does /etc/sysctl.d/ really obeyed and does really override /etc/sysctl.conf

Lennart Poettering mzerqung at
Fri Mar 16 13:28:07 UTC 2012

On Fri, 16.03.12 14:54, Muayyad AlSadi (alsadi at wrote:

> but this does not make sense
> the idea behind all .d is to allow packages to provide default (either
> kernel defaults or distro defaults)
> because the other choice is to use %post and sed

> eg. let's say I made a firewall package that needs to enable
> forwarding, it would put it in a sysctl.d

If a package places a sysctl file in /etc/sysctl.d/ then you can
override it with /etc/sysctl.conf, hence everything is as it should, no?
This whole logic is designed so that the admin's configuration always
takes precedence over vendor configuration. Which is the right thing to

That said, note that it's probably a good idea if packages stick their
sysctl files in /usr/lib/sysctl.d instead, so that that users can use
/etc/sysctl.d/ to override that. /etc/sysctl.conf is read mostly for
compatibility reasons only.


Lennart Poettering - Red Hat, Inc.

More information about the devel mailing list