systemd-sysctl

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
systemd-sysctl [2018/11/16 10:54] rpjdaysystemd-sysctl [2018/11/16 11:04] (current) – [50-default.conf] rpjday
Line 8: Line 8:
   * [[https://www.freedesktop.org/software/systemd/man/sysctl.d.html|FreeDesktop page]]   * [[https://www.freedesktop.org/software/systemd/man/sysctl.d.html|FreeDesktop page]]
  
-===== Files ====+===== File list =====
  
   * ''/etc/''   * ''/etc/''
Line 14: Line 14:
     * ''sysctl.d/''     * ''sysctl.d/''
       * ''99-sysctl.conf'' [link to above so empty]       * ''99-sysctl.conf'' [link to above so empty]
 +  * ''/usr/lib/''
 +    * ''systemd/''
 +      * ''systemd-sysctl''
 +      * ''system/''
 +        * ''systemd-sysctl.service''
 +        * ''sysinit.target.wants/''
 +          * ''systemd-sysctl.service''
 +    * ''sysctl.d/''
 +      * ''10-default-yama-scope.conf''
 +      * ''20-pptpd.conf''
 +      * ''50-coredump.conf''
 +      * ''50-default.conf''
 +      * ''50-libkcapi-optmem_max.conf''
 +      * ''60-libvirtd.conf''
 +
 +===== Config files =====
 +
 +==== 10-default-yama-scope.conf ====
 +
 +<code>
 +kernel.yama.ptrace_scope = 0
 +</code>
 +
 +==== 20-pptpd.conf ====
 +
 +<code>
 +net.ipv4.ip_forward = 1
 +</code>
 +
 +==== 50-coredump.conf ====
 +
 +<code>
 +kernel.core_pattern=|/usr/lib/systemd/systemd-coredump %P %u %g %s %t %c %h %e
 +</code>
 +
 +==== 50-default.conf ====
 +
 +<code>
 +# Use kernel.sysrq = 1 to allow all keys.
 +# See https://www.kernel.org/doc/html/latest/admin-guide/sysrq.html for a list
 +# of values and keys.
 +kernel.sysrq = 16
 +
 +# Append the PID to the core filename
 +kernel.core_uses_pid = 1
 +
 +# Source route verification
 +net.ipv4.conf.all.rp_filter = 1
 +
 +# Do not accept source routing
 +net.ipv4.conf.all.accept_source_route = 0
 +
 +# Promote secondary addresses when the primary address is removed
 +net.ipv4.conf.all.promote_secondaries = 1
 +
 +# Fair Queue CoDel packet scheduler to fight bufferbloat
 +net.core.default_qdisc = fq_codel
 +
 +# Enable hard and soft link protection
 +fs.protected_hardlinks = 1
 +fs.protected_symlinks = 1
 +</code>
 +
 +==== 50-libkcapi-optmem_max.conf ====
 +
 +<code>
 +net.core.optmem_max = 81920
 +</code>
 +
 +==== 60-libvirtd.conf ====
 +
 +<code>
 +fs.aio-max-nr = 1048576
 +</code>
  • systemd-sysctl.1542365660.txt.gz
  • Last modified: 2018/11/16 10:54
  • by rpjday