Re: [Qemu-devel] qemu and kernel 2.6.18

From: Tace <tacetan@gmail.com>
To: qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] qemu and kernel 2.6.18
Date: Sun, 15 Oct 2006 15:31:11 +0800	[thread overview]
Message-ID: <92c265230610150031h570a1cfenedc723b9a9949a25@mail.gmail.com> (raw)
In-Reply-To: <20061014094706.a59e3e33.chris@friedhoff.org>

Hi,
    That might be some security issues with removal of that capability
check. I think it is not a good idea to remove it.

2006/10/14, chris friedhoff <chris@friedhoff.org>:
> Hello,
>
> bringing up the tun/tap interface depends now on the capability CAP_NET_ADMIN, which usually only root has.
> This patch just removes this dependency, so normal user rights suffices again to bring up the tun/tap interface.
>
> diff -ruN linux-2.6.18-orig/drivers/net/tun.c linux-2.6.18/drivers/net/tun.c
> --- linux-2.6.18-orig/drivers/net/tun.c 2006-09-20 05:42:06.000000000 +0200
> +++ linux-2.6.18/drivers/net/tun.c      2006-10-02 09:21:52.000000000 +0200
> @@ -489,9 +489,6 @@
>
>                 err = -EINVAL;
>
> -               if (!capable(CAP_NET_ADMIN))
> -                       return -EPERM;
> -
>                 /* Set dev type */
>                 if (ifr->ifr_flags & IFF_TUN) {
>                         /* TUN device */
>
>
> chris
>
> ######################################
>
> On Fri, 13 Oct 2006 13:00:10 -0400
> WaxDragon <waxdragon@gmail.com> wrote:
>
> > This came up in IRC a few days ago, it seems you need to use the UML
> > util 'tunctl' to assign permissions to the tap device.  I found this
> > change annoying.
> >
> > On 10/13/06, G Portokalidis <georgios.portokalidis@gmail.com> wrote:
> > > Hello all,
> > > I have recently installed the latest linux kernel, and i have been
> > > having problems with the tap interface since.
> > >
> > > I have been getting the following cryptic message:
> > > warning: could not configure /dev/net/tun: no virtual network emulation
> > > Could not initialize device 'tap'
> > >
> > > The tun driver is loaded, and /dev/net/tun is 'rw'.
> > > Any ideas what this is about? Could i have misconfigured something in
> > > the kernel?
> > >
> > > Cheers,
> > > George
> > >
> > >
> > > _______________________________________________
> > > Qemu-devel mailing list
> > > Qemu-devel@nongnu.org
> > > http://lists.nongnu.org/mailman/listinfo/qemu-devel
> > >
> >
> >
> > --
> > 22:38 <@WaxDragon> false ^ true
> > 22:39 < false> :(
> > 22:39 < false> dont you think you can XOR me and get away with it! I
> > always return!
> >
> >
> > _______________________________________________
> > Qemu-devel mailing list
> > Qemu-devel@nongnu.org
> > http://lists.nongnu.org/mailman/listinfo/qemu-devel
>
>
> --------------------
> Chris Friedhoff
> chris@friedhoff.org
>
>
> _______________________________________________
> Qemu-devel mailing list
> Qemu-devel@nongnu.org
> http://lists.nongnu.org/mailman/listinfo/qemu-devel
>
>
>
>