__sysctl: /etc/sysctl.conf is not being read by systemd #116

Closed
opened 2021-11-20 13:24:10 +00:00 by ungleich-gitea · 11 comments

Created by: lubo

__sysctl writes the configuration to /etc/sysctl.conf, which is not being read by systemd anymore. According to ArchWiki:

From version 207 and 21x, systemd only applies settings from /etc/sysctl.d/*.conf and /usr/lib/sysctl.d/*.conf. If you had customized /etc/sysctl.conf, you need to rename it as /etc/sysctl.d/99-sysctl.conf. If you had e.g. /etc/sysctl.d/foo, you need to rename it to /etc/sysctl.d/foo.conf.

We should probably default to /etc/sysctl.d/99-sysctl.conf on systems where systemd is used.

*Created by: lubo* __sysctl writes the configuration to `/etc/sysctl.conf`, which is not being read by systemd anymore. According to ArchWiki: >From version 207 and 21x, systemd only applies settings from `/etc/sysctl.d/*.conf` and `/usr/lib/sysctl.d/*.conf`. If you had customized `/etc/sysctl.conf`, you need to rename it as `/etc/sysctl.d/99-sysctl.conf`. If you had e.g. `/etc/sysctl.d/foo`, you need to rename it to `/etc/sysctl.d/foo.conf`. We should probably default to `/etc/sysctl.d/99-sysctl.conf` on systems where systemd is used.
Author
Owner

Created by: asteven

@darko-poljak I think we should not create any symlinks. Also I can not imagine anybody switching init system without a re-install.

@lubo I think just detecting systemd and then making assumptions based on that is error prone. For example, I have used systemd enabled systems since several years and never had any problem with this type. Yet I do see that my archlinux does not have /etc/sysctl.conf. I can not tell since when. It also seems that distros may be doing things differently here, independent of systemd or not. Additionally: the 'has worked like this forever' solution was to use /etc/sysctl.conf. While I see the benefit of the *.d pattern, our default should be to use /etc/sysctl.conf.
Re just using /etc/sysctl.d/99-sysctl.conf is difficult. What do you do if it exists, but is a symlink? Nuke it? Overwrite it?

If the user was using /etc/sysctl.conf, either manually or via cdist, he will have to upgrade/merge/move his config himself anyway. Don't see how we could handle this without interfering with distro stuff.

Apart from all this: if we change this type, what happens with all my ~3000 boxes that already have config that was deployed by this type in /etc/sysctl.conf? On all of them I have this symlink: /etc/sysctl.d/99-sysctl.conf -> /etc/sysctl.conf. If we change the way this type works, I'd need it to work in a predictable way. In other words, the newly deployed configs have to override any old existing ones.

So for me the file we use inside of /etc/sysctl.d has to be the last one read.
e.g. 99-sysctl.cdist.conf will not work.

I would need something like:

[root@eu-admin-01 sysctl.d]# ls -al
total 16
drwxr-xr-x  2 root root   58 Jun 13 22:02 .
drwxr-xr-x 91 root root 8192 Jun  9 19:29 ..
lrwxrwxrwx  1 root root   14 Sep 14  2017 99-sysctl.conf -> ../sysctl.conf
-rw-r--r--  1 root root    6 Jun 13 21:55 99-z-sysctl-cdist.conf

I guess it's safe to assume that if someone is using cdist, he wants the cdist deployed config to be authoritative. Based on this I propose the following impl:

If /etc/sysctl.d exists, put config in /etc/sysctl.d/99-z-sysctl-cdist.conf. I know the file name is not exactly nice but for me it absolutely has to be read last.
Otherwise use /etc/sysctl.conf.

*Created by: asteven* @darko-poljak I think we should not create any symlinks. Also I can not imagine anybody switching init system without a re-install. @lubo I think just detecting systemd and then making assumptions based on that is error prone. For example, I have used systemd enabled systems since several years and never had any problem with this type. Yet I do see that my archlinux does not have /etc/sysctl.conf. I can not tell since when. It also seems that distros may be doing things differently here, independent of systemd or not. Additionally: the 'has worked like this forever' solution was to use /etc/sysctl.conf. While I see the benefit of the *.d pattern, our default should be to use /etc/sysctl.conf. Re just using /etc/sysctl.d/99-sysctl.conf is difficult. What do you do if it exists, but is a symlink? Nuke it? Overwrite it? If the user was using /etc/sysctl.conf, either manually or via cdist, he will have to upgrade/merge/move his config himself anyway. Don't see how we could handle this without interfering with distro stuff. Apart from all this: if we change this type, what happens with all my ~3000 boxes that already have config that was deployed by this type in /etc/sysctl.conf? On all of them I have this symlink: ```/etc/sysctl.d/99-sysctl.conf -> /etc/sysctl.conf```. If we change the way this type works, I'd need it to work in a predictable way. In other words, the newly deployed configs have to override any old existing ones. So for me the file we use inside of /etc/sysctl.d has to be the last one read. e.g. 99-sysctl.cdist.conf will not work. I would need something like: ``` [root@eu-admin-01 sysctl.d]# ls -al total 16 drwxr-xr-x 2 root root 58 Jun 13 22:02 . drwxr-xr-x 91 root root 8192 Jun 9 19:29 .. lrwxrwxrwx 1 root root 14 Sep 14 2017 99-sysctl.conf -> ../sysctl.conf -rw-r--r-- 1 root root 6 Jun 13 21:55 99-z-sysctl-cdist.conf ``` I guess it's safe to assume that if someone is using cdist, he wants the cdist deployed config to be authoritative. Based on this I propose the following impl: If /etc/sysctl.d exists, put config in /etc/sysctl.d/99-z-sysctl-cdist.conf. I know the file name is not exactly nice but for me it absolutely has to be read last. Otherwise use /etc/sysctl.conf.
Author
Owner

Created by: darko-poljak

@asteven One more way. Always use /etc/sysctl.conf. In code-remote check if /etc/sysctl.d exists. If it does then check if symlink to /etc/sysctl.conf exists under it. If not then create symlink 99-sysctl.cdist.conf to /etc/sysctl.conf. What do you think? This way one can even switch init systems, one that uses sysctl.d conf and one that uses traditional etc location.

*Created by: darko-poljak* @asteven One more way. Always use /etc/sysctl.conf. In code-remote check if /etc/sysctl.d exists. If it does then check if symlink to /etc/sysctl.conf exists under it. If not then create symlink 99-sysctl.cdist.conf to /etc/sysctl.conf. What do you think? This way one can even switch init systems, one that uses sysctl.d conf and one that uses traditional etc location.
Author
Owner

Created by: darko-poljak

@asteven @lubo It seems that it would be safest and easiest to implement it as you have suggested above. Detect if /etc/sysctl.d dir exists. If it does then use 99-sysctl.cdist.conf under it. If not then use /etc/sysctl.conf. Not dependent on init system nor unix/linux flavor.

*Created by: darko-poljak* @asteven @lubo It seems that it would be safest and easiest to implement it as you have suggested above. Detect if /etc/sysctl.d dir exists. If it does then use 99-sysctl.cdist.conf under it. If not then use /etc/sysctl.conf. Not dependent on init system nor unix/linux flavor.
Author
Owner

Created by: lubo

I agree that playing with the symlink is not a good idea, but what's wrong with detecting systemd? We can use the existing init explorer and we don't even have to bother with systemd versions. If we use only /etc/sysctl.d/99-sysctl.conf with systemd, then the configuration will remain working even when the user upgrades systemd.

*Created by: lubo* I agree that playing with the symlink is not a good idea, but what's wrong with detecting systemd? We can use the existing `init` explorer and we don't even have to bother with systemd versions. If we use only `/etc/sysctl.d/99-sysctl.conf` with systemd, then the configuration will remain working even when the user upgrades systemd.
Author
Owner

Created by: asteven

We can not safely muck with the symlink /etc/sysctl.d/99-sysctl.conf -> /etc/sysctl.conf as that's owned by some rpm or deb or whatever.

I will not accept a impl that depends on detecting systemd or systemd version. This will be a PITA to get right.

*Created by: asteven* We can not safely muck with the symlink ```/etc/sysctl.d/99-sysctl.conf -> /etc/sysctl.conf``` as that's owned by some rpm or deb or whatever. I will not accept a impl that depends on detecting systemd or systemd version. This will be a PITA to get right.
Author
Owner

Created by: lubo

Perhaps, do what everybody else does: create symlink /etc/sysctl.d/99-sysctl.conf -> /etc/sysctl.conf. Or, consider again using /etc/sysctl.d/99-sysctl.conf when systemd is detected. I like the latter best.

*Created by: lubo* Perhaps, do what everybody else does: create symlink `/etc/sysctl.d/99-sysctl.conf` -> `/etc/sysctl.conf`. Or, consider again using `/etc/sysctl.d/99-sysctl.conf` when systemd is detected. I like the latter best.
Author
Owner

Created by: darko-poljak

@lubo If /etc/sysctl.d/99-sysct.conf is used then what with no-systemd systems?

*Created by: darko-poljak* @lubo If /etc/sysctl.d/99-sysct.conf is used then what with no-systemd systems?
Author
Owner

Created by: lubo

@asteven Seems like it's a distro-specific thing. By default, there's no /etc/sysctl.conf on Arch Linux and CoreOS. I don't agree with the implementation, though. If /etc/sysctl.d does not exist (for whatever reason) and /etc/sysctl.conf is used, then it wouldn't improve anything on systemd. How about using /etc/sysctl.d/99-sysctl.conf by default?

@darko-poljak I probably won't be able to do this in the near future.

*Created by: lubo* @asteven Seems like it's a distro-specific thing. By default, there's no `/etc/sysctl.conf` on Arch Linux and CoreOS. I don't agree with the implementation, though. If `/etc/sysctl.d` does not exist (for whatever reason) and `/etc/sysctl.conf` is used, then it wouldn't improve anything on systemd. How about using `/etc/sysctl.d/99-sysctl.conf` by default? @darko-poljak I probably won't be able to do this in the near future.
Author
Owner

Created by: darko-poljak

@lubo Do you have time or wish to re-implement it?

*Created by: darko-poljak* @lubo Do you have time or wish to re-implement it?
Author
Owner

Created by: asteven

Ubuntu and Centos have symlinks from /etc/sysctl.d/99-sysctl.conf -> ../sysctl.conf

Not sure if this is distro specific or comes from older version of systemd.

Safer impl would be to not check for systemd or even systemd version.
Instead check for existence of /etc/sysctl.d.
If it exists, use e.g. /etc/sysctl.d/99-sysctl.conf. (Or maybe better /etc/sysctl.d/99-sysctl-cdist.conf? not sure)
Otherwise use /etc/sysctl.conf.

I would implement this with a explorer that returns the file to be used.

*Created by: asteven* Ubuntu and Centos have symlinks from /etc/sysctl.d/99-sysctl.conf -> ../sysctl.conf Not sure if this is distro specific or comes from older version of systemd. Safer impl would be to not check for systemd or even systemd version. Instead check for existence of /etc/sysctl.d. If it exists, use e.g. /etc/sysctl.d/99-sysctl.conf. (Or maybe better /etc/sysctl.d/99-sysctl-cdist.conf? not sure) Otherwise use /etc/sysctl.conf. I would implement this with a explorer that returns the file to be used.
Author
Owner

Created by: darko-poljak

I think it should be detected if system is using systemd.
Perhaps also if systemd version supports /etc/sysctl.conf.

*Created by: darko-poljak* I think it should be detected if system is using systemd. Perhaps also if systemd version supports /etc/sysctl.conf.
Sign in to join this conversation.
No milestone
No project
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: ungleich-public/cdist#116
No description provided.