Created attachment 796603 [details] Detailed configuration and actual results for all scenarios Description of problem: Parameters in /etc/sysctl.d/* do not override parameters in /usr/lib/sysctl.d/* while processed by systemd-sysctl. systemd-sysctl shall process parameters the same way as sysctl --system, specifically if a parameter is defined multiple times the last value shall be used. Version-Release number of selected component (if applicable): systemd-204-11.fc19.x86_64 How reproducible: ***************************************************************** * Scenario A Naive attempt to use own sysctl configuration file * ***************************************************************** Steps to Reproduce: 1. Create a file /etc/sysctl.d/ipv4_rp_filter_local.conf net.ipv4.conf.default.rp_filter = 2 2. Reboot the system and check rp_filter parameters sysctl -a | fgrep .rp_filter Actual results: net.ipv4.conf.all.rp_filter = 0 net.ipv4.conf.default.rp_filter = 1 net.ipv4.conf.p4p1.rp_filter = 1 Expected results: net.ipv4.conf.all.rp_filter = 0 net.ipv4.conf.default.rp_filter = 2 net.ipv4.conf.p4p1.rp_filter = 2 ********************************************************************** * Scenario B Naive attempt to use /etc/sysctl.d/50-default.conf file * ********************************************************************** Steps to Reproduce: 1. Copy /usr/lib/sysctl.d/50-default.conf to /etc/sysctl.d/50-default.conf. Edit /etc/sysctl.d/50-default.conf and change line net.ipv4.conf.default.rp_filter = 1 to net.ipv4.conf.default.rp_filter = 2 2. Reboot the system and check rp_filter parameters sysctl -a | fgrep .rp_filter Actual results: Same as in scenario A Expected results: Same as in scenario A ****************************************************************************** * Scenario C Another naive attempt to use /etc/sysctl.d/50-default.conf file * ****************************************************************************** Steps to Reproduce: 1. Create a file /etc/sysctl.d/ipv4_rp_filter_local.conf net.ipv4.conf.default.rp_filter = 2 2. Copy /usr/lib/sysctl.d/50-default.conf to /etc/sysctl.d/50-default.conf. Comment out line net.ipv4.conf.default.rp_filter = 1 3. Reboot the system and check rp_filter parameters sysctl -a | fgrep .rp_filter Actual results: Same as in scenario A Expected results: Same as in scenario A ********************************************************* * Scenario D Fix /usr/lib/sysctl.d/50-default.conf file * ********************************************************* Note that it not a good workaround as updating systemd will restore the file. Steps to Reproduce: 1. Edit /usr/lib/sysctl.d/50-default.conf file and comment out line net.ipv4.conf.default.rp_filter = 1 2. Reboot the system and check rp_filter parameter sysctl -a | fgrep .rp_filter Actual&expected results are the same: net.ipv4.conf.all.rp_filter = 0 net.ipv4.conf.default.rp_filter = 2 net.ipv4.conf.p4p1.rp_filter = 2 Additional info: Note 1. systemctl systemd-sysctl.service status output contains lines similar to systemd-sysctl[674]: Duplicate assignment of net/ipv4/conf/default/rp_filter in file '/etc/sysctl.d/ipv4_rp_filter_local.conf', ignoring. systemd-sysctl[715]: Duplicate assignment of net/ipv4/conf/default/rp_filter in file '/etc/sysctl.d/50-defaults.conf', ignoring. Note 2. systemd-sysctl is not expected and is not reasonable - it does not allow parameters override, so if a parameter is set in some /usr/lib/sysctl.d file it cannot be later changed in /etc/sysctl.d file - it does not treat files with the same name in any special way, so it parses /usr/lib/sysctl.d/50-defaults.conf file even if /etc/sysctl.d/50-defaults.conf file exists Note 3. sysctl --system processes all config files one after another, all parameters in the files one after another, so the last value wins. There are no error messages if some parameter is defined in multiple files. systemd-sysctl shall do its processing the same way as sysctl --system
Changed in systemd upstream commit 04bf3c1a60d82791e0320381e9268f727708f776 Author: Kay Sievers <kay> Date: Thu Aug 15 18:35:03 2013 +0200 sysctl: allow overwriting of values specified in "later" files cgit.freedesktop.org/systemd/systemd/commit/?id=04bf3c1a60d82791e0320381e9268f727708f776
*** Bug 993562 has been marked as a duplicate of this bug. ***
systemd-207-1.fc20 has been submitted as an update for Fedora 20. https://admin.fedoraproject.org/updates/systemd-207-1.fc20
What about F19 systemd package?
Hm, I think that this is too intrusive for a bugfix in F19. The behaviour was unexpected, but probably people have setups which work with it, and applying this patch could break them.
systemd-207-1.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
(In reply to Zbigniew Jędrzejewski-Szmek from comment #5) > but probably people have setups which work with it, well, do you have some real life example of such "probable" setup? - there are _real_ people who need this fixed on F19 who reported bugs that it is broken ... this is not "intrusive change", this is merely a fix so that the system behaves as documented (see e.g. bug #993562 and https://fedoraproject.org/wiki/QA/Sysrq#How_do_I_enable_the_magic_SysRq_key.3F )
OK, I guess it might be a good idea to backport this fix to F19. Hm, Harald, Lennart, Michal, objections?
systemd-204-16.fc19 has been submitted as an update for Fedora 19. https://admin.fedoraproject.org/updates/systemd-204-16.fc19
systemd-204-16.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.