Labels Milestones

New Issue

__sysctl: /etc/sysctl.conf is not being read by systemd #116

Closed

opened 1 year ago by ungleich-gitea · 11 comments

ungleich-gitea commented 1 year ago

Owner

Created by: lubo

__sysctl writes the configuration to /etc/sysctl.conf, which is not being read by systemd anymore. According to ArchWiki:

From version 207 and 21x, systemd only applies settings from /etc/sysctl.d/*.conf and /usr/lib/sysctl.d/*.conf. If you had customized /etc/sysctl.conf, you need to rename it as /etc/sysctl.d/99-sysctl.conf. If you had e.g. /etc/sysctl.d/foo, you need to rename it to /etc/sysctl.d/foo.conf.

We should probably default to /etc/sysctl.d/99-sysctl.conf on systems where systemd is used.

*Created by: lubo* __sysctl writes the configuration to `/etc/sysctl.conf`, which is not being read by systemd anymore. According to ArchWiki: >From version 207 and 21x, systemd only applies settings from `/etc/sysctl.d/*.conf` and `/usr/lib/sysctl.d/*.conf`. If you had customized `/etc/sysctl.conf`, you need to rename it as `/etc/sysctl.d/99-sysctl.conf`. If you had e.g. `/etc/sysctl.d/foo`, you need to rename it to `/etc/sysctl.d/foo.conf`. We should probably default to `/etc/sysctl.d/99-sysctl.conf` on systems where systemd is used.

ungleich-gitea closed this issue 1 year ago

ungleich-gitea commented 1 year ago

Poster

Owner

Created by: asteven

@darko-poljak I think we should not create any symlinks. Also I can not imagine anybody switching init system without a re-install.

@lubo I think just detecting systemd and then making assumptions based on that is error prone. For example, I have used systemd enabled systems since several years and never had any problem with this type. Yet I do see that my archlinux does not have /etc/sysctl.conf. I can not tell since when. It also seems that distros may be doing things differently here, independent of systemd or not. Additionally: the 'has worked like this forever' solution was to use /etc/sysctl.conf. While I see the benefit of the *.d pattern, our default should be to use /etc/sysctl.conf.
Re just using /etc/sysctl.d/99-sysctl.conf is difficult. What do you do if it exists, but is a symlink? Nuke it? Overwrite it?

If the user was using /etc/sysctl.conf, either manually or via cdist, he will have to upgrade/merge/move his config himself anyway. Don't see how we could handle this without interfering with distro stuff.

Apart from all this: if we change this type, what happens with all my ~3000 boxes that already have config that was deployed by this type in /etc/sysctl.conf? On all of them I have this symlink: /etc/sysctl.d/99-sysctl.conf -> /etc/sysctl.conf. If we change the way this type works, I'd need it to work in a predictable way. In other words, the newly deployed configs have to override any old existing ones.

So for me the file we use inside of /etc/sysctl.d has to be the last one read.
e.g. 99-sysctl.cdist.conf will not work.

I would need something like:

[root@eu-admin-01 sysctl.d]# ls -al
total 16
drwxr-xr-x  2 root root   58 Jun 13 22:02 .
drwxr-xr-x 91 root root 8192 Jun  9 19:29 ..
lrwxrwxrwx  1 root root   14 Sep 14  2017 99-sysctl.conf -> ../sysctl.conf
-rw-r--r--  1 root root    6 Jun 13 21:55 99-z-sysctl-cdist.conf

I guess it's safe to assume that if someone is using cdist, he wants the cdist deployed config to be authoritative. Based on this I propose the following impl:

If /etc/sysctl.d exists, put config in /etc/sysctl.d/99-z-sysctl-cdist.conf. I know the file name is not exactly nice but for me it absolutely has to be read last.
Otherwise use /etc/sysctl.conf.

*Created by: asteven* @darko-poljak I think we should not create any symlinks. Also I can not imagine anybody switching init system without a re-install. @lubo I think just detecting systemd and then making assumptions based on that is error prone. For example, I have used systemd enabled systems since several years and never had any problem with this type. Yet I do see that my archlinux does not have /etc/sysctl.conf. I can not tell since when. It also seems that distros may be doing things differently here, independent of systemd or not. Additionally: the 'has worked like this forever' solution was to use /etc/sysctl.conf. While I see the benefit of the *.d pattern, our default should be to use /etc/sysctl.conf. Re just using /etc/sysctl.d/99-sysctl.conf is difficult. What do you do if it exists, but is a symlink? Nuke it? Overwrite it? If the user was using /etc/sysctl.conf, either manually or via cdist, he will have to upgrade/merge/move his config himself anyway. Don't see how we could handle this without interfering with distro stuff. Apart from all this: if we change this type, what happens with all my ~3000 boxes that already have config that was deployed by this type in /etc/sysctl.conf? On all of them I have this symlink: ```/etc/sysctl.d/99-sysctl.conf -> /etc/sysctl.conf```. If we change the way this type works, I'd need it to work in a predictable way. In other words, the newly deployed configs have to override any old existing ones. So for me the file we use inside of /etc/sysctl.d has to be the last one read. e.g. 99-sysctl.cdist.conf will not work. I would need something like: ``` [root@eu-admin-01 sysctl.d]# ls -al total 16 drwxr-xr-x 2 root root 58 Jun 13 22:02 . drwxr-xr-x 91 root root 8192 Jun 9 19:29 .. lrwxrwxrwx 1 root root 14 Sep 14 2017 99-sysctl.conf -> ../sysctl.conf -rw-r--r-- 1 root root 6 Jun 13 21:55 99-z-sysctl-cdist.conf ``` I guess it's safe to assume that if someone is using cdist, he wants the cdist deployed config to be authoritative. Based on this I propose the following impl: If /etc/sysctl.d exists, put config in /etc/sysctl.d/99-z-sysctl-cdist.conf. I know the file name is not exactly nice but for me it absolutely has to be read last. Otherwise use /etc/sysctl.conf.

ungleich-gitea commented 1 year ago

Poster

Owner

Created by: darko-poljak

@asteven One more way. Always use /etc/sysctl.conf. In code-remote check if /etc/sysctl.d exists. If it does then check if symlink to /etc/sysctl.conf exists under it. If not then create symlink 99-sysctl.cdist.conf to /etc/sysctl.conf. What do you think? This way one can even switch init systems, one that uses sysctl.d conf and one that uses traditional etc location.

*Created by: darko-poljak* @asteven One more way. Always use /etc/sysctl.conf. In code-remote check if /etc/sysctl.d exists. If it does then check if symlink to /etc/sysctl.conf exists under it. If not then create symlink 99-sysctl.cdist.conf to /etc/sysctl.conf. What do you think? This way one can even switch init systems, one that uses sysctl.d conf and one that uses traditional etc location.

ungleich-gitea commented 1 year ago

Poster

Owner

Created by: darko-poljak

@asteven @lubo It seems that it would be safest and easiest to implement it as you have suggested above. Detect if /etc/sysctl.d dir exists. If it does then use 99-sysctl.cdist.conf under it. If not then use /etc/sysctl.conf. Not dependent on init system nor unix/linux flavor.

*Created by: darko-poljak* @asteven @lubo It seems that it would be safest and easiest to implement it as you have suggested above. Detect if /etc/sysctl.d dir exists. If it does then use 99-sysctl.cdist.conf under it. If not then use /etc/sysctl.conf. Not dependent on init system nor unix/linux flavor.

ungleich-gitea commented 1 year ago

Poster

Owner

Created by: lubo

I agree that playing with the symlink is not a good idea, but what's wrong with detecting systemd? We can use the existing init explorer and we don't even have to bother with systemd versions. If we use only /etc/sysctl.d/99-sysctl.conf with systemd, then the configuration will remain working even when the user upgrades systemd.

*Created by: lubo* I agree that playing with the symlink is not a good idea, but what's wrong with detecting systemd? We can use the existing `init` explorer and we don't even have to bother with systemd versions. If we use only `/etc/sysctl.d/99-sysctl.conf` with systemd, then the configuration will remain working even when the user upgrades systemd.

ungleich-gitea commented 1 year ago

Poster

Owner

Created by: asteven

We can not safely muck with the symlink /etc/sysctl.d/99-sysctl.conf -> /etc/sysctl.conf as that's owned by some rpm or deb or whatever.

I will not accept a impl that depends on detecting systemd or systemd version. This will be a PITA to get right.

*Created by: asteven* We can not safely muck with the symlink ```/etc/sysctl.d/99-sysctl.conf -> /etc/sysctl.conf``` as that's owned by some rpm or deb or whatever. I will not accept a impl that depends on detecting systemd or systemd version. This will be a PITA to get right.

ungleich-gitea commented 1 year ago

Poster

Owner

Created by: lubo

Perhaps, do what everybody else does: create symlink /etc/sysctl.d/99-sysctl.conf -> /etc/sysctl.conf. Or, consider again using /etc/sysctl.d/99-sysctl.conf when systemd is detected. I like the latter best.

*Created by: lubo* Perhaps, do what everybody else does: create symlink `/etc/sysctl.d/99-sysctl.conf` -> `/etc/sysctl.conf`. Or, consider again using `/etc/sysctl.d/99-sysctl.conf` when systemd is detected. I like the latter best.

ungleich-gitea commented 1 year ago

Poster

Owner

Created by: darko-poljak

@lubo If /etc/sysctl.d/99-sysct.conf is used then what with no-systemd systems?

*Created by: darko-poljak* @lubo If /etc/sysctl.d/99-sysct.conf is used then what with no-systemd systems?

ungleich-gitea commented 1 year ago

Poster

Owner

Created by: lubo

@asteven Seems like it's a distro-specific thing. By default, there's no /etc/sysctl.conf on Arch Linux and CoreOS. I don't agree with the implementation, though. If /etc/sysctl.d does not exist (for whatever reason) and /etc/sysctl.conf is used, then it wouldn't improve anything on systemd. How about using /etc/sysctl.d/99-sysctl.conf by default?

@darko-poljak I probably won't be able to do this in the near future.

*Created by: lubo* @asteven Seems like it's a distro-specific thing. By default, there's no `/etc/sysctl.conf` on Arch Linux and CoreOS. I don't agree with the implementation, though. If `/etc/sysctl.d` does not exist (for whatever reason) and `/etc/sysctl.conf` is used, then it wouldn't improve anything on systemd. How about using `/etc/sysctl.d/99-sysctl.conf` by default? @darko-poljak I probably won't be able to do this in the near future.

ungleich-gitea commented 1 year ago

Poster

Owner

Created by: darko-poljak

@lubo Do you have time or wish to re-implement it?

*Created by: darko-poljak* @lubo Do you have time or wish to re-implement it?

ungleich-gitea commented 1 year ago

Poster

Owner

Created by: asteven

Ubuntu and Centos have symlinks from /etc/sysctl.d/99-sysctl.conf -> ../sysctl.conf

Not sure if this is distro specific or comes from older version of systemd.

Safer impl would be to not check for systemd or even systemd version.
Instead check for existence of /etc/sysctl.d.
If it exists, use e.g. /etc/sysctl.d/99-sysctl.conf. (Or maybe better /etc/sysctl.d/99-sysctl-cdist.conf? not sure)
Otherwise use /etc/sysctl.conf.

I would implement this with a explorer that returns the file to be used.

*Created by: asteven* Ubuntu and Centos have symlinks from /etc/sysctl.d/99-sysctl.conf -> ../sysctl.conf Not sure if this is distro specific or comes from older version of systemd. Safer impl would be to not check for systemd or even systemd version. Instead check for existence of /etc/sysctl.d. If it exists, use e.g. /etc/sysctl.d/99-sysctl.conf. (Or maybe better /etc/sysctl.d/99-sysctl-cdist.conf? not sure) Otherwise use /etc/sysctl.conf. I would implement this with a explorer that returns the file to be used.

ungleich-gitea commented 1 year ago

Poster

Owner

Created by: darko-poljak

I think it should be detected if system is using systemd.
Perhaps also if systemd version supports /etc/sysctl.conf.

*Created by: darko-poljak* I think it should be detected if system is using systemd. Perhaps also if systemd version supports /etc/sysctl.conf.

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

1.0

1.1

1.2

1.3

1.4

1.5

1.6

1.7

2.0

2.1

2.2

2.3

3.0

3.1

4.0

4.0-pre-not-stable

4.1

4.10

4.11

4.2

4.3

4.4

4.5

4.6

4.7

4.8

4.9

5.0

5.1

6.0

6.1

6.2

6.3

6.4

6.5

6.6

6.7

6.8

6.9

7.0

AnotherKamila-patch-1

__download_improvements

__letsencrypt_cert-fix-hooks

__letsencrypt_cert-fixes

__snakeoil_cert

alpinefix

ander/__package_apt_update_index

ander/__rsync

ander/__sed

ander/os_version_debian_sid

ander/update_readme

archive_shell_function_approach

beta

bugfix/in-script-import

bugfix/make-code-consistent

bugfix/multiple-log-lines

bugfix/preos-debug

bugfix/sphinx-docs-build

build/support-pip-from-git

cherry-pick-2f433a14

cleanup/ssh-auth-keys-types

cleanup/string-formatting

consul_improvements

coturn

daemontools

daemontools-for-fbsd

evilham-compatibility-fixes

feature/info-command

feature/libexec

feature/onchange

feature/output_streams

feature/process

feature/python-types

feature/shell-lib

feature/support-type-deprecation

feature/trigger

feature/type-relationship-graph

feature_files_export

feature_install_and_preos

feature_yum_url

fix-j

freebsd-improvements

gitlab-ci

grafana_dashboard

haproxy-dualstack

key_value-onchange

letsencrypt-cron-fix

master

matrix

matterbridge

new-prometheus

new-type/network-interface

newtype-__letsencrypt_cert

no-dot-cdist

order-dep-fix

os_explorer_devuan_fix

preos-plugins-dir-opt

prometheus

prometheus-exporter-fixes

prometheus-fixes

prometheus-more-fixes

py3.10

random_dot_cdist

regain-py3.2-support

shellcheck

ssh_callback

steven-backport

type-prometheus-exporter-from-master

0.1

0.2

0.3

0.4

0.5

0.6

0.7

0.8

0.9

0.9.1

0.9.2

0.9.3

0.9.4

0.9.5

0.9.6

0.9.7

0.9.8

0.9.9

1.0.0

1.0.1

1.0.2

1.0.3

1.0.4

1.1.0

1.2.0

1.3.0

1.3.1

1.3.2

1.4.0

1.4.1

1.5.0

1.6.0

1.6.1

1.6.2

1.7.0

1.7.1

2.0.0

2.0.1

2.0.10

2.0.11

2.0.12

2.0.13

2.0.14

2.0.15

2.0.2

2.0.3

2.0.4

2.0.5

2.0.6

2.0.7

2.0.8

2.0.9

2.1.0

2.1.0pre1

2.1.0pre2

2.1.0pre3

2.1.0pre4

2.1.0pre5

2.1.0pre6

2.1.0pre7

2.1.0pre8

2.1.1

2.1.2

2.2.0

2.3.0

2.3.1

2.3.2

2.3.3

2.3.4

2.3.5

2.3.6

2.3.7

3.0.0

3.0.1

3.0.2

3.0.3

3.0.4

3.0.5

3.0.6

3.0.7

3.0.8

3.0.9

3.1.0

3.1.1

3.1.10

3.1.11

3.1.12

3.1.13

3.1.2

3.1.3

3.1.4

3.1.5

3.1.6

3.1.7

3.1.8

3.1.9

4.0.0

4.0.0pre1

4.0.0pre2

4.0.0pre3

4.1.0

4.10.0

4.10.1

4.10.10

4.10.11

4.10.2

4.10.3

4.10.4

4.10.5

4.10.6

4.10.7

4.10.8

4.10.9

4.11.0

4.11.1

4.2.0

4.2.1

4.2.2

4.3.0

4.3.1

4.3.2

4.4.0

4.4.1

4.4.2

4.4.3

4.4.4

4.5.0

4.6.0

4.6.1

4.7.0

4.7.1

4.7.2

4.7.3

4.8.0

4.8.1

4.8.2

4.8.3

4.8.4

4.9.0

4.9.1

5.0.0

5.0.1

5.0.2

5.1.0

5.1.1

5.1.2

5.1.3

6.0.0

6.0.1

6.0.2

6.0.3

6.0.4

6.1.0

6.1.1

6.2.0

6.3.0

6.4.0

6.5.0

6.5.1

6.5.2

6.5.3

6.5.4

6.5.5

6.5.6

6.6.0

6.7.0

6.8.0

6.9.0

6.9.1

6.9.2

6.9.3

6.9.4

6.9.5

6.9.6

6.9.7

6.9.8

7.0.0

tn1

Labels

Apply labels

Clear labels

bugfix cleanup discussion documentation doing done feature improvement packaging Stale testing TODO

No Label bugfix cleanup discussion documentation doing done feature improvement packaging Stale testing TODO

Milestone

Set milestone

Clear milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Assign users

Clear assignees

No Assignees

1 Participants

Notifications

Subscribe

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

This issue currently doesn't have any dependencies.

Write Preview

Loading…

Cancel

Save

There is no content yet.