Created attachment 541029 [details]
Description of problem:
/lib/systemd/systemd-sysctl tries hard to sort the order of various *.conf files. But after all are processed the /etc/sysctl.conf file overwrites everything.
One should be able to override default /etc/sysctl.conf by custom files, without modifying /etc/sysctl.conf itself.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
echo 'net.ipv4.ip_forward = 1' >/etc/sysctl.d/z.conf
That's funny because it was originally like that but it was changed:
Author: Ludwig Nussel <firstname.lastname@example.org>
Date: Mon May 16 11:11:52 2011 +0200
sysctl: apply /etc/sysctl.conf last
apply /etc/sysctl.conf last to actually allow the admin to override
package provided defaults.
This file should just not exist. These days, /etc is reserved for the
'local administration', not for things to be installed by the default
I think the best option is to make initscripts.rpm to move the file
to: /usr/lib/sysctl.d/, and leave /etc alone.
I think the current systemd behaviour is fine. We have no way of
persistently overwriting things in /etc.
Heh, I was just writing a comment saying the same. Let's move this to initscripts, which is the owner of /etc/sysctl.conf. Let's move the distro defaults to /usr/lib/sysctl.d/00-fedora.conf or something like that.
We would need to find all the places that blindly do 'sysctl -p /etc/sysctl.conf' and fix them. Of course, given sysctl.d, such places are broken already.
Created attachment 546919 [details]
Here's a initscripts patch. It suffers from the same problem described in bug 767795.
Currently slated for F18 due to schedule.
per http://d.hatena.ne.jp/masami256/20121014/1350215052 and the recent discussion on fedora-devel, perhaps we ought to add a stub /etc/sysctl.conf which just says to add any customization to a file in /etc/sysctl.d ?
Sure, why not.
looks fine, except should it really still be config(noreplace)? the whole point is that the user can't actually do any customization in it any more, after all...
That file is still read, so they could.
Plus, we don't want the new README-ified version blowing away anything they have there.
Ah, OK, I didn't realize it was still 'active if present'.
initscripts-9.42-1.fc18 has been submitted as an update for Fedora 18.
* should fix your issue,
* was pushed to the Fedora 18 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing initscripts-9.42-1.fc18'
as soon as you are able to.
Please go to the following url:
then log in and leave karma (feedback).
initscripts-9.42-1.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report.
I have fresh instalation of fedora 18.
I have just copied /etc/sysctl.conf to /usr/lib/sysctl.d/00-fedora.conf
and it's not working for me. I have to manualy run sysctl -p to apply rules from sysctl.conf :/ Any idea?
[root@ssh ~]# rpm -q initscripts
(In reply to comment #15)
> I have just copied /etc/sysctl.conf to /usr/lib/sysctl.d/00-fedora.conf
> and it's not working for me.
Lukasz, copying the file should not be necessary. And storing the administrator's local configuration under /usr/lib is definitely wrong.
What exactly is "not working"?
Please file a new bug and attach:
- the output of "systemctl status systemd-sysctl.service"
- the listing of /usr/lib/sysctl.d and /etc/sysctl.d
- the contents of your sysctl.conf.
As you can see, i two copies of /etc/sysctcl in /usr/lib/sysctl.d and /etc/sysctl.d. It's the same file in three different directory
[root@ssh ~]# ll /etc/sysctl.conf
-rw-r--r-- 1 root root 969 Mar 21 16:14 /etc/sysctl.conf
[root@ssh ~]# ll /usr/lib/sysctl.d
-rw-r--r-- 1 root root 969 Mar 21 18:36 00-fedora.conf
[root@ssh ~]# ll /etc/sysctl.d
-rw-r--r-- 1 root root 969 Mar 21 18:41 sysctl.conf
[root@ssh ~]# systemctl status systemd-sysctl.service
systemd-sysctl.service - Apply Kernel Variables
Loaded: loaded (/usr/lib/systemd/system/systemd-sysctl.service; static)
Active: active (exited) since Thu 2013-03-21 19:07:34 CET; 3min 1s ago
Process: 380 ExecStart=/usr/lib/systemd/systemd-sysctl (code=exited, status=0/SUCCESS)
[root@ssh ~]# cat /usr/lib/sysctl.d/00-fedora.conf
net.ipv4.ip_forward = 1
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv6.conf.all.autoconf = 0
net.ipv6.conf.all.accept_ra = 0
net.ipv6.conf.all.accept_redirects = 0
net.ipv6.conf.all.forwarding = 1
net.ipv6.conf.all.router_solicitations = 0
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.icmp_ignore_bogus_error_responses = 1
but, you can see below that net.ipv4.ip_forward = 0
[root@ssh ~]# sysctl -a |grep net.ipv4.ip_forward
net.ipv4.ip_forward = 0
What went wrong?
Please file a NEW bug. This is not the same problem as the one that was resolved in this Bugzilla report.