[arch-dev-public] [RFC] default sysctl settings
teg at jklm.no
Mon Apr 1 15:19:43 EDT 2013
As you may have noticed systemd ships a default sysctl config file as
of v199 (/usr/lib/sysctl.d/50-default.conf). Rather than also ship an
Arch-specific one (/etc/sysctl.conf), should we try to unify the two?
I had a look a the differences:
We set it to 'off', systemd enables the sync command (which should be safe).
We disable this, which is already the default in the kernel.
We enable this. Are we sure this is the right thing to do by default?
There appears to be lots of warnings about it.
We disable this. It appears to be disabled by default, or am I reading it wrong?
In addition to these, systemd sets the following:
kernel.core_uses_pid = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
fs.protected_hardlinks = 1
fs.protected_symlinks = 1
Are we happy with that?
More information about the arch-dev-public