]>
Commit | Line | Data |
---|---|---|
8f27a221 KS |
1 | # This file is part of systemd. |
2 | # | |
3 | # systemd is free software; you can redistribute it and/or modify it | |
4 | # under the terms of the GNU Lesser General Public License as published by | |
5 | # the Free Software Foundation; either version 2.1 of the License, or | |
6 | # (at your option) any later version. | |
7 | ||
61233823 | 8 | # See sysctl.d(5) and core(5) for documentation. |
16b65d7f ZJS |
9 | |
10 | # To override settings in this file, create a local file in /etc | |
11 | # (e.g. /etc/sysctl.d/90-override.conf), and put any assignments | |
12 | # there. | |
8f27a221 | 13 | |
0f59fe51 | 14 | # System Request functionality of the kernel (SYNC) |
16b65d7f ZJS |
15 | # |
16 | # Use kernel.sysrq = 1 to allow all keys. | |
bd9bb4ca PK |
17 | # See https://www.kernel.org/doc/html/latest/admin-guide/sysrq.html for a list |
18 | # of values and keys. | |
0f59fe51 KS |
19 | kernel.sysrq = 16 |
20 | ||
8f27a221 KS |
21 | # Append the PID to the core filename |
22 | kernel.core_uses_pid = 1 | |
23 | ||
24 | # Source route verification | |
230450d4 | 25 | net.ipv4.conf.all.rp_filter = 2 |
8f27a221 KS |
26 | |
27 | # Do not accept source routing | |
1836bf9e | 28 | net.ipv4.conf.all.accept_source_route = 0 |
8f27a221 | 29 | |
ad8bc9ea | 30 | # Promote secondary addresses when the primary address is removed |
1836bf9e | 31 | net.ipv4.conf.all.promote_secondaries = 1 |
ad8bc9ea | 32 | |
e6c253e3 MS |
33 | # Fair Queue CoDel packet scheduler to fight bufferbloat |
34 | net.core.default_qdisc = fq_codel | |
35 | ||
8f27a221 KS |
36 | # Enable hard and soft link protection |
37 | fs.protected_hardlinks = 1 | |
38 | fs.protected_symlinks = 1 | |
27325875 LW |
39 | |
40 | # Enable regular file and FIFO protection | |
41 | fs.protected_regular = 1 | |
42 | fs.protected_fifos = 1 | |
45497f4d LP |
43 | |
44 | # Bump the numeric PID range to its maximum of 2^22 (from the in-kernel default | |
45 | # of 2^16), to make PID collisions less likely. | |
46 | kernel.pid_max = 4194304 |