[libvirt-users] Bridging Wireless Cards for KVM

Joshua McKee josjunk at gmail.com
Wed Oct 2 16:26:34 UTC 2013 

Thanks, apparmour was the issue.


On Mon, Aug 12, 2013 at 3:18 AM, Daniel P. Berrange <berrange at redhat.com>wrote:

> On Sat, Aug 10, 2013 at 08:33:17PM -0600, Joshua McKee wrote:
> > Sorry, I accidentally hit send before I was done. Here's the finished
> > message:
> >
> > Thanks! Unfortunately, I am running into the following issue when
> > attempting to use the generic ethernet configuration:
> >
> > $ virsh -c qemu:///system create /tmp/generic.xml
> > error: Failed to create domain from /tmp/generic.xml
> > error: internal error process exited while connecting to monitor: kvm:
> > -netdev tap,id=hostnet0: could not configure /dev/net/tun: Operation not
> > permitted
> > kvm: -netdev tap,id=hostnet0: Device 'tap' could not be initialized
> >
> > This is the network part of my xml file:
> >
> > ...
> > <devices>
> >    <interface type="ethernet"/>
> >    ...
> >    <interface type="ethernet'>
> >       <target dev="tap0"/>
> >       <script path='/etc/qemu-ifup'/>
> >    </interface>
> >    ...
> > </devices>
> > ...
> >
> > In my /etc/libvirt/qemu.conf file I have the following set:
> >
> > user = "root"
> > group ="root"
> > dynamic ownership = 0
> > clear_emulator_capabilities = 0
> > cgroup_device_acl = [
> >     "/dev/null", "/dev/full", "/dev/zero",
> >     "/dev/random", "/dev/urandom",
> >     "/dev/ptmx", "/dev/kvm", "/dev/kqemu",
> >     "/dev/rtc", "/dev/hpet",
> >     "/dev/net/tun",
> > ]
>
> You did restart libvirtd after making those setting changes, right ?
> The user, group & clear_emulator_capabilities settings are the 3 that
> matter here & you have them correctly set.
>
> > I am running Ubuntu 12, which does not use SELinux.
>
> It has apparmour though, which possibly denies access to /dev/net/tun
>
> Daniel
> --
> |: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/:|
> |: http://libvirt.org              -o-             http://virt-manager.org:|
> |: http://autobuild.org       -o-         http://search.cpan.org/~danberr/:|
> |: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc:|
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/libvirt-users/attachments/20131002/b6baf9ad/attachment.htm>

More information about the libvirt-users mailing list