Your message dated Fri, 11 Apr 2008 20:14:40 +0200
with message-id <[EMAIL PROTECTED]>
and subject line Re: Bug#475121: For kernel >2.6.18 qemu can't create and
configure tap devices as non-root
has caused the Debian Bug report #475121,
regarding For kernel >2.6.18 qemu can't create and configure tap devices as
non-root
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
475121: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=475121
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
--- Begin Message ---
Package: qemu
Version: 0.8.2-5lenny1
Severity: normal
As of kernel 2.6.18 the tun module was changed to disallow non-root
configuration of /dev/net/tun (e.g. for tapX devices). This means that unless
one sets the CAP_NET_ADMIN capability on the appropriate qemu binaries, qemu
must be run as root in order to be able to create tapX devices.
I have been using
find /usr/bin/qemu-* -type f -a ! -type l -a print0 | xargs -0 --replace setcap
net_cap_admin=ep as root
to correct this. It picks up a couple of extra binaries and setcap is in
libcap2 which only in unstable, but it works (allows non-root execution of qemu
while still creating tapX devices on-the-fly; combined with sudoers and
/etc/qemu-ifup set appropriately I can run qemu and get my automatically
network devices autocreated and added to my bridge without having to run as
root).
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (500, 'testing'), (500, 'stable')
Architecture: i386 (i686)
Kernel: Linux 2.6.24-1-686 (SMP w/1 CPU core)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages qemu depends on:
ii bochsbios 2.3.6-3 BIOS for the Bochs emulator
ii libasound2 1.0.16-2 ALSA library
ii libc6 2.7-10 GNU C Library: Shared libraries
ii libncurses5 5.6+20080308-1 Shared libraries for terminal hand
ii libsdl1.2debian 1.2.13-2 Simple DirectMedia Layer
ii openhackware 0.4.1-3 OpenFirmware emulator for PowerPC
ii proll 18-3 JavaStation PROM 2.x compatible re
ii vgabios 0.6a-3 VGA BIOS software for the Bochs an
ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime
Versions of packages qemu recommends:
ii debootstrap 1.0.8 Bootstrap a basic Debian system
ii sharutils 1:4.6.3-1 shar, unshar, uuencode, uudecode
ii vde 2.2.0-pre2-1 transitional dummy package which c
-- no debconf information
--- End Message ---
--- Begin Message ---
Daniel Dickinson a écrit :
> Package: qemu
> Version: 0.8.2-5lenny1
> Severity: normal
>
>
> As of kernel 2.6.18 the tun module was changed to disallow non-root
> configuration of /dev/net/tun (e.g. for tapX devices). This means that
> unless one sets the CAP_NET_ADMIN capability on the appropriate qemu
> binaries, qemu must be run as root in order to be able to create tapX devices.
>
> I have been using
>
> find /usr/bin/qemu-* -type f -a ! -type l -a print0 | xargs -0 --replace
> setcap net_cap_admin=ep as root
>
> to correct this. It picks up a couple of extra binaries and setcap is in
> libcap2 which only in unstable, but it works (allows non-root execution of
> qemu while still creating tapX devices on-the-fly; combined with sudoers and
> /etc/qemu-ifup set appropriately I can run qemu and get my automatically
> network devices autocreated and added to my bridge without having to run as
> root).
You can create tap device as root, and then run qemu as a normal user:
IFACE="$(sudo /usr/sbin/tunctl -b -u user)"
qemu -net tap,ifname=$IFACE
--
.''`. Aurelien Jarno | GPG: 1024D/F1BCDB73
: :' : Debian developer | Electrical Engineer
`. `' [EMAIL PROTECTED] | [EMAIL PROTECTED]
`- people.debian.org/~aurel32 | www.aurel32.net
--- End Message ---
