Bug 134051 - [PATCH] Sysctl.conf parameters not reloaded on restart or start
[PATCH] Sysctl.conf parameters not reloaded on restart or start
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: laus (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Jason Vas Dias
Jay Turner
Depends On:
Blocks: 132991
  Show dependency treegraph
Reported: 2004-09-29 05:24 EDT by Bastien Nocera
Modified: 2015-01-07 19:08 EST (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2005-05-19 23:25:52 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
audit.initscript.patch (463 bytes, patch)
2004-09-29 05:25 EDT, Bastien Nocera
no flags Details | Diff
sysctl.conf (21.00 KB, text/plain)
2004-12-03 08:53 EST, Dan Taracks
no flags Details

External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2005:219 normal SHIPPED_LIVE laus bug fix update 2005-05-19 00:00:00 EDT

  None (edit)
Description Bastien Nocera 2004-09-29 05:24:16 EDT
See the summary. As the network script does it, so should any
initscript that relies on sysctl.conf settings.
Patch attached below.
Comment 1 Bastien Nocera 2004-09-29 05:25:19 EDT
Created attachment 104499 [details]

Patch from Jose Plans <jmp@redhat.com>
Comment 2 Charlie Bennett 2004-09-29 10:31:38 EDT
Or edit /etc/modules.conf to add

post-install audit sysctl -e -p /etc/sysctl.conf

There is documentation to this effect in the HP EAL3 Certification
Guide that will be bundled in U4.  I'll look at having the U4 laus
%post deal with this.

Comment 3 Dan Taracks 2004-10-25 13:19:23 EDT
I have the same issue in sysctl.conf - I have updated it with new 
parameters and after reboot some changes take and some changes don't 
take.  I then thought it may be a syntax issue, but when i do a 
sysctl -w and then cut-and-paste the line from my sysctl.conf file - 
it takes perfectly.  So - will the line above added to my 
modules.conf file re-read the sysctl.conf file?  
Comment 4 Charlie Bennett 2004-11-10 10:36:06 EST
The line above should read your sysctl.conf.
Comment 5 Dan Taracks 2004-12-03 08:53:21 EST
Created attachment 107828 [details]
Comment 6 Dan Taracks 2004-12-03 08:54:08 EST
OK Charlie - I tried both things mentioned here.  Maybe there is a 
symtax error in my sysctl.conf file - I will attach the sysctl.conf 
file for you to look at.  Thanks for the help.
Comment 7 Charlie Bennett 2004-12-03 13:52:06 EST
Hi Dan -

   I don't see any audit entries in your sysctl.conf.

mine look like this:
# audit subsystem defaults
dev.audit.max-messages = 1024
dev.audit.paranoia = 0
dev.audit.attach-all = 0
dev.audit.allow-suspend = 1
dev.audit.debug = 0
Comment 8 Dan Taracks 2004-12-03 14:17:20 EST
Thanks Charlie - Are those normal entries to have in the 
sysctl.conf ? I am a bit new to this so please excuse my ignorance.
So - If I put those entries in - will it then read the entry in my 
modules.conf.  I am confused I guess.  Like I said - some of the 
entries get applied, but not all of them.  Do I have them in the 
wrong order ?  Thanks again for your help.
Comment 9 Charlie Bennett 2004-12-03 14:50:45 EST
Are you asking specifically in the context of the laus auditing driver?
Comment 10 Dan Taracks 2004-12-03 15:44:05 EST
I don't even know what the laus auditing driver is. I hope I am not 
starting to look like a fool.  I just want the sysctl.conf entries to 
be read properly - just like when I run sysctl -w and they all take 
just fine.  In fact - the "patch" that Bastien gave is odd because I 
don't have an init script called audit.
Comment 11 Charlie Bennett 2004-12-06 12:23:40 EST
Ayuh.  This is a bug against the laus package.  It provides system
call auditing - part of getting RHEL3 it's EAL3 security certification.

That being said, let me grab my "generalist" hat.

In which instances are you not seeing your sysctl parameters re-read?
Comment 12 Dan Taracks 2004-12-06 12:49:34 EST
After re-boot I cat the /proc entries and see that some of the 
entries are not taking. The VM and NET entries to be specific.  Just 
wondering if I may have a syntax error.  I heard a rumor that this is 
a known problem and will be fixed in U4.  That is sue out this month 
correct ?  
Comment 22 Jason Vas Dias 2005-03-11 10:36:15 EST
This bug is now fixed in laus-0.1-68RHEL3 .

By default, there are NO dev.audit entries in /etc/sysctl.conf .

With laus-0.1-68RHEL3, there are now two mechanisms whereby audit
sysctl settings can be set when the module is loaded:
1. Create a file with only dev.audit settings, and set the variable
   in /etc/sysconfig/audit
   Then the audit initscript will load only these sysctl settings
   after it loads the module.
2. Put 'dev.audit' settings in /etc/sysctl.conf - these will be loaded
   after the audit initscript loads the module.
Comment 23 Dennis Gregorovic 2005-05-19 23:25:52 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.


Note You need to log in before you can comment on or make changes to this bug.