.\" Copyright (C) 1994, 1995, Daniel Quinlan .\" Copyright (C) 2002-2008, 2017, Michael Kerrisk .\" Copyright (C) , Andries Brouwer .\" Copyright (C) 2023, Alejandro Colomar .\" .\" SPDX-License-Identifier: GPL-3.0-or-later .\" .TH proc_sys_kernel 5 2024-05-02 "Linux man-pages 6.9.1" .SH NAME /proc/sys/kernel/ \- control a range of kernel parameters .SH DESCRIPTION .TP .I /proc/sys/kernel/ This directory contains files controlling a range of kernel parameters, as described below. .TP .I /proc/sys/kernel/acct This file contains three numbers: .IR highwater , .IR lowwater , and .IR frequency . If BSD-style process accounting is enabled, these values control its behavior. If free space on filesystem where the log lives goes below .I lowwater percent, accounting suspends. If free space gets above .I highwater percent, accounting resumes. .I frequency determines how often the kernel checks the amount of free space (value is in seconds). Default values are 4, 2, and 30. That is, suspend accounting if 2% or less space is free; resume it if 4% or more space is free; consider information about amount of free space valid for 30 seconds. .TP .IR /proc/sys/kernel/auto_msgmni " (Linux 2.6.27 to Linux 3.18)" .\" commit 9eefe520c814f6f62c5d36a2ddcd3fb99dfdb30e (introduces feature) .\" commit 0050ee059f7fc86b1df2527aaa14ed5dc72f9973 (rendered redundant) From Linux 2.6.27 to Linux 3.18, this file was used to control recomputing of the value in .I /proc/sys/kernel/msgmni upon the addition or removal of memory or upon IPC namespace creation/removal. Echoing "1" into this file enabled .I msgmni automatic recomputing (and triggered a recomputation of .I msgmni based on the current amount of available memory and number of IPC namespaces). Echoing "0" disabled automatic recomputing. (Automatic recomputing was also disabled if a value was explicitly assigned to .IR /proc/sys/kernel/msgmni .) The default value in .I auto_msgmni was 1. .IP Since Linux 3.19, the content of this file has no effect (because .I msgmni .\" FIXME Must document the 3.19 'msgmni' changes. defaults to near the maximum value possible), and reads from this file always return the value "0". .TP .IR /proc/sys/kernel/cap_last_cap " (since Linux 3.2)" See .BR capabilities (7). .TP .IR /proc/sys/kernel/cap\-bound " (from Linux 2.2 to Linux 2.6.24)" This file holds the value of the kernel .I "capability bounding set" (expressed as a signed decimal number). This set is ANDed against the capabilities permitted to a process during .BR execve (2). Starting with Linux 2.6.25, the system-wide capability bounding set disappeared, and was replaced by a per-thread bounding set; see .BR capabilities (7). .TP .I /proc/sys/kernel/core_pattern See .BR core (5). .TP .I /proc/sys/kernel/core_pipe_limit See .BR core (5). .TP .I /proc/sys/kernel/core_uses_pid See .BR core (5). .TP .I /proc/sys/kernel/ctrl\-alt\-del This file controls the handling of Ctrl-Alt-Del from the keyboard. When the value in this file is 0, Ctrl-Alt-Del is trapped and sent to the .BR init (1) program to handle a graceful restart. When the value is greater than zero, Linux's reaction to a Vulcan Nerve Pinch (tm) will be an immediate reboot, without even syncing its dirty buffers. Note: when a program (like dosemu) has the keyboard in "raw" mode, the Ctrl-Alt-Del is intercepted by the program before it ever reaches the kernel tty layer, and it's up to the program to decide what to do with it. .TP .IR /proc/sys/kernel/dmesg_restrict " (since Linux 2.6.37)" The value in this file determines who can see kernel syslog contents. A value of 0 in this file imposes no restrictions. If the value is 1, only privileged users can read the kernel syslog. (See .BR syslog (2) for more details.) Since Linux 3.4, .\" commit 620f6e8e855d6d447688a5f67a4e176944a084e8 only users with the .B CAP_SYS_ADMIN capability may change the value in this file. .TP .IR /proc/sys/kernel/domainname " and " /proc/sys/kernel/hostname can be used to set the NIS/YP domainname and the hostname of your box in exactly the same way as the commands .BR domainname (1) and .BR hostname (1), that is: .IP .in +4n .EX .RB "#" " echo \[aq]darkstar\[aq] > /proc/sys/kernel/hostname" .RB "#" " echo \[aq]mydomain\[aq] > /proc/sys/kernel/domainname" .EE .in .IP has the same effect as .IP .in +4n .EX .RB "#" " hostname \[aq]darkstar\[aq]" .RB "#" " domainname \[aq]mydomain\[aq]" .EE .in .IP Note, however, that the classic darkstar.frop.org has the hostname "darkstar" and DNS (Internet Domain Name Server) domainname "frop.org", not to be confused with the NIS (Network Information Service) or YP (Yellow Pages) domainname. These two domain names are in general different. For a detailed discussion see the .BR hostname (1) man page. .TP .I /proc/sys/kernel/hotplug This file contains the pathname for the hotplug policy agent. The default value in this file is .IR /sbin/hotplug . .TP .\" Removed in commit 87f504e5c78b910b0c1d6ffb89bc95e492322c84 (tglx/history.git) .IR /proc/sys/kernel/htab\-reclaim " (before Linux 2.4.9.2)" (PowerPC only) If this file is set to a nonzero value, the PowerPC htab .\" removed in commit 1b483a6a7b2998e9c98ad985d7494b9b725bd228, before Linux 2.6.28 (see kernel file .IR Documentation/powerpc/ppc_htab.txt ) is pruned each time the system hits the idle loop. .TP .I /proc/sys/kernel/keys/ This directory contains various files that define parameters and limits for the key-management facility. These files are described in .BR keyrings (7). .TP .IR /proc/sys/kernel/kptr_restrict " (since Linux 2.6.38)" .\" 455cd5ab305c90ffc422dd2e0fb634730942b257 The value in this file determines whether kernel addresses are exposed via .I /proc files and other interfaces. A value of 0 in this file imposes no restrictions. If the value is 1, kernel pointers printed using the .I %pK format specifier will be replaced with zeros unless the user has the .B CAP_SYSLOG capability. If the value is 2, kernel pointers printed using the .I %pK format specifier will be replaced with zeros regardless of the user's capabilities. The initial default value for this file was 1, but the default was changed .\" commit 411f05f123cbd7f8aa1edcae86970755a6e2a9d9 to 0 in Linux 2.6.39. Since Linux 3.4, .\" commit 620f6e8e855d6d447688a5f67a4e176944a084e8 only users with the .B CAP_SYS_ADMIN capability can change the value in this file. .TP .I /proc/sys/kernel/l2cr (PowerPC only) This file contains a flag that controls the L2 cache of G3 processor boards. If 0, the cache is disabled. Enabled if nonzero. .TP .I /proc/sys/kernel/modprobe This file contains the pathname for the kernel module loader. The default value is .IR /sbin/modprobe . The file is present only if the kernel is built with the .B CONFIG_MODULES .RB ( CONFIG_KMOD in Linux 2.6.26 and earlier) option enabled. It is described by the Linux kernel source file .I Documentation/kmod.txt (present only in Linux 2.4 and earlier). .TP .IR /proc/sys/kernel/modules_disabled " (since Linux 2.6.31)" .\" 3d43321b7015387cfebbe26436d0e9d299162ea1 .\" From Documentation/sysctl/kernel.txt A toggle value indicating if modules are allowed to be loaded in an otherwise modular kernel. This toggle defaults to off (0), but can be set true (1). Once true, modules can be neither loaded nor unloaded, and the toggle cannot be set back to false. The file is present only if the kernel is built with the .B CONFIG_MODULES option enabled. .TP .IR /proc/sys/kernel/msgmax " (since Linux 2.2)" This file defines a system-wide limit specifying the maximum number of bytes in a single message written on a System V message queue. .TP .IR /proc/sys/kernel/msgmni " (since Linux 2.4)" This file defines the system-wide limit on the number of message queue identifiers. See also .IR /proc/sys/kernel/auto_msgmni . .TP .IR /proc/sys/kernel/msgmnb " (since Linux 2.2)" This file defines a system-wide parameter used to initialize the .I msg_qbytes setting for subsequently created message queues. The .I msg_qbytes setting specifies the maximum number of bytes that may be written to the message queue. .TP .IR /proc/sys/kernel/ngroups_max " (since Linux 2.6.4)" This is a read-only file that displays the upper limit on the number of a process's group memberships. .TP .IR /proc/sys/kernel/ns_last_pid " (since Linux 3.3)" See .BR pid_namespaces (7). .TP .IR /proc/sys/kernel/ostype " and " /proc/sys/kernel/osrelease These files give substrings of .IR /proc/version . .TP .IR /proc/sys/kernel/overflowgid " and " /proc/sys/kernel/overflowuid These files duplicate the files .I /proc/sys/fs/overflowgid and .IR /proc/sys/fs/overflowuid . .TP .I /proc/sys/kernel/panic This file gives read/write access to the kernel variable .IR panic_timeout . If this is zero, the kernel will loop on a panic; if nonzero, it indicates that the kernel should autoreboot after this number of seconds. When you use the software watchdog device driver, the recommended setting is 60. .TP .IR /proc/sys/kernel/panic_on_oops " (since Linux 2.5.68)" This file controls the kernel's behavior when an oops or BUG is encountered. If this file contains 0, then the system tries to continue operation. If it contains 1, then the system delays a few seconds (to give klogd time to record the oops output) and then panics. If the .I /proc/sys/kernel/panic file is also nonzero, then the machine will be rebooted. .TP .IR /proc/sys/kernel/pid_max " (since Linux 2.5.34)" This file specifies the value at which PIDs wrap around (i.e., the value in this file is one greater than the maximum PID). PIDs greater than this value are not allocated; thus, the value in this file also acts as a system-wide limit on the total number of processes and threads. The default value for this file, 32768, results in the same range of PIDs as on earlier kernels. On 32-bit platforms, 32768 is the maximum value for .IR pid_max . On 64-bit systems, .I pid_max can be set to any value up to 2\[ha]22 .RB ( PID_MAX_LIMIT , approximately 4 million). .\" Prior to Linux 2.6.10, pid_max could also be raised above 32768 on 32-bit .\" platforms, but this broke /proc/[pid] .\" See http://marc.theaimsgroup.com/?l=linux-kernel&m=109513010926152&w=2 .TP .IR /proc/sys/kernel/powersave\-nap " (PowerPC only)" This file contains a flag. If set, Linux-PPC will use the "nap" mode of powersaving, otherwise the "doze" mode will be used. .TP .I /proc/sys/kernel/printk See .BR syslog (2). .TP .IR /proc/sys/kernel/pty " (since Linux 2.6.4)" This directory contains two files relating to the number of UNIX 98 pseudoterminals (see .BR pts (4)) on the system. .TP .I /proc/sys/kernel/pty/max This file defines the maximum number of pseudoterminals. .\" FIXME Document /proc/sys/kernel/pty/reserve .\" New in Linux 3.3 .\" commit e9aba5158a80098447ff207a452a3418ae7ee386 .TP .I /proc/sys/kernel/pty/nr This read-only file indicates how many pseudoterminals are currently in use. .TP .I /proc/sys/kernel/random/ This directory contains various parameters controlling the operation of the file .IR /dev/random . See .BR random (4) for further information. .TP .IR /proc/sys/kernel/random/uuid " (since Linux 2.4)" Each read from this read-only file returns a randomly generated 128-bit UUID, as a string in the standard UUID format. .TP .IR /proc/sys/kernel/randomize_va_space " (since Linux 2.6.12)" .\" Some further details can be found in Documentation/sysctl/kernel.txt Select the address space layout randomization (ASLR) policy for the system (on architectures that support ASLR). Three values are supported for this file: .RS .TP .B 0 Turn ASLR off. This is the default for architectures that don't support ASLR, and when the kernel is booted with the .I norandmaps parameter. .TP .B 1 Make the addresses of .BR mmap (2) allocations, the stack, and the VDSO page randomized. Among other things, this means that shared libraries will be loaded at randomized addresses. The text segment of PIE-linked binaries will also be loaded at a randomized address. This value is the default if the kernel was configured with .BR CONFIG_COMPAT_BRK . .TP .B 2 (Since Linux 2.6.25) .\" commit c1d171a002942ea2d93b4fbd0c9583c56fce0772 Also support heap randomization. This value is the default if the kernel was not configured with .BR CONFIG_COMPAT_BRK . .RE .TP .I /proc/sys/kernel/real\-root\-dev This file is documented in the Linux kernel source file .I Documentation/admin\-guide/initrd.rst .\" commit 9d85025b0418163fae079c9ba8f8445212de8568 (or .I Documentation/initrd.txt before Linux 4.10). .TP .IR /proc/sys/kernel/reboot\-cmd " (Sparc only)" This file seems to be a way to give an argument to the SPARC ROM/Flash boot loader. Maybe to tell it what to do after rebooting? .TP .I /proc/sys/kernel/rtsig\-max (Up to and including Linux 2.6.7; see .BR setrlimit (2)) This file can be used to tune the maximum number of POSIX real-time (queued) signals that can be outstanding in the system. .TP .I /proc/sys/kernel/rtsig\-nr (Up to and including Linux 2.6.7.) This file shows the number of POSIX real-time signals currently queued. .TP .IR /proc/ pid /sched_autogroup_enabled " (since Linux 2.6.38)" .\" commit 5091faa449ee0b7d73bc296a93bca9540fc51d0a See .BR sched (7). .TP .IR /proc/sys/kernel/sched_child_runs_first " (since Linux 2.6.23)" If this file contains the value zero, then, after a .BR fork (2), the parent is first scheduled on the CPU. If the file contains a nonzero value, then the child is scheduled first on the CPU. (Of course, on a multiprocessor system, the parent and the child might both immediately be scheduled on a CPU.) .TP .IR /proc/sys/kernel/sched_rr_timeslice_ms " (since Linux 3.9)" See .BR sched_rr_get_interval (2). .TP .IR /proc/sys/kernel/sched_rt_period_us " (since Linux 2.6.25)" See .BR sched (7). .TP .IR /proc/sys/kernel/sched_rt_runtime_us " (since Linux 2.6.25)" See .BR sched (7). .TP .IR /proc/sys/kernel/seccomp/ " (since Linux 4.14)" .\" commit 8e5f1ad116df6b0de65eac458d5e7c318d1c05af This directory provides additional seccomp information and configuration. See .BR seccomp (2) for further details. .TP .IR /proc/sys/kernel/sem " (since Linux 2.4)" This file contains 4 numbers defining limits for System V IPC semaphores. These fields are, in order: .RS .TP SEMMSL The maximum semaphores per semaphore set. .TP SEMMNS A system-wide limit on the number of semaphores in all semaphore sets. .TP SEMOPM The maximum number of operations that may be specified in a .BR semop (2) call. .TP SEMMNI A system-wide limit on the maximum number of semaphore identifiers. .RE .TP .I /proc/sys/kernel/sg\-big\-buff This file shows the size of the generic SCSI device (sg) buffer. You can't tune it just yet, but you could change it at compile time by editing .I include/scsi/sg.h and changing the value of .BR SG_BIG_BUFF . However, there shouldn't be any reason to change this value. .TP .IR /proc/sys/kernel/shm_rmid_forced " (since Linux 3.1)" .\" commit b34a6b1da371ed8af1221459a18c67970f7e3d53 .\" See also Documentation/sysctl/kernel.txt If this file is set to 1, all System V shared memory segments will be marked for destruction as soon as the number of attached processes falls to zero; in other words, it is no longer possible to create shared memory segments that exist independently of any attached process. .IP The effect is as though a .BR shmctl (2) .B IPC_RMID is performed on all existing segments as well as all segments created in the future (until this file is reset to 0). Note that existing segments that are attached to no process will be immediately destroyed when this file is set to 1. Setting this option will also destroy segments that were created, but never attached, upon termination of the process that created the segment with .BR shmget (2). .IP Setting this file to 1 provides a way of ensuring that all System V shared memory segments are counted against the resource usage and resource limits (see the description of .B RLIMIT_AS in .BR getrlimit (2)) of at least one process. .IP Because setting this file to 1 produces behavior that is nonstandard and could also break existing applications, the default value in this file is 0. Set this file to 1 only if you have a good understanding of the semantics of the applications using System V shared memory on your system. .TP .IR /proc/sys/kernel/shmall " (since Linux 2.2)" This file contains the system-wide limit on the total number of pages of System V shared memory. .TP .IR /proc/sys/kernel/shmmax " (since Linux 2.2)" This file can be used to query and set the run-time limit on the maximum (System V IPC) shared memory segment size that can be created. Shared memory segments up to 1 GB are now supported in the kernel. This value defaults to .BR SHMMAX . .TP .IR /proc/sys/kernel/shmmni " (since Linux 2.4)" This file specifies the system-wide maximum number of System V shared memory segments that can be created. .TP .IR /proc/sys/kernel/sysctl_writes_strict " (since Linux 3.16)" .\" commit f88083005ab319abba5d0b2e4e997558245493c8 .\" commit 2ca9bb456ada8bcbdc8f77f8fc78207653bbaa92 .\" commit f4aacea2f5d1a5f7e3154e967d70cf3f711bcd61 .\" commit 24fe831c17ab8149413874f2fd4e5c8a41fcd294 The value in this file determines how the file offset affects the behavior of updating entries in files under .IR /proc/sys . The file has three possible values: .RS .TP 4 \-1 This provides legacy handling, with no printk warnings. Each .BR write (2) must fully contain the value to be written, and multiple writes on the same file descriptor will overwrite the entire value, regardless of the file position. .TP 0 (default) This provides the same behavior as for \-1, but printk warnings are written for processes that perform writes when the file offset is not 0. .TP 1 Respect the file offset when writing strings into .I /proc/sys files. Multiple writes will .I append to the value buffer. Anything written beyond the maximum length of the value buffer will be ignored. Writes to numeric .I /proc/sys entries must always be at file offset 0 and the value must be fully contained in the buffer provided to .BR write (2). .\" FIXME . .\" With /proc/sys/kernel/sysctl_writes_strict==1, writes at an .\" offset other than 0 do not generate an error. Instead, the .\" write() succeeds, but the file is left unmodified. .\" This is surprising. The behavior may change in the future. .\" See thread.gmane.org/gmane.linux.man/9197 .\" From: Michael Kerrisk (man-pages .\" Subject: sysctl_writes_strict documentation + an oddity? .\" Newsgroups: gmane.linux.man, gmane.linux.kernel .\" Date: 2015-05-09 08:54:11 GMT .RE .TP .I /proc/sys/kernel/sysrq This file controls the functions allowed to be invoked by the SysRq key. By default, the file contains 1 meaning that every possible SysRq request is allowed (in older kernel versions, SysRq was disabled by default, and you were required to specifically enable it at run-time, but this is not the case any more). Possible values in this file are: .RS .TP 5 0 Disable sysrq completely .TP 1 Enable all functions of sysrq .TP > 1 Bit mask of allowed sysrq functions, as follows: .PD 0 .RS .TP 5 \ \ 2 Enable control of console logging level .TP \ \ 4 Enable control of keyboard (SAK, unraw) .TP \ \ 8 Enable debugging dumps of processes etc. .TP \ 16 Enable sync command .TP \ 32 Enable remount read-only .TP \ 64 Enable signaling of processes (term, kill, oom-kill) .TP 128 Allow reboot/poweroff .TP 256 Allow nicing of all real-time tasks .RE .PD .RE .IP This file is present only if the .B CONFIG_MAGIC_SYSRQ kernel configuration option is enabled. For further details see the Linux kernel source file .I Documentation/admin\-guide/sysrq.rst .\" commit 9d85025b0418163fae079c9ba8f8445212de8568 (or .I Documentation/sysrq.txt before Linux 4.10). .TP .I /proc/sys/kernel/version This file contains a string such as: .IP .in +4n .EX #5 Wed Feb 25 21:49:24 MET 1998 .EE .in .IP The "#5" means that this is the fifth kernel built from this source base and the date following it indicates the time the kernel was built. .TP .IR /proc/sys/kernel/threads\-max " (since Linux 2.3.11)" .\" The following is based on Documentation/sysctl/kernel.txt This file specifies the system-wide limit on the number of threads (tasks) that can be created on the system. .IP Since Linux 4.1, .\" commit 230633d109e35b0a24277498e773edeb79b4a331 the value that can be written to .I threads\-max is bounded. The minimum value that can be written is 20. The maximum value that can be written is given by the constant .B FUTEX_TID_MASK (0x3fffffff). If a value outside of this range is written to .IR threads\-max , the error .B EINVAL occurs. .IP The value written is checked against the available RAM pages. If the thread structures would occupy too much (more than 1/8th) of the available RAM pages, .I threads\-max is reduced accordingly. .TP .IR /proc/sys/kernel/yama/ptrace_scope " (since Linux 3.5)" See .BR ptrace (2). .TP .IR /proc/sys/kernel/zero\-paged " (PowerPC only)" This file contains a flag. When enabled (nonzero), Linux-PPC will pre-zero pages in the idle loop, possibly speeding up get_free_pages. .SH SEE ALSO .BR proc (5), .BR proc_sys (5)