Am 02.04.2013 01:43, schrieb Reindl Harald: > > > Am 02.04.2013 01:28, schrieb Tom Gundersen: >> On Tue, Apr 2, 2013 at 1:14 AM, Reindl Harald <[email protected]> wrote: >>> can we please get rid of this messages in the syslog? >>> if the values are in sysctl.conf there is a reason and >>> no need to flood the logs with warnings >>> >>> Apr 2 01:08:46 rawhide systemd-sysctl[136]: Duplicate assignment of >>> kernel/sysrq in file >>> '/usr/lib/sysctl.d/50-default.conf', ignoring >> >> I don't think silently ignoring entries is a good idea, if people want >> to override the default settings they should follow the manpage and do >> that in /etc/sysctl.d/50-default.conf. >> >> That said, the fact that we are currently parsing /etc/sysctl.conf is >> not documented. Should we either stop doing that, or at least update >> the manpage? FWIW, I'd be in favor of the former > > please do not re-invent all the wheels > > /etc/sysctl.conf was long before systemd > it works fine > it works perfectly and is widely in use > > do not fix things which ain't broken
said that there is no reason to spilt the config below which exists in modified form on more than 20 machines in it's pieces only because someone thinks it is better simply let "sysctl.conf" ovverride anything of you config pieces, to not spit warnings about it and EVERYBODY is happy cat /etc/sysctl.conf # Kernel sysctl configuration file for Red Hat Linux # run "sysctl -p" after changes ################## SysRq Debugging ################## kernel.sysrq = 20 ################## Core-Dumps ################## kernel.core_uses_pid = 1 fs.suid_dumpable = 0 ################## TCP-Tuning ################## net.ipv4.tcp_no_metrics_save = 1 net.ipv4.tcp_moderate_rcvbuf = 1 net.ipv4.tcp_fastopen = 1 net.ipv4.tcp_sack = 0 net.ipv4.tcp_dsack = 0 net.core.netdev_max_backlog = 3000 net.core.somaxconn = 1500 net.ipv4.ip_local_port_range = 10600 65535 net.core.rmem_max = 16777216 net.core.wmem_max = 16777216 net.ipv4.tcp_rmem = 4096 87380 16777216 net.ipv4.tcp_wmem = 4096 65536 16777216 net.ipv4.tcp_slow_start_after_idle = 0 net.netfilter.nf_conntrack_max = 65535 net.ipv4.tcp_tw_reuse = 0 net.ipv4.tcp_tw_recycle = 0 ################## Secure TCP ################## net.ipv4.ip_forward = 0 net.ipv4.conf.default.rp_filter = 1 net.ipv4.conf.default.accept_source_route = 0 net.ipv4.conf.default.accept_redirects = 0 net.ipv4.conf.default.send_redirects = 0 net.ipv4.conf.default.forwarding = 0 net.ipv4.conf.default.proxy_arp = 0 net.ipv4.conf.default.bootp_relay = 0 net.ipv4.conf.all.rp_filter = 1 net.ipv4.conf.all.accept_source_route = 0 net.ipv4.conf.all.accept_redirects = 0 net.ipv4.conf.all.send_redirects = 0 net.ipv4.conf.all.forwarding = 0 net.ipv4.conf.all.proxy_arp = 0 net.ipv4.conf.all.bootp_relay = 0 net.ipv4.tcp_timestamps = 0 net.ipv4.tcp_window_scaling = 0 net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_fin_timeout = 5 net.ipv4.tcp_retries1 = 5 net.ipv4.tcp_syn_retries = 5 net.ipv4.tcp_synack_retries = 5 net.ipv4.tcp_max_syn_backlog = 4096 net.ipv4.tcp_abort_on_overflow = 1 net.ipv4.icmp_echo_ignore_broadcasts = 1 net.ipv4.icmp_ignore_bogus_error_responses = 1 net.ipv4.tcp_keepalive_time = 90 net.ipv4.tcp_keepalive_intvl = 5 net.ipv4.tcp_keepalive_probes = 2 net.ipv4.ip_default_ttl = 50 net.ipv4.ip_dynaddr = 0 net.ipv4.igmp_max_memberships = 10 net.ipv4.tcp_rfc1337 = 1 net.netfilter.nf_conntrack_max = 131070 net.netfilter.nf_conntrack_tcp_timeout_close = 2 net.netfilter.nf_conntrack_tcp_timeout_close_wait = 10 net.netfilter.nf_conntrack_tcp_timeout_fin_wait = 30 net.netfilter.nf_conntrack_tcp_timeout_last_ack = 30 net.netfilter.nf_conntrack_tcp_timeout_syn_recv = 30 net.netfilter.nf_conntrack_tcp_timeout_syn_sent = 30 net.netfilter.nf_conntrack_tcp_timeout_time_wait = 30 ##### do not follow links in directories with sticky bit ##### fs.protected_symlinks = 1 fs.protected_hardlinks = 1 ##### vmware ##### vm.swappiness = 0 vm.overcommit_memory = 1 vm.overcommit_ratio = 60 vm.vfs_cache_pressure = 75 vm.dirty_background_ratio = 3 vm.dirty_ratio = 12 vm.dirty_expire_centisecs = 1500 vm.dirty_writeback_centisecs = 1500 vm.zone_reclaim_mode = 1 ##### increase raid-resync-limits ##### dev.raid.speed_limit_min = 50000 dev.raid.speed_limit_max = 500000 ##### openvpn/iptables-routing ##### net.ipv4.ip_forward = 1 net.ipv4.conf.all.forwarding = 1 ##### ARP-Filter ##### net.ipv4.conf.all.arp_filter = 1 net.ipv4.conf.eth0.arp_filter = 1 net.ipv4.conf.eth1.arp_filter = 1 net.ipv4.conf.eth0.arp_announce = 1 net.ipv4.conf.eth1.arp_announce = 1 net.ipv4.conf.eth0.arp_ignore = 1 net.ipv4.conf.eth1.arp_ignore = 1
signature.asc
Description: OpenPGP digital signature
_______________________________________________ systemd-devel mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/systemd-devel
