1

I a trying to edit the following file (ls -alstr output):
0 -rw-r--r-- 1 root root 0 Apr 15 17:07 /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
Unfortunately, if I try to edit it with vim or simply with something like
sudo echo 0 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
I get a
-bash: /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts: Permission denied
error. Following this post I was able to do
sudo bash -c 'echo 0 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts’
and edit the file successfully. If I login as root, I can successfully execute
echo 0 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
but I still cannot edit the file with vim. The attempts to chmod and chown the file also failed.

My questions are (Questions 1 & 2 have already been answered here but I state them for completeness):

  1. Why can’t I edit the file as a normal user using sudo with >? (Because > is evaluated first and thus before the sudo)
  2. Why does the sudo bash -c 'echo 0 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts’ even work? (It invokes a new terminal under root and executes the command that follows)
  3. Why can’t I edit the file with vim when I am logged in as a normal user using sudo and/or as root?
  4. Why can’t I edit the file permissions and/or owner even when I am root?
  5. How can I make the change permanent so it stays there even after reboots?
Community
  • 1
George
  • 417

1 Answers1

2

Normally you edit /etc/sysctl.conf and make those adjustments (rather then directly editing)

See: http://www.cyberciti.biz/faq/linux-kernel-etcsysctl-conf-security-hardening/

/proc is a "virtual file system" used by the kernel and the information within the "files" is managed by the kernel and adjusted / configured by editing system configuration files (rather then files within /proc). Answers questions #3 - 5

Panther
  • 104,528