Linux sysctl Command Tutorial

Linux kernel is the core of the Linux operating system and distributions. Linux kernel is the lowest level of the operating system and provides different system resources and services to the user level. these resources may have a different configuration where some times they may change. The sysctl command is used to list, set, update the Linux kernel-related configuration and parameters.

The /proc/sys Directory

Linux is a file-based operating system where everything in the operating system can be used as a file. The kernel parameters are also provided as a file int eh /proc/sys directory. This directory provided files and folders can be used to display and change the kernel parameter and configuration. The /proc/sys files and folders can be listed below.

$ ls -R /proc/sys
/proc/sys Kernel Parameters

Display All Kernel Parameters

The sysctl command can be used to display or list all currently configured kernel parameters or kernel configuration by using the -a parameter. Alternatively the –all can be also used as the long-form parameter.

$ sysctl -a

The output will be like below where all kernel parameters will be listed which is a very long list.

abi.vsyscall32 = 1
debug.exception-trace = 1
debug.kprobes-optimization = 1
dev.cdrom.autoclose = 1
dev.cdrom.autoeject = 0
dev.cdrom.check_media = 0
dev.cdrom.debug = 0
dev.cdrom.info = CD-ROM information, Id: cdrom.c 3.20 2003/12/17
dev.cdrom.info =
dev.cdrom.info = drive name: sr0
dev.cdrom.info = drive speed: 1
dev.cdrom.info = drive # of slots: 1
dev.cdrom.info = Can close tray: 1
dev.cdrom.info = Can open tray: 1
dev.cdrom.info = Can lock tray: 1
dev.cdrom.info = Can change speed: 1
dev.cdrom.info = Can select disk: 0
dev.cdrom.info = Can read multisession: 1
dev.cdrom.info = Can read MCN: 1
dev.cdrom.info = Reports media changed: 1
dev.cdrom.info = Can play audio: 1
dev.cdrom.info = Can write CD-R: 1
dev.cdrom.info = Can write CD-RW: 1
dev.cdrom.info = Can read DVD: 1
dev.cdrom.info = Can write DVD-R: 1
dev.cdrom.info = Can write DVD-RAM: 1
dev.cdrom.info = Can read MRW: 1
dev.cdrom.info = Can write MRW: 1
dev.cdrom.info = Can write RAM: 1
dev.cdrom.info =
dev.cdrom.info =
dev.cdrom.lock = 0
dev.hpet.max-user-freq = 64
dev.mac_hid.mouse_button2_keycode = 97
dev.mac_hid.mouse_button3_keycode = 100
...

Search and Grep Specific Kernel Parameter

The Linux kernel provides a lot of kernel parameters which creates a lot of output. But we can search for a specific parameter in all of these output. The grep command can be used to list for a specific kernel parameter by providing the text we want to match. In this example we will search and grep kernel parameters which is related with IPv6 by providing the “ipv6” as match term.

$ sysctl -a | grep ipv6

The output will be like below.

net.ipv6.anycast_src_echo_reply = 0
net.ipv6.auto_flowlabels = 1
net.ipv6.bindv6only = 0
net.ipv6.calipso_cache_bucket_size = 10
net.ipv6.calipso_cache_enable = 1
net.ipv6.conf.all.accept_dad = 0
net.ipv6.conf.all.accept_ra = 1
net.ipv6.conf.all.accept_ra_defrtr = 1
net.ipv6.conf.all.accept_ra_from_local = 0
net.ipv6.conf.all.accept_ra_min_hop_limit = 1
net.ipv6.conf.all.accept_ra_mtu = 1
net.ipv6.conf.all.accept_ra_pinfo = 1
net.ipv6.conf.all.accept_ra_rt_info_max_plen = 0
net.ipv6.conf.all.accept_ra_rt_info_min_plen = 0
net.ipv6.conf.all.accept_ra_rtr_pref = 1
net.ipv6.conf.all.accept_redirects = 1
net.ipv6.conf.all.accept_source_route = 0
net.ipv6.conf.all.addr_gen_mode = 0
net.ipv6.conf.all.autoconf = 1
net.ipv6.conf.all.dad_transmits = 1
net.ipv6.conf.all.disable_ipv6 = 0
net.ipv6.conf.all.disable_policy = 0
net.ipv6.conf.all.drop_unicast_in_l2_multicast = 0
net.ipv6.conf.all.drop_unsolicited_na = 0
...

Display Specific Kernel Parameters

The sysctl command can also display the specified kernel parameter value of the configuration. The kernel parameter should be specified properly like below. In this example, we will list the “kernel.version” parameter.

$sysctl kernel.version

The output will be like below.

kernel.version = #31-Ubuntu SMP Fri Nov 6 12:37:59 UTC 2020

Also the /proc/sys directory can be used to display specific kernel parameter. In order to list kernel.version the kernel/version hierarchy should be followed like below. The echo command can be used to print this file content.

$ cat /proc/sys/kernel/version

The output will be like below.

31-Ubuntu SMP Fri Nov 6 12:37:59 UTC 2020

Modify, Change or Update Kernel Parameters

The sysctl command can be used to modify, change, or update kernel parameters. The -w parameter should be used with the kernel parameter name and value. As an operating system configuration, this operation requires the root privileges which can be provided with the sudo command. Alternatively, the sysctl command can be executed as the root user.

$ sudo sysctl -w net.ipv6.conf.all.forwarding=0

This command will output the latest configuration about the change which is like below.

net.ipv6.conf.all.forwarding = 0

Alternatively, the /proc/sys directory can be used to change or update kernel parameters and configuration. The echo command is used to put a new configuration file into the specified configuration path and file. Like sysctl command this also requires root privileges which can be provided with the sudo command or running as root.

$ sudo bash -c "echo 0 > /proc/sys/net/ipv6/conf/all/forwarding"

/etc/sysctl.conf Configuration File

When the system reboots the default kernel parameters and configuration is read from /etc/sysctl.conf file. This makes the kernel parameters and configuration to be stored permanently. The syntax of the configuration file is the same as the sysctl command.

# Do not accept IP source route packets (we are not a router)
net.ipv4.conf.all.accept_source_route = 0
net.ipv6.conf.all.accept_source_route = 0

#
# Log Martian Packets
net.ipv4.conf.all.log_martians = 1

#

Make Kernel Configuration Changes Permanent

The kernel parameter and configuration changes made with the sysctl command is only effective until a restart or shutdown. After a restart of the shutdown, the configurations will be lost unless they are added into the /etc/sysctl.conf file. By using the same syntax the changes can be made permanent by adding configuration lines. Like the sysctl comand editing this sysctl.conf file requires root privileges which can be provided with the sudo command or opening it as root.

$ sudo nano /etc/sysctl.conf

Add the “net.ipv6.conf.all.forwarding=0” line to the configuration file to make this configuration permanent.

# Do not accept IP source route packets (we are not a router)
net.ipv4.conf.all.accept_source_route = 0
net.ipv6.conf.all.accept_source_route = 0

#
# Log Martian Packets
net.ipv4.conf.all.log_martians = 1

#Make disabling IPv6 forwarding configuration permanent
net.ipv6.conf.all.forwarding=0

Load Kernel Configuration From sysctl.conf or Related Configuration File

The sysctl command provides the -p parameter to load a specified configuration file and make it effective. As this changes the kernel parameters and configuration this also requires root privileges which can be provided with the sudo command or running as the root user.

$ sudo sysctl -p /etc/mysysctl.conf
See also  Linux Bash sort Command Tutorial

Leave a Comment