Sthu Deus (sthu.d...@gmail.com on 2011-11-15 20:12 +0700): > $ /usr/bin/kvm -localtime -m 256 -no-reboot -boot c > -hda da -net nic,macaddr=$(printf > 'DE:AD:BE:EF:%02X:%02X\n' $((RANDOM%256)) $((RANDOM%256))) -net tap > > kvm: -net tap: could not configure /dev/net/tun (tap%d): Operation not > permitted > > kvm: -net tap: Device 'tap' could not be initialized > > I run it under normal user - as You have guessed already - yet in > sudoers I have for the user (as I understand all the commands > involved in tap bringing up by KVM): > > vmuser ALL = /sbin/ifconfig *, /sbin/ifup br0, /sbin/ifdown > br0, /sbin/ip *, /sbin/brctl *, /usr/sbin/tunctl *, /sbin/route add > -host * > > How I can solve this?
qemu does not use sudo. -net tap,ifname=$(sudo tunctl -b) doesn't work? > > By the way, to overrun the permission problem I have tried running it > under sudo (root) user when I got the following error: > > No protocol specified > Could not initialize SDL(No available video device) - exiting > > So it needs a screen for KVM window running. Do You know how I can > launch it in such case? - Except to allow root user. :) Most likely your sudo does not preserve $DISPLAY. > >See my other mail. You can get the network working by using the > >correct routes (I hope). But that won't get you internet access from > >the VM without either NAT or reconfiguring your modem. > > My host is connected to router. Do You mean that I need NAT at the > router or host? - I thought host only. Yes, NAT at the host should work. Sthu Deus (sthu.d...@gmail.com on 2011-11-15 01:40 +0700): > Thank You for Your time and answer, Arno: > > >I think this setup might need additional configuration on the > >outside, because you need to add the same subnet route on your > >Internet modem/router. I don't think qemu gives you NAT for free... > > I've got such a problem w/ NATing: > > /sbin/iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -d ! > 192.168.1.0/24 -j SNAT --to-source 192.168.0.2 > > Bad argument `192.168.1.0/24' > > Do You have any idea why iptables does not accept the ip nor the ip > net? You need to use ! -d addr, not -d ! addr Regards, Arno -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20111116204900.0743f...@neminis.intra.loos.site
