.conf, if needed by the user.
/Thomas (with random exempts from the BZ dialog with Jonathan Underwood)
-
Bill Nottingham -
Jonathan Underwood -
Jos Vos -
Matt Domsch -
Ralf Ertzinger -
Thomas M Steenholdt