Re: [9fans] 9vx/vx32 - Out of ignorance

[yy <yiyu.jgl@gmail.com>]

2010/9/12 Lucio De Re <lucio@proxima.alt.za>:
> My thinking is that 9vx could start up as root
> to install the TAP device (nothing else so far has alerted me to a need
> for root permissions), then switch user to the selected one (if it exists,
> "nobody" may be needed if there is no equivalent in the host repertoire)
> once setting up is complete.

The advantage of the tap device is precisely that it does not need
root permissions. You need those permissions to manage the devices,
but that will be normally done by tunctl or openvpn. Those are the
programs that have to worry about being run as root, not 9vx. In other
words: you need to be root to create the tap device, but not to use
it.

> And if anybody can arrange a short lesson on using networking under 9vx,
> that would also be greatly appreciated.

Inside 9vx, networking with tap devices is not different to using
physical devices. At the host system level, it works as it does in
qemu (there could be more bugs though). There are many qemu tutorials
with sample scripts and better explanations than what I could give.
The particular configuration I'm using is documented at:

http://wiki.archlinux.org/index.php/QEMU#Tap_Networking_with_QEMU

Based on the qemu-ifup/down scripts described there I wrote a 9vx-tap
script you can find at:

http://bitbucket.org/yiyus/vx32/src/tip/src/9vx/9vx-tap

Probably disecting that script is the best way to understand how the
bridge, the tap devices and 9vx play together.

--
- yiyus || JGL . 4l77.com