Check kernel parameters linux

How to Change Kernel Runtime Parameters in a Persistent and Non-Persistent Way

In Part 13 of this LFCS (Linux Foundation Certified Sysadmin) series we explained how to use GRUB to modify the behavior of the system by passing options to the kernel for the ongoing boot process.

Similarly, you can use the command line in a running Linux system to alter certain runtime kernel parameters as a one-time modification, or permanently by editing a configuration file.

Thus, you are allowed to enable or disable kernel parameters on-the-fly without much difficulty when it is needed due to a required change in the way the system is expected to operate.

Introducing the /proc Filesystem

The latest specification of the Filesystem Hierarchy Standard indicates that /proc represents the default method for handling process and system information as well as other kernel and memory information. Particularly, /proc/sys is where you can find all the information about devices, drivers, and some kernel features.

The actual internal structure of /proc/sys depends heavily on the kernel being used, but you are likely to find the following directories inside. In turn, each of them will contain other subdirectories where the values for each parameter category are maintained:

1. dev : parameters for specific devices connected to the machine.
2. fs : filesystem configuration (quotas and inodes, for example).
3. kernel: kernel-specific configuration.
4. net : network configuration.
5. vm : use of the kernel’s virtual memory.

To modify the kernel runtime parameters we will use the sysctl command. The exact number of parameters that can be modified can be viewed with:

If you want to view the complete list of Kernel parameters, just do:

As the the output of the above command will consist of A LOT of lines, we can use a pipeline followed by less to inspect it more carefully:

Let’s take a look at the first few lines. Please note that the first characters in each line match the names of the directories inside /proc/sys :

For example, the highlighted line:

dev.cdrom.info = drive name: sr0

indicates that sr0 is an alias for the optical drive. In other words, that is how the kernel “sees” that drive and uses that name to refer to it.

In the following section we will explain how to change other “more important” kernel runtime parameters in Linux.

How to Change or Modify Linux Kernel Runtime Parameteres

Based on what we have explained so far, it is easy to see that the name of a parameter matches the directory structure inside /proc/sys where it can be found.

dev.cdrom.autoclose → /proc/sys/dev/cdrom/autoclose net.ipv4.ip_forward → /proc/sys/net/ipv4/ip_forward

Check Linux Kernel Parameters

That said, we can view the value of a particular Linux kernel parameter using either sysctl followed by the name of the parameter or reading the associated file:

# sysctl dev.cdrom.autoclose # cat /proc/sys/dev/cdrom/autoclose # sysctl net.ipv4.ip_forward # cat /proc/sys/net/ipv4/ip_forward

Set or Modify Linux Kernel Parameters

To set the value for a kernel parameter we can also use sysctl , but using the -w option and followed by the parameter’s name, the equal sign, and the desired value.

Another method consists of using echo to overwrite the file associated with the parameter. In other words, the following methods are equivalent to disable the packet forwarding functionality in our system (which, by the way, should be the default value when a box is not supposed to pass traffic between networks):

# echo 0 > /proc/sys/net/ipv4/ip_forward # sysctl -w net.ipv4.ip_forward=0

It is important to note that kernel parameters that are set using sysctl will only be enforced during the current session and will disappear when the system is rebooted.

To set these values permanently, edit /etc/sysctl.conf with the desired values. For example, to disable packet forwarding in /etc/sysctl.conf make sure this line appears in the file:

Then run following command to apply the changes to the running configuration.

Other examples of important kernel runtime parameters are:

fs.file-max specifies the maximum number of file handles the kernel can allocate for the system. Depending on the intended use of your system (web / database / file server, to name a few examples), you may want to change this value to meet the system’s needs.

Otherwise, you will receive a “Too many open files” error message at best, and may prevent the operating system to boot at the worst.

If due to an innocent mistake you find yourself in this last situation, boot in single user mode (as explained in Part 13 – Configure and Troubleshoot Linux Grub Boot Loader) and edit /etc/sysctl.conf as instructed earlier. To set the same restriction on a per-user basis, refer to Part 14 – Monitor and Set Linux Process Limit Usage of this series.

kernel.sysrq is used to enable the SysRq key in your keyboard (also known as the print screen key) so as to allow certain key combinations to invoke emergency actions when the system has become unresponsive.

The default value (16) indicates that the system will honor the Alt+SysRq+key combination and perform the actions listed in the sysrq.c documentation found in kernel.org (where key is one letter in the b-z range). For example, Alt+SysRq+b will reboot the system forcefully (use this as a last resort if your server is unresponsive).

Warning! Do not attempt to press this key combination on a virtual machine because it may force your host system to reboot!

When set to 1, net.ipv4.icmp_echo_ignore_all will ignore ping requests and drop them at the kernel level. This is shown in the below image – note how ping requests are lost after setting this kernel parameter:

A better and easier way to set individual runtime parameters is using .conf files inside /etc/sysctl.d , grouping them by categories.

For example, instead of setting net.ipv4.ip_forward=0 and net.ipv4.icmp_echo_ignore_all=1 in /etc/sysctl.conf, we can create a new file named net.conf inside /etc/sysctl.d:

# echo "net.ipv4.ip_forward=0" > /etc/sysctl.d/net.conf # echo "net.ipv4.icmp_echo_ignore_all=1" >> /etc/sysctl.d/net.conf

If you choose to use this approach, do not forget to remove those same lines from /etc/sysctl.conf .

Summary

In this article we have explained how to modify kernel runtime parameters, both persistent and non persistently, using sysctl, /etc/sysctl.conf, and files inside /etc/sysctl.d.

In the sysctl docs you can find more information on the meaning of more variables. Those files represent the most complete source of documentation about the parameters that can be set via sysctl.

Did you find this article useful? We surely hope you did. Don’t hesitate to let us know if you have any questions or suggestions to improve.

Источник

How to Modify Linux Kernel Variables Using sysctl Command

You can configure several parameters or tunables of Linux (the kernel) to control its behavior, either at boot or on demand while the system is running. sysctl is a widely-used command-line utility for modifying or configuring kernel parameters at runtime. You can find the kernel tunables listed under the /proc/sys/ directory.

It is powered by procfs (proc file system), a pseudo file system in Linux and other Unix-like operating systems that provides an interface to kernel data structures. It presents information about processes and additional system information.

The following are 10 useful sysctl commands examples that you can use when administering a running Linux system. Note that you need root privileges to run the sysctl command, otherwise, use the sudo command when invoking it.

sysctl Command Examples in Linux

In this guide, we will explain 10 sysctl practical command examples you can use on a Linux system.

1. List All Kernel Parameters in Linux

To list all currently available kernel parameters, run the sysctl command with the -a or —all flag as shown.

$ sudo sysctl -a OR $ sudo sysctl --all

The variables are displayed in this format:

3. List All Kernel Variable Names

To only print variable names without their values, use the -N option as shown.

3. Find Specific Kernel Variables in Linux

To find a specific variable, you can filter the output of sysctl via the grep command, for example, to filter out any variable associated with memory management, you can run the following command:

$ sudo sysctl -a | grep memory OR $ sudo sysctl --all | grep memory

4. List All Kernel Variables Including Deprecated

sysctl command also shows deprecated variables along with the list of all available variables using the —deprecated flag as shown.

$ sudo sysctl -a --deprecated OR $ sudo sysctl -a --deprecated | grep memory

5. List Specific Kernel Variable Value

To read a sysctl variable and its values, specify the variable name as an argument for the sysctl commands as follows. This example shows how to read the kernel.ostype variable.

$ sudo sysctl kernel.ostype kernel.ostype = Linux 

6. Write Kernel Variable Temporarily

To write variables temporarily, simply specify the variable in this format.

The following example shows how to increase the maximum size of the receive queue, which stores frames picked from the ring buffer of the NIC (Network Interface Card), once they are received from the network. The queue size can be modified using the net.core.netdev_max_backlog variable as shown.

$ sudo sysctl net.core.netdev_max_backlog $ sudo sysctl net.core.netdev_max_backlog=1200 $ sudo sysctl net.core.netdev_max_backlog

7. Write Kernel Variable Permanently

sysctl can also write variables permanently in a configuration file. To achieve this, use the -w option, and specify the configuration file the variable and its value will be appended to, in this case, it is /etc/sysctl.conf, the default sysctl configuration file:

$ sudo sysctl -w net.core.netdev_max_backlog=1200 >> /etc/sysctl.conf

To write files permanently in a custom, specify the location of the file as follows. Sometimes, you can fail to create a file in particular locations even when you invoke the sysctl command using the sudo command.

In such a case, switch to the root account (if you have the privileges) and run the command again as shown.

$ sudo sysctl -w net.core.netdev_max_backlog=1200 >> /etc/sysctl.d/10-test-settings.conf $ sudo su # sysctl -w net.core.netdev_max_backlog=1200 >> /etc/sysctl.d/10-test-settings.conf

Alternatively, you can create the new configuration file in /etc/sysctl.d/ directory as shown:

$ sudo vim /etc/sysctl.d/10-test-settings.conf

Then add the kernel parameters, in it one per line as shown.

net.core.netdev_max_backlog = 1200 user.max_net_namespaces = 63067 vm.overcommit_memory = 0

Then save the file and close it. To load settings from the custom file you have just created, use the -p or —load flag.

$ sudo sysctl -p /etc/sysctl.d/10-test-settings.conf OR $ sudo sysctl --load= /etc/sysctl.d/10-test-settings.conf

8. Reload sysctl.conf Variables in Linux

To reload settings from all system configuration files without rebooting, issue the following command.

The above command will read all system configuration files from these directories, in this order:

/run/sysctl.d/*.conf /etc/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf

9. Reload Settings from Custom Configuration Files

You can also reload variable settings from a custom sysctl configuration file as shown.

$ sudo sysctl -p/etc/sysctl.d/10-test-settings.conf OR $ sudo sysctl --load= /etc/sysctl.d/10-test-settings.conf

10. Reload Settings that Match Pattern

To only apply settings that match a certain pattern, use the -r or —pattern as follows. Note that the pattern uses extended regular expression syntax, here are some examples:

$ sudo sysctl --system --pattern '^net.ipv6' $ sudo sysctl --system -r memory

In this guide, we have explained 10 sysctl command examples you can use to manage a running Linux system. For more information, read the sysctl man page (man sysctl).

Источник