In this post we’ll look at changing kernel parameters both at runtime and at boot. Such changes can be made with the sysctl command or by inputting values in different files inside /proc/sys
Let’s see a sample /proc/sys folder, which can differ between systems:
1 2 |
|
The most important entries are:
dev contains parameters for system devices
fs contains filesystem parameters
kernel is used for kernel parameters
net contains network parameters
vm contains virtual memory parameters
To modify runtime parameters, we can use sysctl. Let’s take a look at all the available parameters:
1 2 |
|
Too many to list here, so let’s glance over a few random ipv4 parameters:
1 2 3 4 5 6 7 8 9 10 11 |
|
The dots in the options represent actual slashes in the directory structure under /proc/sys. Now let’s take a value and modify it. I will use the packet forwarding feature for this example
1 2 |
|
So the system is configured to forward packets as a router. To change this, we can put a 0 value in the file:
1
|
|
Another option is to write a value with sysctl. Here I enable IP forwarding again:
1 2 |
|
Changes made in this way won’t persist a reboot. To make them permanent, you have to edit the configuration file.
This used to be /etc/sysctl.conf
, and can still be used, but newer systems look for config files inside /etc/sysctl.d/, /run/sysctl.d/, and /usr/lib/sysctl.d/ (in order of precedence). On such systems, you can modify the /usr/lib/sysctl.d/00-system
file for your kernel settings.
I edited mine to disable IP forwarding:
1 2 |
|
If you don’t want to reboot, you can have sysctl re-read its config files by doing sysctl -p with the config file of your choice (by default, it will read /etc/sysctl.conf)
1 2 3 4 |
|
1 2 3 4 5 6 7 8 9 10 |
|