Summary: | app-emulation/qemu-3.1.0 - failed to create tun device: Operation not permitted | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Pavel Volkov <ao> |
Component: | Current packages | Assignee: | Matthias Maier <tamiko> |
Status: | RESOLVED DUPLICATE | ||
Severity: | normal | CC: | redneb, virtualization |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Pavel Volkov
2019-02-03 08:20:34 UTC
I looked into my backup and this file had these capabilities before: # getcap melf_root_18-12-30/usr/libexec/qemu-bridge-helper melf_root_18-12-30/usr/libexec/qemu-bridge-helper = cap_net_admin+ep I've experienced the same issue. I had to manually run: filecap /usr/libexec/qemu-bridge-helper net_admin The current ebuild (qemu-3.1.0.ebuild) fails to set this as it now wraps it with a conditional statement. qemu-2.12.1.ebuild did not have a conditional statement. In pkg_postinst() the conditional causes it not to execute [[ -f ${D}/usr/libexec/qemu-bridge-helper ]] && \ fcaps cap_net_admin /usr/libexec/qemu-bridge-helper I'm suspect ${D} is the problem in the above. I've run into the same issue with app-emulation/qemu-3.1.0-r1. The inital install and today's rebuild cleared the permissions and resulted in VMs not coming up on boot. A point of clarification on the above. If the [[ -f ${D}/usr/libexec/qemu-bridge-helper ]] test passes, the filecaps eclass still requires USE=filecaps to actually set the capabilities, in addition to library, kernel and filesystem support. I do have all of the above and it still does not set net_admin for me; I have to run filecap after the install anyway. *** This bug has been marked as a duplicate of bug 681346 *** |