[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: KVM networking.

Thank You for Your time and answer, Arno:

>> 3. W/ tap - You have seen already the problem - some unknown to me
>> permission problem - do You know why is it so?
>I can make a guess:
>$ ls -l /dev/net/tun
>crw-rw---- 1 root kvm 10, 200 Nov  9 21:36 tun
>$ groups
>aschuring users kvm [..]
>$ /usr/sbin/tunctl -b    
>TUNSETIFF: Operation not permitted
>$ sudo setcap cap_net_admin+ep /usr/sbin/tunctl
>$ /usr/sbin/tunctl -b             
>> Or may have an idea
>> what else command I have to add to sudoers file for the user or some
>> other way by root specify the interface parameters that the user has
>> to use the interface w/?
>Yes. You can just add tunctl to your list of sudo commands, and use the
>output of ifname=$(sudo tunctl -b -u $(whoami)) on the kvm command
>line. Alternatively, set the cap_net_admin capability on tunctl and you
>won't need sudo (but still upgrade-unsafe)...

I have included more options to network script:

/usr/bin/kvm -localtime -m 256 -no-reboot -boot c -hda da
-net nic -net tap,ifname=$(sudo /usr/sbin/tunctl -b -u $(whoami);
sudo /sbin/ifconfig tap0 up; sudo /sbin/route add -host dev tap0),script=no,downscript=no

that gave me no root involving into the process and tap0 dev. is
created and route for it is added to the route table:

Destination     Gateway         Genmask         Flags Metric Ref    Use
Iface default         UG    0 0        0 eth0

link-local      *          U 1000   0        0 eth0

localnet        *      U     0      0        0 eth0     *   U     0      0        0 tap0 *      UH    0      0        0 tap0

but no connection host-guest...

Reply to: