tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom
kernel / Documentation / sysctl / kernel.txt
at v3.2 592 lines 21 kB view raw
1Documentation for /proc/sys/kernel/* kernel version 2.2.10 2 (c) 1998, 1999, Rik van Riel <riel@nl.linux.org> 3 (c) 2009, Shen Feng<shen@cn.fujitsu.com> 4 5For general info and legal blurb, please look in README. 6 7============================================================== 8 9This file contains documentation for the sysctl files in 10/proc/sys/kernel/ and is valid for Linux kernel version 2.2. 11 12The files in this directory can be used to tune and monitor 13miscellaneous and general things in the operation of the Linux 14kernel. Since some of the files _can_ be used to screw up your 15system, it is advisable to read both documentation and source 16before actually making adjustments. 17 18Currently, these files might (depending on your configuration) 19show up in /proc/sys/kernel: 20 21- acct 22- acpi_video_flags 23- auto_msgmni 24- bootloader_type [ X86 only ] 25- bootloader_version [ X86 only ] 26- callhome [ S390 only ] 27- cap_last_cap 28- core_pattern 29- core_pipe_limit 30- core_uses_pid 31- ctrl-alt-del 32- dmesg_restrict 33- domainname 34- hostname 35- hotplug 36- kptr_restrict 37- kstack_depth_to_print [ X86 only ] 38- l2cr [ PPC only ] 39- modprobe ==> Documentation/debugging-modules.txt 40- modules_disabled 41- msgmax 42- msgmnb 43- msgmni 44- nmi_watchdog 45- osrelease 46- ostype 47- overflowgid 48- overflowuid 49- panic 50- panic_on_oops 51- panic_on_unrecovered_nmi 52- pid_max 53- powersave-nap [ PPC only ] 54- printk 55- printk_delay 56- printk_ratelimit 57- printk_ratelimit_burst 58- randomize_va_space 59- real-root-dev ==> Documentation/initrd.txt 60- reboot-cmd [ SPARC only ] 61- rtsig-max 62- rtsig-nr 63- sem 64- sg-big-buff [ generic SCSI device (sg) ] 65- shm_rmid_forced 66- shmall 67- shmmax [ sysv ipc ] 68- shmmni 69- softlockup_thresh 70- stop-a [ SPARC only ] 71- sysrq ==> Documentation/sysrq.txt 72- tainted 73- threads-max 74- unknown_nmi_panic 75- version 76 77============================================================== 78 79acct: 80 81highwater lowwater frequency 82 83If BSD-style process accounting is enabled these values control 84its behaviour. If free space on filesystem where the log lives 85goes below <lowwater>% accounting suspends. If free space gets 86above <highwater>% accounting resumes. <Frequency> determines 87how often do we check the amount of free space (value is in 88seconds). Default: 894 2 30 90That is, suspend accounting if there left <= 2% free; resume it 91if we got >=4%; consider information about amount of free space 92valid for 30 seconds. 93 94============================================================== 95 96acpi_video_flags: 97 98flags 99 100See Doc*/kernel/power/video.txt, it allows mode of video boot to be 101set during run time. 102 103============================================================== 104 105auto_msgmni: 106 107Enables/Disables automatic recomputing of msgmni upon memory add/remove 108or upon ipc namespace creation/removal (see the msgmni description 109above). Echoing "1" into this file enables msgmni automatic recomputing. 110Echoing "0" turns it off. auto_msgmni default value is 1. 111 112 113============================================================== 114 115bootloader_type: 116 117x86 bootloader identification 118 119This gives the bootloader type number as indicated by the bootloader, 120shifted left by 4, and OR'd with the low four bits of the bootloader 121version. The reason for this encoding is that this used to match the 122type_of_loader field in the kernel header; the encoding is kept for 123backwards compatibility. That is, if the full bootloader type number 124is 0x15 and the full version number is 0x234, this file will contain 125the value 340 = 0x154. 126 127See the type_of_loader and ext_loader_type fields in 128Documentation/x86/boot.txt for additional information. 129 130============================================================== 131 132bootloader_version: 133 134x86 bootloader version 135 136The complete bootloader version number. In the example above, this 137file will contain the value 564 = 0x234. 138 139See the type_of_loader and ext_loader_ver fields in 140Documentation/x86/boot.txt for additional information. 141 142============================================================== 143 144callhome: 145 146Controls the kernel's callhome behavior in case of a kernel panic. 147 148The s390 hardware allows an operating system to send a notification 149to a service organization (callhome) in case of an operating system panic. 150 151When the value in this file is 0 (which is the default behavior) 152nothing happens in case of a kernel panic. If this value is set to "1" 153the complete kernel oops message is send to the IBM customer service 154organization in case the mainframe the Linux operating system is running 155on has a service contract with IBM. 156 157============================================================== 158 159cap_last_cap 160 161Highest valid capability of the running kernel. Exports 162CAP_LAST_CAP from the kernel. 163 164============================================================== 165 166core_pattern: 167 168core_pattern is used to specify a core dumpfile pattern name. 169. max length 128 characters; default value is "core" 170. core_pattern is used as a pattern template for the output filename; 171 certain string patterns (beginning with '%') are substituted with 172 their actual values. 173. backward compatibility with core_uses_pid: 174 If core_pattern does not include "%p" (default does not) 175 and core_uses_pid is set, then .PID will be appended to 176 the filename. 177. corename format specifiers: 178 %<NUL> '%' is dropped 179 %% output one '%' 180 %p pid 181 %u uid 182 %g gid 183 %s signal number 184 %t UNIX time of dump 185 %h hostname 186 %e executable filename (may be shortened) 187 %E executable path 188 %<OTHER> both are dropped 189. If the first character of the pattern is a '|', the kernel will treat 190 the rest of the pattern as a command to run. The core dump will be 191 written to the standard input of that program instead of to a file. 192 193============================================================== 194 195core_pipe_limit: 196 197This sysctl is only applicable when core_pattern is configured to pipe 198core files to a user space helper (when the first character of 199core_pattern is a '|', see above). When collecting cores via a pipe 200to an application, it is occasionally useful for the collecting 201application to gather data about the crashing process from its 202/proc/pid directory. In order to do this safely, the kernel must wait 203for the collecting process to exit, so as not to remove the crashing 204processes proc files prematurely. This in turn creates the 205possibility that a misbehaving userspace collecting process can block 206the reaping of a crashed process simply by never exiting. This sysctl 207defends against that. It defines how many concurrent crashing 208processes may be piped to user space applications in parallel. If 209this value is exceeded, then those crashing processes above that value 210are noted via the kernel log and their cores are skipped. 0 is a 211special value, indicating that unlimited processes may be captured in 212parallel, but that no waiting will take place (i.e. the collecting 213process is not guaranteed access to /proc/<crashing pid>/). This 214value defaults to 0. 215 216============================================================== 217 218core_uses_pid: 219 220The default coredump filename is "core". By setting 221core_uses_pid to 1, the coredump filename becomes core.PID. 222If core_pattern does not include "%p" (default does not) 223and core_uses_pid is set, then .PID will be appended to 224the filename. 225 226============================================================== 227 228ctrl-alt-del: 229 230When the value in this file is 0, ctrl-alt-del is trapped and 231sent to the init(1) program to handle a graceful restart. 232When, however, the value is > 0, Linux's reaction to a Vulcan 233Nerve Pinch (tm) will be an immediate reboot, without even 234syncing its dirty buffers. 235 236Note: when a program (like dosemu) has the keyboard in 'raw' 237mode, the ctrl-alt-del is intercepted by the program before it 238ever reaches the kernel tty layer, and it's up to the program 239to decide what to do with it. 240 241============================================================== 242 243dmesg_restrict: 244 245This toggle indicates whether unprivileged users are prevented 246from using dmesg(8) to view messages from the kernel's log buffer. 247When dmesg_restrict is set to (0) there are no restrictions. When 248dmesg_restrict is set set to (1), users must have CAP_SYSLOG to use 249dmesg(8). 250 251The kernel config option CONFIG_SECURITY_DMESG_RESTRICT sets the 252default value of dmesg_restrict. 253 254============================================================== 255 256domainname & hostname: 257 258These files can be used to set the NIS/YP domainname and the 259hostname of your box in exactly the same way as the commands 260domainname and hostname, i.e.: 261# echo "darkstar" > /proc/sys/kernel/hostname 262# echo "mydomain" > /proc/sys/kernel/domainname 263has the same effect as 264# hostname "darkstar" 265# domainname "mydomain" 266 267Note, however, that the classic darkstar.frop.org has the 268hostname "darkstar" and DNS (Internet Domain Name Server) 269domainname "frop.org", not to be confused with the NIS (Network 270Information Service) or YP (Yellow Pages) domainname. These two 271domain names are in general different. For a detailed discussion 272see the hostname(1) man page. 273 274============================================================== 275 276hotplug: 277 278Path for the hotplug policy agent. 279Default value is "/sbin/hotplug". 280 281============================================================== 282 283kptr_restrict: 284 285This toggle indicates whether restrictions are placed on 286exposing kernel addresses via /proc and other interfaces. When 287kptr_restrict is set to (0), there are no restrictions. When 288kptr_restrict is set to (1), the default, kernel pointers 289printed using the %pK format specifier will be replaced with 0's 290unless the user has CAP_SYSLOG. When kptr_restrict is set to 291(2), kernel pointers printed using %pK will be replaced with 0's 292regardless of privileges. 293 294============================================================== 295 296kstack_depth_to_print: (X86 only) 297 298Controls the number of words to print when dumping the raw 299kernel stack. 300 301============================================================== 302 303l2cr: (PPC only) 304 305This flag controls the L2 cache of G3 processor boards. If 3060, the cache is disabled. Enabled if nonzero. 307 308============================================================== 309 310modules_disabled: 311 312A toggle value indicating if modules are allowed to be loaded 313in an otherwise modular kernel. This toggle defaults to off 314(0), but can be set true (1). Once true, modules can be 315neither loaded nor unloaded, and the toggle cannot be set back 316to false. 317 318============================================================== 319 320nmi_watchdog: 321 322Enables/Disables the NMI watchdog on x86 systems. When the value is 323non-zero the NMI watchdog is enabled and will continuously test all 324online cpus to determine whether or not they are still functioning 325properly. Currently, passing "nmi_watchdog=" parameter at boot time is 326required for this function to work. 327 328If LAPIC NMI watchdog method is in use (nmi_watchdog=2 kernel 329parameter), the NMI watchdog shares registers with oprofile. By 330disabling the NMI watchdog, oprofile may have more registers to 331utilize. 332 333============================================================== 334 335osrelease, ostype & version: 336 337# cat osrelease 3382.1.88 339# cat ostype 340Linux 341# cat version 342#5 Wed Feb 25 21:49:24 MET 1998 343 344The files osrelease and ostype should be clear enough. Version 345needs a little more clarification however. The '#5' means that 346this is the fifth kernel built from this source base and the 347date behind it indicates the time the kernel was built. 348The only way to tune these values is to rebuild the kernel :-) 349 350============================================================== 351 352overflowgid & overflowuid: 353 354if your architecture did not always support 32-bit UIDs (i.e. arm, 355i386, m68k, sh, and sparc32), a fixed UID and GID will be returned to 356applications that use the old 16-bit UID/GID system calls, if the 357actual UID or GID would exceed 65535. 358 359These sysctls allow you to change the value of the fixed UID and GID. 360The default is 65534. 361 362============================================================== 363 364panic: 365 366The value in this file represents the number of seconds the kernel 367waits before rebooting on a panic. When you use the software watchdog, 368the recommended setting is 60. 369 370============================================================== 371 372panic_on_unrecovered_nmi: 373 374The default Linux behaviour on an NMI of either memory or unknown is 375to continue operation. For many environments such as scientific 376computing it is preferable that the box is taken out and the error 377dealt with than an uncorrected parity/ECC error get propagated. 378 379A small number of systems do generate NMI's for bizarre random reasons 380such as power management so the default is off. That sysctl works like 381the existing panic controls already in that directory. 382 383============================================================== 384 385panic_on_oops: 386 387Controls the kernel's behaviour when an oops or BUG is encountered. 388 3890: try to continue operation 390 3911: panic immediately. If the `panic' sysctl is also non-zero then the 392 machine will be rebooted. 393 394============================================================== 395 396pid_max: 397 398PID allocation wrap value. When the kernel's next PID value 399reaches this value, it wraps back to a minimum PID value. 400PIDs of value pid_max or larger are not allocated. 401 402============================================================== 403 404powersave-nap: (PPC only) 405 406If set, Linux-PPC will use the 'nap' mode of powersaving, 407otherwise the 'doze' mode will be used. 408 409============================================================== 410 411printk: 412 413The four values in printk denote: console_loglevel, 414default_message_loglevel, minimum_console_loglevel and 415default_console_loglevel respectively. 416 417These values influence printk() behavior when printing or 418logging error messages. See 'man 2 syslog' for more info on 419the different loglevels. 420 421- console_loglevel: messages with a higher priority than 422 this will be printed to the console 423- default_message_loglevel: messages without an explicit priority 424 will be printed with this priority 425- minimum_console_loglevel: minimum (highest) value to which 426 console_loglevel can be set 427- default_console_loglevel: default value for console_loglevel 428 429============================================================== 430 431printk_delay: 432 433Delay each printk message in printk_delay milliseconds 434 435Value from 0 - 10000 is allowed. 436 437============================================================== 438 439printk_ratelimit: 440 441Some warning messages are rate limited. printk_ratelimit specifies 442the minimum length of time between these messages (in jiffies), by 443default we allow one every 5 seconds. 444 445A value of 0 will disable rate limiting. 446 447============================================================== 448 449printk_ratelimit_burst: 450 451While long term we enforce one message per printk_ratelimit 452seconds, we do allow a burst of messages to pass through. 453printk_ratelimit_burst specifies the number of messages we can 454send before ratelimiting kicks in. 455 456============================================================== 457 458randomize_va_space: 459 460This option can be used to select the type of process address 461space randomization that is used in the system, for architectures 462that support this feature. 463 4640 - Turn the process address space randomization off. This is the 465 default for architectures that do not support this feature anyways, 466 and kernels that are booted with the "norandmaps" parameter. 467 4681 - Make the addresses of mmap base, stack and VDSO page randomized. 469 This, among other things, implies that shared libraries will be 470 loaded to random addresses. Also for PIE-linked binaries, the 471 location of code start is randomized. This is the default if the 472 CONFIG_COMPAT_BRK option is enabled. 473 4742 - Additionally enable heap randomization. This is the default if 475 CONFIG_COMPAT_BRK is disabled. 476 477 There are a few legacy applications out there (such as some ancient 478 versions of libc.so.5 from 1996) that assume that brk area starts 479 just after the end of the code+bss. These applications break when 480 start of the brk area is randomized. There are however no known 481 non-legacy applications that would be broken this way, so for most 482 systems it is safe to choose full randomization. 483 484 Systems with ancient and/or broken binaries should be configured 485 with CONFIG_COMPAT_BRK enabled, which excludes the heap from process 486 address space randomization. 487 488============================================================== 489 490reboot-cmd: (Sparc only) 491 492??? This seems to be a way to give an argument to the Sparc 493ROM/Flash boot loader. Maybe to tell it what to do after 494rebooting. ??? 495 496============================================================== 497 498rtsig-max & rtsig-nr: 499 500The file rtsig-max can be used to tune the maximum number 501of POSIX realtime (queued) signals that can be outstanding 502in the system. 503 504rtsig-nr shows the number of RT signals currently queued. 505 506============================================================== 507 508sg-big-buff: 509 510This file shows the size of the generic SCSI (sg) buffer. 511You can't tune it just yet, but you could change it on 512compile time by editing include/scsi/sg.h and changing 513the value of SG_BIG_BUFF. 514 515There shouldn't be any reason to change this value. If 516you can come up with one, you probably know what you 517are doing anyway :) 518 519============================================================== 520 521shmmax: 522 523This value can be used to query and set the run time limit 524on the maximum shared memory segment size that can be created. 525Shared memory segments up to 1Gb are now supported in the 526kernel. This value defaults to SHMMAX. 527 528============================================================== 529 530shm_rmid_forced: 531 532Linux lets you set resource limits, including how much memory one 533process can consume, via setrlimit(2). Unfortunately, shared memory 534segments are allowed to exist without association with any process, and 535thus might not be counted against any resource limits. If enabled, 536shared memory segments are automatically destroyed when their attach 537count becomes zero after a detach or a process termination. It will 538also destroy segments that were created, but never attached to, on exit 539from the process. The only use left for IPC_RMID is to immediately 540destroy an unattached segment. Of course, this breaks the way things are 541defined, so some applications might stop working. Note that this 542feature will do you no good unless you also configure your resource 543limits (in particular, RLIMIT_AS and RLIMIT_NPROC). Most systems don't 544need this. 545 546Note that if you change this from 0 to 1, already created segments 547without users and with a dead originative process will be destroyed. 548 549============================================================== 550 551softlockup_thresh: 552 553This value can be used to lower the softlockup tolerance threshold. The 554default threshold is 60 seconds. If a cpu is locked up for 60 seconds, 555the kernel complains. Valid values are 1-60 seconds. Setting this 556tunable to zero will disable the softlockup detection altogether. 557 558============================================================== 559 560tainted: 561 562Non-zero if the kernel has been tainted. Numeric values, which 563can be ORed together: 564 565 1 - A module with a non-GPL license has been loaded, this 566 includes modules with no license. 567 Set by modutils >= 2.4.9 and module-init-tools. 568 2 - A module was force loaded by insmod -f. 569 Set by modutils >= 2.4.9 and module-init-tools. 570 4 - Unsafe SMP processors: SMP with CPUs not designed for SMP. 571 8 - A module was forcibly unloaded from the system by rmmod -f. 572 16 - A hardware machine check error occurred on the system. 573 32 - A bad page was discovered on the system. 574 64 - The user has asked that the system be marked "tainted". This 575 could be because they are running software that directly modifies 576 the hardware, or for other reasons. 577 128 - The system has died. 578 256 - The ACPI DSDT has been overridden with one supplied by the user 579 instead of using the one provided by the hardware. 580 512 - A kernel warning has occurred. 5811024 - A module from drivers/staging was loaded. 582 583============================================================== 584 585unknown_nmi_panic: 586 587The value in this file affects behavior of handling NMI. When the 588value is non-zero, unknown NMI is trapped and then panic occurs. At 589that time, kernel debugging information is displayed on console. 590 591NMI switch that most IA32 servers have fires unknown NMI up, for 592example. If a system hangs up, try pressing the NMI switch.