[arch-projects] [INITSCRIPTS][PATCH] Load sysctl config files from sysctl.d
Dave Reisner
d at falconindy.com
Wed Aug 31 06:19:00 EDT 2011
On Wed, Aug 31, 2011 at 11:39:16AM +0200, Sebastien Luttringer wrote:
> This patch implement loading of sysctl config files as described in
> http://0pointer.de/public/systemd-man/sysctl.d.html
>
> This is a very conveniant way of configuring sysctl option for sysadmin
> which can drop sysctl config files inside this directory to enable some
> feature.
>
> Dropping a file like disableipv6.conf inside this directory will disable ipv6
> $ cat disableipv6.conf
> net.ipv6.conf.all.disable_ipv6 = 1
>
> There is atm no package which use this functionnality
>
> NOTE: /etc/sysctl.d/ and /usr/lib/sysctl.d/ should be added in procps
procps wants no part of this. It only cares about /etc/sysctl.conf. Add
these directories to the Makefile here, please.
> NOTE: maybe this feature should be added as a daemon for procps package
> allowing user to reload configs files by calling rc.d reload procps
What's the "off" version of this setting:
vm.swappiness=0
I have no idea how you intend to "turn off" sysctl setting as part of a
"restart", nor can I figure out why this might be needed.
> ---
> rc.multi | 22 +++++++++++++++++++++-
> tmpfiles.conf | 1 +
> 2 files changed, 22 insertions(+), 1 deletions(-)
>
> diff --git a/rc.multi b/rc.multi
> index 16fa83a..5974a35 100755
> --- a/rc.multi
> +++ b/rc.multi
> @@ -6,11 +6,31 @@
> . /etc/rc.conf
> . /etc/rc.d/functions
>
> +shopt -s nullglob
> +
> run_hook multi_start
>
> -# Load sysctl variables if sysctl.conf is present
> +# Load sysctl variables from sysctl.conf (backward compatibility)
> [[ -r /etc/sysctl.conf ]] && sysctl -q -p &>/dev/null
>
> +# Load sysctl variables (new style)
> +# http://0pointer.de/public/systemd-man/sysctl.d.html
> +declare -a sysctl_d=(
> + /usr/lib/sysctl.d
> + /etc/sysctl.d
> + /run/sysctl.d
> +)
You enabled nullglob, so if you declare this array as globs of *.conf
files, none of the directory checking is necessary and we get a singular
loop over an array of files. It'd be nice to actually check that what
we're adding is a regular file, though, as opposed to something insane
like a fifo sneaking in.
> +declare -A sysctl_c
> +for _d in "${sysctl_d[@]}"; do
> + [[ -d "$_d" ]] || continue
> + for _f in "$_d"/*.conf; do
> + sysctl_c[${_f##*/}]="$_f"
> + done
> +done
> +for _f in "${sysctl_c[@]}"; do
> + sysctl -q -p "$_f" &>/dev/null
We've already uniq'd the array, so this should't require multiple
invocations:
(( ${#fragments[*]} )) && cat "${fragments[@]}" | sysctl -q -p -
> +done
> # Start daemons
> for daemon in "${DAEMONS[@]}"; do
> case ${daemon:0:1} in
> diff --git a/tmpfiles.conf b/tmpfiles.conf
> index 7dd1358..61081d0 100644
> --- a/tmpfiles.conf
> +++ b/tmpfiles.conf
> @@ -4,6 +4,7 @@
>
> D /tmp 1777 root root
> D /run/daemons 0755 root root
> +D /run/sysctl.d 0755 root root
By the time this runs, it's too late to care about creating this
directory. Further, if /run/sysctl.d does exist and someone dropped a
.conf in it, you just wiped it out, as D will clean out an existing
directory.
>
> d /tmp/.X11-unix 1777 root root
> d /tmp/.ICE-unix 1777 root root
> --
General:
There's no need to make your variable names so cryptic. I'm also not
sure why this needs to be embedded into /etc/rc.multi as opposed to
living in its own script or a function (where you could namespace
properly).
d
More information about the arch-projects
mailing list