Re: qemu README clarification (multiple fd)

Mon, 03 Feb 2014 15:32:10 -0800 

I think it's actually easier to use qemu-system-x86_64
as root and use -runas option, to make it drop privileges...

I always keep forgeting about changing sudoers...

On Mon, Feb 3, 2014 at 5:08 PM, Stuart Henderson <[email protected]> wrote:
> On 2014/02/03 17:39, Jiri B wrote:
>> I'm not native English speaker so I'm not sure I do
>> understand meaning correctly or if the wording is
>> OK...
>>
>>    NOTE: sudo calls closefrom(2).  In order to have more than one
>>          fd passed tap interface, a line to sudoers akin to:
>>
>>                 Defaults closefrom_override
>>
>>          then calling sudo via 'sudo -C 5 -u $USER qemu-system-i386 ..'
>>          is required.  See sudoers(5) and sudo(8) for details.
>>
>> "...more than one fd passed tap interface,...". Is this correct?
>> What does it want to say exactly?
>
> Maybe "fd-passed tap interface" would be clearer. Basically it's talking 
> about a
> tap interface which has been passed via a file descriptor. If you want more 
> than
> one of those, you need to override sudo's default, which is to close FDs 
> higher
> than 3.
>
>      -C fd       Normally, sudo will close all open file descriptors other
>                  than standard input, standard output and standard error.  The
>                  -C (close from) option allows the user to specify a starting
>                  point above the standard error (file descriptor three).
>                  Values less than three are not permitted.  This option is
>                  only available when the administrator has enabled the
>                  closefrom_override option in sudoers(5).
>
>> I made my qemu VM work with multiple ifaces with following
>> command, each VM's iface has its own tun(4) device on the
>> OpenBSD host.
>>
>> $ sudo sh -c "sudo -C 5 -u jirib qemu-system-x86_64 -net 
>> nic,model=virtio,vlan=0 \
>>   -net tap,vlan=0,fd=3 -net nic,vlan=1,model=virtio -net tap,vlan=1,fd=4 \
>>   -no-fd-bootchk -drive file=~/tmp/qemu/virtual.img,if=virtio,format=qcow2 \
>>   -drive file=~/downloads/install55.iso,if=scsi,media=cdrom \
>>   -boot order=cd,once=d 3<>/dev/tun0 4<>/dev/tun1"
>>
>> Am I doing multi-nic qemu VM correctly?
>>
>> jirib
>>
>
> looks right. does it work?
>

Reply via email to