Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 635668 - config file '/etc/sysctl.conf' is used after parsing user settings in '/etc/sysctl.d/*.conf'
Summary: config file '/etc/sysctl.conf' is used after parsing user settings in '/etc/s...
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Linux bug wranglers
Depends on:
Reported: 2017-10-28 09:07 UTC by Kai Peter
Modified: 2017-10-29 08:14 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Kai Peter 2017-10-28 09:07:05 UTC
Settings in e.g. '/etc/sysctl.d/local.conf' will be overwritten by settings in default config file '/etc/sysctl.conf'. 

Example: In '/etc/sysctl.conf' there is set by default

net.ipv4.ip_forward = 0

Usually, this should be overwritten by a user defined setting in '/etc/sysctl.d/local.conf':

net.ipv4.ip_forward = 1

This didn't work. The /etc/sysctl.conf' takes precedence over all user settings.

One workaround is to put a 'sysctl -p <file>' call in a '/etc/local.d/*.start'

However, user settings have to have precedence over system settings.

Reproducible: Always

Steps to Reproduce:
1. check it out with the example 'net.ipv4.ip_forward = 1' from description
2. set 'net.ipv4.ip_forward = 1' in '/etc/sysctl.d/forward.conf'
3. do '/etc/init.d/sysctl restart'
4. do 'sysctl -a | grep net.ipv4.ip_forward'
Comment 1 Mike Gilbert gentoo-dev 2017-10-28 14:48:19 UTC
The settings are applied in the order documented in the sysctl man page.

/etc/sysctl.conf is under the sysadmin's control, so I don't see the problem here.
Comment 2 Kai Peter 2017-10-29 08:14:23 UTC
My intention is to prevent that (changes in) /etc/sysctl.conf will be overwritten accidently by an etc-update.

Let me take the freedom to make two suggestions:

1. Add an 'include' statement at the bottom of the file (e.g. like in /etc/rsyslog.conf)

2. remove the option 'net.ipv4.ip_forward = 0' from the default config file (comment out). Maybe put it in a file in sysctl.d, outside of CONFIG_PROTECT.