On Sat, Apr 28, 2012 at 8:16 PM, Dan McGee <[email protected]> wrote: > On Tue, Apr 24, 2012 at 3:58 AM, Tom Gundersen <[email protected]> wrote: >> On Apr 24, 2012 1:29 AM, "Eric Bélanger" <[email protected]> wrote: >>> >>> Hi, >>> >>> The procps project didn't had any new release for a while and the >>> current package use a dozen of patches to fix miscellenaous things. >>> I'm thinking about switching to procps-ng[1]. Procps-ng is a fork of >>> procps by Debian, Fedora and openSUSE. Gentoo is also using procps-ng >>> (although, like Debian, the package is still named procps). >>> >>> I also intend to replace the home made sysctl.conf that we currently >>> provide by the upstream version of that file. >>> >>> Any comments, objections? >> >> +1 > > Objection to the now-shipped /etc/sysctl.conf file, so I'm giving a -1 > signoff here. It moved my existing file to a .pacsave, and the > defaults are total shit, not to mention the file is a formatting > nightmare. Some lowlights: > > # see the evil packets in your log files > net/ipv4/conf/all/log_martians=1 > > # makes you vulnerable or not :-) > net/ipv4/conf/all/accept_redirects=0 > net/ipv4/conf/all/accept_source_route=0 > net/ipv4/icmp_echo_ignore_broadcasts =1 > > > # This limits PID values to 4 digits, which allows tools like ps > # to save screen space. > kernel/pid_max=10000
+1. Let's keep the existing default sysctl.conf from procps.
