zoukankan      html  css  js  c++  java
  • proc /sys/kernel 终结版 linux系统优化

    http://blog.chinaunix.net/u2/80710/showart_1668377.html
    最近会把proc目录详解给大家弄一下,欢迎翻译,有问题则留言。虽然是英文的,但都比较 好理解,如有问题,请留言,我们共同为Linux社区而努力。我们翻译效果还不一定好,因为这玩意毕竟是老外搞的吗!!!咯咯,翻译可能引起误解。这玩意 看懂需要tcp/ip方面的知识,学好proc对于性能优化是相当重要的。这次proc /sys/kernel介绍一下
     
    一 acct

    This file exists only when BSD-style process accounting is enabled. It contains three values; highwater, lowwater, and frequency. These values control process accounting behavior. If the free space on the file system where the log lives goes below lowwater percentage, accounting suspends. If it goes above highwater percentage, accounting resumes. Frequency determines how often (in seconds) you check the amount of free space.

    Default settings are: 4, 2, and 30. That is, suspend accounting if there is less than 2 percent free, resume it if we have a value of 4 or more percent, consider information about the amount of free space valid for 30 seconds.

    二 acpi_video_flags

    This allows mode of video boot to be set during run time.

    During S3 resume, hardware needs to be reinitialized. For most devices, this is easy, and kernel driver knows how to do it. Unfortunately there's one exception: video card. Those are usually initialized by BIOS, and kernel does not have enough information to boot video card. See Documentation/power/video.txt in kernel source tree for more info.

    三 bootloader_type

    This file exports to userspace the boot loader ID which has been exported by (b)zImage boot loaders since boot protocol version 2.

    四 cad_pid

    This tunable can be used to set/get PID of the process that gets the signal when ctrl-alt-del key sequence is pressed. By default it is the init process (PID 1). See also ctrl-alt-del.

    五 cap-bound

    This file exports the so called "capability bounding set" to userspace: a list of capabilities that are allowed to be held by any process on the system. If a capability does not appear in the bounding set, it may not be exercised by any process, no matter how privileged.

    The bounding set can be modified by writing a new value into this file. But there is a twist: capabilities may be removed from the set by root, but only one process (init) is allowed to add capabilities. For all practical purposes, once a capability is taken out of the bounding set, it is gone until the next reboot.

    六 core_pattern

    core_pattern is used to specify a core dumpfile pattern name:

    • max length is 64 characters
    • the default value is "core"
    • core_pattern is used as a pattern template for the output filename
    • certain string patterns (beginning with "%") are substituted with their actual values.
    • backward compatibility with core_uses_pid: if core_pattern does not include "%p" (default does not) and core_uses_pid is set, then .PID will be appended to the filename.
    • corename format specifiers:
      • %p - pid
      • %u - uid
      • %g - gid
      • %s - signal number
      • %t - UNIX time of dump
      • %h - hostname
      • %e - executable filename
      • %% - output one "%"
      • %<NUL> - "%" is dropped
      • %<OTHER> - both are dropped

    七 core_uses_pid

    The default coredump filename is "core". By setting core_uses_pid to 1 (the default is 0), the coredump filename becomes core.PID. If core_pattern does not include "%p" (default does not) and core_uses_pid is set, then .PID will be appended to the filename.

    八 ctrl-alt-del

    When the value in this file is 0 (the default), ctrl-alt-del is trapped and sent to the init program to handle a graceful restart (or to the PID of your choice, which you can configure with cad_pid tunable). However, when the value is greater that zero, Linux's reaction to this key combination will be an immediate reboot, without syncing its dirty buffers.

    When a program (like dosemu) has the keyboard in raw mode, the ctrl-alt-del is intercepted by the program before it ever reaches the kernel tty layer, and it is up to the program to decide what to do with it.

    九 domainname

    This file can be used to set the NIS/YP domainname in exactly the same way as the command domainname:

    # echo "inet.hr" > /proc/sys/kernel/domainname

       However, NIS (Network Information Service) or YP (Yellow Pages) domainname are not to be confused with DNS (Domain Name System) domainname. These two domain names are in general different.

      For a detailed discussion see the hostname(1) man page.

    十 hostname

    This file can be used to set the NIS/YP hostname in exactly the same way as the command hostname:

    # echo "linux" > /proc/sys/kernel/hostname

    However, NIS (Network Information Service) or YP (Yellow Pages) hostname are not to be confused with DNS (Domain Name System) hostname. These two host names are in general different.

    For a detailed discussion see the hostname(1) man page.

    十一 hotplug

    The location where the hotplug policy agent is located. The default value is "/sbin/hotplug".

    十二 hz_timer

       Switches the regular HZ timer off when the system is going idle. This helps z/VM to detect that the Linux system is idle. VM can then swap out this guest which reduces memory usage. It also reduces the overhead of idle systems. [ s390 architecture only ]

    十三 ieee_emulation_warnings

    Report IEEE floating point warnings. [ s390 architecture only ]

    十四 kstack_depth_to_print

    Controls the number of words to print when dumping the raw kernel stack. The default value depends on the CPU architecture.

    十五 maps_protect

    Enables/disables the protection of the per-process proc entries "maps" and "smaps". When enabled, the contents of these files are visible only to readers that are allowed to ptrace() the given process.

    十六 max_lock_depth

    This tunable limits the amount of deadlock-checking the kernel will do. The default value is 1024.

    十七 modprobe

    The location where the modprobe binary is located. The kernel uses this program to load modules on demand. The default valueis "/sbin/modprobe".

    十八 msgmax

    The msgmax tunable specifies the maximum allowable size of any single message in a System V IPC message queue, in bytes. msgmax must be no larger than msgmnb (the size of a queue). The default is 8192 bytes.

    十九 msgmnb

    The msgmnb tunable specifies the maximum allowable total combined size of all messages queued in a single given System V IPC message queue at any one time, in bytes. The default is 16384 bytes.

    二十 msgmni

    The msgmni tunable specifies the maximum number of system-wide System V IPC message queue identifiers (one per queue). The default is 16.

    二十一 ngroups_max

    This file exposes the maximum number of supplementary groups a user can be a member of (kernel's NGROUPS_MAX) to the userspace. The default value is 65536. This tunable does not seem to be used anywhere in the latest kernels.

    二十二 nmi_watchdog

    This tunable enables/disables NMI watchdog. It is enabled by default on configurations that support it.

    On many x86/x86-64 type hardware there is a feature that enables us to generate 'watchdog NMI interrupts' (NMI: Non Maskable Interrupt which get executed even if the system is otherwise locked up hard). This can be used to debug hard kernel lockups. By executing periodic NMI interrupts, the kernel can monitor whether any CPU has locked up, and print out debugging messages if so.

    二十三 osrelease

      The running kernel version

    二十四 ostype

       Linux, of course.

    二十五 overflowgid

    If your architecture didn't always support 32-bit GIDs, a fixed GID will be returned to applications that use the old 16-bit GID system calls, if the actual GID would exceed 65535.

    This sysctl allows you to change the value of the fixed GID. The default is 65534.

    二十六 overflowuid

    If your architecture didn't always support 32-bit UIDs, a fixed UID will be returned to applications that use the old 16-bit UID system calls, if the actual UID would exceed 65535.

    This sysctl allows you to change the value of the fixed UID. The default is 65534.

    二十六 panic

    The value in this file represents the number of seconds the kernel waits before rebooting on a panic. When you use the software watchdog, the recommended setting is 60. If set to 0, the auto reboot after a kernel panic is disabled, which is the default setting.

    二十七 panic_on_oops

    Controls the kernel's behaviour when an oops or BUG is encountered.

    • 0 - try to continue operation
    • 1 - delay a few seconds (to give klogd time to record the oops output) and then panic. If the panic sysctl is also non-zero then the machine will be rebooted.

    二十八 panic_on_unrecovered_nmi

    The default Linux behaviour on an NMI of either memory or unknown is to continue operation. For many environments such as scientific computing it is preferable that the box is taken out and the error dealt with than an uncorrected parity/ECC error get propagated.

    If an unrecoverable ECC error or unknown non-maskable interrupt (NMI) is detected and the value of this tunable is set to 1, then the kernel will panic and halt the system.

    二十九 pid_max

    PID allocation wrap value. When the kernel's next PID value reaches this value, it wraps back to a minimum PID value. PIDs of value pid_max or larger are not allocated. The default is 32768.

    三十 poweroff_cmd

    By default the poweroff command is /sbin/poweroff, but it can be set via this sysctl. This is split at whitespace, so it can include command-line arguments.

    The command defined in this sysctl is called by various pieces of code around the kernel that want to be able to trigger an orderly poweroff. If the orderly poweroff fails, kernel will force an immediate shutdown.

    三十一 print-fatal-signals

    This enables printing of some minimal information about userspace segfaults to the kernel console. This is useful to find early bootup bugs where userspace debugging is very hard. Defaults to off.

    三十二 printk

    The four values in printk denote:

    • console_loglevel - messages with a priority higher than this will be printed to the console
    • default_message_loglevel - messages without an explicit priority will be printed with this priority
    • minimum_console_loglevel - minimum (highest) value to which console_loglevel can be set
    • default_console_loglevel - default value for console_loglevel

    These values influence printk() behavior when printing or logging error messages. See syslog(2) for more info on the different loglevels.

    三十三 printk_ratelimit

    Some warning messages are rate limited. printk_ratelimit specifies the minimum length of time between these messages (in seconds), by default we allow one every 5 seconds.

    A value of 0 will disable rate limiting.

    三十四 printk_ratelimit_burst

    While long term we enforce one message per printk_ratelimit seconds, we do allow a burst of messages to pass through. printk_ratelimit_burst specifies the number of messages we can send before ratelimiting kicks in.

    三十五 pty

    This subdirectory contains two files relating to the number of Unix 98 pseudo-terminals on the system.

        1 max

         This file defines the maximum number of Unix 98 pseudo-terminals.

        2  nr

        This read-only file indicates how many Unix 98 pseudo-terminals are currently in use.

    三十六 random

    The files in this subdirectory provide an additional interface to the /dev/random device.

    [root@jiangtao random]# ls -l

    -r--r--r-- 1 root root 0 11-27 12:49 boot_id
    -r--r--r-- 1 root root 0 11-27 12:49 entropy_avail
    -r--r--r-- 1 root root 0 11-27 12:49 poolsize
    -rw-r--r-- 1 root root 0 11-27 12:49 read_wakeup_threshold
    -r--r--r-- 1 root root 0 11-27 12:49 uuid
    -rw-r--r-- 1 root root 0 11-27 12:49 write_wakeup_threshold

      1  boot_id

        This read-only file contains random string like 6fd5a44b-35f4-4ad4-a9b9-6b9be13e1fe9. This one was generated once at boot. See also: /proc/sys/kernel/random/uuid.

      2 entropy_avail

    This read-only file gives the available entropy. Normally, this will be 4096 (bits), a full entropy pool.

      3 poolsize

       This file gives the size of the entropy pool. Normally, this will be 4096 bits (512 bytes). It can be changed to any value for which an algorithm is available. Currently the choices are: 32, 64, 128, 256, 512, 1024, 2048

      4 read_wakeup_threshold

    This file contains the number of bits of entropy required for waking up processes that sleep waiting for entropy from /dev/random. The default is 64.

      5 uuid

        This read-only file contains random string like 6fd5a44b-35f4-4ad4-a9b9-6b9be13e1fe9. This one is generated afresh for each read. See also: /proc/sys/kernel/random/boot_id.

      6 write_wakeup_threshold

    This file contains the number of bits of entropy below which we wake up processes that do a select() or poll() for write access to /dev/random.

    三十七  randomize_va_space

        Use address space randomization (security feature) if enabled (1), which is the default. Disable (0) only if you notice strange slowdowns (which is reported to happen when this feature is enabled on Transmeta's Crusoe CPU, so on that architecture the randomization is disabled by default).

    三十八 real-root-dev

    This tunable exists if you have initrd support compiled in the kernel. In that case, the "real" root device can be changed from within linuxrc by writing the number of the new root filesystem device to this file, e.g.:

    # echo 0x301 > /proc/sys/kernel/real-root-dev

    三十九 sched_compat_yield

    With this tunable you can make sys_sched_yield() be more aggressive, by moving the yielding task to the last position in the rbtree. The default is 0 (what Ingo Molnar likes), and when you set it to 1 you get what Linux Torvalds proposes.

    with sched_compat_yield = 0:

       PID USER      PR  NI  VIRT  RES  SHR S %CPU %MEM    TIME+  COMMAND
      2539 mingo     20   0  1576  252  204 R   50  0.0   0:02.03 loop_yield
      2541 mingo     20   0  1576  244  196 R   50  0.0   0:02.05 loop

    with sched_compat_yield = 1:

       PID USER      PR  NI  VIRT  RES  SHR S %CPU %MEM    TIME+  COMMAND
      2584 mingo     20   0  1576  248  196 R   99  0.0   0:52.45 loop
      2582 mingo     20   0  1576  256  204 R    0  0.0   0:00.00 loop_yield

    This tunable is available in 2.6.23 or newer kernel.

    四十 sem

    This file contains 4 numbers defining limits for System V IPC semaphores. These fields are, in order:

    • SEMMSL - the maximum number of semaphores per semaphore set.
    • SEMMNS - a system-wide limit on the number of semaphores in all semaphore sets.
    • SEMOPM - the maximum number of operations that may be specified in a semop(2) call.
    • SEMMNI - a system-wide limit on the maximum number of semaphore identifiers.

    The default values are "250 32000 32 128".

    四十一 sg-big-buff

    This file shows the size of the generic SCSI device (sg) buffer. You can't tune it just yet, but you could change it on compile time by editing include/scsi/sg.h and changing the value of SG_BIG_BUFF. However, there shouldn't be any reason to change this value.

    四十二 shmall

    This file contains the system-wide limit on the total number of pages of System V IPC shared memory. The default value is 2097152.

    四十三 shmmax

    This file can be used to query and set the run time limit on the maximum System V IPC shared memory segment size that can be created. Shared memory segments up to 1GB are now supported in the kernel. This value defaults to 261986254(32MB).

    四十四 shmmni

    This file specifies the system-wide maximum number of System V IPC shared memory segments that can be created. The default value is 4096.

    四十五 sysrq

       When running a kernel with SysRq compiled in, this file controls the functions allowed to be invoked via the SysRq key. By default the file contains 1 which means that every possible SysRq request is allowed. Here is the list of all possible values:

    • 0 - disable sysrq completely
    • 1 - enable all functions of sysrq
    • >1 - bitmask of allowed sysrq functions (see below for detailed function description):
      • 2 - enable control of console logging level
      • 4 - enable control of keyboard (SAK, unraw)
      • 8 - enable debugging dumps of processes etc.
      • 16 - enable sync command
      • 32 - enable remount read-only
      • 64 - enable signalling of processes (term, kill, oom-kill)
      • 128 - allow reboot/poweroff
      • 256 - allow nicing of all RT tasks

    四十六 tainted

    Non-zero if the kernel has been tainted. Numeric values, which can be ORed together:

    • 1 - a module with a non-GPL license has been loaded, this includes modules with no license (set by modutils and module-init-tools)
    • 2 - a module was force loaded by insmod -f (set by modutils and module-init-tools)
    • 4 - unsafe SMP processors: SMP with CPUs not designed for SMP
    • 8 - a module was force unloaded by rmmod -f (set by modutils and module-init-tools)
    • 16 - a machine check exception has occurred
    • 32 - system has hit bad_page
    四十七 threads-max
       Gets/sets the limit on the maximum number of running threads system-wide.
     
    四十八 unknown_nmi_panic

    The value in this file affects behavior of handling NMI (Non-Maskable Interrupt). When the value is non-zero, unknown NMI is trapped and then panic occurs. At that time, kernel debugging information is displayed on console. That can ease the process of diagnosing system hangs.

    This function and oprofile share a NMI callback. Therefore this function cannot be enabled when oprofile is activated. And NMI watchdog will be disabled when the value in this file is set to non-zero.

    四十九 userprocess_debug

      Enable user process debugging. [ s390 architecture only ]

    五十 version 

    Example: #1 SMP Thu May 1 06:28:41 EDT 2008

    #1  means that this is the 2nd kernel built from this source base and the date after it indicates the time the kernel was built. The only way to tune this info is to rebuild the kernel.

  • 相关阅读:
    域渗透[WinRM]
    域渗透[DCSync]利用
    LLMNR中间人及WPAD劫持
    274. H-Index
    75. Sort Colors
    46. Permutations
    31. Next Permutation
    subsets
    86. Partition List
    82. Remove Duplicates from Sorted List II
  • 原文地址:https://www.cnblogs.com/leaven/p/1917507.html
Copyright © 2011-2022 走看看