If there are bad entries in /etc/sysctl.conf, they're not caught.  As
best I can tell, sysctl(8) returns 1 for bad command-line entries, but
0 even if there are bad entries in the file.

# sysctl -w ddb.bar=7
sysctl: second level name 'bar' in 'ddb.bar' is invalid
# echo $?            
1
# cat /tmp/yy
fooo.bar=7
# sysctl -f /tmp/yy
sysctl: /tmp/yy#1: top level name 'fooo' in 'fooo.bar' is invalid
# echo $?
0

I *thought* that an error return in an rc.d script would abort reboots,
which is good; this problem means that sysctl.conf problems aren't
noticed, since they scroll off the screen.  Yes, I learned this one the
hard way...

		--Steve Bellovin, http://www.cs.columbia.edu/~smb