summaryrefslogtreecommitdiff
path: root/man/sysctl.d.xml
diff options
context:
space:
mode:
Diffstat (limited to 'man/sysctl.d.xml')
-rw-r--r--man/sysctl.d.xml275
1 files changed, 135 insertions, 140 deletions
diff --git a/man/sysctl.d.xml b/man/sysctl.d.xml
index c67a199fb5..5a35cfe2c8 100644
--- a/man/sysctl.d.xml
+++ b/man/sysctl.d.xml
@@ -19,158 +19,153 @@
along with systemd; If not, see <http://www.gnu.org/licenses/>.
-->
<refentry id="sysctl.d"
- xmlns:xi="http://www.w3.org/2001/XInclude">
-
- <refentryinfo>
- <title>sysctl.d</title>
- <productname>systemd</productname>
-
- <authorgroup>
- <author>
- <contrib>Developer</contrib>
- <firstname>Lennart</firstname>
- <surname>Poettering</surname>
- <email>lennart@poettering.net</email>
- </author>
- </authorgroup>
- </refentryinfo>
-
- <refmeta>
- <refentrytitle>sysctl.d</refentrytitle>
- <manvolnum>5</manvolnum>
- </refmeta>
-
- <refnamediv>
- <refname>sysctl.d</refname>
- <refpurpose>Configure kernel parameters at boot</refpurpose>
- </refnamediv>
-
- <refsynopsisdiv>
- <para><filename>/etc/sysctl.d/*.conf</filename></para>
- <para><filename>/run/sysctl.d/*.conf</filename></para>
- <para><filename>/usr/lib/sysctl.d/*.conf</filename></para>
- </refsynopsisdiv>
-
- <refsect1>
- <title>Description</title>
-
- <para>At boot,
- <citerefentry><refentrytitle>systemd-sysctl.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
- reads configuration files from the above directories
- to configure
- <citerefentry><refentrytitle>sysctl</refentrytitle><manvolnum>8</manvolnum></citerefentry>
- kernel parameters.</para>
- </refsect1>
-
- <refsect1>
- <title>Configuration Format</title>
-
- <para>The configuration files contain a list of
- variable assignments, separated by newlines. Empty
- lines and lines whose first non-whitespace character
- is <literal>#</literal> or <literal>;</literal> are
- ignored.</para>
-
- <para>Note that either <literal>/</literal> or
- <literal>.</literal> may be used as separators within
- sysctl variable names. If the first separator is a
- slash, remaining slashes and dots are left intact. If
- the first separator is a dot, dots and slashes are
- interchanged. <literal>kernel.domainname=foo</literal>
- and <literal>kernel/domainname=foo</literal> are
- equivalent and will cause <literal>foo</literal> to
- be written to
- <filename>/proc/sys/kernel/domainname</filename>.
- Either
- <literal>net.ipv4.conf.enp3s0/200.forwarding</literal>
- or
- <literal>net/ipv4/conf/enp3s0.200/forwarding</literal>
- may be used to refer to
- <filename>/proc/sys/net/ipv4/conf/enp3s0.200/forwarding</filename>.
- </para>
-
- <para>The settings configured with
- <filename>sysctl.d</filename> files will be applied
- early on boot. The network interface-specific options
- will also be applied individually for each network
- interface as it shows up in the system. (More
- specifically,
- <filename>net.ipv4.conf.*</filename>,
- <filename>net.ipv6.conf.*</filename>,
- <filename>net.ipv4.neigh.*</filename> and <filename>net.ipv6.neigh.*</filename>).</para>
-
- <para>Many sysctl parameters only become available
- when certain kernel modules are loaded. Modules are
- usually loaded on demand, e.g. when certain hardware
- is plugged in or network brought up. This means that
- <citerefentry><refentrytitle>systemd-sysctl.service</refentrytitle><manvolnum>8</manvolnum></citerefentry> which runs
- during early boot will not configure such parameters
- if they become available after it has run. To
- set such parameters, it is recommended to add
- an <citerefentry><refentrytitle>udev</refentrytitle><manvolnum>7</manvolnum></citerefentry> rule to set those parameters when they become
- available. Alternatively, a slightly simpler and
- less efficient option is to add the module to
- <citerefentry><refentrytitle>modules-load.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>, causing it to be loaded statically
- before sysctl settings are applied (see
- example below).</para>
- </refsect1>
-
- <xi:include href="standard-conf.xml" xpointer="confd" />
-
- <refsect1>
- <title>Examples</title>
- <example>
- <title>Set kernel YP domain name</title>
- <para><filename>/etc/sysctl.d/domain-name.conf</filename>:
- </para>
-
- <programlisting>kernel.domainname=example.com</programlisting>
- </example>
-
- <example>
- <title>Disable packet filter on bridged packets (method one)</title>
- <para><filename>/etc/udev/rules.d/99-bridge.rules</filename>:
- </para>
-
- <programlisting>ACTION=="add", SUBSYSTEM=="module", KERNEL=="bridge", RUN+="/usr/lib/systemd/systemd-sysctl --prefix=/net/bridge"
+ xmlns:xi="http://www.w3.org/2001/XInclude">
+
+ <refentryinfo>
+ <title>sysctl.d</title>
+ <productname>systemd</productname>
+
+ <authorgroup>
+ <author>
+ <contrib>Developer</contrib>
+ <firstname>Lennart</firstname>
+ <surname>Poettering</surname>
+ <email>lennart@poettering.net</email>
+ </author>
+ </authorgroup>
+ </refentryinfo>
+
+ <refmeta>
+ <refentrytitle>sysctl.d</refentrytitle>
+ <manvolnum>5</manvolnum>
+ </refmeta>
+
+ <refnamediv>
+ <refname>sysctl.d</refname>
+ <refpurpose>Configure kernel parameters at boot</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <para><filename>/etc/sysctl.d/*.conf</filename></para>
+ <para><filename>/run/sysctl.d/*.conf</filename></para>
+ <para><filename>/usr/lib/sysctl.d/*.conf</filename></para>
+ </refsynopsisdiv>
+
+ <refsect1>
+ <title>Description</title>
+
+ <para>At boot,
+ <citerefentry><refentrytitle>systemd-sysctl.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+ reads configuration files from the above directories to configure
+ <citerefentry><refentrytitle>sysctl</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+ kernel parameters.</para>
+ </refsect1>
+
+ <refsect1>
+ <title>Configuration Format</title>
+
+ <para>The configuration files contain a list of variable
+ assignments, separated by newlines. Empty lines and lines whose
+ first non-whitespace character is <literal>#</literal> or
+ <literal>;</literal> are ignored.</para>
+
+ <para>Note that either <literal>/</literal> or
+ <literal>.</literal> may be used as separators within sysctl
+ variable names. If the first separator is a slash, remaining
+ slashes and dots are left intact. If the first separator is a dot,
+ dots and slashes are interchanged.
+ <literal>kernel.domainname=foo</literal> and
+ <literal>kernel/domainname=foo</literal> are equivalent and will
+ cause <literal>foo</literal> to be written to
+ <filename>/proc/sys/kernel/domainname</filename>. Either
+ <literal>net.ipv4.conf.enp3s0/200.forwarding</literal> or
+ <literal>net/ipv4/conf/enp3s0.200/forwarding</literal> may be used
+ to refer to
+ <filename>/proc/sys/net/ipv4/conf/enp3s0.200/forwarding</filename>.
+ </para>
+
+ <para>The settings configured with <filename>sysctl.d</filename>
+ files will be applied early on boot. The network
+ interface-specific options will also be applied individually for
+ each network interface as it shows up in the system. (More
+ specifically, <filename>net.ipv4.conf.*</filename>,
+ <filename>net.ipv6.conf.*</filename>,
+ <filename>net.ipv4.neigh.*</filename> and
+ <filename>net.ipv6.neigh.*</filename>).</para>
+
+ <para>Many sysctl parameters only become available when certain
+ kernel modules are loaded. Modules are usually loaded on demand,
+ e.g. when certain hardware is plugged in or network brought up.
+ This means that
+ <citerefentry><refentrytitle>systemd-sysctl.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+ which runs during early boot will not configure such parameters if
+ they become available after it has run. To set such parameters, it
+ is recommended to add an
+ <citerefentry><refentrytitle>udev</refentrytitle><manvolnum>7</manvolnum></citerefentry>
+ rule to set those parameters when they become available.
+ Alternatively, a slightly simpler and less efficient option is to
+ add the module to
+ <citerefentry><refentrytitle>modules-load.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+ causing it to be loaded statically before sysctl settings are
+ applied (see example below).</para>
+ </refsect1>
+
+ <xi:include href="standard-conf.xml" xpointer="confd" />
+
+ <refsect1>
+ <title>Examples</title>
+ <example>
+ <title>Set kernel YP domain name</title>
+ <para><filename>/etc/sysctl.d/domain-name.conf</filename>:
+ </para>
+
+ <programlisting>kernel.domainname=example.com</programlisting>
+ </example>
+
+ <example>
+ <title>Disable packet filter on bridged packets (method one)</title>
+ <para><filename>/etc/udev/rules.d/99-bridge.rules</filename>:
+ </para>
+
+ <programlisting>ACTION=="add", SUBSYSTEM=="module", KERNEL=="bridge", RUN+="/usr/lib/systemd/systemd-sysctl --prefix=/net/bridge"
</programlisting>
- <para><filename>/etc/sysctl.d/bridge.conf</filename>:
- </para>
+ <para><filename>/etc/sysctl.d/bridge.conf</filename>:
+ </para>
- <programlisting>net.bridge.bridge-nf-call-ip6tables = 0
+ <programlisting>net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0
</programlisting>
- </example>
+ </example>
- <example>
- <title>Disable packet filter on bridged packets (method two)</title>
- <para><filename>/etc/modules-load.d/bridge.conf</filename>:
- </para>
+ <example>
+ <title>Disable packet filter on bridged packets (method two)</title>
+ <para><filename>/etc/modules-load.d/bridge.conf</filename>:
+ </para>
- <programlisting>bridge</programlisting>
+ <programlisting>bridge</programlisting>
- <para><filename>/etc/sysctl.d/bridge.conf</filename>:
- </para>
+ <para><filename>/etc/sysctl.d/bridge.conf</filename>:
+ </para>
- <programlisting>net.bridge.bridge-nf-call-ip6tables = 0
+ <programlisting>net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0
</programlisting>
- </example>
- </refsect1>
-
- <refsect1>
- <title>See Also</title>
- <para>
- <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
- <citerefentry><refentrytitle>systemd-sysctl.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
- <citerefentry><refentrytitle>systemd-delta</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
- <citerefentry><refentrytitle>sysctl</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
- <citerefentry><refentrytitle>sysctl.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
- <citerefentry><refentrytitle>modprobe</refentrytitle><manvolnum>8</manvolnum></citerefentry>
- </para>
- </refsect1>
+ </example>
+ </refsect1>
+
+ <refsect1>
+ <title>See Also</title>
+ <para>
+ <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemd-sysctl.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemd-delta</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>sysctl</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>sysctl.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>modprobe</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+ </para>
+ </refsect1>
</refentry>
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-11-16 11:04:38 +0000