mirror of https://github.com/apache/cloudstack.git
f2b8f2eade
To configure firewall rules, CloudStack modifies `/etc/sysctl.conf` and
execute those modifications. This may be harmful for several reasons:
1. `/etc/sysctl.conf` may be managed by some configuration management
system. Such a system will constantly restore the previous version.
2. `/etc/sysctl.conf` may contain additional properties that have been
changed later by some system administrator (for example, once a
firewall has been configured, forwarding may have been activated
while it is disabled in `/etc/sysctl.conf`). Executing the file
again at a later time may disrupt the system.
3. Entries are added again and again. `/etc/sysctl.conf` will contain
the same directives repeated several times.
Using a configuration file is not needed as `sysctl` is able to directly
modify sysctl values with `-w` flag.
Signed-off-by: Vincent Bernat <Vincent.Bernat@exoscale.ch>
|
||
|---|---|---|
| .. | ||
| acl/static-role-based | ||
| affinity-group-processors | ||
| alert-handlers | ||
| api | ||
| database/mysql-ha | ||
| dedicated-resources | ||
| deployment-planners | ||
| event-bus | ||
| file-systems/netapp | ||
| ha-planners/skip-heurestics | ||
| host-allocators/random | ||
| hypervisors | ||
| network-elements | ||
| storage | ||
| storage-allocators/random | ||
| user-authenticators | ||
| pom.xml | ||