Enforce a value in sysctl (optionally increase or decrease it).

⚙️ Compatible targets: Linux


keyThe key to enforce.

This parameter is required.
valueThe desired value.

This parameter is required.
filenameFile name where to put the value in /etc/sysctl.d (without the .conf extension).

This parameter is required.
optionOptional modifier on value: Min, Max or Default (default value).

This parameter is optional.

Outcome conditions

You need to replace ${key} with its actual canonified value.

  • ✅ Ok: sysctl_value_${key}_ok
    • ☑️ Already compliant: sysctl_value_${key}_kept
    • 🟨 Repaired: sysctl_value_${key}_repaired
  • ❌ Error: sysctl_value_${key}_error


method: sysctl_value
  value: VALUE
  key: VALUE
  filename: VALUE


Enforce a value in sysctl


Checks for the current value defined for the given key If it is not set, this method attempts to set it in the file defined as argument If it is set, and corresponds to the desired value, it will success If it is set, and does not correspond, the value will be set in the file defined, sysctl configuration is reloaded with sysctl --system and the resulting value is checked. If it is not taken into account by sysctl because its overridden in another file or its an invalid key, the method returns an error


This method requires an /etc/sysctl.d folder, and the sysctl --system option. It does not support Debian 6 or earlier, CentOS/RHEL 6 or earlier, SLES 11 or earlier, Ubuntu 12_04 or earlier, AIX and Solaris.


key : the key to enforce/check value : the expected value for the key filename : filename (without extension) containing the key=value when need to be set, within /etc/sysctl.d. This method adds the correct extension at the end of the filename Optional parameter: min: The value is the minimal value we request. the value is only changed if the current value is lower than value max: The value is the maximal value we request: the value is only changed if the current value is higher than value default (default value): The value is strictly enforced.

Comparison is numerical if possible, else alphanumerical So 10 > 2, but Test10 < Test2


To ensure that swappiness is disabled, and storing the configuration parameter in 99_rudder.conf

 sysctl_value("vm.swappiness", "99_rudder", "0", "")

To ensure that the UDP buffer is at least 26214400

 sysctl_value("net.core.rmem_max", "99_rudder", "26214400", "min")