From: Mattia D. <mal...@li...> - 2006-05-05 16:01:34
|
On Fri, May 05, 2006 at 11:11:51AM +0200, Stephane Bortzmeyer wrote: > On Tue, May 02, 2006 at 08:39:54AM -0700, > Brock, Anthony - NET <Ant...@or...> wrote > a message of 25 lines which said: [...] > [42949384.150000] * bash -c echo 0 > /proc/sys/net/ipv4/conf/tap0/proxy_arp > [42949384.150000] * arp -i eth0 -d 192.134.4.79 pub > [42949384.150000] * route add -host 192.134.4.79 dev tap0 > [42949384.150000] * bash -c echo 1 > /proc/sys/net/ipv4/conf/tap0/proxy_arp > [42949384.150000] * arp -Ds 192.134.4.79 eth0 pub > [ ok ] > Most of these (modifying the routes, playing with the ARP cache, > enabling forwarding) require to be root and I do not think that access > to the TAP device is enough? Indeed, the last part of the trick is installing um-net suid root. # ls -l /usr/lib/uml/uml_net -rwsr-x--- 1 root uml-net 19648 2006-04-14 19:58 /usr/lib/uml/uml_net The user needs then to be added to the group uml-net (in my case). -- mattia :wq! |