From 13d638c0a7df4a998429163b9a0189dcffa2393a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Fri, 21 Jul 2017 05:07:10 -0400 Subject: Drop sysctl.d/00-system.conf This file now only contains lines to disable netfilter on bridges. In kernel 3.18 this filtering functionality was made non-default by moving it to br_netfilter [https://bugzilla.redhat.com/show_bug.cgi?id=512206]. Aybody who actually wants to use br_netfilter has to load it explicitly anyway, so disabling it through sysctl isn't necessary anymore. The reason for removal is that by default (i.e. when br_netfilter is not loaded), we get a warning on every boot: systemd-sysctl[210]: Couldn't write '0' to 'net/bridge/bridge-nf-call-ip6tables', ignoring: No such file or directory systemd-sysctl[210]: Couldn't write '0' to 'net/bridge/bridge-nf-call-iptables', ignoring: No such file or directory systemd-sysctl[210]: Couldn't write '0' to 'net/bridge/bridge-nf-call-arptables', ignoring: No such file or directory This is confusing for users and inelegant. The downside of removing this file is for people who load br_netfilter for some reason *and* do no want to use it, will have to take an additional step now (either restore the sysctl settings or remove br_netfilter from /etc/modules-load.d or wherever). I expect the number of people affected to be very small. (Note that the file was overwritten on sparc and s390, so those architectures see no change.) --- initscripts.spec | 1 - 1 file changed, 1 deletion(-) (limited to 'initscripts.spec') diff --git a/initscripts.spec b/initscripts.spec index 15687701..9b0b6320 100644 --- a/initscripts.spec +++ b/initscripts.spec @@ -143,7 +143,6 @@ fi %dir %{_sysconfdir}/rc.d/init.d %{_sysconfdir}/rc.d/init.d/* %ghost %verify(not md5 size mtime) %config(noreplace,missingok) %{_sysconfdir}/rc.d/rc.local -%{_prefix}/lib/sysctl.d/00-system.conf %exclude %{_sysconfdir}/profile.d/debug* %{_sysconfdir}/profile.d/* %{_sbindir}/sys-unconfig -- cgit v1.2.1