On Tue, Dec 02, 2014 at 01:28:26PM -0600, Bruce Dubbs wrote: > Pierre Labastie wrote: > > >When using "-net tap" + bridging: > >As said in the book, you can make the VM appear as a machine on the > >local network, allowing two-way accesses. The only reason for not using > >it, is that qemu, ip and brctl need to be setgid and as noted wy the OP, > >their capabilities have to be changed using setcap. Otherwise, running > >qemu as root is possible too. > > sgid isn't enough. ip and brctl need to have root (or network > capabilities). qemu will not run if it is suid. I'll also not that the > root (or /usr) partition needs to have the acl,user_xattr options set to use > setcap. >
I was just searching for something else, and came across http://wiki.qemu.org/Features-Done/HelperNetworking - not sure if the 'Setup' section there [ /etc/qemu/bridge.conf ] will help. ĸen -- Nanny Ogg usually went to bed early. After all, she was an old lady. Sometimes she went to bed as early as 6 a.m. -- http://lists.linuxfromscratch.org/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
