Settings in e.g. '/etc/sysctl.d/local.conf' will be overwritten by settings in default config file '/etc/sysctl.conf'.
Example: In '/etc/sysctl.conf' there is set by default
net.ipv4.ip_forward = 0
Usually, this should be overwritten by a user defined setting in '/etc/sysctl.d/local.conf':
net.ipv4.ip_forward = 1
This didn't work. The /etc/sysctl.conf' takes precedence over all user settings.
One workaround is to put a 'sysctl -p <file>' call in a '/etc/local.d/*.start'
However, user settings have to have precedence over system settings.
Steps to Reproduce:
1. check it out with the example 'net.ipv4.ip_forward = 1' from description
2. set 'net.ipv4.ip_forward = 1' in '/etc/sysctl.d/forward.conf'
3. do '/etc/init.d/sysctl restart'
4. do 'sysctl -a | grep net.ipv4.ip_forward'
The settings are applied in the order documented in the sysctl man page.
/etc/sysctl.conf is under the sysadmin's control, so I don't see the problem here.
My intention is to prevent that (changes in) /etc/sysctl.conf will be overwritten accidently by an etc-update.
Let me take the freedom to make two suggestions:
1. Add an 'include' statement at the bottom of the file (e.g. like in /etc/rsyslog.conf)
2. remove the option 'net.ipv4.ip_forward = 0' from the default config file (comment out). Maybe put it in a file in sysctl.d, outside of CONFIG_PROTECT.