]>
Commit | Line | Data |
---|---|---|
1da177e4 LT |
1 | Documentation for /proc/sys/kernel/* kernel version 2.2.10 |
2 | (c) 1998, 1999, Rik van Riel <riel@nl.linux.org> | |
760df93e | 3 | (c) 2009, Shen Feng<shen@cn.fujitsu.com> |
1da177e4 LT |
4 | |
5 | For general info and legal blurb, please look in README. | |
6 | ||
7 | ============================================================== | |
8 | ||
9 | This file contains documentation for the sysctl files in | |
10 | /proc/sys/kernel/ and is valid for Linux kernel version 2.2. | |
11 | ||
12 | The files in this directory can be used to tune and monitor | |
13 | miscellaneous and general things in the operation of the Linux | |
14 | kernel. Since some of the files _can_ be used to screw up your | |
15 | system, it is advisable to read both documentation and source | |
16 | before actually making adjustments. | |
17 | ||
18 | Currently, these files might (depending on your configuration) | |
19 | show up in /proc/sys/kernel: | |
c255d844 | 20 | - acpi_video_flags |
1da177e4 | 21 | - acct |
d75757ab PA |
22 | - bootloader_type [ X86 only ] |
23 | - bootloader_version [ X86 only ] | |
c114728a | 24 | - callhome [ S390 only ] |
760df93e | 25 | - auto_msgmni |
1da177e4 | 26 | - core_pattern |
a293980c | 27 | - core_pipe_limit |
1da177e4 LT |
28 | - core_uses_pid |
29 | - ctrl-alt-del | |
30 | - dentry-state | |
eaf06b24 | 31 | - dmesg_restrict |
1da177e4 LT |
32 | - domainname |
33 | - hostname | |
34 | - hotplug | |
35 | - java-appletviewer [ binfmt_java, obsolete ] | |
36 | - java-interpreter [ binfmt_java, obsolete ] | |
455cd5ab | 37 | - kptr_restrict |
0741f4d2 | 38 | - kstack_depth_to_print [ X86 only ] |
1da177e4 | 39 | - l2cr [ PPC only ] |
ac76cff2 | 40 | - modprobe ==> Documentation/debugging-modules.txt |
3d43321b | 41 | - modules_disabled |
1da177e4 LT |
42 | - msgmax |
43 | - msgmnb | |
44 | - msgmni | |
760df93e | 45 | - nmi_watchdog |
1da177e4 LT |
46 | - osrelease |
47 | - ostype | |
48 | - overflowgid | |
49 | - overflowuid | |
50 | - panic | |
51 | - pid_max | |
52 | - powersave-nap [ PPC only ] | |
760df93e | 53 | - panic_on_unrecovered_nmi |
1da177e4 | 54 | - printk |
1ec7fd50 | 55 | - randomize_va_space |
1da177e4 LT |
56 | - real-root-dev ==> Documentation/initrd.txt |
57 | - reboot-cmd [ SPARC only ] | |
58 | - rtsig-max | |
59 | - rtsig-nr | |
60 | - sem | |
61 | - sg-big-buff [ generic SCSI device (sg) ] | |
62 | - shmall | |
63 | - shmmax [ sysv ipc ] | |
64 | - shmmni | |
65 | - stop-a [ SPARC only ] | |
66 | - sysrq ==> Documentation/sysrq.txt | |
67 | - tainted | |
68 | - threads-max | |
760df93e | 69 | - unknown_nmi_panic |
1da177e4 LT |
70 | - version |
71 | ||
72 | ============================================================== | |
73 | ||
c255d844 PM |
74 | acpi_video_flags: |
75 | ||
76 | flags | |
77 | ||
78 | See Doc*/kernel/power/video.txt, it allows mode of video boot to be | |
79 | set during run time. | |
80 | ||
81 | ============================================================== | |
82 | ||
1da177e4 LT |
83 | acct: |
84 | ||
85 | highwater lowwater frequency | |
86 | ||
87 | If BSD-style process accounting is enabled these values control | |
88 | its behaviour. If free space on filesystem where the log lives | |
89 | goes below <lowwater>% accounting suspends. If free space gets | |
90 | above <highwater>% accounting resumes. <Frequency> determines | |
91 | how often do we check the amount of free space (value is in | |
92 | seconds). Default: | |
93 | 4 2 30 | |
94 | That is, suspend accounting if there left <= 2% free; resume it | |
95 | if we got >=4%; consider information about amount of free space | |
96 | valid for 30 seconds. | |
97 | ||
98 | ============================================================== | |
99 | ||
d75757ab PA |
100 | bootloader_type: |
101 | ||
102 | x86 bootloader identification | |
103 | ||
104 | This gives the bootloader type number as indicated by the bootloader, | |
105 | shifted left by 4, and OR'd with the low four bits of the bootloader | |
106 | version. The reason for this encoding is that this used to match the | |
107 | type_of_loader field in the kernel header; the encoding is kept for | |
108 | backwards compatibility. That is, if the full bootloader type number | |
109 | is 0x15 and the full version number is 0x234, this file will contain | |
110 | the value 340 = 0x154. | |
111 | ||
112 | See the type_of_loader and ext_loader_type fields in | |
113 | Documentation/x86/boot.txt for additional information. | |
114 | ||
115 | ============================================================== | |
116 | ||
117 | bootloader_version: | |
118 | ||
119 | x86 bootloader version | |
120 | ||
121 | The complete bootloader version number. In the example above, this | |
122 | file will contain the value 564 = 0x234. | |
123 | ||
124 | See the type_of_loader and ext_loader_ver fields in | |
125 | Documentation/x86/boot.txt for additional information. | |
126 | ||
127 | ============================================================== | |
128 | ||
c114728a HJP |
129 | callhome: |
130 | ||
131 | Controls the kernel's callhome behavior in case of a kernel panic. | |
132 | ||
133 | The s390 hardware allows an operating system to send a notification | |
134 | to a service organization (callhome) in case of an operating system panic. | |
135 | ||
136 | When the value in this file is 0 (which is the default behavior) | |
137 | nothing happens in case of a kernel panic. If this value is set to "1" | |
138 | the complete kernel oops message is send to the IBM customer service | |
139 | organization in case the mainframe the Linux operating system is running | |
140 | on has a service contract with IBM. | |
141 | ||
142 | ============================================================== | |
143 | ||
1da177e4 LT |
144 | core_pattern: |
145 | ||
146 | core_pattern is used to specify a core dumpfile pattern name. | |
cd081041 | 147 | . max length 128 characters; default value is "core" |
1da177e4 LT |
148 | . core_pattern is used as a pattern template for the output filename; |
149 | certain string patterns (beginning with '%') are substituted with | |
150 | their actual values. | |
151 | . backward compatibility with core_uses_pid: | |
152 | If core_pattern does not include "%p" (default does not) | |
153 | and core_uses_pid is set, then .PID will be appended to | |
154 | the filename. | |
155 | . corename format specifiers: | |
156 | %<NUL> '%' is dropped | |
157 | %% output one '%' | |
158 | %p pid | |
159 | %u uid | |
160 | %g gid | |
161 | %s signal number | |
162 | %t UNIX time of dump | |
163 | %h hostname | |
57cc083a JS |
164 | %e executable filename (may be shortened) |
165 | %E executable path | |
1da177e4 | 166 | %<OTHER> both are dropped |
cd081041 MU |
167 | . If the first character of the pattern is a '|', the kernel will treat |
168 | the rest of the pattern as a command to run. The core dump will be | |
169 | written to the standard input of that program instead of to a file. | |
1da177e4 LT |
170 | |
171 | ============================================================== | |
172 | ||
a293980c NH |
173 | core_pipe_limit: |
174 | ||
175 | This sysctl is only applicable when core_pattern is configured to pipe core | |
7beeec88 | 176 | files to a user space helper (when the first character of core_pattern is a '|', |
a293980c | 177 | see above). When collecting cores via a pipe to an application, it is |
7beeec88 | 178 | occasionally useful for the collecting application to gather data about the |
a293980c NH |
179 | crashing process from its /proc/pid directory. In order to do this safely, the |
180 | kernel must wait for the collecting process to exit, so as not to remove the | |
181 | crashing processes proc files prematurely. This in turn creates the possibility | |
182 | that a misbehaving userspace collecting process can block the reaping of a | |
183 | crashed process simply by never exiting. This sysctl defends against that. It | |
184 | defines how many concurrent crashing processes may be piped to user space | |
185 | applications in parallel. If this value is exceeded, then those crashing | |
186 | processes above that value are noted via the kernel log and their cores are | |
187 | skipped. 0 is a special value, indicating that unlimited processes may be | |
188 | captured in parallel, but that no waiting will take place (i.e. the collecting | |
7beeec88 | 189 | process is not guaranteed access to /proc/<crashing pid>/). This value defaults |
a293980c NH |
190 | to 0. |
191 | ||
192 | ============================================================== | |
193 | ||
1da177e4 LT |
194 | core_uses_pid: |
195 | ||
196 | The default coredump filename is "core". By setting | |
197 | core_uses_pid to 1, the coredump filename becomes core.PID. | |
198 | If core_pattern does not include "%p" (default does not) | |
199 | and core_uses_pid is set, then .PID will be appended to | |
200 | the filename. | |
201 | ||
202 | ============================================================== | |
203 | ||
204 | ctrl-alt-del: | |
205 | ||
206 | When the value in this file is 0, ctrl-alt-del is trapped and | |
207 | sent to the init(1) program to handle a graceful restart. | |
208 | When, however, the value is > 0, Linux's reaction to a Vulcan | |
209 | Nerve Pinch (tm) will be an immediate reboot, without even | |
210 | syncing its dirty buffers. | |
211 | ||
212 | Note: when a program (like dosemu) has the keyboard in 'raw' | |
213 | mode, the ctrl-alt-del is intercepted by the program before it | |
214 | ever reaches the kernel tty layer, and it's up to the program | |
215 | to decide what to do with it. | |
216 | ||
217 | ============================================================== | |
218 | ||
eaf06b24 DR |
219 | dmesg_restrict: |
220 | ||
221 | This toggle indicates whether unprivileged users are prevented from using | |
222 | dmesg(8) to view messages from the kernel's log buffer. When | |
223 | dmesg_restrict is set to (0) there are no restrictions. When | |
38ef4c2e | 224 | dmesg_restrict is set set to (1), users must have CAP_SYSLOG to use |
eaf06b24 DR |
225 | dmesg(8). |
226 | ||
227 | The kernel config option CONFIG_SECURITY_DMESG_RESTRICT sets the default | |
228 | value of dmesg_restrict. | |
229 | ||
230 | ============================================================== | |
231 | ||
1da177e4 LT |
232 | domainname & hostname: |
233 | ||
234 | These files can be used to set the NIS/YP domainname and the | |
235 | hostname of your box in exactly the same way as the commands | |
236 | domainname and hostname, i.e.: | |
237 | # echo "darkstar" > /proc/sys/kernel/hostname | |
238 | # echo "mydomain" > /proc/sys/kernel/domainname | |
239 | has the same effect as | |
240 | # hostname "darkstar" | |
241 | # domainname "mydomain" | |
242 | ||
243 | Note, however, that the classic darkstar.frop.org has the | |
244 | hostname "darkstar" and DNS (Internet Domain Name Server) | |
245 | domainname "frop.org", not to be confused with the NIS (Network | |
246 | Information Service) or YP (Yellow Pages) domainname. These two | |
247 | domain names are in general different. For a detailed discussion | |
248 | see the hostname(1) man page. | |
249 | ||
250 | ============================================================== | |
251 | ||
252 | hotplug: | |
253 | ||
254 | Path for the hotplug policy agent. | |
255 | Default value is "/sbin/hotplug". | |
256 | ||
257 | ============================================================== | |
258 | ||
259 | l2cr: (PPC only) | |
260 | ||
261 | This flag controls the L2 cache of G3 processor boards. If | |
262 | 0, the cache is disabled. Enabled if nonzero. | |
263 | ||
264 | ============================================================== | |
265 | ||
455cd5ab DR |
266 | kptr_restrict: |
267 | ||
268 | This toggle indicates whether restrictions are placed on | |
269 | exposing kernel addresses via /proc and other interfaces. When | |
270 | kptr_restrict is set to (0), there are no restrictions. When | |
271 | kptr_restrict is set to (1), the default, kernel pointers | |
272 | printed using the %pK format specifier will be replaced with 0's | |
273 | unless the user has CAP_SYSLOG. When kptr_restrict is set to | |
274 | (2), kernel pointers printed using %pK will be replaced with 0's | |
275 | regardless of privileges. | |
276 | ||
277 | ============================================================== | |
278 | ||
0741f4d2 CE |
279 | kstack_depth_to_print: (X86 only) |
280 | ||
281 | Controls the number of words to print when dumping the raw | |
282 | kernel stack. | |
283 | ||
284 | ============================================================== | |
285 | ||
3d43321b KC |
286 | modules_disabled: |
287 | ||
288 | A toggle value indicating if modules are allowed to be loaded | |
289 | in an otherwise modular kernel. This toggle defaults to off | |
290 | (0), but can be set true (1). Once true, modules can be | |
291 | neither loaded nor unloaded, and the toggle cannot be set back | |
292 | to false. | |
293 | ||
294 | ============================================================== | |
295 | ||
1da177e4 LT |
296 | osrelease, ostype & version: |
297 | ||
298 | # cat osrelease | |
299 | 2.1.88 | |
300 | # cat ostype | |
301 | Linux | |
302 | # cat version | |
303 | #5 Wed Feb 25 21:49:24 MET 1998 | |
304 | ||
305 | The files osrelease and ostype should be clear enough. Version | |
306 | needs a little more clarification however. The '#5' means that | |
307 | this is the fifth kernel built from this source base and the | |
308 | date behind it indicates the time the kernel was built. | |
309 | The only way to tune these values is to rebuild the kernel :-) | |
310 | ||
311 | ============================================================== | |
312 | ||
313 | overflowgid & overflowuid: | |
314 | ||
315 | if your architecture did not always support 32-bit UIDs (i.e. arm, i386, | |
316 | m68k, sh, and sparc32), a fixed UID and GID will be returned to | |
317 | applications that use the old 16-bit UID/GID system calls, if the actual | |
318 | UID or GID would exceed 65535. | |
319 | ||
320 | These sysctls allow you to change the value of the fixed UID and GID. | |
321 | The default is 65534. | |
322 | ||
323 | ============================================================== | |
324 | ||
325 | panic: | |
326 | ||
327 | The value in this file represents the number of seconds the | |
328 | kernel waits before rebooting on a panic. When you use the | |
329 | software watchdog, the recommended setting is 60. | |
330 | ||
331 | ============================================================== | |
332 | ||
333 | panic_on_oops: | |
334 | ||
335 | Controls the kernel's behaviour when an oops or BUG is encountered. | |
336 | ||
337 | 0: try to continue operation | |
338 | ||
a982ac06 | 339 | 1: panic immediately. If the `panic' sysctl is also non-zero then the |
8b23d04d | 340 | machine will be rebooted. |
1da177e4 LT |
341 | |
342 | ============================================================== | |
343 | ||
344 | pid_max: | |
345 | ||
beb7dd86 | 346 | PID allocation wrap value. When the kernel's next PID value |
1da177e4 LT |
347 | reaches this value, it wraps back to a minimum PID value. |
348 | PIDs of value pid_max or larger are not allocated. | |
349 | ||
350 | ============================================================== | |
351 | ||
352 | powersave-nap: (PPC only) | |
353 | ||
354 | If set, Linux-PPC will use the 'nap' mode of powersaving, | |
355 | otherwise the 'doze' mode will be used. | |
356 | ||
357 | ============================================================== | |
358 | ||
359 | printk: | |
360 | ||
361 | The four values in printk denote: console_loglevel, | |
362 | default_message_loglevel, minimum_console_loglevel and | |
363 | default_console_loglevel respectively. | |
364 | ||
365 | These values influence printk() behavior when printing or | |
366 | logging error messages. See 'man 2 syslog' for more info on | |
367 | the different loglevels. | |
368 | ||
369 | - console_loglevel: messages with a higher priority than | |
370 | this will be printed to the console | |
87889e15 | 371 | - default_message_loglevel: messages without an explicit priority |
1da177e4 LT |
372 | will be printed with this priority |
373 | - minimum_console_loglevel: minimum (highest) value to which | |
374 | console_loglevel can be set | |
375 | - default_console_loglevel: default value for console_loglevel | |
376 | ||
377 | ============================================================== | |
378 | ||
379 | printk_ratelimit: | |
380 | ||
381 | Some warning messages are rate limited. printk_ratelimit specifies | |
382 | the minimum length of time between these messages (in jiffies), by | |
383 | default we allow one every 5 seconds. | |
384 | ||
385 | A value of 0 will disable rate limiting. | |
386 | ||
387 | ============================================================== | |
388 | ||
389 | printk_ratelimit_burst: | |
390 | ||
391 | While long term we enforce one message per printk_ratelimit | |
392 | seconds, we do allow a burst of messages to pass through. | |
393 | printk_ratelimit_burst specifies the number of messages we can | |
394 | send before ratelimiting kicks in. | |
395 | ||
396 | ============================================================== | |
397 | ||
af91322e DY |
398 | printk_delay: |
399 | ||
400 | Delay each printk message in printk_delay milliseconds | |
401 | ||
402 | Value from 0 - 10000 is allowed. | |
403 | ||
404 | ============================================================== | |
405 | ||
1ec7fd50 JK |
406 | randomize-va-space: |
407 | ||
408 | This option can be used to select the type of process address | |
409 | space randomization that is used in the system, for architectures | |
410 | that support this feature. | |
411 | ||
b7f5ab6f HS |
412 | 0 - Turn the process address space randomization off. This is the |
413 | default for architectures that do not support this feature anyways, | |
414 | and kernels that are booted with the "norandmaps" parameter. | |
1ec7fd50 JK |
415 | |
416 | 1 - Make the addresses of mmap base, stack and VDSO page randomized. | |
417 | This, among other things, implies that shared libraries will be | |
b7f5ab6f HS |
418 | loaded to random addresses. Also for PIE-linked binaries, the |
419 | location of code start is randomized. This is the default if the | |
420 | CONFIG_COMPAT_BRK option is enabled. | |
1ec7fd50 | 421 | |
b7f5ab6f HS |
422 | 2 - Additionally enable heap randomization. This is the default if |
423 | CONFIG_COMPAT_BRK is disabled. | |
424 | ||
425 | There are a few legacy applications out there (such as some ancient | |
1ec7fd50 | 426 | versions of libc.so.5 from 1996) that assume that brk area starts |
b7f5ab6f HS |
427 | just after the end of the code+bss. These applications break when |
428 | start of the brk area is randomized. There are however no known | |
1ec7fd50 | 429 | non-legacy applications that would be broken this way, so for most |
b7f5ab6f HS |
430 | systems it is safe to choose full randomization. |
431 | ||
432 | Systems with ancient and/or broken binaries should be configured | |
433 | with CONFIG_COMPAT_BRK enabled, which excludes the heap from process | |
434 | address space randomization. | |
1ec7fd50 JK |
435 | |
436 | ============================================================== | |
437 | ||
1da177e4 LT |
438 | reboot-cmd: (Sparc only) |
439 | ||
440 | ??? This seems to be a way to give an argument to the Sparc | |
441 | ROM/Flash boot loader. Maybe to tell it what to do after | |
442 | rebooting. ??? | |
443 | ||
444 | ============================================================== | |
445 | ||
446 | rtsig-max & rtsig-nr: | |
447 | ||
448 | The file rtsig-max can be used to tune the maximum number | |
449 | of POSIX realtime (queued) signals that can be outstanding | |
450 | in the system. | |
451 | ||
452 | rtsig-nr shows the number of RT signals currently queued. | |
453 | ||
454 | ============================================================== | |
455 | ||
456 | sg-big-buff: | |
457 | ||
458 | This file shows the size of the generic SCSI (sg) buffer. | |
459 | You can't tune it just yet, but you could change it on | |
460 | compile time by editing include/scsi/sg.h and changing | |
461 | the value of SG_BIG_BUFF. | |
462 | ||
463 | There shouldn't be any reason to change this value. If | |
464 | you can come up with one, you probably know what you | |
465 | are doing anyway :) | |
466 | ||
467 | ============================================================== | |
468 | ||
469 | shmmax: | |
470 | ||
471 | This value can be used to query and set the run time limit | |
472 | on the maximum shared memory segment size that can be created. | |
473 | Shared memory segments up to 1Gb are now supported in the | |
474 | kernel. This value defaults to SHMMAX. | |
475 | ||
476 | ============================================================== | |
477 | ||
c4f3b63f RT |
478 | softlockup_thresh: |
479 | ||
b4d19cc8 AM |
480 | This value can be used to lower the softlockup tolerance threshold. The |
481 | default threshold is 60 seconds. If a cpu is locked up for 60 seconds, | |
482 | the kernel complains. Valid values are 1-60 seconds. Setting this | |
483 | tunable to zero will disable the softlockup detection altogether. | |
c4f3b63f RT |
484 | |
485 | ============================================================== | |
486 | ||
1da177e4 LT |
487 | tainted: |
488 | ||
489 | Non-zero if the kernel has been tainted. Numeric values, which | |
490 | can be ORed together: | |
491 | ||
bb20698d GKH |
492 | 1 - A module with a non-GPL license has been loaded, this |
493 | includes modules with no license. | |
494 | Set by modutils >= 2.4.9 and module-init-tools. | |
495 | 2 - A module was force loaded by insmod -f. | |
496 | Set by modutils >= 2.4.9 and module-init-tools. | |
497 | 4 - Unsafe SMP processors: SMP with CPUs not designed for SMP. | |
498 | 8 - A module was forcibly unloaded from the system by rmmod -f. | |
499 | 16 - A hardware machine check error occurred on the system. | |
500 | 32 - A bad page was discovered on the system. | |
501 | 64 - The user has asked that the system be marked "tainted". This | |
502 | could be because they are running software that directly modifies | |
503 | the hardware, or for other reasons. | |
504 | 128 - The system has died. | |
505 | 256 - The ACPI DSDT has been overridden with one supplied by the user | |
506 | instead of using the one provided by the hardware. | |
507 | 512 - A kernel warning has occurred. | |
508 | 1024 - A module from drivers/staging was loaded. | |
1da177e4 | 509 | |
760df93e SF |
510 | ============================================================== |
511 | ||
512 | auto_msgmni: | |
513 | ||
514 | Enables/Disables automatic recomputing of msgmni upon memory add/remove or | |
515 | upon ipc namespace creation/removal (see the msgmni description above). | |
516 | Echoing "1" into this file enables msgmni automatic recomputing. | |
517 | Echoing "0" turns it off. | |
518 | auto_msgmni default value is 1. | |
519 | ||
520 | ============================================================== | |
521 | ||
522 | nmi_watchdog: | |
523 | ||
524 | Enables/Disables the NMI watchdog on x86 systems. When the value is non-zero | |
525 | the NMI watchdog is enabled and will continuously test all online cpus to | |
526 | determine whether or not they are still functioning properly. Currently, | |
527 | passing "nmi_watchdog=" parameter at boot time is required for this function | |
528 | to work. | |
529 | ||
530 | If LAPIC NMI watchdog method is in use (nmi_watchdog=2 kernel parameter), the | |
531 | NMI watchdog shares registers with oprofile. By disabling the NMI watchdog, | |
532 | oprofile may have more registers to utilize. | |
533 | ||
534 | ============================================================== | |
535 | ||
536 | unknown_nmi_panic: | |
537 | ||
538 | The value in this file affects behavior of handling NMI. When the value is | |
539 | non-zero, unknown NMI is trapped and then panic occurs. At that time, kernel | |
540 | debugging information is displayed on console. | |
541 | ||
542 | NMI switch that most IA32 servers have fires unknown NMI up, for example. | |
543 | If a system hangs up, try pressing the NMI switch. | |
544 | ||
545 | ============================================================== | |
546 | ||
547 | panic_on_unrecovered_nmi: | |
548 | ||
549 | The default Linux behaviour on an NMI of either memory or unknown is to continue | |
550 | operation. For many environments such as scientific computing it is preferable | |
551 | that the box is taken out and the error dealt with than an uncorrected | |
552 | parity/ECC error get propogated. | |
553 | ||
554 | A small number of systems do generate NMI's for bizarre random reasons such as | |
555 | power management so the default is off. That sysctl works like the existing | |
556 | panic controls already in that directory. | |
557 |