Home

sysctl

Sysctl is a utility and API for examining and dynamically configuring kernel parameters in many Unix-like operating systems. It provides a hierarchical keyspace for tuning subsystems such as networking, memory management, and security, enabling changes at runtime without rebooting when permitted.

The kernel exports the sysctl interface, and user-space tools read and modify parameters through it. In Linux,

Common uses include performance tuning and security hardening, for example enabling IP forwarding, adjusting maximum backlog,

By design, sysctl is a privileged operation; most changes require root access and some can destabilize the

the
parameters
appear
under
/proc/sys
(and
historically
via
the
sysctl
command).
The
sysctl
program
supports
both
reading
and
writing
values,
using
dotted
names
such
as
net.ipv4.ip_forward.
Changes
can
be
applied
immediately
or
made
persistent
by
placing
entries
in
/etc/sysctl.conf
or
files
in
/etc/sysctl.d/
and
reloading
with
sysctl
-p
or
system-wide
with
sysctl
--system.
or
configuring
kernel
randomization
settings.
Examples:
List
all
parameters:
sysctl
-a.
Read
a
value:
sysctl
net.ipv4.ip_forward.
Set
a
value:
sysctl
-w
net.ipv4.ip_forward=1.
Persist
changes
by
editing
/etc/sysctl.conf
or
a
file
in
/etc/sysctl.d/
and
reloading.
system
if
configured
incorrectly.
The
interface
and
syntax
are
similar
across
BSD-derived
systems
and
Linux,
though
exact
parameter
names
and
persistence
mechanisms
may
differ.