Red Hat Bugzilla – Bug 134051
[PATCH] Sysctl.conf parameters not reloaded on restart or start
Last modified: 2015-01-07 19:08:36 EST
See the summary. As the network script does it, so should any
initscript that relies on sysctl.conf settings.
Patch attached below.
Created attachment 104499 [details]
Patch from Jose Plans <firstname.lastname@example.org>
Or edit /etc/modules.conf to add
post-install audit sysctl -e -p /etc/sysctl.conf
There is documentation to this effect in the HP EAL3 Certification
Guide that will be bundled in U4. I'll look at having the U4 laus
%post deal with this.
I have the same issue in sysctl.conf - I have updated it with new
parameters and after reboot some changes take and some changes don't
take. I then thought it may be a syntax issue, but when i do a
sysctl -w and then cut-and-paste the line from my sysctl.conf file -
it takes perfectly. So - will the line above added to my
modules.conf file re-read the sysctl.conf file?
The line above should read your sysctl.conf.
Created attachment 107828 [details]
OK Charlie - I tried both things mentioned here. Maybe there is a
symtax error in my sysctl.conf file - I will attach the sysctl.conf
file for you to look at. Thanks for the help.
Hi Dan -
I don't see any audit entries in your sysctl.conf.
mine look like this:
# audit subsystem defaults
dev.audit.max-messages = 1024
dev.audit.paranoia = 0
dev.audit.attach-all = 0
dev.audit.allow-suspend = 1
dev.audit.debug = 0
Thanks Charlie - Are those normal entries to have in the
sysctl.conf ? I am a bit new to this so please excuse my ignorance.
So - If I put those entries in - will it then read the entry in my
modules.conf. I am confused I guess. Like I said - some of the
entries get applied, but not all of them. Do I have them in the
wrong order ? Thanks again for your help.
Are you asking specifically in the context of the laus auditing driver?
I don't even know what the laus auditing driver is. I hope I am not
starting to look like a fool. I just want the sysctl.conf entries to
be read properly - just like when I run sysctl -w and they all take
just fine. In fact - the "patch" that Bastien gave is odd because I
don't have an init script called audit.
Ayuh. This is a bug against the laus package. It provides system
call auditing - part of getting RHEL3 it's EAL3 security certification.
That being said, let me grab my "generalist" hat.
In which instances are you not seeing your sysctl parameters re-read?
After re-boot I cat the /proc entries and see that some of the
entries are not taking. The VM and NET entries to be specific. Just
wondering if I may have a syntax error. I heard a rumor that this is
a known problem and will be fixed in U4. That is sue out this month
This bug is now fixed in laus-0.1-68RHEL3 .
By default, there are NO dev.audit entries in /etc/sysctl.conf .
With laus-0.1-68RHEL3, there are now two mechanisms whereby audit
sysctl settings can be set when the module is loaded:
1. Create a file with only dev.audit settings, and set the variable
Then the audit initscript will load only these sysctl settings
after it loads the module.
2. Put 'dev.audit' settings in /etc/sysctl.conf - these will be loaded
after the audit initscript loads the module.
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.