Re: qemu-bridge-helper issue

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

(Please don't top-post. Instead include your responses inline instead. It is much easier to follow the conversation and respond to multiple points that way.

On 06/25/2014 04:16 PM, abhishek jain wrote:
HI Laine,

Looks like we are able to run qemu-bridge-helper and it internally tries to create tap interface.
While creating this tap interface we are getting Operation not permitted error:
failed to create tun device: Operation not permitted

How we can create tun interface without root user is the issue. Please let us know how to proceed on this.

That's what I've tried to tell you in the last two responses, and you haven't given any new information about whether or not 1) your binary has the suid bit set, or 2) you tried setting it. If you don't understand why that would help, please read up on the "suid bit" and what it does.

If you have set the suid bit of the binary, and have checked the web page I indicated, compared your /etc/qemu/bridge.conf, and found that it had proper content to satisfy the ACL requirements of qemu-bridge-helper, but it still doesn't work, then you'll need to go to a qemu-specific help source, such as the #qemu channel on irc.oftc.net - libvirt doesn't do anything directly with the qemu-bridge-helper (and aside from that, you are apparently not even using libvirt, but are instead running qemu/kvm directly.)






On Wed, Jun 25, 2014 at 6:21 PM, Laine Stump <laine@xxxxxxxxx> wrote:
On 06/25/2014 03:28 PM, abhishek jain wrote:
Hi Laine

I'm able to run the qemu-bridge-helper but with root authority.
I need to run it with non-root user.How can i do that?

The entire point of qemu-bridge-helper is that it can be run by non-privileged users, but once run it has root privileges. This is done by the binary having the "suid bit" set. If your distro didn't install it this way, that is a bug (an ls -l of the binary should show "rwsr-xr-x" permissions) . You can fix it with the chmod command (e.g. "chmod 4755 /usr/libexec/qemu-bridge-helper"). If that is what was broken, and you used the distro-built package, you should report it as a bug to the distro's bug tracking system.

Beyond that, you need to read about the qemu-bridge-helper ACL file in the link I originally gave (along with other info you can find with a google search).



Thanks


On Wed, Jun 25, 2014 at 5:43 PM, Laine Stump <laine@xxxxxxxxx> wrote:
On 06/25/2014 10:22 AM, abhishek jain wrote:
> Hi
>
> I'm able to run the below command using root permission....
>
>  sudo kvm -netdev bridge,br=qbr0ccdca50-fa,id=hostnet -M ppce500
> Warning: netdev hostnet has no peer
> Could not initialize SDL(No available video device) - exiting
>
>
> However when I'm running the same command without root authority,I'm
> getting following logs...
>
>  kvm -netdev bridge,br=qbr0ccdca50-fa,id=hostnet -M ppce500
> failed to create tun device: Operation not permitted
> failed to launch bridge helper
> kvm: -netdev bridge,br=qbr0ccdca50-fa,id=hostnet: Device 'bridge'
> could not be initialized
>
>
> I need to run the above command without root authority.Please help
> regarding this.

Search for qemu-bridge-helper and you should find information about the
ACL file that needs to be setup for this to work properly. For example,
this has a short description, but doesn't sound like it's intended to be
the final authority:

  http://wiki.qemu.org/Features/HelperNetworking



_______________________________________________
libvirt-users mailing list
libvirt-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvirt-users



_______________________________________________
libvirt-users mailing list
libvirt-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvirt-users
[Index of Archives]     [Virt Tools]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]

  Powered by Linux