blob: 11d5ceda5bb063be1faa54e351c60241ff5959f2 [file] [log] [blame]
Linus Torvalds1da177e2005-04-16 15:20:36 -07001Documentation for /proc/sys/kernel/* kernel version 2.2.10
2 (c) 1998, 1999, Rik van Riel <riel@nl.linux.org>
Shen Feng760df932009-04-02 16:57:20 -07003 (c) 2009, Shen Feng<shen@cn.fujitsu.com>
Linus Torvalds1da177e2005-04-16 15:20:36 -07004
5For general info and legal blurb, please look in README.
6
7==============================================================
8
9This file contains documentation for the sysctl files in
10/proc/sys/kernel/ and is valid for Linux kernel version 2.2.
11
12The files in this directory can be used to tune and monitor
13miscellaneous and general things in the operation of the Linux
14kernel. Since some of the files _can_ be used to screw up your
15system, it is advisable to read both documentation and source
16before actually making adjustments.
17
18Currently, these files might (depending on your configuration)
19show up in /proc/sys/kernel:
Pavel Machekc255d842006-02-20 18:27:58 -080020- acpi_video_flags
Linus Torvalds1da177e2005-04-16 15:20:36 -070021- acct
H. Peter Anvind75757a2009-12-11 14:23:44 -080022- bootloader_type [ X86 only ]
23- bootloader_version [ X86 only ]
Hans-Joachim Pichtc1147282009-09-11 10:28:47 +020024- callhome [ S390 only ]
Shen Feng760df932009-04-02 16:57:20 -070025- auto_msgmni
Linus Torvalds1da177e2005-04-16 15:20:36 -070026- core_pattern
Neil Hormana2939802009-09-23 15:56:56 -070027- core_pipe_limit
Linus Torvalds1da177e2005-04-16 15:20:36 -070028- core_uses_pid
29- ctrl-alt-del
30- dentry-state
Dan Rosenbergeaf06b22010-11-11 14:05:18 -080031- dmesg_restrict
Linus Torvalds1da177e2005-04-16 15:20:36 -070032- domainname
33- hostname
34- hotplug
35- java-appletviewer [ binfmt_java, obsolete ]
36- java-interpreter [ binfmt_java, obsolete ]
Dan Rosenberg455cd5a2011-01-12 16:59:41 -080037- kptr_restrict
Chuck Ebbert0741f4d2006-12-07 02:14:11 +010038- kstack_depth_to_print [ X86 only ]
Linus Torvalds1da177e2005-04-16 15:20:36 -070039- l2cr [ PPC only ]
Michael Opdenackerac76cff2008-02-13 15:03:32 -080040- modprobe ==> Documentation/debugging-modules.txt
Kees Cook3d433212009-04-02 15:49:29 -070041- modules_disabled
Linus Torvalds1da177e2005-04-16 15:20:36 -070042- msgmax
43- msgmnb
44- msgmni
Shen Feng760df932009-04-02 16:57:20 -070045- nmi_watchdog
Linus Torvalds1da177e2005-04-16 15:20:36 -070046- osrelease
47- ostype
48- overflowgid
49- overflowuid
50- panic
51- pid_max
52- powersave-nap [ PPC only ]
Shen Feng760df932009-04-02 16:57:20 -070053- panic_on_unrecovered_nmi
Linus Torvalds1da177e2005-04-16 15:20:36 -070054- printk
Jiri Kosina1ec7fd52008-02-09 23:24:08 +010055- randomize_va_space
Linus Torvalds1da177e2005-04-16 15:20:36 -070056- real-root-dev ==> Documentation/initrd.txt
57- reboot-cmd [ SPARC only ]
58- rtsig-max
59- rtsig-nr
60- sem
61- sg-big-buff [ generic SCSI device (sg) ]
62- shmall
63- shmmax [ sysv ipc ]
64- shmmni
65- stop-a [ SPARC only ]
66- sysrq ==> Documentation/sysrq.txt
67- tainted
68- threads-max
Shen Feng760df932009-04-02 16:57:20 -070069- unknown_nmi_panic
Linus Torvalds1da177e2005-04-16 15:20:36 -070070- version
71
72==============================================================
73
Pavel Machekc255d842006-02-20 18:27:58 -080074acpi_video_flags:
75
76flags
77
78See Doc*/kernel/power/video.txt, it allows mode of video boot to be
79set during run time.
80
81==============================================================
82
Linus Torvalds1da177e2005-04-16 15:20:36 -070083acct:
84
85highwater lowwater frequency
86
87If BSD-style process accounting is enabled these values control
88its behaviour. If free space on filesystem where the log lives
89goes below <lowwater>% accounting suspends. If free space gets
90above <highwater>% accounting resumes. <Frequency> determines
91how often do we check the amount of free space (value is in
92seconds). Default:
934 2 30
94That is, suspend accounting if there left <= 2% free; resume it
95if we got >=4%; consider information about amount of free space
96valid for 30 seconds.
97
98==============================================================
99
H. Peter Anvind75757a2009-12-11 14:23:44 -0800100bootloader_type:
101
102x86 bootloader identification
103
104This gives the bootloader type number as indicated by the bootloader,
105shifted left by 4, and OR'd with the low four bits of the bootloader
106version. The reason for this encoding is that this used to match the
107type_of_loader field in the kernel header; the encoding is kept for
108backwards compatibility. That is, if the full bootloader type number
109is 0x15 and the full version number is 0x234, this file will contain
110the value 340 = 0x154.
111
112See the type_of_loader and ext_loader_type fields in
113Documentation/x86/boot.txt for additional information.
114
115==============================================================
116
117bootloader_version:
118
119x86 bootloader version
120
121The complete bootloader version number. In the example above, this
122file will contain the value 564 = 0x234.
123
124See the type_of_loader and ext_loader_ver fields in
125Documentation/x86/boot.txt for additional information.
126
127==============================================================
128
Hans-Joachim Pichtc1147282009-09-11 10:28:47 +0200129callhome:
130
131Controls the kernel's callhome behavior in case of a kernel panic.
132
133The s390 hardware allows an operating system to send a notification
134to a service organization (callhome) in case of an operating system panic.
135
136When the value in this file is 0 (which is the default behavior)
137nothing happens in case of a kernel panic. If this value is set to "1"
138the complete kernel oops message is send to the IBM customer service
139organization in case the mainframe the Linux operating system is running
140on has a service contract with IBM.
141
142==============================================================
143
Linus Torvalds1da177e2005-04-16 15:20:36 -0700144core_pattern:
145
146core_pattern is used to specify a core dumpfile pattern name.
Matthias Urlichscd081042006-10-11 01:21:57 -0700147. max length 128 characters; default value is "core"
Linus Torvalds1da177e2005-04-16 15:20:36 -0700148. core_pattern is used as a pattern template for the output filename;
149 certain string patterns (beginning with '%') are substituted with
150 their actual values.
151. backward compatibility with core_uses_pid:
152 If core_pattern does not include "%p" (default does not)
153 and core_uses_pid is set, then .PID will be appended to
154 the filename.
155. corename format specifiers:
156 %<NUL> '%' is dropped
157 %% output one '%'
158 %p pid
159 %u uid
160 %g gid
161 %s signal number
162 %t UNIX time of dump
163 %h hostname
164 %e executable filename
165 %<OTHER> both are dropped
Matthias Urlichscd081042006-10-11 01:21:57 -0700166. If the first character of the pattern is a '|', the kernel will treat
167 the rest of the pattern as a command to run. The core dump will be
168 written to the standard input of that program instead of to a file.
Linus Torvalds1da177e2005-04-16 15:20:36 -0700169
170==============================================================
171
Neil Hormana2939802009-09-23 15:56:56 -0700172core_pipe_limit:
173
174This sysctl is only applicable when core_pattern is configured to pipe core
Randy Dunlap7beeec82009-10-04 19:23:13 -0700175files to a user space helper (when the first character of core_pattern is a '|',
Neil Hormana2939802009-09-23 15:56:56 -0700176see above). When collecting cores via a pipe to an application, it is
Randy Dunlap7beeec82009-10-04 19:23:13 -0700177occasionally useful for the collecting application to gather data about the
Neil Hormana2939802009-09-23 15:56:56 -0700178crashing process from its /proc/pid directory. In order to do this safely, the
179kernel must wait for the collecting process to exit, so as not to remove the
180crashing processes proc files prematurely. This in turn creates the possibility
181that a misbehaving userspace collecting process can block the reaping of a
182crashed process simply by never exiting. This sysctl defends against that. It
183defines how many concurrent crashing processes may be piped to user space
184applications in parallel. If this value is exceeded, then those crashing
185processes above that value are noted via the kernel log and their cores are
186skipped. 0 is a special value, indicating that unlimited processes may be
187captured in parallel, but that no waiting will take place (i.e. the collecting
Randy Dunlap7beeec82009-10-04 19:23:13 -0700188process is not guaranteed access to /proc/<crashing pid>/). This value defaults
Neil Hormana2939802009-09-23 15:56:56 -0700189to 0.
190
191==============================================================
192
Linus Torvalds1da177e2005-04-16 15:20:36 -0700193core_uses_pid:
194
195The default coredump filename is "core". By setting
196core_uses_pid to 1, the coredump filename becomes core.PID.
197If core_pattern does not include "%p" (default does not)
198and core_uses_pid is set, then .PID will be appended to
199the filename.
200
201==============================================================
202
203ctrl-alt-del:
204
205When the value in this file is 0, ctrl-alt-del is trapped and
206sent to the init(1) program to handle a graceful restart.
207When, however, the value is > 0, Linux's reaction to a Vulcan
208Nerve Pinch (tm) will be an immediate reboot, without even
209syncing its dirty buffers.
210
211Note: when a program (like dosemu) has the keyboard in 'raw'
212mode, the ctrl-alt-del is intercepted by the program before it
213ever reaches the kernel tty layer, and it's up to the program
214to decide what to do with it.
215
216==============================================================
217
Dan Rosenbergeaf06b22010-11-11 14:05:18 -0800218dmesg_restrict:
219
220This toggle indicates whether unprivileged users are prevented from using
221dmesg(8) to view messages from the kernel's log buffer. When
222dmesg_restrict is set to (0) there are no restrictions. When
Serge E. Hallyn38ef4c22010-12-08 15:19:01 +0000223dmesg_restrict is set set to (1), users must have CAP_SYSLOG to use
Dan Rosenbergeaf06b22010-11-11 14:05:18 -0800224dmesg(8).
225
226The kernel config option CONFIG_SECURITY_DMESG_RESTRICT sets the default
227value of dmesg_restrict.
228
229==============================================================
230
Linus Torvalds1da177e2005-04-16 15:20:36 -0700231domainname & hostname:
232
233These files can be used to set the NIS/YP domainname and the
234hostname of your box in exactly the same way as the commands
235domainname and hostname, i.e.:
236# echo "darkstar" > /proc/sys/kernel/hostname
237# echo "mydomain" > /proc/sys/kernel/domainname
238has the same effect as
239# hostname "darkstar"
240# domainname "mydomain"
241
242Note, however, that the classic darkstar.frop.org has the
243hostname "darkstar" and DNS (Internet Domain Name Server)
244domainname "frop.org", not to be confused with the NIS (Network
245Information Service) or YP (Yellow Pages) domainname. These two
246domain names are in general different. For a detailed discussion
247see the hostname(1) man page.
248
249==============================================================
250
251hotplug:
252
253Path for the hotplug policy agent.
254Default value is "/sbin/hotplug".
255
256==============================================================
257
258l2cr: (PPC only)
259
260This flag controls the L2 cache of G3 processor boards. If
2610, the cache is disabled. Enabled if nonzero.
262
263==============================================================
264
Dan Rosenberg455cd5a2011-01-12 16:59:41 -0800265kptr_restrict:
266
267This toggle indicates whether restrictions are placed on
268exposing kernel addresses via /proc and other interfaces. When
269kptr_restrict is set to (0), there are no restrictions. When
270kptr_restrict is set to (1), the default, kernel pointers
271printed using the %pK format specifier will be replaced with 0's
272unless the user has CAP_SYSLOG. When kptr_restrict is set to
273(2), kernel pointers printed using %pK will be replaced with 0's
274regardless of privileges.
275
276==============================================================
277
Chuck Ebbert0741f4d2006-12-07 02:14:11 +0100278kstack_depth_to_print: (X86 only)
279
280Controls the number of words to print when dumping the raw
281kernel stack.
282
283==============================================================
284
Kees Cook3d433212009-04-02 15:49:29 -0700285modules_disabled:
286
287A toggle value indicating if modules are allowed to be loaded
288in an otherwise modular kernel. This toggle defaults to off
289(0), but can be set true (1). Once true, modules can be
290neither loaded nor unloaded, and the toggle cannot be set back
291to false.
292
293==============================================================
294
Linus Torvalds1da177e2005-04-16 15:20:36 -0700295osrelease, ostype & version:
296
297# cat osrelease
2982.1.88
299# cat ostype
300Linux
301# cat version
302#5 Wed Feb 25 21:49:24 MET 1998
303
304The files osrelease and ostype should be clear enough. Version
305needs a little more clarification however. The '#5' means that
306this is the fifth kernel built from this source base and the
307date behind it indicates the time the kernel was built.
308The only way to tune these values is to rebuild the kernel :-)
309
310==============================================================
311
312overflowgid & overflowuid:
313
314if your architecture did not always support 32-bit UIDs (i.e. arm, i386,
315m68k, sh, and sparc32), a fixed UID and GID will be returned to
316applications that use the old 16-bit UID/GID system calls, if the actual
317UID or GID would exceed 65535.
318
319These sysctls allow you to change the value of the fixed UID and GID.
320The default is 65534.
321
322==============================================================
323
324panic:
325
326The value in this file represents the number of seconds the
327kernel waits before rebooting on a panic. When you use the
328software watchdog, the recommended setting is 60.
329
330==============================================================
331
332panic_on_oops:
333
334Controls the kernel's behaviour when an oops or BUG is encountered.
335
3360: try to continue operation
337
Matt LaPlantea982ac02007-05-09 07:35:06 +02003381: panic immediately. If the `panic' sysctl is also non-zero then the
Maxime Bizon8b23d042006-08-05 12:14:32 -0700339 machine will be rebooted.
Linus Torvalds1da177e2005-04-16 15:20:36 -0700340
341==============================================================
342
343pid_max:
344
Robert P. J. Daybeb7dd82007-05-09 07:14:03 +0200345PID allocation wrap value. When the kernel's next PID value
Linus Torvalds1da177e2005-04-16 15:20:36 -0700346reaches this value, it wraps back to a minimum PID value.
347PIDs of value pid_max or larger are not allocated.
348
349==============================================================
350
351powersave-nap: (PPC only)
352
353If set, Linux-PPC will use the 'nap' mode of powersaving,
354otherwise the 'doze' mode will be used.
355
356==============================================================
357
358printk:
359
360The four values in printk denote: console_loglevel,
361default_message_loglevel, minimum_console_loglevel and
362default_console_loglevel respectively.
363
364These values influence printk() behavior when printing or
365logging error messages. See 'man 2 syslog' for more info on
366the different loglevels.
367
368- console_loglevel: messages with a higher priority than
369 this will be printed to the console
370- default_message_level: messages without an explicit priority
371 will be printed with this priority
372- minimum_console_loglevel: minimum (highest) value to which
373 console_loglevel can be set
374- default_console_loglevel: default value for console_loglevel
375
376==============================================================
377
378printk_ratelimit:
379
380Some warning messages are rate limited. printk_ratelimit specifies
381the minimum length of time between these messages (in jiffies), by
382default we allow one every 5 seconds.
383
384A value of 0 will disable rate limiting.
385
386==============================================================
387
388printk_ratelimit_burst:
389
390While long term we enforce one message per printk_ratelimit
391seconds, we do allow a burst of messages to pass through.
392printk_ratelimit_burst specifies the number of messages we can
393send before ratelimiting kicks in.
394
395==============================================================
396
Dave Youngaf913222009-09-22 16:43:33 -0700397printk_delay:
398
399Delay each printk message in printk_delay milliseconds
400
401Value from 0 - 10000 is allowed.
402
403==============================================================
404
Jiri Kosina1ec7fd52008-02-09 23:24:08 +0100405randomize-va-space:
406
407This option can be used to select the type of process address
408space randomization that is used in the system, for architectures
409that support this feature.
410
Horst Schirmeierb7f5ab62009-07-03 14:20:17 +02004110 - Turn the process address space randomization off. This is the
412 default for architectures that do not support this feature anyways,
413 and kernels that are booted with the "norandmaps" parameter.
Jiri Kosina1ec7fd52008-02-09 23:24:08 +0100414
4151 - Make the addresses of mmap base, stack and VDSO page randomized.
416 This, among other things, implies that shared libraries will be
Horst Schirmeierb7f5ab62009-07-03 14:20:17 +0200417 loaded to random addresses. Also for PIE-linked binaries, the
418 location of code start is randomized. This is the default if the
419 CONFIG_COMPAT_BRK option is enabled.
Jiri Kosina1ec7fd52008-02-09 23:24:08 +0100420
Horst Schirmeierb7f5ab62009-07-03 14:20:17 +02004212 - Additionally enable heap randomization. This is the default if
422 CONFIG_COMPAT_BRK is disabled.
423
424 There are a few legacy applications out there (such as some ancient
Jiri Kosina1ec7fd52008-02-09 23:24:08 +0100425 versions of libc.so.5 from 1996) that assume that brk area starts
Horst Schirmeierb7f5ab62009-07-03 14:20:17 +0200426 just after the end of the code+bss. These applications break when
427 start of the brk area is randomized. There are however no known
Jiri Kosina1ec7fd52008-02-09 23:24:08 +0100428 non-legacy applications that would be broken this way, so for most
Horst Schirmeierb7f5ab62009-07-03 14:20:17 +0200429 systems it is safe to choose full randomization.
430
431 Systems with ancient and/or broken binaries should be configured
432 with CONFIG_COMPAT_BRK enabled, which excludes the heap from process
433 address space randomization.
Jiri Kosina1ec7fd52008-02-09 23:24:08 +0100434
435==============================================================
436
Linus Torvalds1da177e2005-04-16 15:20:36 -0700437reboot-cmd: (Sparc only)
438
439??? This seems to be a way to give an argument to the Sparc
440ROM/Flash boot loader. Maybe to tell it what to do after
441rebooting. ???
442
443==============================================================
444
445rtsig-max & rtsig-nr:
446
447The file rtsig-max can be used to tune the maximum number
448of POSIX realtime (queued) signals that can be outstanding
449in the system.
450
451rtsig-nr shows the number of RT signals currently queued.
452
453==============================================================
454
455sg-big-buff:
456
457This file shows the size of the generic SCSI (sg) buffer.
458You can't tune it just yet, but you could change it on
459compile time by editing include/scsi/sg.h and changing
460the value of SG_BIG_BUFF.
461
462There shouldn't be any reason to change this value. If
463you can come up with one, you probably know what you
464are doing anyway :)
465
466==============================================================
467
468shmmax:
469
470This value can be used to query and set the run time limit
471on the maximum shared memory segment size that can be created.
472Shared memory segments up to 1Gb are now supported in the
473kernel. This value defaults to SHMMAX.
474
475==============================================================
476
Ravikiran G Thirumalaic4f3b632007-10-16 23:26:09 -0700477softlockup_thresh:
478
Andrew Mortonb4d19cc2008-09-22 13:57:51 -0700479This value can be used to lower the softlockup tolerance threshold. The
480default threshold is 60 seconds. If a cpu is locked up for 60 seconds,
481the kernel complains. Valid values are 1-60 seconds. Setting this
482tunable to zero will disable the softlockup detection altogether.
Ravikiran G Thirumalaic4f3b632007-10-16 23:26:09 -0700483
484==============================================================
485
Linus Torvalds1da177e2005-04-16 15:20:36 -0700486tainted:
487
488Non-zero if the kernel has been tainted. Numeric values, which
489can be ORed together:
490
Greg Kroah-Hartmanbb206982008-10-17 15:01:07 -0700491 1 - A module with a non-GPL license has been loaded, this
492 includes modules with no license.
493 Set by modutils >= 2.4.9 and module-init-tools.
494 2 - A module was force loaded by insmod -f.
495 Set by modutils >= 2.4.9 and module-init-tools.
496 4 - Unsafe SMP processors: SMP with CPUs not designed for SMP.
497 8 - A module was forcibly unloaded from the system by rmmod -f.
498 16 - A hardware machine check error occurred on the system.
499 32 - A bad page was discovered on the system.
500 64 - The user has asked that the system be marked "tainted". This
501 could be because they are running software that directly modifies
502 the hardware, or for other reasons.
503 128 - The system has died.
504 256 - The ACPI DSDT has been overridden with one supplied by the user
505 instead of using the one provided by the hardware.
506 512 - A kernel warning has occurred.
5071024 - A module from drivers/staging was loaded.
Linus Torvalds1da177e2005-04-16 15:20:36 -0700508
Shen Feng760df932009-04-02 16:57:20 -0700509==============================================================
510
511auto_msgmni:
512
513Enables/Disables automatic recomputing of msgmni upon memory add/remove or
514upon ipc namespace creation/removal (see the msgmni description above).
515Echoing "1" into this file enables msgmni automatic recomputing.
516Echoing "0" turns it off.
517auto_msgmni default value is 1.
518
519==============================================================
520
521nmi_watchdog:
522
523Enables/Disables the NMI watchdog on x86 systems. When the value is non-zero
524the NMI watchdog is enabled and will continuously test all online cpus to
525determine whether or not they are still functioning properly. Currently,
526passing "nmi_watchdog=" parameter at boot time is required for this function
527to work.
528
529If LAPIC NMI watchdog method is in use (nmi_watchdog=2 kernel parameter), the
530NMI watchdog shares registers with oprofile. By disabling the NMI watchdog,
531oprofile may have more registers to utilize.
532
533==============================================================
534
535unknown_nmi_panic:
536
537The value in this file affects behavior of handling NMI. When the value is
538non-zero, unknown NMI is trapped and then panic occurs. At that time, kernel
539debugging information is displayed on console.
540
541NMI switch that most IA32 servers have fires unknown NMI up, for example.
542If a system hangs up, try pressing the NMI switch.
543
544==============================================================
545
546panic_on_unrecovered_nmi:
547
548The default Linux behaviour on an NMI of either memory or unknown is to continue
549operation. For many environments such as scientific computing it is preferable
550that the box is taken out and the error dealt with than an uncorrected
551parity/ECC error get propogated.
552
553A small number of systems do generate NMI's for bizarre random reasons such as
554power management so the default is off. That sysctl works like the existing
555panic controls already in that directory.
556