Bug#864341: systemd-sysctl: failed to apply sysctl config at bootup

Michael Biebl biebl at debian.org
Wed Jun 7 11:57:08 BST 2017 

Am 07.06.2017 um 10:25 schrieb Arturo Borrero Gonzalez:
> Package: systemd
> Version: 232-23
> Severity: normal
> 
> Dear Maintainer,
> 
> thanks for your work with the systemd package, it's really appreciated :-)
> 
> I'm fighting with an issue which I haven't been able to sort out, apart
> of blaming a bug somewhere.
> 
> At boot, sysctl parameters are not being injected into the system.
> However, I manually tried '/lib/systemd/systemd-sysctl', 'systemctl restart systemd-sysctl'
> and 'sysctl --system' and also '/etc/init.d/procps'.
> All of them are able to load my sysctl configuration, by hand.
> Then why it doesn't happen at boot?
> 
> What I do to reproduce the issue:
> 
> 1) boot the machine
> 2) wait for a remote ssh shell, and then login
> 3) check sysctl parameters, for example: sysctl -a | grep conntrack
> 4) conntrack parameters are not set to my config
> 5) check 'systemctl status systemd-sysctl'. No error reported
> 6) run 'systemctl restart systemd-sysctl'
> 7) check sysctl parameters, for example: sysctl -a | grep conntrack
> 8) now parameters are corrently set
> 
> Example (fresh boot):
> 
> % sudo sysctl -a | grep conntrack
> [...]
> net.nf_conntrack_max = 65536  <---- not my setting
> 
> % sudo systemctl status systemd-sysctl
> ● systemd-sysctl.service - Apply Kernel Variables
>    Loaded: loaded (/lib/systemd/system/systemd-sysctl.service; static; vendor preset: enabled)
>    Active: active (exited) since Wed 2017-06-07 09:59:09 CEST; 2min 48s ago
>      Docs: man:systemd-sysctl.service(8)
>            man:sysctl.d(5)
>   Process: 250 ExecStart=/lib/systemd/systemd-sysctl (code=exited, status=0/SUCCESS)
>  Main PID: 250 (code=exited, status=0/SUCCESS)
>     Tasks: 0 (limit: 4915)
>    CGroup: /system.slice/systemd-sysctl.service
> 
> jun 07 09:59:08 debian systemd[1]: Starting Apply Kernel Variables...
> jun 07 09:59:09 debian systemd[1]: Started Apply Kernel Variables.
> 
> % sudo systemctl restart systemd-sysctl
> 
> % sudo systemctl status systemd-sysctl
> ● systemd-sysctl.service - Apply Kernel Variables
>    Loaded: loaded (/lib/systemd/system/systemd-sysctl.service; static; vendor preset: enabled)
>    Active: active (exited) since Wed 2017-06-07 10:02:07 CEST; 1s ago
>      Docs: man:systemd-sysctl.service(8)
>            man:sysctl.d(5)
>   Process: 6351 ExecStart=/lib/systemd/systemd-sysctl (code=exited, status=0/SUCCESS)
>  Main PID: 6351 (code=exited, status=0/SUCCESS)
> 
> jun 07 10:02:07 cf03 systemd[1]: Starting Apply Kernel Variables...
> jun 07 10:02:07 cf03 systemd[1]: Started Apply Kernel Variables.
> 
> % sudo sysctl -a | grep conntrack
> [...]
> net.nf_conntrack_max = 8388308 <---- now this is my config
> 
> 
> My sysctl config is spread into some files under /etc/sysctl.d/
> Also contains configuration in /etc/sysctl.conf
> 
> Please, share any knowledge you may have.
> 

How do you load the conntrack kernel module?
Moritz brought this up on IRC already and from what we could conclude
this is an ordering issue / race between the kernel module being loaded
and the sysfs entries being available and the sysctl settings being applied.

Moritz, did your investigations find something?

Afair you might have to apply the settings via a udev rule.
I don't think there is anything we can do about that in
systemd-sysctl.service.


-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-systemd-maintainers/attachments/20170607/f82c2582/attachment-0002.sig>

More information about the Pkg-systemd-maintainers mailing list