A wrong conceptual model. There is no single Linux-based system. There are different distributions based on the same kernel. That’s an entire family of operating systems: like a dozen of major distros, probably a hundred notable ones. To give you an impression,
Linux distros timeline on Wikimedia Commons; just zoom out to understand the scale. They are related, but not the same. They share the kernel (Linux) and the general software ecosystem, but in no way it can be expected that everything is the same. It’s critical to understand that it’s just a collection of separate programs working together. While Windows is the same, all of the components come from Microsoft, they are pre-installed, required and you have close to no choice. That’s not true for Linux distros, where there is many different packages you may use to compose your operating system. The reason it’s critical is that you are working with settings and features of specific software packages: there is no single way.
sysctl is a common userspace program offered by multiple software packages, not an inherent part of Linux distros. It acts as a frontend, but all the variables can as well be accessed through
sysfs procfs (mounted as
“/sys” “/proc/sys”, variables available through normal paths). It’s a convenience tool, but that’s all.
There is no concept of “hidden settings”, so I skip that question. There either are settings or there are not. They are not hidden in any way.
There is no way around setting configuration after boot. First of all most of those settings do not exist before boot. But even if they would be known beforehead, the idea makes no sense. It’s not some kind of Linux’s shortoming — it’s inherent to what they are. It works the same in any operating system. In some you are just not aware of that. Even your CPU microcode is updated at runtime and not stored anywhere. Linux has a concept of kernel parameters, but those are a very tiny subset of configuration that has to be known while the kernel itself is starting, because most of them affect kernle operation before everything else is even properly started. In other words, you call
sysctl (or directly modify
sysfs) in a running system, because this arises from the very nature of the problem.
systemctl is a part of
systemd. It’s just one of such solutions and many distros use different ones. So the answer to that question depends on whether
systemd is even used by the distro. If it is, the question is still conceptually wrong. In modern systems there is no such thing as “at boot”. That idea stopped being relevant around the time MS-DOS died. Even in Windows 9x it was no longer a single point in time.
(1) Programs, including services, may be started from multiple places by multiple things, depending on what you want to run, when, at which point, depending on which and so on. What you should be asking about is how to run some code or start some service at a specific event. For
systemd systems it is used to manage
systemd-compatible units (services, timers, targets, mounts, …). But e.g. your desktop environment will likely also have its own session management. Your shell will execute its own startup files. Multiple programs acting as login shells will execute profile-specific startup scripts. xorg will invoke its own. And so on, and so on.
If a package manager verify packages depends on the particular package manager. It should. For example
pacman does. And note that package verification is not about encrypting the connection, but about authenticating packages with maintainers’ signatures. Having TLS is not making a mirror a “trusted source”.
Instead of disabling OOM-killer, you should understand its role. There is no reason to be worried about it. Instead of believing horror stories, work a bit on Linux and if OOM-killer ever kills a process, try to understand that entire situation. Aside from it not being frequent in normal system use: you will quickly learn that either it did exactly what you would like it to do, something was misconfigured, or both.
(1) There were at least two stages: booting the system and starting the user environment, each of them having multiple of files executed. Later a third stage has been added: running the command prompt.