delthas

Removing sysctl settings on CentOS/RedHat

Context

Sysctl settings are not permanent by default. Processes can change sysctl settings by writing into the sysctlfs at /proc/sys, and they are lost at reboot.

On most systems, systemd (actually /lib/systemd/systemd-sysctl) loads sysctl settings automatically at boot-time from various sysctl configuration files (see man 8 sysctl).

In these cases, removing a sysctl should just be done by removing the corresponding line from the sysctl configuration file, and rebooting.

Issue

On RedHat, CentOS (and Fedora), the initramfs contain a copy of the sysctl files in /etc, which are applied at boot-time.

If a sysctl entry in a sysctl configuration file is removed and the system is rebooted, since the file still exists in the initramfs archive, it will get applied at boot before switching to the main filesystem.

Nothing triggers an update of the initramfs when the sysctl configuration files are edited, so this must be done manually.

Therefore, when removing a sysctl, the initramfs must be regenerated again manually.

On RedHat/CentOS, this is simply:

sudo dracut -f -v

Credits

Thanks to Chris Siebenmann.