]> git.ipfire.org Git - thirdparty/systemd.git/commitdiff
projects / thirdparty / systemd.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2fa4f10)
sysctl: run sysctl service if /proc/sys/net is writable (#4425)
authorLennart Poettering <lennart@poettering.net>
Thu, 20 Oct 2016 17:36:28 +0000 (19:36 +0200)
committerGitHub <noreply@github.com>
Thu, 20 Oct 2016 17:36:28 +0000 (19:36 +0200)
This simply changes this line:

    ConditionPathIsReadWrite=/proc/sys/

to this:

     ConditionPathIsReadWrite=/proc/sys/net/

The background for this is that the latter is namespaced through network
namespacing usually and hence frequently set as writable in containers, even
though the former is kept read-only. If /proc/sys is read-only but
/proc/sys/net is writable we should run the sysctl service, as useful settings
may be made in this case.

Fixes: #4370
units/systemd-sysctl.service.in patch | blob | blame | history

diff --git a/units/systemd-sysctl.service.in b/units/systemd-sysctl.service.in
index d784c6426dbf3d67c7a04cd6cf63d2262758dbf8..980f611df2e01d79cc75a76928a8e1590f81f6b2 100644 (file)
--- a/units/systemd-sysctl.service.in
+++ b/units/systemd-sysctl.service.in
@@ -12,7 +12,7 @@ DefaultDependencies=no
 Conflicts=shutdown.target
 After=systemd-modules-load.service
 Before=sysinit.target shutdown.target
-ConditionPathIsReadWrite=/proc/sys/
+ConditionPathIsReadWrite=/proc/sys/net/
 
 [Service]
 Type=oneshot
Unnamed repository; edit this file 'description' to name the repository.