From: David W. <dw...@in...> - 2000-10-17 08:53:37
|
yd...@al... said: > As an alternative, wouldn't it be possible to use the "universal tun/ > tap driver" (http://tun.sourceforge.net/tun/) ? I had a quick attempt > a couple of days ago, but it does not seem compatible with the > ethertap in 2.4 kernels - it even does not use the same device number. > Did someone had a look at this ? Yep. Unfortunately, you still need a suid helper - and it would be best if we could remove the need for suid at all. Rather than root allocating and ifconfig'ing a tunnel device and the UML later opening /dev/tun$n as an unprivileged user, you have to open the device, and _then_ ifconfig it. The old Ethertap device, with my patches to fix the permissions handling on the netlink chardevice, has just the semantics that (I think) we want. As root, ifconfig tap0 $HOSTIP pointopoint $UMLIP ; chown $UMLUSER /dev/tap0 Then the UML can just open the device node as an when required, and no suid helper is required. -- dwmw2 |