On Wed, Jun 01, 2022 at 06:43:27AM +0300, Vasily Averin <vvs@xxxxxxxxxx> wrote: > CT-901 /# cat /sys/fs/cgroup/memory/cgroup.subgroups_limit > 512 > CT-901 /# echo 3333 > /sys/fs/cgroup/memory/cgroup.subgroups_limit > -bash: echo: write error: Operation not permitted > CT-901 /# echo 333 > /sys/fs/cgroup/memory/cgroup.subgroups_limit > -bash: echo: write error: Operation not permitted > > I doubt this way can be accepted in upstream, however for OpenVz > something like this it is mandatory because it much better > than nothing. Is this customization of yours something like cgroup.max.descendants on the unified (v2) hierarchy? (Just curious.) (It can be made inaccessible from within the subtree either with cgroup ns or good old FS permissions.) Michal
