After reboot debian box ignore sysctl.conf values

Question

Where is right place for sysctl redefined values?

I have:

> uname -a
Linux note 3.1.0-1-amd64 #1 SMP Tue Jan 10 05:01:58 UTC 2012 x86_64 GNU/Linux

> cat /etc/debian_version 
wheezy/sid


> tail -n 2 /etc/sysctl.conf   
#
net.ipv6.bindv6only=0

But after each reboot net.ipv6.bindv6only still 1

score 16 · Answer 1 · edited Mar 31 '13 at 14:10

https://bugs.launchpad.net/ubuntu/+source/procps/+bug/50093

/etc/init.d/procps.sh comes too early in the boot process to apply a lot of sysctl's. As it runs before networking modules are loaded and filesystems are mounted, there are quite a lot of commonly-used sysctl's which are simply ignored on boot and produce errors to the console.

All documentation on the net referring to changing certain settings in /etc/sysctl.conf such as net.ipv4.netfilter.ip_conntrack_max is wrong for Ubuntu & Debian.

Finally, "It seems to me it is a Debian Squeeze bug, see here for an example and workaround: http://wiki.debian.org/BridgeNetworkConnections

In the latter case, the procps init script should take care of loading them during boot. However, on Squeeze it does not, and you need to restart it from /etc/rc.local (or similar):
# /etc/rc.local

# Load kernel variables from /etc/sysctl.d
/etc/init.d/procps restart

exit 0

score 8 · Accepted Answer · answered Jan 31 '12 at 19:29

8

Check if there is a file in /etc/sysctl.d with your parameter. These files override the /etc/sysctl.conf file...

answered Jan 31 '12 at 19:29

Dom

6,743
1
20
24

yep. i found /etc/sysctl.d/bindv6only.conf thanks – Korjavin Ivan Feb 01 '12 at 11:18
/etc/sysctl.d/README states the precedence order and specifically "use /etc/sysctl.conf directly, which overrides anything in this directory." Is the README wrong? – lkanab Jan 03 '17 at 07:59
If you have a recent Debian, it load the /etc/sysctl.conf at the last one (see 99-sysctl.conf file). This topic is for old Debian (before 2014). In the new versions, the files must have a number to know the order to use. – Dom Jan 03 '17 at 08:35
@Dom i am using ubuntu 16.04 LTS . Still it not taking /etc/sysctl.conf neighter 99-sysctl.conf as precedence file. anything still missing? – jit Dec 27 '17 at 13:26
Check the syntax of the files. They should be used. In 16.04, the files must have a XX- and .conf at the end. Try to restart procps service and look at logs, it can be an error – Dom Dec 27 '17 at 22:27
Note that in RHEL, "sysctl --system" and "systemd-sysctl.service" apply the directories in different orders. Perhaps systemd inherited init.d's ordering. I do think that "sysctl --system" applies things in the wrong order, /etc/sysctl.d/* (at least) should come after /etc/sysctl.conf, and the "defaults" (/lib/sysctl.d) should be much earlier in the sequence. This forces us to be aware of the numbering of all of the files (version-dependent?), or to edit sysctl.conf, which is far more error-prone than dropping a new file in whatever sysctl.d is processed at the right time. – stolenmoment Sep 22 '20 at 13:40
@stolenmoment I think it's a similar **braindead** situation in Debian 11 - `/etc/sysctl.d/99-local.conf` is overwritten by e.g. `/lib/sysctl.d/protect-links.conf`, so it's needed to use `/etc/sysctl.d/zz-local.conf` instead. – Edheldil Apr 01 '22 at 12:02

score 7 · Answer 3 · answered Aug 16 '12 at 02:50

7

If you use ufw (uncomplicated firewall) you really need to change the values in /etc/ufw/sysctl.conf as the configuration here overrides /etc/sysctl.conf one.

answered Aug 16 '12 at 02:50

aldeby

79
1
1

Thank you. But no, i did not use ufw. Problem was solved, data was redefined in /etc/sysctl.d – Korjavin Ivan Aug 17 '12 at 03:34
1

Damn I was pulling my hair on this for hours. I thought it was issue 50093, but this was it. Thank you, thank you, thank you! – Sentient Oct 09 '19 at 23:24
8 years later this is still relevant. Confirmed to be the case on Ubuntu server 20.04 running UFW – disappointed in SO leadership Nov 08 '20 at 04:24

score 0 · Answer 4 · answered Jan 31 '12 at 18:54

0

This is set by the procps init script. make sure this init script is enabled with update-rc.d procps enable. If it is enabled you should expect a link from a file in /etc/rcS.d to /etc/init.d/procps. If this init script is working correctly manually running /etc/init.d/procps restart should make the setting.

answered Jan 31 '12 at 18:54

stew

9,388
1
30
43

You mean Debian doesn't read sysctl.conf by default? _wow_. – James O'Gorman Jan 31 '12 at 18:59
it reads sysctl by default. the /etc/init.d/procps mecahnism is the default mechanism. If my answer works, it is because this init script was disabled for some reason, which might be a bug. A bug causing this would not be surprising since he is running either the testing or unstable release of debian (or some combination thereof) – stew Jan 31 '12 at 19:06
> sysctl net.ipv6.bindv6only net.ipv6.bindv6only = 1 doesnt works – Korjavin Ivan Feb 01 '12 at 11:17

After reboot debian box ignore sysctl.conf values

4 Answers4