X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=man%2Fsysctl.d.xml;h=5a35cfe2c8441a4f6cb61e151dca31b8eb2f3008;hb=72c3897f77a7352618ea76b880a6764f52d6327b;hp=922b5c4eaa88bc86dbcb89e0eb13b7663a95c5cf;hpb=3802a3d3d7af51ddff31943d5514382f01265770;p=elogind.git
diff --git a/man/sysctl.d.xml b/man/sysctl.d.xml
index 922b5c4ea..5a35cfe2c 100644
--- a/man/sysctl.d.xml
+++ b/man/sysctl.d.xml
@@ -18,184 +18,154 @@
You should have received a copy of the GNU Lesser General Public License
along with systemd; If not, see .
-->
-
-
-
- sysctl.d
- systemd
-
-
-
- Developer
- Lennart
- Poettering
- lennart@poettering.net
-
-
-
-
-
- sysctl.d
- 5
-
-
-
- sysctl.d
- Configure kernel parameters at boot
-
-
-
- /etc/sysctl.d/*.conf
- /run/sysctl.d/*.conf
- /usr/lib/sysctl.d/*.conf
-
-
-
- Description
-
- At boot,
- systemd-sysctl.service8
- reads configuration files from the above directories
- to configure
- sysctl8
- kernel parameters.
-
-
-
- Configuration Format
-
- The configuration files contain a list of
- variable assignments, separated by newlines. Empty
- lines and lines whose first non-whitespace character
- is # or ; are
- ignored.
-
- Each configuration file shall be named in the
- style of program.conf.
- Files in /etc/ override files
- with the same name in /usr/lib/
- and /run/. Files in
- /run/ override files with the same
- name in /usr/lib/. Packages
- should install their configuration files in
- /usr/lib/. Files in
- /etc/ are reserved for the local
- administrator, who may use this logic to override the
- configuration files installed by vendor packages. All
- configuration files are sorted by their filename in
- lexicographic order, regardless of which of the
- directories they reside in. If multiple files specify the
- same variable name, the entry in the file with the
- lexicographically latest name will be applied. It is
- recommended to prefix all filenames with a two-digit
- number and a dash, to simplify the ordering of the
- files.
-
- Note that either / or
- . may be used as separators within
- sysctl variable names. If the first separator is a
- slash, remaining slashes and dots are left intact. If
- the first separator is a dot, dots and slashes are
- interchanged. kernel.domainname=foo
- and kernel/domainname=foo are
- equivalent and will cause foo to
- be written to
- /proc/sys/kernel/domainname.
- Either
- net.ipv4.conf.enp3s0/200.forwarding
- or
- net/ipv4/conf/enp3s0.200/forwarding
- may be used to refer to
- /proc/sys/net/ipv4/conf/enp3s0.200/forwarding.
-
-
- If the administrator wants to disable a
- configuration file supplied by the vendor, the
- recommended way is to place a symlink to
- /dev/null in
- /etc/sysctl.d/ bearing the
- same filename.
-
- The settings configured with
- sysctl.d files will be applied
- early on boot. The network interface-specific options
- will also be applied individually for each network
- interface as it shows up in the system. (More
- specifically,
- net.ipv4.conf.*,
- net.ipv6.conf.*,
- net.ipv4.neigh.* and net.ipv6.neigh.*).
-
- Many sysctl parameters only become available
- when certain kernel modules are loaded. Modules are
- usually loaded on demand, e.g. when certain hardware
- is plugged in or network brought up. This means that
- systemd-sysctl.service8 which runs
- during early boot will not configure such parameters
- if they become available after it has run. To
- set such parameters, it is recommended to add
- an udev7 rule to set those parameters when they become
- available. Alternatively, a slightly simpler and
- less efficient option is to add the module to
- modules-load.d5, causing it to be loaded statically
- before sysctl settings are applied (see
- example below).
-
-
-
- Examples
-
- Set kernel YP domain name
- /etc/sysctl.d/domain-name.conf:
-
-
- kernel.domainname=example.com
-
-
-
- Disable packet filter on bridged packets (method one)
- /etc/udev/rules.d/99-bridge.rules:
-
-
- ACTION=="add", SUBSYSTEM=="module", KERNEL=="bridge", RUN+="/usr/lib/systemd/systemd-sysctl --prefix=/net/bridge"
+
+
+
+ sysctl.d
+ systemd
+
+
+
+ Developer
+ Lennart
+ Poettering
+ lennart@poettering.net
+
+
+
+
+
+ sysctl.d
+ 5
+
+
+
+ sysctl.d
+ Configure kernel parameters at boot
+
+
+
+ /etc/sysctl.d/*.conf
+ /run/sysctl.d/*.conf
+ /usr/lib/sysctl.d/*.conf
+
+
+
+ Description
+
+ At boot,
+ systemd-sysctl.service8
+ reads configuration files from the above directories to configure
+ sysctl8
+ kernel parameters.
+
+
+
+ Configuration Format
+
+ The configuration files contain a list of variable
+ assignments, separated by newlines. Empty lines and lines whose
+ first non-whitespace character is # or
+ ; are ignored.
+
+ Note that either / or
+ . may be used as separators within sysctl
+ variable names. If the first separator is a slash, remaining
+ slashes and dots are left intact. If the first separator is a dot,
+ dots and slashes are interchanged.
+ kernel.domainname=foo and
+ kernel/domainname=foo are equivalent and will
+ cause foo to be written to
+ /proc/sys/kernel/domainname. Either
+ net.ipv4.conf.enp3s0/200.forwarding or
+ net/ipv4/conf/enp3s0.200/forwarding may be used
+ to refer to
+ /proc/sys/net/ipv4/conf/enp3s0.200/forwarding.
+
+
+ The settings configured with sysctl.d
+ files will be applied early on boot. The network
+ interface-specific options will also be applied individually for
+ each network interface as it shows up in the system. (More
+ specifically, net.ipv4.conf.*,
+ net.ipv6.conf.*,
+ net.ipv4.neigh.* and
+ net.ipv6.neigh.*).
+
+ Many sysctl parameters only become available when certain
+ kernel modules are loaded. Modules are usually loaded on demand,
+ e.g. when certain hardware is plugged in or network brought up.
+ This means that
+ systemd-sysctl.service8
+ which runs during early boot will not configure such parameters if
+ they become available after it has run. To set such parameters, it
+ is recommended to add an
+ udev7
+ rule to set those parameters when they become available.
+ Alternatively, a slightly simpler and less efficient option is to
+ add the module to
+ modules-load.d5,
+ causing it to be loaded statically before sysctl settings are
+ applied (see example below).
+
+
+
+
+
+ Examples
+
+ Set kernel YP domain name
+ /etc/sysctl.d/domain-name.conf:
+
+
+ kernel.domainname=example.com
+
+
+
+ Disable packet filter on bridged packets (method one)
+ /etc/udev/rules.d/99-bridge.rules:
+
+
+ ACTION=="add", SUBSYSTEM=="module", KERNEL=="bridge", RUN+="/usr/lib/systemd/systemd-sysctl --prefix=/net/bridge"
- /etc/sysctl.d/bridge.conf:
-
+ /etc/sysctl.d/bridge.conf:
+
- net.bridge.bridge-nf-call-ip6tables = 0
+ net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0
-
+
-
- Disable packet filter on bridged packets (method two)
- /etc/modules-load.d/bridge.conf:
-
+
+ Disable packet filter on bridged packets (method two)
+ /etc/modules-load.d/bridge.conf:
+
- bridge
+ bridge
- /etc/sysctl.d/bridge.conf:
-
+ /etc/sysctl.d/bridge.conf:
+
- net.bridge.bridge-nf-call-ip6tables = 0
+ net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0
-
-
-
-
- See Also
-
- systemd1,
- systemd-sysctl.service8,
- systemd-delta1,
- sysctl8,
- sysctl.conf5,
- modprobe8
-
-
+
+
+
+
+ See Also
+
+ systemd1,
+ systemd-sysctl.service8,
+ systemd-delta1,
+ sysctl8,
+ sysctl.conf5,
+ modprobe8
+
+