Package: systemd
Version: 260.1-1
Severity: important
Tags: upstream
(the host this is being reported from is the same host used in testing .. which
is isolated)
Given a .conf file containing (literally):
net.ipv6.conf.all.forwarding=1 # not 2345
The two commands behave quite differently and produce very different results**.
I was able to simulate this behaviour using write(2) vs printf(3), I will
attach the
code samples.
** systcl(8) sets it to 1, systemd-sysctl(8) sets it to 5
Looking at the code of sysctl(8) , it APPEARS to use printf(3) but the file
pointer was not created with fopen(3) but rather fprocopen() [ uses openat(2) ]
so ultimately it uses write(2).
Other interesting examples to test are:
net.ipv6.conf.all.forwarding=12345
and
net.ipv6.conf.all.forwarding=0 # must be 0 as 1 is a security breach
Which produce surprising results, esp if you use sysctl(8) to test your setting
prior to "go live"
(esp. as the effect of setting net.ipv6.conf.all.forwarding to 6 seems to be
the same as 0)
# cat /etc/sysctl.d/60-bogus.conf
net.ipv6.conf.all.forwarding=1 # not 2345
# sysctl -w net.ipv6.conf.all.forwarding=0
net.ipv6.conf.all.forwarding = 0
# sysctl net.ipv6.conf.all.forwarding
net.ipv6.conf.all.forwarding = 0
# strace /usr/sbin/sysctl --system
...
readlink("/proc/sys/net/ipv6/conf/all/forwarding", 0x7ffd0d33b0b0, 1023) = -1
EINVAL (Invalid argument)
openat(AT_FDCWD, "/proc/sys/net/ipv6/conf/all/forwarding", O_WRONLY|O_TRUNC) = 3
write(3, "1 # not 2345\n", 14) = 1
close(3) = 0
write(1, "net.ipv6.conf.all.forwarding = 1"..., 45net.ipv6.conf.all.forwarding
= 1 # not 2345
) = 45
close(1) = 0
close(2) = 0
exit_group(0) = ?
+++ exited with 0 +++
# sysctl net.ipv6.conf.all.forwarding
net.ipv6.conf.all.forwarding = 1
.....
# sysctl -w net.ipv6.conf.all.forwarding=0
net.ipv6.conf.all.forwarding = 0
# sysctl net.ipv6.conf.all.forwarding
net.ipv6.conf.all.forwarding = 0
# strace /usr/lib/systemd/systemd-sysctl
...
read(3, "4194304\n", 9) = 8
close(3) = 0
openat(AT_FDCWD, "/proc/sys/net/ipv6/conf/all/forwarding",
O_RDWR|O_NOCTTY|O_CLOEXEC) = 3
fcntl(3, F_GETFL) = 0x8002 (flags O_RDWR|O_LARGEFILE)
fstat(3, {st_mode=S_IFREG|0644, st_size=0, ...}) = 0
read(3, "0\n", 15) = 2
lseek(3, 0, SEEK_SET) = 0
write(3, "1 # not 2345\n", 14) = 1
write(3, " # not 2345\n", 13) = 1
write(3, " # not 2345\n", 12) = 1
write(3, "# not 2345\n", 11) = 1
write(3, " not 2345\n", 10) = 1
write(3, "not 2345\n", 9) = 1
write(3, "ot 2345\n", 8) = 1
write(3, "t 2345\n", 7) = 1
write(3, " 2345\n", 6) = 1
write(3, "2345\n", 5) = 1
write(3, "345\n", 4) = 1
write(3, "45\n", 3) = 1
write(3, "5\n", 2) = 1
write(3, "\n", 1) = 1
close(3) = 0
exit_group(0) = ?
# sysctl net.ipv6.conf.all.forwarding
net.ipv6.conf.all.forwarding = 5
# apt-file search /usr/lib/systemd/systemd-sysctl
systemd: /usr/lib/systemd/systemd-sysctl
# apt show systemd
WARNING: terminal is not fully functional
Press RETURN to continue
Package: systemd
Version: 257.9-1~deb13u1
Priority: important
$ cat /proc/version
Linux version 6.12.85+deb13-amd64 ([email protected])
(x86_64-linux-gnu-gcc-14 (Debian 14.2.0-19) 14.2.0, GNU ld (GNU Binutils for
Debian) 2.44) #1 SMP PREEMPT_DYNAMIC Debian 6.12.85-1 (2026-04-30)
$ cat /etc/debian_version
13.4
-- no debconf information
