- How to Change Kernel Runtime Parameters in a Persistent and Non-Persistent Way
- Introducing the /proc Filesystem
- How to Change or Modify Linux Kernel Runtime Parameteres
- Check Linux Kernel Parameters
- Set or Modify Linux Kernel Parameters
- Summary
- Kernel parameters
- Configuration
- Syslinux
- systemd-boot
- GRUB
- GRUB Legacy
- LILO
- rEFInd
- EFISTUB
- dracut
- Hijacking cmdline
- Parameter list
- See also
How to Change Kernel Runtime Parameters in a Persistent and Non-Persistent Way
In Part 13 of this LFCS (Linux Foundation Certified Sysadmin) series we explained how to use GRUB to modify the behavior of the system by passing options to the kernel for the ongoing boot process.
Similarly, you can use the command line in a running Linux system to alter certain runtime kernel parameters as a one-time modification, or permanently by editing a configuration file.
Thus, you are allowed to enable or disable kernel parameters on-the-fly without much difficulty when it is needed due to a required change in the way the system is expected to operate.
Introducing the /proc Filesystem
The latest specification of the Filesystem Hierarchy Standard indicates that /proc represents the default method for handling process and system information as well as other kernel and memory information. Particularly, /proc/sys is where you can find all the information about devices, drivers, and some kernel features.
The actual internal structure of /proc/sys depends heavily on the kernel being used, but you are likely to find the following directories inside. In turn, each of them will contain other subdirectories where the values for each parameter category are maintained:
- dev : parameters for specific devices connected to the machine.
- fs : filesystem configuration (quotas and inodes, for example).
- kernel: kernel-specific configuration.
- net : network configuration.
- vm : use of the kernel’s virtual memory.
To modify the kernel runtime parameters we will use the sysctl command. The exact number of parameters that can be modified can be viewed with:
If you want to view the complete list of Kernel parameters, just do:
As the the output of the above command will consist of A LOT of lines, we can use a pipeline followed by less to inspect it more carefully:
Let’s take a look at the first few lines. Please note that the first characters in each line match the names of the directories inside /proc/sys :
For example, the highlighted line:
dev.cdrom.info = drive name: sr0
indicates that sr0 is an alias for the optical drive. In other words, that is how the kernel “sees” that drive and uses that name to refer to it.
In the following section we will explain how to change other “more important” kernel runtime parameters in Linux.
How to Change or Modify Linux Kernel Runtime Parameteres
Based on what we have explained so far, it is easy to see that the name of a parameter matches the directory structure inside /proc/sys where it can be found.
dev.cdrom.autoclose → /proc/sys/dev/cdrom/autoclose net.ipv4.ip_forward → /proc/sys/net/ipv4/ip_forward
Check Linux Kernel Parameters
That said, we can view the value of a particular Linux kernel parameter using either sysctl followed by the name of the parameter or reading the associated file:
# sysctl dev.cdrom.autoclose # cat /proc/sys/dev/cdrom/autoclose # sysctl net.ipv4.ip_forward # cat /proc/sys/net/ipv4/ip_forward
Set or Modify Linux Kernel Parameters
To set the value for a kernel parameter we can also use sysctl , but using the -w option and followed by the parameter’s name, the equal sign, and the desired value.
Another method consists of using echo to overwrite the file associated with the parameter. In other words, the following methods are equivalent to disable the packet forwarding functionality in our system (which, by the way, should be the default value when a box is not supposed to pass traffic between networks):
# echo 0 > /proc/sys/net/ipv4/ip_forward # sysctl -w net.ipv4.ip_forward=0
It is important to note that kernel parameters that are set using sysctl will only be enforced during the current session and will disappear when the system is rebooted.
To set these values permanently, edit /etc/sysctl.conf with the desired values. For example, to disable packet forwarding in /etc/sysctl.conf make sure this line appears in the file:
Then run following command to apply the changes to the running configuration.
Other examples of important kernel runtime parameters are:
fs.file-max specifies the maximum number of file handles the kernel can allocate for the system. Depending on the intended use of your system (web / database / file server, to name a few examples), you may want to change this value to meet the system’s needs.
Otherwise, you will receive a “Too many open files” error message at best, and may prevent the operating system to boot at the worst.
If due to an innocent mistake you find yourself in this last situation, boot in single user mode (as explained in Part 13 – Configure and Troubleshoot Linux Grub Boot Loader) and edit /etc/sysctl.conf as instructed earlier. To set the same restriction on a per-user basis, refer to Part 14 – Monitor and Set Linux Process Limit Usage of this series.
kernel.sysrq is used to enable the SysRq key in your keyboard (also known as the print screen key) so as to allow certain key combinations to invoke emergency actions when the system has become unresponsive.
The default value (16) indicates that the system will honor the Alt+SysRq+key combination and perform the actions listed in the sysrq.c documentation found in kernel.org (where key is one letter in the b-z range). For example, Alt+SysRq+b will reboot the system forcefully (use this as a last resort if your server is unresponsive).
Warning! Do not attempt to press this key combination on a virtual machine because it may force your host system to reboot!
When set to 1, net.ipv4.icmp_echo_ignore_all will ignore ping requests and drop them at the kernel level. This is shown in the below image – note how ping requests are lost after setting this kernel parameter:
A better and easier way to set individual runtime parameters is using .conf files inside /etc/sysctl.d , grouping them by categories.
For example, instead of setting net.ipv4.ip_forward=0 and net.ipv4.icmp_echo_ignore_all=1 in /etc/sysctl.conf, we can create a new file named net.conf inside /etc/sysctl.d:
# echo "net.ipv4.ip_forward=0" > /etc/sysctl.d/net.conf # echo "net.ipv4.icmp_echo_ignore_all=1" >> /etc/sysctl.d/net.conf
If you choose to use this approach, do not forget to remove those same lines from /etc/sysctl.conf .
Summary
In this article we have explained how to modify kernel runtime parameters, both persistent and non persistently, using sysctl, /etc/sysctl.conf, and files inside /etc/sysctl.d.
In the sysctl docs you can find more information on the meaning of more variables. Those files represent the most complete source of documentation about the parameters that can be set via sysctl.
Did you find this article useful? We surely hope you did. Don’t hesitate to let us know if you have any questions or suggestions to improve.
Kernel parameters
There are three ways to pass options to the kernel and thus control its behaviour:
- When building the kernel—in the kernel’s config file. See Kernel#Compilation for details.
- When starting the kernel—using command line parameters (usually through a boot loader).
- At runtime—through the files in /proc/sys/ (see sysctl) and /sys/ .
Note: The options of loadable modules can be set via .conf files in /etc/modprobe.d/ . See Kernel module#Using files in /etc/modprobe.d/.
Between the three methods, the configurable options differ in availability, their name and the method in which they are specified. This page only explains the second method (kernel command line parameters) and shows a list of the most used kernel parameters in Arch Linux.
Most parameters are associated with subsystems and work only if the kernel is configured with those subsystems built in. They also depend on the presence of the hardware they are associated with.
Kernel command line parameters either have the format parameter or parameter=value .
Configuration
- You can check the parameters your system was booted up with by running cat /proc/cmdline and see if it includes your changes.
- The Arch Linux installation medium uses Syslinux for BIOS systems, and GRUB for UEFI systems.
Kernel parameters can be set either temporarily by editing the boot entry in the boot loader’s boot selection menu, or permanently by modifying the boot loader’s configuration file.
The following examples add the quiet and splash parameters to Syslinux, systemd-boot, GRUB, GRUB Legacy, LILO, and rEFInd.
Syslinux
linux /boot/vmlinuz-linux root=UUID=0a3407de-014b-458b-b5c1-848e92a327a3 rw initrd=/boot/initramfs-linux.img quiet splash
- To make the change persistent after reboot, edit /boot/syslinux/syslinux.cfg and add them to the APPEND line:
APPEND root=UUID=0a3407de-014b-458b-b5c1-848e92a327a3 rw quiet splash
For more information on configuring Syslinux, see the Syslinux article.
systemd-boot
initrd=\initramfs-linux.img root=UUID=0a3407de-014b-458b-b5c1-848e92a327a3 rw quiet splash
- If you have not set a value for menu timeout, you will need to hold Space while booting for the systemd-boot menu to appear.
- If you cannot edit the parameters from the boot menu, you may need to edit /boot/loader/loader.conf and add editor 1 to enable editing.
- To make the change persistent after reboot, edit /boot/loader/entries/arch.conf (assuming you set up your EFI system partition) and add them to the options line:
options root=UUID=0a3407de-014b-458b-b5c1-848e92a327a3 rw quiet splash
For more information on configuring systemd-boot, see the systemd-boot article.
GRUB
linux /boot/vmlinuz-linux root=UUID=0a3407de-014b-458b-b5c1-848e92a327a3 rw quiet splash
- To make the change persistent after reboot, you could manually edit /boot/grub/grub.cfg with the exact line from above, or if using grub-mkconfig:
GRUB_CMDLINE_LINUX_DEFAULT
# grub-mkconfig -o /boot/grub/grub.cfg
For more information on configuring GRUB, see the GRUB article.
GRUB Legacy
kernel /boot/vmlinuz-linux root=UUID=0a3407de-014b-458b-b5c1-848e92a327a3 rw quiet splash
- To make the change persistent after reboot, edit /boot/grub/menu.lst and add them to the kernel line, exactly like above.
For more information on configuring GRUB Legacy, see the GRUB Legacy article.
LILO
image=/boot/vmlinuz-linux . quiet splash
For more information on configuring LILO, see the LILO article.
rEFInd
- Press + , F2 , or Insert on the desired menu entry and press it again on the submenu entry. Add kernel parameters at the end of the string:
root=UUID=0a3407de-014b-458b-b5c1-848e92a327a3 rw initrd=\boot\initramfs-linux.img quiet splash
- To make the change persistent after reboot, edit /boot/refind_linux.conf and append them between the quotes in all required lines, for example
"Boot using default options" "root=UUID=0a3407de-014b-458b-b5c1-848e92a327a3 rw quiet splash"
- If you have disabled auto-detection of OSes in rEFInd and are defining OS stanzas instead in esp/EFI/refind/refind.conf to load your OSes, you can edit it like:
For more information on configuring rEFInd, see the rEFInd article.
EFISTUB
dracut
dracut is capable of embedding the kernel parameters in the initramfs, thus allowing to omit them from the boot loader configuration. See dracut#Kernel command line options.
Hijacking cmdline
Even without access to your bootloader it is possible to change your kernel parameters to enable debugging (if you have root access). This can be accomplished by overwriting /proc/cmdline which stores the kernel parameters. However /proc/cmdline is not writable even as root, so this hack is accomplished by using a bind mount to mask the path.
First create a file containing the desired kernel parameters
root=UUID=0a3407de-014b-458b-b5c1-848e92a327a3 ro console=tty1 logo.nologo debug
Then use a bind mount to overwrite the parameters
# mount -n --bind -o ro /root/cmdline /proc/cmdline
The -n option skips adding the mount to /etc/mtab , so it will work even if root is mounted read-only. You can cat /proc/cmdline to confirm that your change was successful.
Parameter list
This list is not comprehensive. For a complete list of all options, please see the kernel documentation.
- The kernel uses rw if neither ro or rw are explicitly set on kernel command line (see bootparam(7) § General non-device-specific boot arguments ). However, mkinitcpio uses ro as the default value overriding the kernel’s default (see mkinitcpio(8) § EARLY INIT ENVIRONMENT ). Boot loaders may also have their own configured default, for example, grub-mkconfig uses rw (see FS#36275 as a reference).
Note: rw is required when using mkinitcpio’s fsck hook (see [1]) or when using F2FS as the root file system.