-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathshill-pre-start.sh
43 lines (35 loc) · 1.45 KB
/
shill-pre-start.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
#!/bin/sh
# Copyright 2018 The ChromiumOS Authors
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
bootstat shill-start
# Double check to make sure shill related paths have been created with the
# intended ownership and permissions. These paths should already have been
# handled during boot, but check them again.
systemd-tmpfiles --create --remove --clean /usr/lib/tmpfiles.d/shill.conf
systemd-tmpfiles --create --remove --clean /usr/lib/tmpfiles.d/dhcpcd.conf
# tmpfiles.d does not handle chown/chmod -R because of unsafe ownership
# transitions.
(
# Log any cases where the old behavior actually results in a change,
# for /run paths until we are sure these are not needed.
chown -c -R shill:shill /run/shill
chown -c -R vpn:vpn \
/run/ipsec \
/run/l2tpipsec_vpn \
/run/xl2tpd \
/run/wireguard
chown -c -R dhcp:dhcp /run/dhcpcd
) | logger -p err -t "shill-pre-start"
chown -R shill:shill \
/var/cache/shill \
/var/lib/shill/metrics
chown -R dhcp:dhcp /var/lib/dhcpcd
chmod -R u+rwX,g+rwX,o+rX /var/lib/dhcpcd
# Increase kernel neighbor table size.
echo 1024 > /proc/sys/net/ipv4/neigh/default/gc_thresh1
echo 4096 > /proc/sys/net/ipv4/neigh/default/gc_thresh2
echo 8192 > /proc/sys/net/ipv4/neigh/default/gc_thresh3
echo 1024 > /proc/sys/net/ipv6/neigh/default/gc_thresh1
echo 4096 > /proc/sys/net/ipv6/neigh/default/gc_thresh2
echo 8192 > /proc/sys/net/ipv6/neigh/default/gc_thresh3