This sysctl is virtualized per network namespace now, there is no point in making it immutable.
Originally in vz7 it was host-only sysctl so the idea was not to allow container to overwrite it (though actual hunk looks like newer working as this sysctl was only explicitly created for init netns and was not visible in container). Found while porting to vz9. https://jira.sw.ru/browse/PSBM-133988 Fixes: 5d12e1371ba7 ("ve/sysctl/ipc: mark as virtualized") Signed-off-by: Pavel Tikhomirov <ptikhomi...@virtuozzo.com> --- net/ipv4/sysctl_net_ipv4.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c index 0582cbd9dda8..a4bb23655c96 100644 --- a/net/ipv4/sysctl_net_ipv4.c +++ b/net/ipv4/sysctl_net_ipv4.c @@ -848,7 +848,7 @@ static struct ctl_table ipv4_net_table[] = { .data = &init_net.ipv4.sysctl_tcp_syncookies, .maxlen = sizeof(int), .mode = 0644, - .proc_handler = proc_dointvec_immutable, + .proc_handler = proc_dointvec }, #endif { -- 2.31.1 _______________________________________________ Devel mailing list Devel@openvz.org https://lists.openvz.org/mailman/listinfo/devel
