Capabilities split the root privilege up in certain rights ->
capabilities. Beside the fact that the kernel asks for certain
capabilities it doesnt provide the use of capabilities.
I'm using Serge E. Hallyn "introduce fs
caps" patch (http://lkml.org/lkml/2006/9/6/229) and Kaigai Kohei's
userspace t
I thought the best way to overcome the restriction imposed in tun/tap
interfaces is to set qemu as suid, and revoke privileges as soon as
the network interfaces are configured, and before any virtual block
devices are opened.
I wrote this little patch, which hopefully does just that.
Cheers,
Geo
Hi,
checking the Changelog for 2.6.18 (and diffing) one can see, that the
CAP_NET_ADMIN requirement was added for the tun/tap inerface in tun.c. The
question is, is it acceptable for a user to add a tun/tap interface in a
running system. It was before 2.6.18. A different approach is, to grant t
Hi,
That might be some security issues with removal of that capability
check. I think it is not a good idea to remove it.
2006/10/14, chris friedhoff <[EMAIL PROTECTED]>:
Hello,
bringing up the tun/tap interface depends now on the capability CAP_NET_ADMIN,
which usually only root has.
This
Hello,
bringing up the tun/tap interface depends now on the capability CAP_NET_ADMIN,
which usually only root has.
This patch just removes this dependency, so normal user rights suffices again
to bring up the tun/tap interface.
diff -ruN linux-2.6.18-orig/drivers/net/tun.c linux-2.6.18/drivers/
This came up in IRC a few days ago, it seems you need to use the UML
util 'tunctl' to assign permissions to the tap device. I found this
change annoying.
On 10/13/06, G Portokalidis <[EMAIL PROTECTED]> wrote:
Hello all,
I have recently installed the latest linux kernel, and i have been
having p
Hello all,
I have recently installed the latest linux kernel, and i have been
having problems with the tap interface since.
I have been getting the following cryptic message:
warning: could not configure /dev/net/tun: no virtual network emulation
Could not initialize device 'tap'
The tun driver
