2010/9/12 Lucio De Re <lu...@proxima.alt.za>: > My thinking is that 9vx could start up as root > to install the TAP device (nothing else so far has alerted me to a need > for root permissions), then switch user to the selected one (if it exists, > "nobody" may be needed if there is no equivalent in the host repertoire) > once setting up is complete.
The advantage of the tap device is precisely that it does not need root permissions. You need those permissions to manage the devices, but that will be normally done by tunctl or openvpn. Those are the programs that have to worry about being run as root, not 9vx. In other words: you need to be root to create the tap device, but not to use it. > And if anybody can arrange a short lesson on using networking under 9vx, > that would also be greatly appreciated. Inside 9vx, networking with tap devices is not different to using physical devices. At the host system level, it works as it does in qemu (there could be more bugs though). There are many qemu tutorials with sample scripts and better explanations than what I could give. The particular configuration I'm using is documented at: http://wiki.archlinux.org/index.php/QEMU#Tap_Networking_with_QEMU Based on the qemu-ifup/down scripts described there I wrote a 9vx-tap script you can find at: http://bitbucket.org/yiyus/vx32/src/tip/src/9vx/9vx-tap Probably disecting that script is the best way to understand how the bridge, the tap devices and 9vx play together. -- - yiyus || JGL . 4l77.com
