[SOLVED] How to securley run qemu with tap device for networking
Linux - Virtualization and CloudThis forum is for the discussion of all topics relating to Linux Virtualization and Linux Cloud platforms. Xen, KVM, OpenVZ, VirtualBox, VMware, Linux-VServer and all other Linux Virtualization platforms are welcome. OpenStack, CloudStack, ownCloud, Cloud Foundry, Eucalyptus, Nimbus, OpenNebula and all other Linux Cloud platforms are welcome. Note that questions relating solely to non-Linux OS's should be asked in the General forum.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
How to securley run qemu with tap device for networking
I run qemu without libvirt. I want to use a tap device on host for networking. I'm suspect that running qemu as root is insecure, so I would like to run it as an ordinary user (correct me if I'm wrong). It seems like the easiest way to do this is to set up the bridge and tap0 manually, and then just tell qemu to use the tap interface. This is what I got so far:
>>>sudo brctl show
bridge name bridge id STP enabled interfaces
br0 8000.001c257e60fa no eth0
>>>qemu-system-i386 -netdev tap,ifname=tap0,id=mynet0,script=no -device i82559c,netdev=mynet0 -m 1024 slack.qcow2
qemu-system-i386: -netdev tap,ifname=tap0,id=mynet0,script=no: could not configure /dev/net/tun (tap0): Operation not permitted
qemu-system-i386: -netdev tap,ifname=tap0,id=mynet0,script=no: Device 'tap' could not be initialized
However, running the above as superuser works fine. What I'm I doing wrong?
You should never be on as root is a common thought.
Qemu is fine running as a user but you may have to give that user some extra small permission. This is where I think the standard user is failing for you. I don't use qemu on linux enough to tell so others could maybe fix your code or permissions.
I never used qemu by itself, on KVM with libvirt, i specify network details in the individual xml of the virtual machine and then I normally specify br0. It seems to work fine without setting up a tap device. Could it possibly work like that in your case?
Last edited by ericson007; 01-09-2014 at 05:01 PM.
Reason: removed paragraph so solution posted by op is more clear