core: bump net.unix.max_dgram_qlen really early during boot

Only that way it actually has an effect on all our sockets, including
$NOTIFY_SOCKET.

diff --git a/src/basic/def.h b/src/basic/def.h
index 7c4161eb7277f2a651ad3f4d56287818ebb5a9d0..cbef137410654d4f8334a5743dbecc871cb780ea 100644 (file)
--- a/src/basic/def.h
+++ b/src/basic/def.h
@@ -35,6 +35,9 @@
  * the watchdog pings will keep the loop busy. */
 #define DEFAULT_EXIT_USEC (30*USEC_PER_SEC)
 
+/* The default value for the net.unix.max_dgram_qlen sysctl */
+#define DEFAULT_UNIX_MAX_DGRAM_QLEN 512UL
+
 #define SYSTEMD_CGROUP_CONTROLLER "name=systemd"
 
 #define SIGNALS_CRASH_HANDLER SIGSEGV,SIGILL,SIGFPE,SIGBUS,SIGQUIT,SIGABRT

diff --git a/src/core/main.c b/src/core/main.c
index 593b974566dd2ab37eb2cd3a45587a30fc8f8ab9..dd21b26971af8ee4f1ec4e318eb71ffc8f84de26 100644 (file)
--- a/src/core/main.c
+++ b/src/core/main.c
@@ -1242,12 +1242,50 @@ static int status_welcome(void) {
 
 static int write_container_id(void) {
         const char *c;
+        int r;
 
         c = getenv("container");
         if (isempty(c))
                 return 0;
 
-        return write_string_file("/run/systemd/container", c, WRITE_STRING_FILE_CREATE);
+        r = write_string_file("/run/systemd/container", c, WRITE_STRING_FILE_CREATE);
+        if (r < 0)
+                return log_warning_errno(r, "Failed to write /run/systed/container, ignoring: %m");
+
+        return 1;
+}
+
+static int bump_unix_max_dgram_qlen(void) {
+        _cleanup_free_ char *qlen = NULL;
+        unsigned long v;
+        int r;
+
+        /* Let's bump the net.unix.max_dgram_qlen sysctl. The kernel
+         * default of 16 is simply too low. We set the value really
+         * really early during boot, so that it is actually applied to
+         * all our sockets, including the $NOTIFY_SOCKET one. */
+
+        r = read_one_line_file("/proc/sys/net/unix/max_dgram_qlen", &qlen);
+        if (r < 0)
+                return log_warning_errno(r, "Failed to read AF_UNIX datagram queue length, ignoring: %m");
+
+        r = safe_atolu(qlen, &v);
+        if (r < 0)
+                return log_warning_errno(r, "Failed to parse AF_UNIX datagram queue length, ignoring: %m");
+
+        if (v >= DEFAULT_UNIX_MAX_DGRAM_QLEN)
+                return 0;
+
+        qlen = mfree(qlen);
+        if (asprintf(&qlen, "%lu\n", DEFAULT_UNIX_MAX_DGRAM_QLEN) < 0)
+                return log_oom();
+
+        r = write_string_file("/proc/sys/net/unix/max_dgram_qlen", qlen, 0);
+        if (r < 0)
+                return log_full_errno(IN_SET(r, -EROFS, -EPERM, -EACCES) ? LOG_DEBUG : LOG_WARNING, r,
+                                      "Failed to bump AF_UNIX datagram queue length, ignoring: %m");
+
+        return 1;
 }
 
 int main(int argc, char *argv[]) {
@@ -1613,6 +1651,7 @@ int main(int argc, char *argv[]) {
                 hostname_setup();
                 machine_id_setup(NULL);
                 loopback_setup();
+                bump_unix_max_dgram_qlen();
 
                 test_mtab();
                 test_usr();

diff --git a/sysctl.d/50-default.conf b/sysctl.d/50-default.conf
index 2097551c33d83c915f2580abdcf0845470d1f2b8..def151bb849812297c01f27be61f01b7e52e034a 100644 (file)
--- a/sysctl.d/50-default.conf
+++ b/sysctl.d/50-default.conf
@@ -35,9 +35,6 @@ net.ipv4.conf.all.promote_secondaries = 1
 # Fair Queue CoDel packet scheduler to fight bufferbloat
 net.core.default_qdisc = fq_codel
 
-# Make sure we can queue more than just a few datagrams in AF_UNIX sockets.
-net.unix.max_dgram_qlen = 512
-
 # Enable hard and soft link protection
 fs.protected_hardlinks = 1
 fs.protected_symlinks = 1