Project

General

Profile

User story #9706

Method to set sysctl settings

Added by Janos Mattyasovszky about 1 year ago. Updated about 1 month ago.

Status:
New
Priority:
N/A
Assignee:
-
Category:
Policies
Target version:
Suggestion strength:
User visibility:
Effort required:
Pull Request:

Description

Our goal is to have a standardized way to set sysctl settings (I am actually astonished this has not been requested yet by anybody).

This would be achieved low-level by a generic NCF method to Set sysctl values.

Input:
  • json hash or array (referencable by getindices)
  • sysctl config filename
Sanity checks:
  • class “linux”
  • the existence of “/proc/sys” (to only run if the kernel is compiled with sysctl enabled).
Actions:
  • edit /etc/sysctl.conf for each key promising the correct “key = value” line is present
  • writing the value using the sysctl (by paths.sysctl) command if not already set (we could query all sysctl settings in one step and store it in an array to speed up parsing)
Filename:
  • 30_generic_methods/sysctl_set.cf

History

#1 Updated by François ARMAND about 1 year ago

This would be great :)
Just to be sure: you are working on it?

#2 Updated by Nicolas CHARLES about 1 year ago

Hi Janos,

Thank you for the ticket.
I have several remarks:
  • the input format is great, as it's all purpose
  • i understand the rational for limiting to linux the generic method, but in the long run, it might be relevant to add *bsd as well
  • you mentionned it on IRC, and I don't know if you found a solution, but how will it work with sysctl.d ? shall it create a ncf.conf file, that would override others values (don't know if it's possible?)

#3 Updated by Janos Mattyasovszky about 1 year ago

ncharles: For now we plan to create an ncf method, that sets sysctl settings in a provided "${sysctl_file}" and on the live system parallel, and a second method, that has this variable default to "/etc/sysctl.conf", so it can be used later for customizing which file you'd want to put it in, and so the reporting could also work (we'd include the sanitized filename in the report).

in the long run somebody who actually has *bsd experience can extend it to also work on *bsd -- this is why open source rocks ;-)

fanf: Feri will be working on it.

#4 Updated by Janos Mattyasovszky about 1 year ago

I unfortunately cannot edit my original post in the ncf project, so if you could please extend the Input section with "sysctl config filename" ;-)

#5 Updated by Nicolas CHARLES about 1 year ago

  • Description updated (diff)

Message edited !

#6 Updated by Benoît PECCATTE 11 months ago

  • Category set to Policies
  • Target version set to master

#7 Updated by Vincent MEMBRÉ 3 months ago

  • Target version changed from master to 4.2.2

#8 Updated by Vincent MEMBRÉ 2 months ago

  • Target version changed from 4.2.2 to 4.2.3

#9 Updated by Vincent MEMBRÉ about 1 month ago

  • Target version changed from 4.2.3 to 4.2.4

Also available in: Atom PDF