mirror of
https://mirrors.bfsu.edu.cn/git/linux.git
synced 2024-11-16 08:44:21 +08:00
5096add84b
The /proc/pid/ "maps", "smaps", and "numa_maps" files contain sensitive information about the memory location and usage of processes. Issues: - maps should not be world-readable, especially if programs expect any kind of ASLR protection from local attackers. - maps cannot just be 0400 because "-D_FORTIFY_SOURCE=2 -O2" makes glibc check the maps when %n is in a *printf call, and a setuid(getuid()) process wouldn't be able to read its own maps file. (For reference see http://lkml.org/lkml/2006/1/22/150) - a system-wide toggle is needed to allow prior behavior in the case of non-root applications that depend on access to the maps contents. This change implements a check using "ptrace_may_attach" before allowing access to read the maps contents. To control this protection, the new knob /proc/sys/kernel/maps_protect has been added, with corresponding updates to the procfs documentation. [akpm@linux-foundation.org: build fixes] [akpm@linux-foundation.org: New sysctl numbers are old hat] Signed-off-by: Kees Cook <kees@outflux.net> Cc: Arjan van de Ven <arjan@infradead.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2115 lines
82 KiB
Plaintext
2115 lines
82 KiB
Plaintext
------------------------------------------------------------------------------
|
|
T H E /proc F I L E S Y S T E M
|
|
------------------------------------------------------------------------------
|
|
/proc/sys Terrehon Bowden <terrehon@pacbell.net> October 7 1999
|
|
Bodo Bauer <bb@ricochet.net>
|
|
|
|
2.4.x update Jorge Nerin <comandante@zaralinux.com> November 14 2000
|
|
------------------------------------------------------------------------------
|
|
Version 1.3 Kernel version 2.2.12
|
|
Kernel version 2.4.0-test11-pre4
|
|
------------------------------------------------------------------------------
|
|
|
|
Table of Contents
|
|
-----------------
|
|
|
|
0 Preface
|
|
0.1 Introduction/Credits
|
|
0.2 Legal Stuff
|
|
|
|
1 Collecting System Information
|
|
1.1 Process-Specific Subdirectories
|
|
1.2 Kernel data
|
|
1.3 IDE devices in /proc/ide
|
|
1.4 Networking info in /proc/net
|
|
1.5 SCSI info
|
|
1.6 Parallel port info in /proc/parport
|
|
1.7 TTY info in /proc/tty
|
|
1.8 Miscellaneous kernel statistics in /proc/stat
|
|
|
|
2 Modifying System Parameters
|
|
2.1 /proc/sys/fs - File system data
|
|
2.2 /proc/sys/fs/binfmt_misc - Miscellaneous binary formats
|
|
2.3 /proc/sys/kernel - general kernel parameters
|
|
2.4 /proc/sys/vm - The virtual memory subsystem
|
|
2.5 /proc/sys/dev - Device specific parameters
|
|
2.6 /proc/sys/sunrpc - Remote procedure calls
|
|
2.7 /proc/sys/net - Networking stuff
|
|
2.8 /proc/sys/net/ipv4 - IPV4 settings
|
|
2.9 Appletalk
|
|
2.10 IPX
|
|
2.11 /proc/sys/fs/mqueue - POSIX message queues filesystem
|
|
2.12 /proc/<pid>/oom_adj - Adjust the oom-killer score
|
|
2.13 /proc/<pid>/oom_score - Display current oom-killer score
|
|
2.14 /proc/<pid>/io - Display the IO accounting fields
|
|
|
|
------------------------------------------------------------------------------
|
|
Preface
|
|
------------------------------------------------------------------------------
|
|
|
|
0.1 Introduction/Credits
|
|
------------------------
|
|
|
|
This documentation is part of a soon (or so we hope) to be released book on
|
|
the SuSE Linux distribution. As there is no complete documentation for the
|
|
/proc file system and we've used many freely available sources to write these
|
|
chapters, it seems only fair to give the work back to the Linux community.
|
|
This work is based on the 2.2.* kernel version and the upcoming 2.4.*. I'm
|
|
afraid it's still far from complete, but we hope it will be useful. As far as
|
|
we know, it is the first 'all-in-one' document about the /proc file system. It
|
|
is focused on the Intel x86 hardware, so if you are looking for PPC, ARM,
|
|
SPARC, AXP, etc., features, you probably won't find what you are looking for.
|
|
It also only covers IPv4 networking, not IPv6 nor other protocols - sorry. But
|
|
additions and patches are welcome and will be added to this document if you
|
|
mail them to Bodo.
|
|
|
|
We'd like to thank Alan Cox, Rik van Riel, and Alexey Kuznetsov and a lot of
|
|
other people for help compiling this documentation. We'd also like to extend a
|
|
special thank you to Andi Kleen for documentation, which we relied on heavily
|
|
to create this document, as well as the additional information he provided.
|
|
Thanks to everybody else who contributed source or docs to the Linux kernel
|
|
and helped create a great piece of software... :)
|
|
|
|
If you have any comments, corrections or additions, please don't hesitate to
|
|
contact Bodo Bauer at bb@ricochet.net. We'll be happy to add them to this
|
|
document.
|
|
|
|
The latest version of this document is available online at
|
|
http://skaro.nightcrawler.com/~bb/Docs/Proc as HTML version.
|
|
|
|
If the above direction does not works for you, ypu could try the kernel
|
|
mailing list at linux-kernel@vger.kernel.org and/or try to reach me at
|
|
comandante@zaralinux.com.
|
|
|
|
0.2 Legal Stuff
|
|
---------------
|
|
|
|
We don't guarantee the correctness of this document, and if you come to us
|
|
complaining about how you screwed up your system because of incorrect
|
|
documentation, we won't feel responsible...
|
|
|
|
------------------------------------------------------------------------------
|
|
CHAPTER 1: COLLECTING SYSTEM INFORMATION
|
|
------------------------------------------------------------------------------
|
|
|
|
------------------------------------------------------------------------------
|
|
In This Chapter
|
|
------------------------------------------------------------------------------
|
|
* Investigating the properties of the pseudo file system /proc and its
|
|
ability to provide information on the running Linux system
|
|
* Examining /proc's structure
|
|
* Uncovering various information about the kernel and the processes running
|
|
on the system
|
|
------------------------------------------------------------------------------
|
|
|
|
|
|
The proc file system acts as an interface to internal data structures in the
|
|
kernel. It can be used to obtain information about the system and to change
|
|
certain kernel parameters at runtime (sysctl).
|
|
|
|
First, we'll take a look at the read-only parts of /proc. In Chapter 2, we
|
|
show you how you can use /proc/sys to change settings.
|
|
|
|
1.1 Process-Specific Subdirectories
|
|
-----------------------------------
|
|
|
|
The directory /proc contains (among other things) one subdirectory for each
|
|
process running on the system, which is named after the process ID (PID).
|
|
|
|
The link self points to the process reading the file system. Each process
|
|
subdirectory has the entries listed in Table 1-1.
|
|
|
|
|
|
Table 1-1: Process specific entries in /proc
|
|
..............................................................................
|
|
File Content
|
|
clear_refs Clears page referenced bits shown in smaps output
|
|
cmdline Command line arguments
|
|
cpu Current and last cpu in which it was executed (2.4)(smp)
|
|
cwd Link to the current working directory
|
|
environ Values of environment variables
|
|
exe Link to the executable of this process
|
|
fd Directory, which contains all file descriptors
|
|
maps Memory maps to executables and library files (2.4)
|
|
mem Memory held by this process
|
|
root Link to the root directory of this process
|
|
stat Process status
|
|
statm Process memory status information
|
|
status Process status in human readable form
|
|
wchan If CONFIG_KALLSYMS is set, a pre-decoded wchan
|
|
smaps Extension based on maps, the rss size for each mapped file
|
|
..............................................................................
|
|
|
|
For example, to get the status information of a process, all you have to do is
|
|
read the file /proc/PID/status:
|
|
|
|
>cat /proc/self/status
|
|
Name: cat
|
|
State: R (running)
|
|
Pid: 5452
|
|
PPid: 743
|
|
TracerPid: 0 (2.4)
|
|
Uid: 501 501 501 501
|
|
Gid: 100 100 100 100
|
|
Groups: 100 14 16
|
|
VmSize: 1112 kB
|
|
VmLck: 0 kB
|
|
VmRSS: 348 kB
|
|
VmData: 24 kB
|
|
VmStk: 12 kB
|
|
VmExe: 8 kB
|
|
VmLib: 1044 kB
|
|
SigPnd: 0000000000000000
|
|
SigBlk: 0000000000000000
|
|
SigIgn: 0000000000000000
|
|
SigCgt: 0000000000000000
|
|
CapInh: 00000000fffffeff
|
|
CapPrm: 0000000000000000
|
|
CapEff: 0000000000000000
|
|
|
|
|
|
This shows you nearly the same information you would get if you viewed it with
|
|
the ps command. In fact, ps uses the proc file system to obtain its
|
|
information. The statm file contains more detailed information about the
|
|
process memory usage. Its seven fields are explained in Table 1-2.
|
|
|
|
|
|
Table 1-2: Contents of the statm files (as of 2.6.8-rc3)
|
|
..............................................................................
|
|
Field Content
|
|
size total program size (pages) (same as VmSize in status)
|
|
resident size of memory portions (pages) (same as VmRSS in status)
|
|
shared number of pages that are shared (i.e. backed by a file)
|
|
trs number of pages that are 'code' (not including libs; broken,
|
|
includes data segment)
|
|
lrs number of pages of library (always 0 on 2.6)
|
|
drs number of pages of data/stack (including libs; broken,
|
|
includes library text)
|
|
dt number of dirty pages (always 0 on 2.6)
|
|
..............................................................................
|
|
|
|
1.2 Kernel data
|
|
---------------
|
|
|
|
Similar to the process entries, the kernel data files give information about
|
|
the running kernel. The files used to obtain this information are contained in
|
|
/proc and are listed in Table 1-3. Not all of these will be present in your
|
|
system. It depends on the kernel configuration and the loaded modules, which
|
|
files are there, and which are missing.
|
|
|
|
Table 1-3: Kernel info in /proc
|
|
..............................................................................
|
|
File Content
|
|
apm Advanced power management info
|
|
buddyinfo Kernel memory allocator information (see text) (2.5)
|
|
bus Directory containing bus specific information
|
|
cmdline Kernel command line
|
|
cpuinfo Info about the CPU
|
|
devices Available devices (block and character)
|
|
dma Used DMS channels
|
|
filesystems Supported filesystems
|
|
driver Various drivers grouped here, currently rtc (2.4)
|
|
execdomains Execdomains, related to security (2.4)
|
|
fb Frame Buffer devices (2.4)
|
|
fs File system parameters, currently nfs/exports (2.4)
|
|
ide Directory containing info about the IDE subsystem
|
|
interrupts Interrupt usage
|
|
iomem Memory map (2.4)
|
|
ioports I/O port usage
|
|
irq Masks for irq to cpu affinity (2.4)(smp?)
|
|
isapnp ISA PnP (Plug&Play) Info (2.4)
|
|
kcore Kernel core image (can be ELF or A.OUT(deprecated in 2.4))
|
|
kmsg Kernel messages
|
|
ksyms Kernel symbol table
|
|
loadavg Load average of last 1, 5 & 15 minutes
|
|
locks Kernel locks
|
|
meminfo Memory info
|
|
misc Miscellaneous
|
|
modules List of loaded modules
|
|
mounts Mounted filesystems
|
|
net Networking info (see text)
|
|
partitions Table of partitions known to the system
|
|
pci Depreciated info of PCI bus (new way -> /proc/bus/pci/,
|
|
decoupled by lspci (2.4)
|
|
rtc Real time clock
|
|
scsi SCSI info (see text)
|
|
slabinfo Slab pool info
|
|
stat Overall statistics
|
|
swaps Swap space utilization
|
|
sys See chapter 2
|
|
sysvipc Info of SysVIPC Resources (msg, sem, shm) (2.4)
|
|
tty Info of tty drivers
|
|
uptime System uptime
|
|
version Kernel version
|
|
video bttv info of video resources (2.4)
|
|
..............................................................................
|
|
|
|
You can, for example, check which interrupts are currently in use and what
|
|
they are used for by looking in the file /proc/interrupts:
|
|
|
|
> cat /proc/interrupts
|
|
CPU0
|
|
0: 8728810 XT-PIC timer
|
|
1: 895 XT-PIC keyboard
|
|
2: 0 XT-PIC cascade
|
|
3: 531695 XT-PIC aha152x
|
|
4: 2014133 XT-PIC serial
|
|
5: 44401 XT-PIC pcnet_cs
|
|
8: 2 XT-PIC rtc
|
|
11: 8 XT-PIC i82365
|
|
12: 182918 XT-PIC PS/2 Mouse
|
|
13: 1 XT-PIC fpu
|
|
14: 1232265 XT-PIC ide0
|
|
15: 7 XT-PIC ide1
|
|
NMI: 0
|
|
|
|
In 2.4.* a couple of lines where added to this file LOC & ERR (this time is the
|
|
output of a SMP machine):
|
|
|
|
> cat /proc/interrupts
|
|
|
|
CPU0 CPU1
|
|
0: 1243498 1214548 IO-APIC-edge timer
|
|
1: 8949 8958 IO-APIC-edge keyboard
|
|
2: 0 0 XT-PIC cascade
|
|
5: 11286 10161 IO-APIC-edge soundblaster
|
|
8: 1 0 IO-APIC-edge rtc
|
|
9: 27422 27407 IO-APIC-edge 3c503
|
|
12: 113645 113873 IO-APIC-edge PS/2 Mouse
|
|
13: 0 0 XT-PIC fpu
|
|
14: 22491 24012 IO-APIC-edge ide0
|
|
15: 2183 2415 IO-APIC-edge ide1
|
|
17: 30564 30414 IO-APIC-level eth0
|
|
18: 177 164 IO-APIC-level bttv
|
|
NMI: 2457961 2457959
|
|
LOC: 2457882 2457881
|
|
ERR: 2155
|
|
|
|
NMI is incremented in this case because every timer interrupt generates a NMI
|
|
(Non Maskable Interrupt) which is used by the NMI Watchdog to detect lockups.
|
|
|
|
LOC is the local interrupt counter of the internal APIC of every CPU.
|
|
|
|
ERR is incremented in the case of errors in the IO-APIC bus (the bus that
|
|
connects the CPUs in a SMP system. This means that an error has been detected,
|
|
the IO-APIC automatically retry the transmission, so it should not be a big
|
|
problem, but you should read the SMP-FAQ.
|
|
|
|
In this context it could be interesting to note the new irq directory in 2.4.
|
|
It could be used to set IRQ to CPU affinity, this means that you can "hook" an
|
|
IRQ to only one CPU, or to exclude a CPU of handling IRQs. The contents of the
|
|
irq subdir is one subdir for each IRQ, and one file; prof_cpu_mask
|
|
|
|
For example
|
|
> ls /proc/irq/
|
|
0 10 12 14 16 18 2 4 6 8 prof_cpu_mask
|
|
1 11 13 15 17 19 3 5 7 9
|
|
> ls /proc/irq/0/
|
|
smp_affinity
|
|
|
|
The contents of the prof_cpu_mask file and each smp_affinity file for each IRQ
|
|
is the same by default:
|
|
|
|
> cat /proc/irq/0/smp_affinity
|
|
ffffffff
|
|
|
|
It's a bitmask, in which you can specify which CPUs can handle the IRQ, you can
|
|
set it by doing:
|
|
|
|
> echo 1 > /proc/irq/prof_cpu_mask
|
|
|
|
This means that only the first CPU will handle the IRQ, but you can also echo 5
|
|
which means that only the first and fourth CPU can handle the IRQ.
|
|
|
|
The way IRQs are routed is handled by the IO-APIC, and it's Round Robin
|
|
between all the CPUs which are allowed to handle it. As usual the kernel has
|
|
more info than you and does a better job than you, so the defaults are the
|
|
best choice for almost everyone.
|
|
|
|
There are three more important subdirectories in /proc: net, scsi, and sys.
|
|
The general rule is that the contents, or even the existence of these
|
|
directories, depend on your kernel configuration. If SCSI is not enabled, the
|
|
directory scsi may not exist. The same is true with the net, which is there
|
|
only when networking support is present in the running kernel.
|
|
|
|
The slabinfo file gives information about memory usage at the slab level.
|
|
Linux uses slab pools for memory management above page level in version 2.2.
|
|
Commonly used objects have their own slab pool (such as network buffers,
|
|
directory cache, and so on).
|
|
|
|
..............................................................................
|
|
|
|
> cat /proc/buddyinfo
|
|
|
|
Node 0, zone DMA 0 4 5 4 4 3 ...
|
|
Node 0, zone Normal 1 0 0 1 101 8 ...
|
|
Node 0, zone HighMem 2 0 0 1 1 0 ...
|
|
|
|
Memory fragmentation is a problem under some workloads, and buddyinfo is a
|
|
useful tool for helping diagnose these problems. Buddyinfo will give you a
|
|
clue as to how big an area you can safely allocate, or why a previous
|
|
allocation failed.
|
|
|
|
Each column represents the number of pages of a certain order which are
|
|
available. In this case, there are 0 chunks of 2^0*PAGE_SIZE available in
|
|
ZONE_DMA, 4 chunks of 2^1*PAGE_SIZE in ZONE_DMA, 101 chunks of 2^4*PAGE_SIZE
|
|
available in ZONE_NORMAL, etc...
|
|
|
|
..............................................................................
|
|
|
|
meminfo:
|
|
|
|
Provides information about distribution and utilization of memory. This
|
|
varies by architecture and compile options. The following is from a
|
|
16GB PIII, which has highmem enabled. You may not have all of these fields.
|
|
|
|
> cat /proc/meminfo
|
|
|
|
|
|
MemTotal: 16344972 kB
|
|
MemFree: 13634064 kB
|
|
Buffers: 3656 kB
|
|
Cached: 1195708 kB
|
|
SwapCached: 0 kB
|
|
Active: 891636 kB
|
|
Inactive: 1077224 kB
|
|
HighTotal: 15597528 kB
|
|
HighFree: 13629632 kB
|
|
LowTotal: 747444 kB
|
|
LowFree: 4432 kB
|
|
SwapTotal: 0 kB
|
|
SwapFree: 0 kB
|
|
Dirty: 968 kB
|
|
Writeback: 0 kB
|
|
Mapped: 280372 kB
|
|
Slab: 684068 kB
|
|
CommitLimit: 7669796 kB
|
|
Committed_AS: 100056 kB
|
|
PageTables: 24448 kB
|
|
VmallocTotal: 112216 kB
|
|
VmallocUsed: 428 kB
|
|
VmallocChunk: 111088 kB
|
|
|
|
MemTotal: Total usable ram (i.e. physical ram minus a few reserved
|
|
bits and the kernel binary code)
|
|
MemFree: The sum of LowFree+HighFree
|
|
Buffers: Relatively temporary storage for raw disk blocks
|
|
shouldn't get tremendously large (20MB or so)
|
|
Cached: in-memory cache for files read from the disk (the
|
|
pagecache). Doesn't include SwapCached
|
|
SwapCached: Memory that once was swapped out, is swapped back in but
|
|
still also is in the swapfile (if memory is needed it
|
|
doesn't need to be swapped out AGAIN because it is already
|
|
in the swapfile. This saves I/O)
|
|
Active: Memory that has been used more recently and usually not
|
|
reclaimed unless absolutely necessary.
|
|
Inactive: Memory which has been less recently used. It is more
|
|
eligible to be reclaimed for other purposes
|
|
HighTotal:
|
|
HighFree: Highmem is all memory above ~860MB of physical memory
|
|
Highmem areas are for use by userspace programs, or
|
|
for the pagecache. The kernel must use tricks to access
|
|
this memory, making it slower to access than lowmem.
|
|
LowTotal:
|
|
LowFree: Lowmem is memory which can be used for everything that
|
|
highmem can be used for, but it is also available for the
|
|
kernel's use for its own data structures. Among many
|
|
other things, it is where everything from the Slab is
|
|
allocated. Bad things happen when you're out of lowmem.
|
|
SwapTotal: total amount of swap space available
|
|
SwapFree: Memory which has been evicted from RAM, and is temporarily
|
|
on the disk
|
|
Dirty: Memory which is waiting to get written back to the disk
|
|
Writeback: Memory which is actively being written back to the disk
|
|
Mapped: files which have been mmaped, such as libraries
|
|
Slab: in-kernel data structures cache
|
|
CommitLimit: Based on the overcommit ratio ('vm.overcommit_ratio'),
|
|
this is the total amount of memory currently available to
|
|
be allocated on the system. This limit is only adhered to
|
|
if strict overcommit accounting is enabled (mode 2 in
|
|
'vm.overcommit_memory').
|
|
The CommitLimit is calculated with the following formula:
|
|
CommitLimit = ('vm.overcommit_ratio' * Physical RAM) + Swap
|
|
For example, on a system with 1G of physical RAM and 7G
|
|
of swap with a `vm.overcommit_ratio` of 30 it would
|
|
yield a CommitLimit of 7.3G.
|
|
For more details, see the memory overcommit documentation
|
|
in vm/overcommit-accounting.
|
|
Committed_AS: The amount of memory presently allocated on the system.
|
|
The committed memory is a sum of all of the memory which
|
|
has been allocated by processes, even if it has not been
|
|
"used" by them as of yet. A process which malloc()'s 1G
|
|
of memory, but only touches 300M of it will only show up
|
|
as using 300M of memory even if it has the address space
|
|
allocated for the entire 1G. This 1G is memory which has
|
|
been "committed" to by the VM and can be used at any time
|
|
by the allocating application. With strict overcommit
|
|
enabled on the system (mode 2 in 'vm.overcommit_memory'),
|
|
allocations which would exceed the CommitLimit (detailed
|
|
above) will not be permitted. This is useful if one needs
|
|
to guarantee that processes will not fail due to lack of
|
|
memory once that memory has been successfully allocated.
|
|
PageTables: amount of memory dedicated to the lowest level of page
|
|
tables.
|
|
VmallocTotal: total size of vmalloc memory area
|
|
VmallocUsed: amount of vmalloc area which is used
|
|
VmallocChunk: largest contigious block of vmalloc area which is free
|
|
|
|
|
|
1.3 IDE devices in /proc/ide
|
|
----------------------------
|
|
|
|
The subdirectory /proc/ide contains information about all IDE devices of which
|
|
the kernel is aware. There is one subdirectory for each IDE controller, the
|
|
file drivers and a link for each IDE device, pointing to the device directory
|
|
in the controller specific subtree.
|
|
|
|
The file drivers contains general information about the drivers used for the
|
|
IDE devices:
|
|
|
|
> cat /proc/ide/drivers
|
|
ide-cdrom version 4.53
|
|
ide-disk version 1.08
|
|
|
|
More detailed information can be found in the controller specific
|
|
subdirectories. These are named ide0, ide1 and so on. Each of these
|
|
directories contains the files shown in table 1-4.
|
|
|
|
|
|
Table 1-4: IDE controller info in /proc/ide/ide?
|
|
..............................................................................
|
|
File Content
|
|
channel IDE channel (0 or 1)
|
|
config Configuration (only for PCI/IDE bridge)
|
|
mate Mate name
|
|
model Type/Chipset of IDE controller
|
|
..............................................................................
|
|
|
|
Each device connected to a controller has a separate subdirectory in the
|
|
controllers directory. The files listed in table 1-5 are contained in these
|
|
directories.
|
|
|
|
|
|
Table 1-5: IDE device information
|
|
..............................................................................
|
|
File Content
|
|
cache The cache
|
|
capacity Capacity of the medium (in 512Byte blocks)
|
|
driver driver and version
|
|
geometry physical and logical geometry
|
|
identify device identify block
|
|
media media type
|
|
model device identifier
|
|
settings device setup
|
|
smart_thresholds IDE disk management thresholds
|
|
smart_values IDE disk management values
|
|
..............................................................................
|
|
|
|
The most interesting file is settings. This file contains a nice overview of
|
|
the drive parameters:
|
|
|
|
# cat /proc/ide/ide0/hda/settings
|
|
name value min max mode
|
|
---- ----- --- --- ----
|
|
bios_cyl 526 0 65535 rw
|
|
bios_head 255 0 255 rw
|
|
bios_sect 63 0 63 rw
|
|
breada_readahead 4 0 127 rw
|
|
bswap 0 0 1 r
|
|
file_readahead 72 0 2097151 rw
|
|
io_32bit 0 0 3 rw
|
|
keepsettings 0 0 1 rw
|
|
max_kb_per_request 122 1 127 rw
|
|
multcount 0 0 8 rw
|
|
nice1 1 0 1 rw
|
|
nowerr 0 0 1 rw
|
|
pio_mode write-only 0 255 w
|
|
slow 0 0 1 rw
|
|
unmaskirq 0 0 1 rw
|
|
using_dma 0 0 1 rw
|
|
|
|
|
|
1.4 Networking info in /proc/net
|
|
--------------------------------
|
|
|
|
The subdirectory /proc/net follows the usual pattern. Table 1-6 shows the
|
|
additional values you get for IP version 6 if you configure the kernel to
|
|
support this. Table 1-7 lists the files and their meaning.
|
|
|
|
|
|
Table 1-6: IPv6 info in /proc/net
|
|
..............................................................................
|
|
File Content
|
|
udp6 UDP sockets (IPv6)
|
|
tcp6 TCP sockets (IPv6)
|
|
raw6 Raw device statistics (IPv6)
|
|
igmp6 IP multicast addresses, which this host joined (IPv6)
|
|
if_inet6 List of IPv6 interface addresses
|
|
ipv6_route Kernel routing table for IPv6
|
|
rt6_stats Global IPv6 routing tables statistics
|
|
sockstat6 Socket statistics (IPv6)
|
|
snmp6 Snmp data (IPv6)
|
|
..............................................................................
|
|
|
|
|
|
Table 1-7: Network info in /proc/net
|
|
..............................................................................
|
|
File Content
|
|
arp Kernel ARP table
|
|
dev network devices with statistics
|
|
dev_mcast the Layer2 multicast groups a device is listening too
|
|
(interface index, label, number of references, number of bound
|
|
addresses).
|
|
dev_stat network device status
|
|
ip_fwchains Firewall chain linkage
|
|
ip_fwnames Firewall chain names
|
|
ip_masq Directory containing the masquerading tables
|
|
ip_masquerade Major masquerading table
|
|
netstat Network statistics
|
|
raw raw device statistics
|
|
route Kernel routing table
|
|
rpc Directory containing rpc info
|
|
rt_cache Routing cache
|
|
snmp SNMP data
|
|
sockstat Socket statistics
|
|
tcp TCP sockets
|
|
tr_rif Token ring RIF routing table
|
|
udp UDP sockets
|
|
unix UNIX domain sockets
|
|
wireless Wireless interface data (Wavelan etc)
|
|
igmp IP multicast addresses, which this host joined
|
|
psched Global packet scheduler parameters.
|
|
netlink List of PF_NETLINK sockets
|
|
ip_mr_vifs List of multicast virtual interfaces
|
|
ip_mr_cache List of multicast routing cache
|
|
..............................................................................
|
|
|
|
You can use this information to see which network devices are available in
|
|
your system and how much traffic was routed over those devices:
|
|
|
|
> cat /proc/net/dev
|
|
Inter-|Receive |[...
|
|
face |bytes packets errs drop fifo frame compressed multicast|[...
|
|
lo: 908188 5596 0 0 0 0 0 0 [...
|
|
ppp0:15475140 20721 410 0 0 410 0 0 [...
|
|
eth0: 614530 7085 0 0 0 0 0 1 [...
|
|
|
|
...] Transmit
|
|
...] bytes packets errs drop fifo colls carrier compressed
|
|
...] 908188 5596 0 0 0 0 0 0
|
|
...] 1375103 17405 0 0 0 0 0 0
|
|
...] 1703981 5535 0 0 0 3 0 0
|
|
|
|
In addition, each Channel Bond interface has it's own directory. For
|
|
example, the bond0 device will have a directory called /proc/net/bond0/.
|
|
It will contain information that is specific to that bond, such as the
|
|
current slaves of the bond, the link status of the slaves, and how
|
|
many times the slaves link has failed.
|
|
|
|
1.5 SCSI info
|
|
-------------
|
|
|
|
If you have a SCSI host adapter in your system, you'll find a subdirectory
|
|
named after the driver for this adapter in /proc/scsi. You'll also see a list
|
|
of all recognized SCSI devices in /proc/scsi:
|
|
|
|
>cat /proc/scsi/scsi
|
|
Attached devices:
|
|
Host: scsi0 Channel: 00 Id: 00 Lun: 00
|
|
Vendor: IBM Model: DGHS09U Rev: 03E0
|
|
Type: Direct-Access ANSI SCSI revision: 03
|
|
Host: scsi0 Channel: 00 Id: 06 Lun: 00
|
|
Vendor: PIONEER Model: CD-ROM DR-U06S Rev: 1.04
|
|
Type: CD-ROM ANSI SCSI revision: 02
|
|
|
|
|
|
The directory named after the driver has one file for each adapter found in
|
|
the system. These files contain information about the controller, including
|
|
the used IRQ and the IO address range. The amount of information shown is
|
|
dependent on the adapter you use. The example shows the output for an Adaptec
|
|
AHA-2940 SCSI adapter:
|
|
|
|
> cat /proc/scsi/aic7xxx/0
|
|
|
|
Adaptec AIC7xxx driver version: 5.1.19/3.2.4
|
|
Compile Options:
|
|
TCQ Enabled By Default : Disabled
|
|
AIC7XXX_PROC_STATS : Disabled
|
|
AIC7XXX_RESET_DELAY : 5
|
|
Adapter Configuration:
|
|
SCSI Adapter: Adaptec AHA-294X Ultra SCSI host adapter
|
|
Ultra Wide Controller
|
|
PCI MMAPed I/O Base: 0xeb001000
|
|
Adapter SEEPROM Config: SEEPROM found and used.
|
|
Adaptec SCSI BIOS: Enabled
|
|
IRQ: 10
|
|
SCBs: Active 0, Max Active 2,
|
|
Allocated 15, HW 16, Page 255
|
|
Interrupts: 160328
|
|
BIOS Control Word: 0x18b6
|
|
Adapter Control Word: 0x005b
|
|
Extended Translation: Enabled
|
|
Disconnect Enable Flags: 0xffff
|
|
Ultra Enable Flags: 0x0001
|
|
Tag Queue Enable Flags: 0x0000
|
|
Ordered Queue Tag Flags: 0x0000
|
|
Default Tag Queue Depth: 8
|
|
Tagged Queue By Device array for aic7xxx host instance 0:
|
|
{255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255}
|
|
Actual queue depth per device for aic7xxx host instance 0:
|
|
{1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1}
|
|
Statistics:
|
|
(scsi0:0:0:0)
|
|
Device using Wide/Sync transfers at 40.0 MByte/sec, offset 8
|
|
Transinfo settings: current(12/8/1/0), goal(12/8/1/0), user(12/15/1/0)
|
|
Total transfers 160151 (74577 reads and 85574 writes)
|
|
(scsi0:0:6:0)
|
|
Device using Narrow/Sync transfers at 5.0 MByte/sec, offset 15
|
|
Transinfo settings: current(50/15/0/0), goal(50/15/0/0), user(50/15/0/0)
|
|
Total transfers 0 (0 reads and 0 writes)
|
|
|
|
|
|
1.6 Parallel port info in /proc/parport
|
|
---------------------------------------
|
|
|
|
The directory /proc/parport contains information about the parallel ports of
|
|
your system. It has one subdirectory for each port, named after the port
|
|
number (0,1,2,...).
|
|
|
|
These directories contain the four files shown in Table 1-8.
|
|
|
|
|
|
Table 1-8: Files in /proc/parport
|
|
..............................................................................
|
|
File Content
|
|
autoprobe Any IEEE-1284 device ID information that has been acquired.
|
|
devices list of the device drivers using that port. A + will appear by the
|
|
name of the device currently using the port (it might not appear
|
|
against any).
|
|
hardware Parallel port's base address, IRQ line and DMA channel.
|
|
irq IRQ that parport is using for that port. This is in a separate
|
|
file to allow you to alter it by writing a new value in (IRQ
|
|
number or none).
|
|
..............................................................................
|
|
|
|
1.7 TTY info in /proc/tty
|
|
-------------------------
|
|
|
|
Information about the available and actually used tty's can be found in the
|
|
directory /proc/tty.You'll find entries for drivers and line disciplines in
|
|
this directory, as shown in Table 1-9.
|
|
|
|
|
|
Table 1-9: Files in /proc/tty
|
|
..............................................................................
|
|
File Content
|
|
drivers list of drivers and their usage
|
|
ldiscs registered line disciplines
|
|
driver/serial usage statistic and status of single tty lines
|
|
..............................................................................
|
|
|
|
To see which tty's are currently in use, you can simply look into the file
|
|
/proc/tty/drivers:
|
|
|
|
> cat /proc/tty/drivers
|
|
pty_slave /dev/pts 136 0-255 pty:slave
|
|
pty_master /dev/ptm 128 0-255 pty:master
|
|
pty_slave /dev/ttyp 3 0-255 pty:slave
|
|
pty_master /dev/pty 2 0-255 pty:master
|
|
serial /dev/cua 5 64-67 serial:callout
|
|
serial /dev/ttyS 4 64-67 serial
|
|
/dev/tty0 /dev/tty0 4 0 system:vtmaster
|
|
/dev/ptmx /dev/ptmx 5 2 system
|
|
/dev/console /dev/console 5 1 system:console
|
|
/dev/tty /dev/tty 5 0 system:/dev/tty
|
|
unknown /dev/tty 4 1-63 console
|
|
|
|
|
|
1.8 Miscellaneous kernel statistics in /proc/stat
|
|
-------------------------------------------------
|
|
|
|
Various pieces of information about kernel activity are available in the
|
|
/proc/stat file. All of the numbers reported in this file are aggregates
|
|
since the system first booted. For a quick look, simply cat the file:
|
|
|
|
> cat /proc/stat
|
|
cpu 2255 34 2290 22625563 6290 127 456
|
|
cpu0 1132 34 1441 11311718 3675 127 438
|
|
cpu1 1123 0 849 11313845 2614 0 18
|
|
intr 114930548 113199788 3 0 5 263 0 4 [... lots more numbers ...]
|
|
ctxt 1990473
|
|
btime 1062191376
|
|
processes 2915
|
|
procs_running 1
|
|
procs_blocked 0
|
|
|
|
The very first "cpu" line aggregates the numbers in all of the other "cpuN"
|
|
lines. These numbers identify the amount of time the CPU has spent performing
|
|
different kinds of work. Time units are in USER_HZ (typically hundredths of a
|
|
second). The meanings of the columns are as follows, from left to right:
|
|
|
|
- user: normal processes executing in user mode
|
|
- nice: niced processes executing in user mode
|
|
- system: processes executing in kernel mode
|
|
- idle: twiddling thumbs
|
|
- iowait: waiting for I/O to complete
|
|
- irq: servicing interrupts
|
|
- softirq: servicing softirqs
|
|
|
|
The "intr" line gives counts of interrupts serviced since boot time, for each
|
|
of the possible system interrupts. The first column is the total of all
|
|
interrupts serviced; each subsequent column is the total for that particular
|
|
interrupt.
|
|
|
|
The "ctxt" line gives the total number of context switches across all CPUs.
|
|
|
|
The "btime" line gives the time at which the system booted, in seconds since
|
|
the Unix epoch.
|
|
|
|
The "processes" line gives the number of processes and threads created, which
|
|
includes (but is not limited to) those created by calls to the fork() and
|
|
clone() system calls.
|
|
|
|
The "procs_running" line gives the number of processes currently running on
|
|
CPUs.
|
|
|
|
The "procs_blocked" line gives the number of processes currently blocked,
|
|
waiting for I/O to complete.
|
|
|
|
|
|
------------------------------------------------------------------------------
|
|
Summary
|
|
------------------------------------------------------------------------------
|
|
The /proc file system serves information about the running system. It not only
|
|
allows access to process data but also allows you to request the kernel status
|
|
by reading files in the hierarchy.
|
|
|
|
The directory structure of /proc reflects the types of information and makes
|
|
it easy, if not obvious, where to look for specific data.
|
|
------------------------------------------------------------------------------
|
|
|
|
------------------------------------------------------------------------------
|
|
CHAPTER 2: MODIFYING SYSTEM PARAMETERS
|
|
------------------------------------------------------------------------------
|
|
|
|
------------------------------------------------------------------------------
|
|
In This Chapter
|
|
------------------------------------------------------------------------------
|
|
* Modifying kernel parameters by writing into files found in /proc/sys
|
|
* Exploring the files which modify certain parameters
|
|
* Review of the /proc/sys file tree
|
|
------------------------------------------------------------------------------
|
|
|
|
|
|
A very interesting part of /proc is the directory /proc/sys. This is not only
|
|
a source of information, it also allows you to change parameters within the
|
|
kernel. Be very careful when attempting this. You can optimize your system,
|
|
but you can also cause it to crash. Never alter kernel parameters on a
|
|
production system. Set up a development machine and test to make sure that
|
|
everything works the way you want it to. You may have no alternative but to
|
|
reboot the machine once an error has been made.
|
|
|
|
To change a value, simply echo the new value into the file. An example is
|
|
given below in the section on the file system data. You need to be root to do
|
|
this. You can create your own boot script to perform this every time your
|
|
system boots.
|
|
|
|
The files in /proc/sys can be used to fine tune and monitor miscellaneous and
|
|
general things in the operation of the Linux kernel. Since some of the files
|
|
can inadvertently disrupt your system, it is advisable to read both
|
|
documentation and source before actually making adjustments. In any case, be
|
|
very careful when writing to any of these files. The entries in /proc may
|
|
change slightly between the 2.1.* and the 2.2 kernel, so if there is any doubt
|
|
review the kernel documentation in the directory /usr/src/linux/Documentation.
|
|
This chapter is heavily based on the documentation included in the pre 2.2
|
|
kernels, and became part of it in version 2.2.1 of the Linux kernel.
|
|
|
|
2.1 /proc/sys/fs - File system data
|
|
-----------------------------------
|
|
|
|
This subdirectory contains specific file system, file handle, inode, dentry
|
|
and quota information.
|
|
|
|
Currently, these files are in /proc/sys/fs:
|
|
|
|
dentry-state
|
|
------------
|
|
|
|
Status of the directory cache. Since directory entries are dynamically
|
|
allocated and deallocated, this file indicates the current status. It holds
|
|
six values, in which the last two are not used and are always zero. The others
|
|
are listed in table 2-1.
|
|
|
|
|
|
Table 2-1: Status files of the directory cache
|
|
..............................................................................
|
|
File Content
|
|
nr_dentry Almost always zero
|
|
nr_unused Number of unused cache entries
|
|
age_limit
|
|
in seconds after the entry may be reclaimed, when memory is short
|
|
want_pages internally
|
|
..............................................................................
|
|
|
|
dquot-nr and dquot-max
|
|
----------------------
|
|
|
|
The file dquot-max shows the maximum number of cached disk quota entries.
|
|
|
|
The file dquot-nr shows the number of allocated disk quota entries and the
|
|
number of free disk quota entries.
|
|
|
|
If the number of available cached disk quotas is very low and you have a large
|
|
number of simultaneous system users, you might want to raise the limit.
|
|
|
|
file-nr and file-max
|
|
--------------------
|
|
|
|
The kernel allocates file handles dynamically, but doesn't free them again at
|
|
this time.
|
|
|
|
The value in file-max denotes the maximum number of file handles that the
|
|
Linux kernel will allocate. When you get a lot of error messages about running
|
|
out of file handles, you might want to raise this limit. The default value is
|
|
10% of RAM in kilobytes. To change it, just write the new number into the
|
|
file:
|
|
|
|
# cat /proc/sys/fs/file-max
|
|
4096
|
|
# echo 8192 > /proc/sys/fs/file-max
|
|
# cat /proc/sys/fs/file-max
|
|
8192
|
|
|
|
|
|
This method of revision is useful for all customizable parameters of the
|
|
kernel - simply echo the new value to the corresponding file.
|
|
|
|
Historically, the three values in file-nr denoted the number of allocated file
|
|
handles, the number of allocated but unused file handles, and the maximum
|
|
number of file handles. Linux 2.6 always reports 0 as the number of free file
|
|
handles -- this is not an error, it just means that the number of allocated
|
|
file handles exactly matches the number of used file handles.
|
|
|
|
Attempts to allocate more file descriptors than file-max are reported with
|
|
printk, look for "VFS: file-max limit <number> reached".
|
|
|
|
inode-state and inode-nr
|
|
------------------------
|
|
|
|
The file inode-nr contains the first two items from inode-state, so we'll skip
|
|
to that file...
|
|
|
|
inode-state contains two actual numbers and five dummy values. The numbers
|
|
are nr_inodes and nr_free_inodes (in order of appearance).
|
|
|
|
nr_inodes
|
|
~~~~~~~~~
|
|
|
|
Denotes the number of inodes the system has allocated. This number will
|
|
grow and shrink dynamically.
|
|
|
|
nr_free_inodes
|
|
--------------
|
|
|
|
Represents the number of free inodes. Ie. The number of inuse inodes is
|
|
(nr_inodes - nr_free_inodes).
|
|
|
|
aio-nr and aio-max-nr
|
|
---------------------
|
|
|
|
aio-nr is the running total of the number of events specified on the
|
|
io_setup system call for all currently active aio contexts. If aio-nr
|
|
reaches aio-max-nr then io_setup will fail with EAGAIN. Note that
|
|
raising aio-max-nr does not result in the pre-allocation or re-sizing
|
|
of any kernel data structures.
|
|
|
|
2.2 /proc/sys/fs/binfmt_misc - Miscellaneous binary formats
|
|
-----------------------------------------------------------
|
|
|
|
Besides these files, there is the subdirectory /proc/sys/fs/binfmt_misc. This
|
|
handles the kernel support for miscellaneous binary formats.
|
|
|
|
Binfmt_misc provides the ability to register additional binary formats to the
|
|
Kernel without compiling an additional module/kernel. Therefore, binfmt_misc
|
|
needs to know magic numbers at the beginning or the filename extension of the
|
|
binary.
|
|
|
|
It works by maintaining a linked list of structs that contain a description of
|
|
a binary format, including a magic with size (or the filename extension),
|
|
offset and mask, and the interpreter name. On request it invokes the given
|
|
interpreter with the original program as argument, as binfmt_java and
|
|
binfmt_em86 and binfmt_mz do. Since binfmt_misc does not define any default
|
|
binary-formats, you have to register an additional binary-format.
|
|
|
|
There are two general files in binfmt_misc and one file per registered format.
|
|
The two general files are register and status.
|
|
|
|
Registering a new binary format
|
|
-------------------------------
|
|
|
|
To register a new binary format you have to issue the command
|
|
|
|
echo :name:type:offset:magic:mask:interpreter: > /proc/sys/fs/binfmt_misc/register
|
|
|
|
|
|
|
|
with appropriate name (the name for the /proc-dir entry), offset (defaults to
|
|
0, if omitted), magic, mask (which can be omitted, defaults to all 0xff) and
|
|
last but not least, the interpreter that is to be invoked (for example and
|
|
testing /bin/echo). Type can be M for usual magic matching or E for filename
|
|
extension matching (give extension in place of magic).
|
|
|
|
Check or reset the status of the binary format handler
|
|
------------------------------------------------------
|
|
|
|
If you do a cat on the file /proc/sys/fs/binfmt_misc/status, you will get the
|
|
current status (enabled/disabled) of binfmt_misc. Change the status by echoing
|
|
0 (disables) or 1 (enables) or -1 (caution: this clears all previously
|
|
registered binary formats) to status. For example echo 0 > status to disable
|
|
binfmt_misc (temporarily).
|
|
|
|
Status of a single handler
|
|
--------------------------
|
|
|
|
Each registered handler has an entry in /proc/sys/fs/binfmt_misc. These files
|
|
perform the same function as status, but their scope is limited to the actual
|
|
binary format. By cating this file, you also receive all related information
|
|
about the interpreter/magic of the binfmt.
|
|
|
|
Example usage of binfmt_misc (emulate binfmt_java)
|
|
--------------------------------------------------
|
|
|
|
cd /proc/sys/fs/binfmt_misc
|
|
echo ':Java:M::\xca\xfe\xba\xbe::/usr/local/java/bin/javawrapper:' > register
|
|
echo ':HTML:E::html::/usr/local/java/bin/appletviewer:' > register
|
|
echo ':Applet:M::<!--applet::/usr/local/java/bin/appletviewer:' > register
|
|
echo ':DEXE:M::\x0eDEX::/usr/bin/dosexec:' > register
|
|
|
|
|
|
These four lines add support for Java executables and Java applets (like
|
|
binfmt_java, additionally recognizing the .html extension with no need to put
|
|
<!--applet> to every applet file). You have to install the JDK and the
|
|
shell-script /usr/local/java/bin/javawrapper too. It works around the
|
|
brokenness of the Java filename handling. To add a Java binary, just create a
|
|
link to the class-file somewhere in the path.
|
|
|
|
2.3 /proc/sys/kernel - general kernel parameters
|
|
------------------------------------------------
|
|
|
|
This directory reflects general kernel behaviors. As I've said before, the
|
|
contents depend on your configuration. Here you'll find the most important
|
|
files, along with descriptions of what they mean and how to use them.
|
|
|
|
acct
|
|
----
|
|
|
|
The file contains three values; highwater, lowwater, and frequency.
|
|
|
|
It exists only when BSD-style process accounting is enabled. These values
|
|
control its behavior. If the free space on the file system where the log lives
|
|
goes below lowwater percentage, accounting suspends. If it goes above
|
|
highwater percentage, accounting resumes. Frequency determines how often you
|
|
check the amount of free space (value is in seconds). Default settings are: 4,
|
|
2, and 30. That is, suspend accounting if there is less than 2 percent free;
|
|
resume it if we have a value of 3 or more percent; consider information about
|
|
the amount of free space valid for 30 seconds
|
|
|
|
ctrl-alt-del
|
|
------------
|
|
|
|
When the value in this file is 0, ctrl-alt-del is trapped and sent to the init
|
|
program to handle a graceful restart. However, when the value is greater that
|
|
zero, Linux's reaction to this key combination will be an immediate reboot,
|
|
without syncing its dirty buffers.
|
|
|
|
[NOTE]
|
|
When a program (like dosemu) has the keyboard in raw mode, the
|
|
ctrl-alt-del is intercepted by the program before it ever reaches the
|
|
kernel tty layer, and it is up to the program to decide what to do with
|
|
it.
|
|
|
|
domainname and hostname
|
|
-----------------------
|
|
|
|
These files can be controlled to set the NIS domainname and hostname of your
|
|
box. For the classic darkstar.frop.org a simple:
|
|
|
|
# echo "darkstar" > /proc/sys/kernel/hostname
|
|
# echo "frop.org" > /proc/sys/kernel/domainname
|
|
|
|
|
|
would suffice to set your hostname and NIS domainname.
|
|
|
|
osrelease, ostype and version
|
|
-----------------------------
|
|
|
|
The names make it pretty obvious what these fields contain:
|
|
|
|
> cat /proc/sys/kernel/osrelease
|
|
2.2.12
|
|
|
|
> cat /proc/sys/kernel/ostype
|
|
Linux
|
|
|
|
> cat /proc/sys/kernel/version
|
|
#4 Fri Oct 1 12:41:14 PDT 1999
|
|
|
|
|
|
The files osrelease and ostype should be clear enough. Version needs a little
|
|
more clarification. The #4 means that this is the 4th kernel built from this
|
|
source base and the date after it indicates the time the kernel was built. The
|
|
only way to tune these values is to rebuild the kernel.
|
|
|
|
panic
|
|
-----
|
|
|
|
The value in this file represents the number of seconds the kernel waits
|
|
before rebooting on a panic. When you use the software watchdog, the
|
|
recommended setting is 60. If set to 0, the auto reboot after a kernel panic
|
|
is disabled, which is the default setting.
|
|
|
|
printk
|
|
------
|
|
|
|
The four values in printk denote
|
|
* console_loglevel,
|
|
* default_message_loglevel,
|
|
* minimum_console_loglevel and
|
|
* default_console_loglevel
|
|
respectively.
|
|
|
|
These values influence printk() behavior when printing or logging error
|
|
messages, which come from inside the kernel. See syslog(2) for more
|
|
information on the different log levels.
|
|
|
|
console_loglevel
|
|
----------------
|
|
|
|
Messages with a higher priority than this will be printed to the console.
|
|
|
|
default_message_level
|
|
---------------------
|
|
|
|
Messages without an explicit priority will be printed with this priority.
|
|
|
|
minimum_console_loglevel
|
|
------------------------
|
|
|
|
Minimum (highest) value to which the console_loglevel can be set.
|
|
|
|
default_console_loglevel
|
|
------------------------
|
|
|
|
Default value for console_loglevel.
|
|
|
|
sg-big-buff
|
|
-----------
|
|
|
|
This file shows the size of the generic SCSI (sg) buffer. At this point, you
|
|
can't tune it yet, but you can change it at compile time by editing
|
|
include/scsi/sg.h and changing the value of SG_BIG_BUFF.
|
|
|
|
If you use a scanner with SANE (Scanner Access Now Easy) you might want to set
|
|
this to a higher value. Refer to the SANE documentation on this issue.
|
|
|
|
modprobe
|
|
--------
|
|
|
|
The location where the modprobe binary is located. The kernel uses this
|
|
program to load modules on demand.
|
|
|
|
unknown_nmi_panic
|
|
-----------------
|
|
|
|
The value in this file affects behavior of handling NMI. When the value is
|
|
non-zero, unknown NMI is trapped and then panic occurs. At that time, kernel
|
|
debugging information is displayed on console.
|
|
|
|
NMI switch that most IA32 servers have fires unknown NMI up, for example.
|
|
If a system hangs up, try pressing the NMI switch.
|
|
|
|
nmi_watchdog
|
|
------------
|
|
|
|
Enables/Disables the NMI watchdog on x86 systems. When the value is non-zero
|
|
the NMI watchdog is enabled and will continuously test all online cpus to
|
|
determine whether or not they are still functioning properly.
|
|
|
|
Because the NMI watchdog shares registers with oprofile, by disabling the NMI
|
|
watchdog, oprofile may have more registers to utilize.
|
|
|
|
maps_protect
|
|
------------
|
|
|
|
Enables/Disables the protection of the per-process proc entries "maps" and
|
|
"smaps". When enabled, the contents of these files are visible only to
|
|
readers that are allowed to ptrace() the given process.
|
|
|
|
|
|
2.4 /proc/sys/vm - The virtual memory subsystem
|
|
-----------------------------------------------
|
|
|
|
The files in this directory can be used to tune the operation of the virtual
|
|
memory (VM) subsystem of the Linux kernel.
|
|
|
|
vfs_cache_pressure
|
|
------------------
|
|
|
|
Controls the tendency of the kernel to reclaim the memory which is used for
|
|
caching of directory and inode objects.
|
|
|
|
At the default value of vfs_cache_pressure=100 the kernel will attempt to
|
|
reclaim dentries and inodes at a "fair" rate with respect to pagecache and
|
|
swapcache reclaim. Decreasing vfs_cache_pressure causes the kernel to prefer
|
|
to retain dentry and inode caches. Increasing vfs_cache_pressure beyond 100
|
|
causes the kernel to prefer to reclaim dentries and inodes.
|
|
|
|
dirty_background_ratio
|
|
----------------------
|
|
|
|
Contains, as a percentage of total system memory, the number of pages at which
|
|
the pdflush background writeback daemon will start writing out dirty data.
|
|
|
|
dirty_ratio
|
|
-----------------
|
|
|
|
Contains, as a percentage of total system memory, the number of pages at which
|
|
a process which is generating disk writes will itself start writing out dirty
|
|
data.
|
|
|
|
dirty_writeback_centisecs
|
|
-------------------------
|
|
|
|
The pdflush writeback daemons will periodically wake up and write `old' data
|
|
out to disk. This tunable expresses the interval between those wakeups, in
|
|
100'ths of a second.
|
|
|
|
Setting this to zero disables periodic writeback altogether.
|
|
|
|
dirty_expire_centisecs
|
|
----------------------
|
|
|
|
This tunable is used to define when dirty data is old enough to be eligible
|
|
for writeout by the pdflush daemons. It is expressed in 100'ths of a second.
|
|
Data which has been dirty in-memory for longer than this interval will be
|
|
written out next time a pdflush daemon wakes up.
|
|
|
|
legacy_va_layout
|
|
----------------
|
|
|
|
If non-zero, this sysctl disables the new 32-bit mmap mmap layout - the kernel
|
|
will use the legacy (2.4) layout for all processes.
|
|
|
|
lower_zone_protection
|
|
---------------------
|
|
|
|
For some specialised workloads on highmem machines it is dangerous for
|
|
the kernel to allow process memory to be allocated from the "lowmem"
|
|
zone. This is because that memory could then be pinned via the mlock()
|
|
system call, or by unavailability of swapspace.
|
|
|
|
And on large highmem machines this lack of reclaimable lowmem memory
|
|
can be fatal.
|
|
|
|
So the Linux page allocator has a mechanism which prevents allocations
|
|
which _could_ use highmem from using too much lowmem. This means that
|
|
a certain amount of lowmem is defended from the possibility of being
|
|
captured into pinned user memory.
|
|
|
|
(The same argument applies to the old 16 megabyte ISA DMA region. This
|
|
mechanism will also defend that region from allocations which could use
|
|
highmem or lowmem).
|
|
|
|
The `lower_zone_protection' tunable determines how aggressive the kernel is
|
|
in defending these lower zones. The default value is zero - no
|
|
protection at all.
|
|
|
|
If you have a machine which uses highmem or ISA DMA and your
|
|
applications are using mlock(), or if you are running with no swap then
|
|
you probably should increase the lower_zone_protection setting.
|
|
|
|
The units of this tunable are fairly vague. It is approximately equal
|
|
to "megabytes," so setting lower_zone_protection=100 will protect around 100
|
|
megabytes of the lowmem zone from user allocations. It will also make
|
|
those 100 megabytes unavailable for use by applications and by
|
|
pagecache, so there is a cost.
|
|
|
|
The effects of this tunable may be observed by monitoring
|
|
/proc/meminfo:LowFree. Write a single huge file and observe the point
|
|
at which LowFree ceases to fall.
|
|
|
|
A reasonable value for lower_zone_protection is 100.
|
|
|
|
page-cluster
|
|
------------
|
|
|
|
page-cluster controls the number of pages which are written to swap in
|
|
a single attempt. The swap I/O size.
|
|
|
|
It is a logarithmic value - setting it to zero means "1 page", setting
|
|
it to 1 means "2 pages", setting it to 2 means "4 pages", etc.
|
|
|
|
The default value is three (eight pages at a time). There may be some
|
|
small benefits in tuning this to a different value if your workload is
|
|
swap-intensive.
|
|
|
|
overcommit_memory
|
|
-----------------
|
|
|
|
Controls overcommit of system memory, possibly allowing processes
|
|
to allocate (but not use) more memory than is actually available.
|
|
|
|
|
|
0 - Heuristic overcommit handling. Obvious overcommits of
|
|
address space are refused. Used for a typical system. It
|
|
ensures a seriously wild allocation fails while allowing
|
|
overcommit to reduce swap usage. root is allowed to
|
|
allocate slightly more memory in this mode. This is the
|
|
default.
|
|
|
|
1 - Always overcommit. Appropriate for some scientific
|
|
applications.
|
|
|
|
2 - Don't overcommit. The total address space commit
|
|
for the system is not permitted to exceed swap plus a
|
|
configurable percentage (default is 50) of physical RAM.
|
|
Depending on the percentage you use, in most situations
|
|
this means a process will not be killed while attempting
|
|
to use already-allocated memory but will receive errors
|
|
on memory allocation as appropriate.
|
|
|
|
overcommit_ratio
|
|
----------------
|
|
|
|
Percentage of physical memory size to include in overcommit calculations
|
|
(see above.)
|
|
|
|
Memory allocation limit = swapspace + physmem * (overcommit_ratio / 100)
|
|
|
|
swapspace = total size of all swap areas
|
|
physmem = size of physical memory in system
|
|
|
|
nr_hugepages and hugetlb_shm_group
|
|
----------------------------------
|
|
|
|
nr_hugepages configures number of hugetlb page reserved for the system.
|
|
|
|
hugetlb_shm_group contains group id that is allowed to create SysV shared
|
|
memory segment using hugetlb page.
|
|
|
|
laptop_mode
|
|
-----------
|
|
|
|
laptop_mode is a knob that controls "laptop mode". All the things that are
|
|
controlled by this knob are discussed in Documentation/laptop-mode.txt.
|
|
|
|
block_dump
|
|
----------
|
|
|
|
block_dump enables block I/O debugging when set to a nonzero value. More
|
|
information on block I/O debugging is in Documentation/laptop-mode.txt.
|
|
|
|
swap_token_timeout
|
|
------------------
|
|
|
|
This file contains valid hold time of swap out protection token. The Linux
|
|
VM has token based thrashing control mechanism and uses the token to prevent
|
|
unnecessary page faults in thrashing situation. The unit of the value is
|
|
second. The value would be useful to tune thrashing behavior.
|
|
|
|
drop_caches
|
|
-----------
|
|
|
|
Writing to this will cause the kernel to drop clean caches, dentries and
|
|
inodes from memory, causing that memory to become free.
|
|
|
|
To free pagecache:
|
|
echo 1 > /proc/sys/vm/drop_caches
|
|
To free dentries and inodes:
|
|
echo 2 > /proc/sys/vm/drop_caches
|
|
To free pagecache, dentries and inodes:
|
|
echo 3 > /proc/sys/vm/drop_caches
|
|
|
|
As this is a non-destructive operation and dirty objects are not freeable, the
|
|
user should run `sync' first.
|
|
|
|
|
|
2.5 /proc/sys/dev - Device specific parameters
|
|
----------------------------------------------
|
|
|
|
Currently there is only support for CDROM drives, and for those, there is only
|
|
one read-only file containing information about the CD-ROM drives attached to
|
|
the system:
|
|
|
|
>cat /proc/sys/dev/cdrom/info
|
|
CD-ROM information, Id: cdrom.c 2.55 1999/04/25
|
|
|
|
drive name: sr0 hdb
|
|
drive speed: 32 40
|
|
drive # of slots: 1 0
|
|
Can close tray: 1 1
|
|
Can open tray: 1 1
|
|
Can lock tray: 1 1
|
|
Can change speed: 1 1
|
|
Can select disk: 0 1
|
|
Can read multisession: 1 1
|
|
Can read MCN: 1 1
|
|
Reports media changed: 1 1
|
|
Can play audio: 1 1
|
|
|
|
|
|
You see two drives, sr0 and hdb, along with a list of their features.
|
|
|
|
2.6 /proc/sys/sunrpc - Remote procedure calls
|
|
---------------------------------------------
|
|
|
|
This directory contains four files, which enable or disable debugging for the
|
|
RPC functions NFS, NFS-daemon, RPC and NLM. The default values are 0. They can
|
|
be set to one to turn debugging on. (The default value is 0 for each)
|
|
|
|
2.7 /proc/sys/net - Networking stuff
|
|
------------------------------------
|
|
|
|
The interface to the networking parts of the kernel is located in
|
|
/proc/sys/net. Table 2-3 shows all possible subdirectories. You may see only
|
|
some of them, depending on your kernel's configuration.
|
|
|
|
|
|
Table 2-3: Subdirectories in /proc/sys/net
|
|
..............................................................................
|
|
Directory Content Directory Content
|
|
core General parameter appletalk Appletalk protocol
|
|
unix Unix domain sockets netrom NET/ROM
|
|
802 E802 protocol ax25 AX25
|
|
ethernet Ethernet protocol rose X.25 PLP layer
|
|
ipv4 IP version 4 x25 X.25 protocol
|
|
ipx IPX token-ring IBM token ring
|
|
bridge Bridging decnet DEC net
|
|
ipv6 IP version 6
|
|
..............................................................................
|
|
|
|
We will concentrate on IP networking here. Since AX15, X.25, and DEC Net are
|
|
only minor players in the Linux world, we'll skip them in this chapter. You'll
|
|
find some short info on Appletalk and IPX further on in this chapter. Review
|
|
the online documentation and the kernel source to get a detailed view of the
|
|
parameters for those protocols. In this section we'll discuss the
|
|
subdirectories printed in bold letters in the table above. As default values
|
|
are suitable for most needs, there is no need to change these values.
|
|
|
|
/proc/sys/net/core - Network core options
|
|
-----------------------------------------
|
|
|
|
rmem_default
|
|
------------
|
|
|
|
The default setting of the socket receive buffer in bytes.
|
|
|
|
rmem_max
|
|
--------
|
|
|
|
The maximum receive socket buffer size in bytes.
|
|
|
|
wmem_default
|
|
------------
|
|
|
|
The default setting (in bytes) of the socket send buffer.
|
|
|
|
wmem_max
|
|
--------
|
|
|
|
The maximum send socket buffer size in bytes.
|
|
|
|
message_burst and message_cost
|
|
------------------------------
|
|
|
|
These parameters are used to limit the warning messages written to the kernel
|
|
log from the networking code. They enforce a rate limit to make a
|
|
denial-of-service attack impossible. A higher message_cost factor, results in
|
|
fewer messages that will be written. Message_burst controls when messages will
|
|
be dropped. The default settings limit warning messages to one every five
|
|
seconds.
|
|
|
|
warnings
|
|
--------
|
|
|
|
This controls console messages from the networking stack that can occur because
|
|
of problems on the network like duplicate address or bad checksums. Normally,
|
|
this should be enabled, but if the problem persists the messages can be
|
|
disabled.
|
|
|
|
|
|
netdev_max_backlog
|
|
------------------
|
|
|
|
Maximum number of packets, queued on the INPUT side, when the interface
|
|
receives packets faster than kernel can process them.
|
|
|
|
optmem_max
|
|
----------
|
|
|
|
Maximum ancillary buffer size allowed per socket. Ancillary data is a sequence
|
|
of struct cmsghdr structures with appended data.
|
|
|
|
/proc/sys/net/unix - Parameters for Unix domain sockets
|
|
-------------------------------------------------------
|
|
|
|
There are only two files in this subdirectory. They control the delays for
|
|
deleting and destroying socket descriptors.
|
|
|
|
2.8 /proc/sys/net/ipv4 - IPV4 settings
|
|
--------------------------------------
|
|
|
|
IP version 4 is still the most used protocol in Unix networking. It will be
|
|
replaced by IP version 6 in the next couple of years, but for the moment it's
|
|
the de facto standard for the internet and is used in most networking
|
|
environments around the world. Because of the importance of this protocol,
|
|
we'll have a deeper look into the subtree controlling the behavior of the IPv4
|
|
subsystem of the Linux kernel.
|
|
|
|
Let's start with the entries in /proc/sys/net/ipv4.
|
|
|
|
ICMP settings
|
|
-------------
|
|
|
|
icmp_echo_ignore_all and icmp_echo_ignore_broadcasts
|
|
----------------------------------------------------
|
|
|
|
Turn on (1) or off (0), if the kernel should ignore all ICMP ECHO requests, or
|
|
just those to broadcast and multicast addresses.
|
|
|
|
Please note that if you accept ICMP echo requests with a broadcast/multi\-cast
|
|
destination address your network may be used as an exploder for denial of
|
|
service packet flooding attacks to other hosts.
|
|
|
|
icmp_destunreach_rate, icmp_echoreply_rate, icmp_paramprob_rate and icmp_timeexeed_rate
|
|
---------------------------------------------------------------------------------------
|
|
|
|
Sets limits for sending ICMP packets to specific targets. A value of zero
|
|
disables all limiting. Any positive value sets the maximum package rate in
|
|
hundredth of a second (on Intel systems).
|
|
|
|
IP settings
|
|
-----------
|
|
|
|
ip_autoconfig
|
|
-------------
|
|
|
|
This file contains the number one if the host received its IP configuration by
|
|
RARP, BOOTP, DHCP or a similar mechanism. Otherwise it is zero.
|
|
|
|
ip_default_ttl
|
|
--------------
|
|
|
|
TTL (Time To Live) for IPv4 interfaces. This is simply the maximum number of
|
|
hops a packet may travel.
|
|
|
|
ip_dynaddr
|
|
----------
|
|
|
|
Enable dynamic socket address rewriting on interface address change. This is
|
|
useful for dialup interface with changing IP addresses.
|
|
|
|
ip_forward
|
|
----------
|
|
|
|
Enable or disable forwarding of IP packages between interfaces. Changing this
|
|
value resets all other parameters to their default values. They differ if the
|
|
kernel is configured as host or router.
|
|
|
|
ip_local_port_range
|
|
-------------------
|
|
|
|
Range of ports used by TCP and UDP to choose the local port. Contains two
|
|
numbers, the first number is the lowest port, the second number the highest
|
|
local port. Default is 1024-4999. Should be changed to 32768-61000 for
|
|
high-usage systems.
|
|
|
|
ip_no_pmtu_disc
|
|
---------------
|
|
|
|
Global switch to turn path MTU discovery off. It can also be set on a per
|
|
socket basis by the applications or on a per route basis.
|
|
|
|
ip_masq_debug
|
|
-------------
|
|
|
|
Enable/disable debugging of IP masquerading.
|
|
|
|
IP fragmentation settings
|
|
-------------------------
|
|
|
|
ipfrag_high_trash and ipfrag_low_trash
|
|
--------------------------------------
|
|
|
|
Maximum memory used to reassemble IP fragments. When ipfrag_high_thresh bytes
|
|
of memory is allocated for this purpose, the fragment handler will toss
|
|
packets until ipfrag_low_thresh is reached.
|
|
|
|
ipfrag_time
|
|
-----------
|
|
|
|
Time in seconds to keep an IP fragment in memory.
|
|
|
|
TCP settings
|
|
------------
|
|
|
|
tcp_ecn
|
|
-------
|
|
|
|
This file controls the use of the ECN bit in the IPv4 headers. This is a new
|
|
feature about Explicit Congestion Notification, but some routers and firewalls
|
|
block traffic that has this bit set, so it could be necessary to echo 0 to
|
|
/proc/sys/net/ipv4/tcp_ecn if you want to talk to these sites. For more info
|
|
you could read RFC2481.
|
|
|
|
tcp_retrans_collapse
|
|
--------------------
|
|
|
|
Bug-to-bug compatibility with some broken printers. On retransmit, try to send
|
|
larger packets to work around bugs in certain TCP stacks. Can be turned off by
|
|
setting it to zero.
|
|
|
|
tcp_keepalive_probes
|
|
--------------------
|
|
|
|
Number of keep alive probes TCP sends out, until it decides that the
|
|
connection is broken.
|
|
|
|
tcp_keepalive_time
|
|
------------------
|
|
|
|
How often TCP sends out keep alive messages, when keep alive is enabled. The
|
|
default is 2 hours.
|
|
|
|
tcp_syn_retries
|
|
---------------
|
|
|
|
Number of times initial SYNs for a TCP connection attempt will be
|
|
retransmitted. Should not be higher than 255. This is only the timeout for
|
|
outgoing connections, for incoming connections the number of retransmits is
|
|
defined by tcp_retries1.
|
|
|
|
tcp_sack
|
|
--------
|
|
|
|
Enable select acknowledgments after RFC2018.
|
|
|
|
tcp_timestamps
|
|
--------------
|
|
|
|
Enable timestamps as defined in RFC1323.
|
|
|
|
tcp_stdurg
|
|
----------
|
|
|
|
Enable the strict RFC793 interpretation of the TCP urgent pointer field. The
|
|
default is to use the BSD compatible interpretation of the urgent pointer
|
|
pointing to the first byte after the urgent data. The RFC793 interpretation is
|
|
to have it point to the last byte of urgent data. Enabling this option may
|
|
lead to interoperability problems. Disabled by default.
|
|
|
|
tcp_syncookies
|
|
--------------
|
|
|
|
Only valid when the kernel was compiled with CONFIG_SYNCOOKIES. Send out
|
|
syncookies when the syn backlog queue of a socket overflows. This is to ward
|
|
off the common 'syn flood attack'. Disabled by default.
|
|
|
|
Note that the concept of a socket backlog is abandoned. This means the peer
|
|
may not receive reliable error messages from an over loaded server with
|
|
syncookies enabled.
|
|
|
|
tcp_window_scaling
|
|
------------------
|
|
|
|
Enable window scaling as defined in RFC1323.
|
|
|
|
tcp_fin_timeout
|
|
---------------
|
|
|
|
The length of time in seconds it takes to receive a final FIN before the
|
|
socket is always closed. This is strictly a violation of the TCP
|
|
specification, but required to prevent denial-of-service attacks.
|
|
|
|
tcp_max_ka_probes
|
|
-----------------
|
|
|
|
Indicates how many keep alive probes are sent per slow timer run. Should not
|
|
be set too high to prevent bursts.
|
|
|
|
tcp_max_syn_backlog
|
|
-------------------
|
|
|
|
Length of the per socket backlog queue. Since Linux 2.2 the backlog specified
|
|
in listen(2) only specifies the length of the backlog queue of already
|
|
established sockets. When more connection requests arrive Linux starts to drop
|
|
packets. When syncookies are enabled the packets are still answered and the
|
|
maximum queue is effectively ignored.
|
|
|
|
tcp_retries1
|
|
------------
|
|
|
|
Defines how often an answer to a TCP connection request is retransmitted
|
|
before giving up.
|
|
|
|
tcp_retries2
|
|
------------
|
|
|
|
Defines how often a TCP packet is retransmitted before giving up.
|
|
|
|
Interface specific settings
|
|
---------------------------
|
|
|
|
In the directory /proc/sys/net/ipv4/conf you'll find one subdirectory for each
|
|
interface the system knows about and one directory calls all. Changes in the
|
|
all subdirectory affect all interfaces, whereas changes in the other
|
|
subdirectories affect only one interface. All directories have the same
|
|
entries:
|
|
|
|
accept_redirects
|
|
----------------
|
|
|
|
This switch decides if the kernel accepts ICMP redirect messages or not. The
|
|
default is 'yes' if the kernel is configured for a regular host and 'no' for a
|
|
router configuration.
|
|
|
|
accept_source_route
|
|
-------------------
|
|
|
|
Should source routed packages be accepted or declined. The default is
|
|
dependent on the kernel configuration. It's 'yes' for routers and 'no' for
|
|
hosts.
|
|
|
|
bootp_relay
|
|
~~~~~~~~~~~
|
|
|
|
Accept packets with source address 0.b.c.d with destinations not to this host
|
|
as local ones. It is supposed that a BOOTP relay daemon will catch and forward
|
|
such packets.
|
|
|
|
The default is 0, since this feature is not implemented yet (kernel version
|
|
2.2.12).
|
|
|
|
forwarding
|
|
----------
|
|
|
|
Enable or disable IP forwarding on this interface.
|
|
|
|
log_martians
|
|
------------
|
|
|
|
Log packets with source addresses with no known route to kernel log.
|
|
|
|
mc_forwarding
|
|
-------------
|
|
|
|
Do multicast routing. The kernel needs to be compiled with CONFIG_MROUTE and a
|
|
multicast routing daemon is required.
|
|
|
|
proxy_arp
|
|
---------
|
|
|
|
Does (1) or does not (0) perform proxy ARP.
|
|
|
|
rp_filter
|
|
---------
|
|
|
|
Integer value determines if a source validation should be made. 1 means yes, 0
|
|
means no. Disabled by default, but local/broadcast address spoofing is always
|
|
on.
|
|
|
|
If you set this to 1 on a router that is the only connection for a network to
|
|
the net, it will prevent spoofing attacks against your internal networks
|
|
(external addresses can still be spoofed), without the need for additional
|
|
firewall rules.
|
|
|
|
secure_redirects
|
|
----------------
|
|
|
|
Accept ICMP redirect messages only for gateways, listed in default gateway
|
|
list. Enabled by default.
|
|
|
|
shared_media
|
|
------------
|
|
|
|
If it is not set the kernel does not assume that different subnets on this
|
|
device can communicate directly. Default setting is 'yes'.
|
|
|
|
send_redirects
|
|
--------------
|
|
|
|
Determines whether to send ICMP redirects to other hosts.
|
|
|
|
Routing settings
|
|
----------------
|
|
|
|
The directory /proc/sys/net/ipv4/route contains several file to control
|
|
routing issues.
|
|
|
|
error_burst and error_cost
|
|
--------------------------
|
|
|
|
These parameters are used to limit how many ICMP destination unreachable to
|
|
send from the host in question. ICMP destination unreachable messages are
|
|
sent when we cannot reach the next hop while trying to transmit a packet.
|
|
It will also print some error messages to kernel logs if someone is ignoring
|
|
our ICMP redirects. The higher the error_cost factor is, the fewer
|
|
destination unreachable and error messages will be let through. Error_burst
|
|
controls when destination unreachable messages and error messages will be
|
|
dropped. The default settings limit warning messages to five every second.
|
|
|
|
flush
|
|
-----
|
|
|
|
Writing to this file results in a flush of the routing cache.
|
|
|
|
gc_elasticity, gc_interval, gc_min_interval_ms, gc_timeout, gc_thresh
|
|
---------------------------------------------------------------------
|
|
|
|
Values to control the frequency and behavior of the garbage collection
|
|
algorithm for the routing cache. gc_min_interval is deprecated and replaced
|
|
by gc_min_interval_ms.
|
|
|
|
|
|
max_size
|
|
--------
|
|
|
|
Maximum size of the routing cache. Old entries will be purged once the cache
|
|
reached has this size.
|
|
|
|
max_delay, min_delay
|
|
--------------------
|
|
|
|
Delays for flushing the routing cache.
|
|
|
|
redirect_load, redirect_number
|
|
------------------------------
|
|
|
|
Factors which determine if more ICPM redirects should be sent to a specific
|
|
host. No redirects will be sent once the load limit or the maximum number of
|
|
redirects has been reached.
|
|
|
|
redirect_silence
|
|
----------------
|
|
|
|
Timeout for redirects. After this period redirects will be sent again, even if
|
|
this has been stopped, because the load or number limit has been reached.
|
|
|
|
Network Neighbor handling
|
|
-------------------------
|
|
|
|
Settings about how to handle connections with direct neighbors (nodes attached
|
|
to the same link) can be found in the directory /proc/sys/net/ipv4/neigh.
|
|
|
|
As we saw it in the conf directory, there is a default subdirectory which
|
|
holds the default values, and one directory for each interface. The contents
|
|
of the directories are identical, with the single exception that the default
|
|
settings contain additional options to set garbage collection parameters.
|
|
|
|
In the interface directories you'll find the following entries:
|
|
|
|
base_reachable_time, base_reachable_time_ms
|
|
-------------------------------------------
|
|
|
|
A base value used for computing the random reachable time value as specified
|
|
in RFC2461.
|
|
|
|
Expression of base_reachable_time, which is deprecated, is in seconds.
|
|
Expression of base_reachable_time_ms is in milliseconds.
|
|
|
|
retrans_time, retrans_time_ms
|
|
-----------------------------
|
|
|
|
The time between retransmitted Neighbor Solicitation messages.
|
|
Used for address resolution and to determine if a neighbor is
|
|
unreachable.
|
|
|
|
Expression of retrans_time, which is deprecated, is in 1/100 seconds (for
|
|
IPv4) or in jiffies (for IPv6).
|
|
Expression of retrans_time_ms is in milliseconds.
|
|
|
|
unres_qlen
|
|
----------
|
|
|
|
Maximum queue length for a pending arp request - the number of packets which
|
|
are accepted from other layers while the ARP address is still resolved.
|
|
|
|
anycast_delay
|
|
-------------
|
|
|
|
Maximum for random delay of answers to neighbor solicitation messages in
|
|
jiffies (1/100 sec). Not yet implemented (Linux does not have anycast support
|
|
yet).
|
|
|
|
ucast_solicit
|
|
-------------
|
|
|
|
Maximum number of retries for unicast solicitation.
|
|
|
|
mcast_solicit
|
|
-------------
|
|
|
|
Maximum number of retries for multicast solicitation.
|
|
|
|
delay_first_probe_time
|
|
----------------------
|
|
|
|
Delay for the first time probe if the neighbor is reachable. (see
|
|
gc_stale_time)
|
|
|
|
locktime
|
|
--------
|
|
|
|
An ARP/neighbor entry is only replaced with a new one if the old is at least
|
|
locktime old. This prevents ARP cache thrashing.
|
|
|
|
proxy_delay
|
|
-----------
|
|
|
|
Maximum time (real time is random [0..proxytime]) before answering to an ARP
|
|
request for which we have an proxy ARP entry. In some cases, this is used to
|
|
prevent network flooding.
|
|
|
|
proxy_qlen
|
|
----------
|
|
|
|
Maximum queue length of the delayed proxy arp timer. (see proxy_delay).
|
|
|
|
app_solicit
|
|
----------
|
|
|
|
Determines the number of requests to send to the user level ARP daemon. Use 0
|
|
to turn off.
|
|
|
|
gc_stale_time
|
|
-------------
|
|
|
|
Determines how often to check for stale ARP entries. After an ARP entry is
|
|
stale it will be resolved again (which is useful when an IP address migrates
|
|
to another machine). When ucast_solicit is greater than 0 it first tries to
|
|
send an ARP packet directly to the known host When that fails and
|
|
mcast_solicit is greater than 0, an ARP request is broadcasted.
|
|
|
|
2.9 Appletalk
|
|
-------------
|
|
|
|
The /proc/sys/net/appletalk directory holds the Appletalk configuration data
|
|
when Appletalk is loaded. The configurable parameters are:
|
|
|
|
aarp-expiry-time
|
|
----------------
|
|
|
|
The amount of time we keep an ARP entry before expiring it. Used to age out
|
|
old hosts.
|
|
|
|
aarp-resolve-time
|
|
-----------------
|
|
|
|
The amount of time we will spend trying to resolve an Appletalk address.
|
|
|
|
aarp-retransmit-limit
|
|
---------------------
|
|
|
|
The number of times we will retransmit a query before giving up.
|
|
|
|
aarp-tick-time
|
|
--------------
|
|
|
|
Controls the rate at which expires are checked.
|
|
|
|
The directory /proc/net/appletalk holds the list of active Appletalk sockets
|
|
on a machine.
|
|
|
|
The fields indicate the DDP type, the local address (in network:node format)
|
|
the remote address, the size of the transmit pending queue, the size of the
|
|
received queue (bytes waiting for applications to read) the state and the uid
|
|
owning the socket.
|
|
|
|
/proc/net/atalk_iface lists all the interfaces configured for appletalk.It
|
|
shows the name of the interface, its Appletalk address, the network range on
|
|
that address (or network number for phase 1 networks), and the status of the
|
|
interface.
|
|
|
|
/proc/net/atalk_route lists each known network route. It lists the target
|
|
(network) that the route leads to, the router (may be directly connected), the
|
|
route flags, and the device the route is using.
|
|
|
|
2.10 IPX
|
|
--------
|
|
|
|
The IPX protocol has no tunable values in proc/sys/net.
|
|
|
|
The IPX protocol does, however, provide proc/net/ipx. This lists each IPX
|
|
socket giving the local and remote addresses in Novell format (that is
|
|
network:node:port). In accordance with the strange Novell tradition,
|
|
everything but the port is in hex. Not_Connected is displayed for sockets that
|
|
are not tied to a specific remote address. The Tx and Rx queue sizes indicate
|
|
the number of bytes pending for transmission and reception. The state
|
|
indicates the state the socket is in and the uid is the owning uid of the
|
|
socket.
|
|
|
|
The /proc/net/ipx_interface file lists all IPX interfaces. For each interface
|
|
it gives the network number, the node number, and indicates if the network is
|
|
the primary network. It also indicates which device it is bound to (or
|
|
Internal for internal networks) and the Frame Type if appropriate. Linux
|
|
supports 802.3, 802.2, 802.2 SNAP and DIX (Blue Book) ethernet framing for
|
|
IPX.
|
|
|
|
The /proc/net/ipx_route table holds a list of IPX routes. For each route it
|
|
gives the destination network, the router node (or Directly) and the network
|
|
address of the router (or Connected) for internal networks.
|
|
|
|
2.11 /proc/sys/fs/mqueue - POSIX message queues filesystem
|
|
----------------------------------------------------------
|
|
|
|
The "mqueue" filesystem provides the necessary kernel features to enable the
|
|
creation of a user space library that implements the POSIX message queues
|
|
API (as noted by the MSG tag in the POSIX 1003.1-2001 version of the System
|
|
Interfaces specification.)
|
|
|
|
The "mqueue" filesystem contains values for determining/setting the amount of
|
|
resources used by the file system.
|
|
|
|
/proc/sys/fs/mqueue/queues_max is a read/write file for setting/getting the
|
|
maximum number of message queues allowed on the system.
|
|
|
|
/proc/sys/fs/mqueue/msg_max is a read/write file for setting/getting the
|
|
maximum number of messages in a queue value. In fact it is the limiting value
|
|
for another (user) limit which is set in mq_open invocation. This attribute of
|
|
a queue must be less or equal then msg_max.
|
|
|
|
/proc/sys/fs/mqueue/msgsize_max is a read/write file for setting/getting the
|
|
maximum message size value (it is every message queue's attribute set during
|
|
its creation).
|
|
|
|
2.12 /proc/<pid>/oom_adj - Adjust the oom-killer score
|
|
------------------------------------------------------
|
|
|
|
This file can be used to adjust the score used to select which processes
|
|
should be killed in an out-of-memory situation. Giving it a high score will
|
|
increase the likelihood of this process being killed by the oom-killer. Valid
|
|
values are in the range -16 to +15, plus the special value -17, which disables
|
|
oom-killing altogether for this process.
|
|
|
|
2.13 /proc/<pid>/oom_score - Display current oom-killer score
|
|
-------------------------------------------------------------
|
|
|
|
------------------------------------------------------------------------------
|
|
This file can be used to check the current score used by the oom-killer is for
|
|
any given <pid>. Use it together with /proc/<pid>/oom_adj to tune which
|
|
process should be killed in an out-of-memory situation.
|
|
|
|
------------------------------------------------------------------------------
|
|
Summary
|
|
------------------------------------------------------------------------------
|
|
Certain aspects of kernel behavior can be modified at runtime, without the
|
|
need to recompile the kernel, or even to reboot the system. The files in the
|
|
/proc/sys tree can not only be read, but also modified. You can use the echo
|
|
command to write value into these files, thereby changing the default settings
|
|
of the kernel.
|
|
------------------------------------------------------------------------------
|
|
|
|
2.14 /proc/<pid>/io - Display the IO accounting fields
|
|
-------------------------------------------------------
|
|
|
|
This file contains IO statistics for each running process
|
|
|
|
Example
|
|
-------
|
|
|
|
test:/tmp # dd if=/dev/zero of=/tmp/test.dat &
|
|
[1] 3828
|
|
|
|
test:/tmp # cat /proc/3828/io
|
|
rchar: 323934931
|
|
wchar: 323929600
|
|
syscr: 632687
|
|
syscw: 632675
|
|
read_bytes: 0
|
|
write_bytes: 323932160
|
|
cancelled_write_bytes: 0
|
|
|
|
|
|
Description
|
|
-----------
|
|
|
|
rchar
|
|
-----
|
|
|
|
I/O counter: chars read
|
|
The number of bytes which this task has caused to be read from storage. This
|
|
is simply the sum of bytes which this process passed to read() and pread().
|
|
It includes things like tty IO and it is unaffected by whether or not actual
|
|
physical disk IO was required (the read might have been satisfied from
|
|
pagecache)
|
|
|
|
|
|
wchar
|
|
-----
|
|
|
|
I/O counter: chars written
|
|
The number of bytes which this task has caused, or shall cause to be written
|
|
to disk. Similar caveats apply here as with rchar.
|
|
|
|
|
|
syscr
|
|
-----
|
|
|
|
I/O counter: read syscalls
|
|
Attempt to count the number of read I/O operations, i.e. syscalls like read()
|
|
and pread().
|
|
|
|
|
|
syscw
|
|
-----
|
|
|
|
I/O counter: write syscalls
|
|
Attempt to count the number of write I/O operations, i.e. syscalls like
|
|
write() and pwrite().
|
|
|
|
|
|
read_bytes
|
|
----------
|
|
|
|
I/O counter: bytes read
|
|
Attempt to count the number of bytes which this process really did cause to
|
|
be fetched from the storage layer. Done at the submit_bio() level, so it is
|
|
accurate for block-backed filesystems. <please add status regarding NFS and
|
|
CIFS at a later time>
|
|
|
|
|
|
write_bytes
|
|
-----------
|
|
|
|
I/O counter: bytes written
|
|
Attempt to count the number of bytes which this process caused to be sent to
|
|
the storage layer. This is done at page-dirtying time.
|
|
|
|
|
|
cancelled_write_bytes
|
|
---------------------
|
|
|
|
The big inaccuracy here is truncate. If a process writes 1MB to a file and
|
|
then deletes the file, it will in fact perform no writeout. But it will have
|
|
been accounted as having caused 1MB of write.
|
|
In other words: The number of bytes which this process caused to not happen,
|
|
by truncating pagecache. A task can cause "negative" IO too. If this task
|
|
truncates some dirty pagecache, some IO which another task has been accounted
|
|
for (in it's write_bytes) will not be happening. We _could_ just subtract that
|
|
from the truncating task's write_bytes, but there is information loss in doing
|
|
that.
|
|
|
|
|
|
Note
|
|
----
|
|
|
|
At its current implementation state, this is a bit racy on 32-bit machines: if
|
|
process A reads process B's /proc/pid/io while process B is updating one of
|
|
those 64-bit counters, process A could see an intermediate result.
|
|
|
|
|
|
More information about this can be found within the taskstats documentation in
|
|
Documentation/accounting.
|
|
|
|
------------------------------------------------------------------------------
|