From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1N5lq0-00008T-Fk for qemu-devel@nongnu.org; Wed, 04 Nov 2009 14:48:12 -0500 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1N5lpw-00007n-TD for qemu-devel@nongnu.org; Wed, 04 Nov 2009 14:48:12 -0500 Received: from [199.232.76.173] (port=34356 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1N5lpw-00007i-OO for qemu-devel@nongnu.org; Wed, 04 Nov 2009 14:48:08 -0500 Received: from ey-out-1920.google.com ([74.125.78.146]:39644) by monty-python.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1N5lpw-0002AN-CD for qemu-devel@nongnu.org; Wed, 04 Nov 2009 14:48:08 -0500 Received: by ey-out-1920.google.com with SMTP id 3so5507053eyh.14 for ; Wed, 04 Nov 2009 11:48:07 -0800 (PST) Message-ID: <4AF1DA71.2000209@codemonkey.ws> Date: Wed, 04 Nov 2009 13:48:01 -0600 From: Anthony Liguori MIME-Version: 1.0 Subject: Re: [Qemu-devel] Re: [PATCH 0/4] net-bridge: rootless bridge support for qemu References: <1257294485-27015-1-git-send-email-aliguori@us.ibm.com> <20091104170406.GA461@redhat.com> In-Reply-To: <20091104170406.GA461@redhat.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: "Michael S. Tsirkin" Cc: Mark McLoughlin , Arnd Bergmann , Dustin Kirkland , qemu-devel@nongnu.org, Juan Quintela Michael S. Tsirkin wrote: > On Tue, Nov 03, 2009 at 06:28:01PM -0600, Anthony Liguori wrote: > >> This series solves a problem that I've been struggling with for a few years now. >> One of the best things about qemu is that it's possible to run guests as an >> unprivileged user to improve security. However, if you want to have your guests >> communicate with the outside world, you're pretty much forced to run qemu as >> root. >> >> At least with KVM support, this is probably the most common use case which means >> that most of our users are running qemu as root. That's terrible. >> >> We address this problem by introducing a new network backend: -net bridge. This >> backend is less flexible than -net tap because it relies on a helper with >> elevated privileges to do the heavy lifting of allocating and attaching a tap >> device to a bridge. We use a special purpose helper because we don't want >> to elevate the privileges of more generic tools like brctl. >> >> >From a user perspective, to use bridged networking with a guest, you simply use: >> >> qemu -hda linux.img -net bridge -net nic >> >> And assuming a bridge is defined named qemubr0 and the administrator has setup >> permissions accordingly, it will Just Work. My hope is that distributions will >> do this work as part of the qemu packaging process such that for most users, >> the out-of-the-box experience will also Just Work. >> >> More details are included in individual patches. I broke up the helper into >> a series of patches to improve reviewabilty. >> > > Would raw backend attached to a bridge mostly do the same? > Well it doesn't really help with the issue of privileges which is what this series is really about. Regards, Anthony Liguori