Control: tag -1 moreinfo On Tue, 2024-10-15 at 19:04 +0300, sergio wrote: > Package: linux-sysctl-defaults > Version: 4.10.1 > Severity: normal > > Dear Maintainer, > > please call `sysctl -p /usr/lib/sysctl.d/50-default.conf` after installation
Running that command is definitely not a good idea, as it will ignore any other configuration files which should override the default settings. This was discussed at <https://salsa.debian.org/kernel-team/linux-base/-/merge_requests/12#note_500942> and there was a deliberate decision then not to do this. Noah Meyerhans wrote: > +1 Not doing so is leading to confusing/broken behavior during > upgrades. By deferring the application of the sysctl settings until > reboot, we're effectively leaving the system in a half-upgraded state > where applications that depend on sysctls set here will misbehave for > confusing reasons until a reboot happens. > > See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085289 and > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1084135 for instances > of issues caused during upgrades. So it sounds like we do actually need to apply configuration on installation, just not precisely as requested. Looking at the postinst scripts of some other packages that install sysctl configuration, I can see a diversity of approaches to this: - bubblewrap runs "sysctl --pattern <sysctl-name>" which seems reasonable for a single sysctl but would be a pain to keep in sync with the configuration file. - tracker-miner-fs runs "systemd-sysctl <filename>" which does not work without systemd and seems to have the same problem I mentioned above. Whatever is decided for linux-sysctl-defaults should ideally be implemented consistently across the other packages. Would this work: 1. As discussed in the GitLab MR, systemd implements a file trigger on sysctl configuration files. 2. Either: (a) procps implements a similar trigger, but makes it a no-op when systemd is pid 1. (b) linux-sysctl-defaults postinst does: - if systemd is pid 1, nothing; - otherwise, if sysctl is installed, "sysctl --system"; - otherwise, nothing. ? I don't know how well those file triggers would interact with existing postinst scripts for the other packages. Ben. -- Ben Hutchings Klipstein's 4th Law of Prototyping and Production: A fail-safe circuit will destroy others.
signature.asc
Description: This is a digitally signed message part
