When I start a virtual machine and intend to connect it to existing bridge, this is the error I get: failed to create tun device: Operation not permitted qemu-system-x86_64: bridge helper failed qemu-bridge-helper has no SUID: -rwxr-xr-x 1 root root 17656 фев 1 11:28 /usr/libexec/qemu-bridge-helper* ... and 'getcap /usr/libexec/qemu-bridge-helper' outputs nothing.
I looked into my backup and this file had these capabilities before: # getcap melf_root_18-12-30/usr/libexec/qemu-bridge-helper melf_root_18-12-30/usr/libexec/qemu-bridge-helper = cap_net_admin+ep
I've experienced the same issue. I had to manually run: filecap /usr/libexec/qemu-bridge-helper net_admin The current ebuild (qemu-3.1.0.ebuild) fails to set this as it now wraps it with a conditional statement. qemu-2.12.1.ebuild did not have a conditional statement. In pkg_postinst() the conditional causes it not to execute [[ -f ${D}/usr/libexec/qemu-bridge-helper ]] && \ fcaps cap_net_admin /usr/libexec/qemu-bridge-helper I'm suspect ${D} is the problem in the above.
I've run into the same issue with app-emulation/qemu-3.1.0-r1. The inital install and today's rebuild cleared the permissions and resulted in VMs not coming up on boot.
A point of clarification on the above. If the [[ -f ${D}/usr/libexec/qemu-bridge-helper ]] test passes, the filecaps eclass still requires USE=filecaps to actually set the capabilities, in addition to library, kernel and filesystem support. I do have all of the above and it still does not set net_admin for me; I have to run filecap after the install anyway.
*** This bug has been marked as a duplicate of bug 681346 ***