Perform sysctl reload - Introduction
- A sysctl variable represents file locations under theÂ
/proc/sys
 directory. - Everytime you make changes to your sysctl configuration file, you must reload it to activate the changes.
- Now sysctl is not controlled by some daemon such as systemd, supervisord, monit etc wherein you restart the service and then expect that your sysctl configuration changes have been activated
- We have to explicitly reload the sysctl changes. But then there are also times when some of the sysctl changes are activated during boot up stage, such as reserving hugepages, memory etc which can not be done runtime and requires a reboot
In this tutorial I will cover different Dos and Don'ts covering the following areas:
- multiple ways to update sysctl configuration file
- performing sysctl reload without reboot
- reverting sysctl changes to default value
Pre-requisites
Since sysctl modified the kernel level parameters, so it is important that you have root level privilege on the server when you intend to modify and perform sysctl reload. Alternatively you can also use sudo privilege to execute the sysctl commands or else you will get "Permission denied" error message.
List of sysctl configuration files
You can add your custom sysctl changes at different locations in different files. In most Linux distributions, following files can be used to modify your sysctl configurations:
/etc/sysctl.conf /etc/sysctld.d/*.conf /usr/lib/sysctl.d/*.conf
There may be some more files whoose availability is based on individual distributions:
/usr/local/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /run/sysctl.d/*.conf
Vendors settings live in /usr/lib/sysctl.d/
. To override a whole file, create a new file with the same in /etc/sysctl.d/
and put new settings there. To override only specific settings, add a file with a lexically later name in /etc/sysctl.d/
and put new settings there.
For example, to override the changes from /usr/lib/sysctl.d/80-broadcom.conf
, you can create /etc/sysctld.d/80-broadcom.conf
with different setting and the values from /etc/sysctld.d/80-broadcom.conf
will override /usr/lib/sysctl.d/80-broadcom.conf
.
Get the existing value of sysctl parameters
Method-1: Using sysctl --all
You can use sysctl with -a
or --all
argument to list all the sysctl parameters with the applied value:
sysctl -a
OR
sysctl --all
This will print a long list of parameters, so you can combine this command with grep to only capture the required parameter. For example:
~]# sysctl -a | grep somaxconn
net.core.somaxconn = 128
Method-2: Using sysctl [parameter]
You can also provide the parameter name along with the sysctl command to print it's value. For example:
~]# sysctl net.core.somaxconn
net.core.somaxconn = 128
Now this can be challenging as you must know the exact name of the sysctl parameter to be able to get the value. But this method is preferred in scripts when we are trying to automate the process.
Method-3: Get the value from /proc/sys
Since these sysctl values are ultimately applied to /proc/sys
, so we can also query the respective location to fetch the value. For example the path of net.core.somaxconn
would be /proc/sys/net/core/somaxconn
:
~]# cat /proc/sys/net/core/somaxconn
128
How to properly edit or update sysctl values
Scenario-1: Make non-persistent (temporary) changes using sysctl -w
You may wish to make temporary changes which are non-persistent i.e. it will not survive the reboot. In such case we can utilize -w
or --write
argument of sysctl command.
Use the following syntax to temporarily update the value of any sysctl parameter:
sysctl -w <parameter>=<value>
For example, we update the value of net.core.somaxconn to 240 from it's default value of 128:
~]# sysctl -w net.core.somaxconn=240 net.core.somaxconn = 240 ~]# sysctl -a | grep somaxconn net.core.somaxconn = 240
Sample Output:
Scenario-2: Make non-persistent changes by modifying /proc/sys
We know that making any changes to sysctl values are defined under /proc/sys
path at the respective parameter section. So we can also directly modify the values of these sysctl parameters, directly inside /proc/sys
path:
~]# echo 250 > /proc/sys/net/core/somaxconn
~]# sysctl -a | grep somaxconn
net.core.somaxconn = 250
As you can see, we have updated the value of net.core.somaxconn
from 240 to 250 by directly adding the new value inside /proc/sys/net/core/somaxconn
Scenario-3: Make persistent changes using /etc/sysctl.d/*.conf
/etc/sysctl.conf
to add or modify the sysctl parameters. This is strictly discouraged and you should always create different configuration files inside /etc/sysctl.d/
with .conf
extension which will be read by sysctl command when applying any changes. This is due to the fact that when you have multiple parameters to be modified then the control to activate them in a certain order and track becomes difficult which can be easily controlled by using a number prefix to define the order of execution.You can add your custom sysctl configuration inside /etc/sysctl.d/XXXX.conf
file as shown below:
~]# echo "net.core.somaxconn=1024" >> /etc/sysctl.d/99-sysctl.conf
To update the changes use sysctl -p or --load along with the file name with the newly added sysctl changes:
~]# sysctl -p /etc/sysctl.d/99-sysctl.conf net.core.somaxconn = 1024
Verify the changes
~]# sysctl -a | grep somaxconn net.core.somaxconn = 1024
Scenario-4: Assign/Revert to default values of sysctl parameters
If you wish to revert any sysctl parameter to it's default value then you can manually add the same inside /etc/sysctl.d/XXX.conf
file. But in such case, you should actually know the default value of the respective parameter.
In most cases we may not remember the default value, so in such scenario you must delete all the entries of the respective sysctl parameter from any configuration file. You can search for the parameter using following command:
find PATH -type f -name "*.conf" -exec grep -ri PARAMETER {} +
Here replace PATH
and PARAMETER
as per your requirement.
For example suppose we want to find any sysctl config file where we have modified somaxconn
value, so we can use:
~]# find /etc/ /usr/lib/sysctl.d/* -type f -name "*.conf" -exec grep -i net.core.somaxconn {} +
/etc/sysctl.conf:net.core.somaxconn=1024
Now we need to delete these entries found in the above command and reboot the node. Just by deleting the entries and executing sysctl -p
will not revert the parameter's value to default.
For example, I have deleted the above entry from /etc/sysctl.d/99-sysctl.conf
and refreshed the sysctl values:
~]# sysctl --system
~]# sysctl -a | grep somax
net.core.somaxconn = 1024
But still the system shows net.core.somaxconn
value as 1024
. Now let's reboot the node and re-verify:
~]# reboot
login as: root
root@127.0.0.1's password:
[root@controller ~]# sysctl -a | grep somax
net.core.somaxconn = 128
So, after the reboot now as you can see the value of net.core.somaxconn
has been reverted back to it's default value i.e. 128
.
How to perform sysctl reload without reboot
This is the most crucial part of this article. You have to understand there are many such sysctl parameters "SHOULD NOT" be reloaded runtime. For example some of them are:
vm.nr_hugepages
vm.nr_overcommit_hugepages
kernel.shmall
kernel.shmmax
kernel.shmmni
Now you can definitely modify the values of these parameters runtime, but they deal with the system memory. So if we want to increase or decrease the amount of hugepages or memory reserved by the kernel then the same should be done at boot up stage when no other process would be using the memory.
As runtime, it is possible one or the other process may be using certain block of memory and if we try to modify these sysctl parameters runtime then it can cause adverse effects to the running processes.
Having said that, most of the other sysctl parameters can be updated and modified runtime. So to properly perform sysctl reload use
sysctl -p <path/of/conf/file>
OR
sysctl --system
If you execute sysctl -p
without the file path, then it will only update the changes from /etc/sysctl.conf
or /etc/sysctl.d/99-sysctl.conf
which is actually a symbolic link of /etc/sysctl.conf
:
~]# ls -l /etc/sysctl.d/99-sysctl.conf lrwxrwxrwx. 1 root root 14 Feb 24 2020 /etc/sysctl.d/99-sysctl.conf -> ../sysctl.conf
To perform sysctl reload immediately for all the available configuration files, execute:
sysctl --system
The sysctl values are loaded early in boot via initramfs, so finally, rebuild initramfs to override any previous persistent sysctl settings in the initial ramdisk image.
On RHEL, CentOS, SuSE, Fedora, Rocky Linux execute:
dracut -v -f
On Ubuntu, Debian execute:
update-initramfs -u
Summary
In this tutorial we covered different areas related to sysctl configuration. Some of the topics which we learned are:
- Different sysctl configuration files available in Linux
- How to make temporary non-persistent changes to sysctl values
- How to make permanent persistent changes to sysctl values
- How to properly perform sysctl reload without reboot
What's Next
How to suppress sysctl: reading key "net.ipv6.conf.all.stable_secret" in Linux
Linux disable IPv6 properly (with or without reboot)
Further Reading
man page for sysctl(8)
man page for sysctl(5)