The Linux Kernel parameters are settings that can be configured to control the behavior of the Linux kernel. They are
typically used to fine-tune system performance or to enable/disable certain features.
Some examples of kernel parameters include:
Memory-related parameters: These parameters control how the kernel manages system memory, including how much memory
is allocated to user processes and how aggressively the kernel caches data.
Processor-related parameters: These parameters control how the kernel interacts with the system’s processors,
including how it schedules processes and how it handles interrupts.
Network-related parameters: These control how the kernel handles network traffic, including the size of network
buffers and the maximum number of open network connections.
Security-related parameters: These control various security features of the kernel, such as access control and
Kernel parameters can be set at boot time using the bootloader, modified at runtime using system tools
sysctl or by editing files in the
/proc/sys directory, or compiled into the kernel itself.
Understanding and configuring kernel parameters can be useful for optimizing system performance or addressing
specific issues, but it requires knowledge of the underlying system and kernel behavior. It’s important to
carefully research and test any changes to kernel parameters to avoid unintended consequences or system instability.
A virtual filesystem is a type of filesystem that does not represent physical storage devices, but instead presents
a unified interface for accessing a variety of system resources and data structures. In other words, it provides an
abstraction layer that hides the underlying implementation details and presents a consistent view of the system to user
Virtual filesystems are often used in operating systems to provide access to non-file resources such as network
sockets, process information, hardware devices, and kernel parameters. These resources are exposed as files or
directories within the virtual filesystem, allowing them to be accessed using standard file I/O operations.
Virtual filesystems are implemented entirely in memory and do not require any physical storage devices. They can be
dynamically generated on-the-fly or statically configured at system boot time.
Examples of virtual filesystems in Linux include
/proc, which provides access to process and system information,
/sys, which exposes system hardware devices and kernel parameters.
Virtual filesystems provide a flexible and extensible mechanism for organizing and accessing system resources, and
they have become an essential component of modern operating systems.
/proc/sys Virtual Filesystem
/proc/sys is a virtual filesystem in the Linux operating system that exposes various kernel parameters and system
information to user space. It is implemented as part of the
procfs filesystem, which is a virtual filesystem that
provides information about processes and other system information.
/proc/sys is used to read and write
sysctl values, which are parameters that control the behavior of the kernel and
various aspects of the system. The
sysctl values are organized in a hierarchy similar to a file system, with each
value represented as a file. For example, the
/proc/sys/kernel/ostype file represents the
kern.ostype sysctl value,
which holds the name of the operating system.
You can read and write
sysctl values by reading and writing to the corresponding files in the
For example, you can use the cat command to read the value of a
And you can use the echo command to write a new value to a
echo "new value" > /proc/sys/kernel/ostype
Keep in mind that some
sysctl values may not be writable, and attempting to write to them may result in an error.
/proc/sys can be a useful way to examine and modify kernel parameters and system behavior at runtime, without the need
to reboot the system or modify kernel configuration files. However, it is important to use caution when modifying
sysctl values, as improper use can potentially cause system instability or other problems.
The values in
/proc/sys do not persist reboots. If you need the values to persist, use
sysctl is a command in Linux(Unix-like operating systems) that allows an administrator to modify kernel parameters
at runtime. These parameters are specified in the form of variables in the
/proc/sys/ directory, which can be
accessed and modified using the
sysctl command can be used to change the values of various kernel parameters, such as the maximum size of a
shared memory segment, the maximum number of open file descriptors, or the maximum number of processes that a user can
run. It can also be used to view the current values of these parameters.
For example, to view the current value of the maximum size of a shared memory segment, you can use the following
To change the value of the maximum size of a shared memory segment, you can use the following command:
sysctl -w kernel.shmmax=16777216
Note that the
sysctl command requires root privileges to modify kernel parameters. Notice that values changed
sysctl -w ... won’t survive a reboot.
How to permanently save the value via sysctl?
To permanently save the value of a kernel parameter that you have modified using the sysctl command, you need to edit
the configuration file that is used to set the value of the parameter at boot time. On most systems, this
/etc/sysctl.conf or a file within
For example, to set the value of the maximum size of a shared memory segment permanently, you can add the following
line to the /etc/sysctl.conf file:
After making this change, you need to apply the new configuration by running the sysctl command with the -p option:
This will apply the new values in the
/etc/sysctl.conf file to the running kernel. The new values will also be
used the next time the system is booted.
Alternatively, you can use the
sysctl.d mechanism to override the value of a kernel parameter in a specific file
/etc/sysctl.d directory. For example, to set the value of the maximum size of a shared memory segment
permanently, you can create a file
/etc/sysctl.d/99-shmmax.conf with the following content:
After creating this file, you need to apply the new configuration by running the
sysctl command with the
option as above.
Note that the
sysctl command requires root privileges to modify kernel parameters.
More sysctl Examples
kernel.pid_max: Controls the maximum value for the process ID (PID) of a process. A higher value allows the
kernel to create more processes, but can also consume more memory for PID tables.
net.ipv4.tcp_keepalive_time: Controls the time (in seconds) the kernel will wait before sending a keepalive packet
to verify that a TCP connection is still active. A higher value can reduce network traffic, but may also increase the
time it takes to detect a dead connection.
kernel.sched_wakeup_granularity_ns: These parameters control the minimum
time slices allocated to processes by the kernel scheduler. A smaller value can improve the responsiveness of the
system, but can also increase the overhead of context switches.
vm.dirty_expire_centisecs: Controls the time (in centiseconds) after which dirty pages will be written to disk by
the kernel’s background writeback process. A higher value can improve performance by reducing the frequency of
writeback operations, but can also increase the risk of data loss in the event of a crash.
kernel.msgmax: Controls the maximum size (in bytes) of a message that can be sent or received using the System V
message queue system calls. A higher value can improve the performance of message-passing systems, but can also
consume more memory.
kernel.shmmax: Controls the maximum size (in bytes) of a shared memory segment that can be created using the
shmget system call. A higher value can improve the performance of systems that use shared memory extensively, but can
also consume more memory.
Again, it is important to carefully consider the implications of any changes you make to the kernel configuration,
as changing kernel parameters can have unintended consequences and may not always improve performance.
Example To Programmatically Use sysctl
In recent versions of the Linux kernel, support for systctl system call has been removed.
Just writing to the relevant files in the
/proc/sys virtual filesystem should suffice. Keep in mind that the values
/proc/sys do not persist reboots. To alter values in
sysctl.d for administration purposes, look at configuration
management tools like Ansible.
Here’s an example Ansible playbook that sets the
net.ipv4.ip_forward kernel parameter to
1 on all hosts in a given
- name: Set ip_forward kernel parameter
- name: Enable ip_forwarding
In this example, we use the
sysctl module provided by Ansible to modify the
net.ipv4.ip_forward kernel parameter.
The name parameter specifies the kernel parameter to modify, while the value parameter specifies the new value to set it
to. The state parameter is set to present to ensure that the kernel parameter is enabled.
We also include the
become: yes parameter to run the playbook with root privileges, since modifying kernel parameters
requires root access.
This playbook can be run on the command line using the
ansible-playbook command, specifying the path to the
This playbook will modify the
net.ipv4.ip_forward kernel parameter on all hosts in the inventory specified in the
Ansible configuration file.