[libvirt-users] qemu-bridge-helper issue

abhishek jain ashujain9727 at gmail.com
Wed Jun 25 13:16:23 UTC 2014 

HI Laine,

Looks like we are able to run qemu-bridge-helper and it internally tries to
create tap interface.
While creating this tap interface we are getting Operation not permitted
error:



* failed to create tun device: Operation not permitted*
How we can create tun interface without root user is the issue. Please let
us know how to proceed on this.




On Wed, Jun 25, 2014 at 6:21 PM, Laine Stump <laine at laine.org> wrote:

>  On 06/25/2014 03:28 PM, abhishek jain wrote:
>
>   Hi Laine
>
>  I'm able to run the qemu-bridge-helper but with root authority.
>  I need to run it with non-root user.How can i do that?
>
>
> The entire point of qemu-bridge-helper is that it can be run by
> non-privileged users, but once run it has root privileges. This is done by
> the binary having the "suid bit" set. If your distro didn't install it this
> way, that is a bug (an ls -l of the binary should show "rwsr-xr-x"
> permissions) . You can fix it with the chmod command (e.g. "chmod 4755
> /usr/libexec/qemu-bridge-helper"). If that is what was broken, and you used
> the distro-built package, you should report it as a bug to the distro's bug
> tracking system.
>
> Beyond that, you need to read about the qemu-bridge-helper ACL file in the
> link I originally gave (along with other info you can find with a google
> search).
>
>
>
>  Thanks
>
>
> On Wed, Jun 25, 2014 at 5:43 PM, Laine Stump <laine at laine.org> wrote:
>
>>  On 06/25/2014 10:22 AM, abhishek jain wrote:
>> > Hi
>> >
>> > I'm able to run the below command using root permission....
>> >
>> >  sudo kvm -netdev bridge,br=qbr0ccdca50-fa,id=hostnet -M ppce500
>> > Warning: netdev hostnet has no peer
>> > Could not initialize SDL(No available video device) - exiting
>> >
>> >
>> > However when I'm running the same command without root authority,I'm
>> > getting following logs...
>> >
>> >  kvm -netdev bridge,br=qbr0ccdca50-fa,id=hostnet -M ppce500
>> > failed to create tun device: Operation not permitted
>> > failed to launch bridge helper
>> > kvm: -netdev bridge,br=qbr0ccdca50-fa,id=hostnet: Device 'bridge'
>> > could not be initialized
>> >
>> >
>> > I need to run the above command without root authority.Please help
>> > regarding this.
>>
>>  Search for qemu-bridge-helper and you should find information about the
>> ACL file that needs to be setup for this to work properly. For example,
>> this has a short description, but doesn't sound like it's intended to be
>> the final authority:
>>
>>   http://wiki.qemu.org/Features/HelperNetworking
>>
>
>
>
> _______________________________________________
> libvirt-users mailing listlibvirt-users at redhat.comhttps://www.redhat.com/mailman/listinfo/libvirt-users
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/libvirt-users/attachments/20140625/2744664d/attachment.htm>

More information about the libvirt-users mailing list