[Bug 690433] Re: procps starts too early to correctly set net.netfilter.nf_conntrack_acct

James Hunt 690433 at bugs.launchpad.net
Fri Nov 11 12:10:04 UTC 2011


This issue is related to bug 771372.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to procps in Ubuntu.
https://bugs.launchpad.net/bugs/690433

Title:
  procps starts too early to correctly set
  net.netfilter.nf_conntrack_acct

Status in “procps” package in Ubuntu:
  Confirmed

Bug description:
  Binary package hint: procps

  I followed the documentation in /etc/sysctl.d/README that tells to put
  custom sysctl settings in /etc/sysctl.d/60-*.conf.

  /etc/sysctl.d/60-bridge-firewalling.conf :
  net.bridge.bridge-nf-call-iptables=0
  net.bridge.bridge-nf-call-ip6tables=0
  net.bridge.bridge-nf-call-arptables=0

  /etc/sysctl.d/60-nf-conntrack.conf :
  net.netfilter.nf_conntrack_acct=0

  but those setting are not applied on reboot. They are correctly
  applied when running this though :

  sudo service procps start

  I think that this is because the procps Upstart script starts too soon
  in the boot process :

  /etc/init/procps.conf:
  ...
  start on virtual-filesystems

  task
  script
      cat /etc/sysctl.d/*.conf /etc/sysctl.conf | sysctl -p -
  end script

  I don't know Upstart enough to change the "start on" line to have my
  settings correctly applied. Any help is greatly appreciated.

  simon at xeon:~$ lsb_release -rd
  Description:	Ubuntu 10.04.1 LTS
  Release:	10.04

  simon at xeon:~$ apt-cache policy procps
  procps:
    Installed: 1:3.2.8-1ubuntu4
    Candidate: 1:3.2.8-1ubuntu4
    Version table:
   *** 1:3.2.8-1ubuntu4 0
          500 http://ca.archive.ubuntu.com/ubuntu/ lucid/main Packages
          100 /var/lib/dpkg/status

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/procps/+bug/690433/+subscriptions




More information about the foundations-bugs mailing list