I use the ‘tap’ net device with KVM to get my vm connect to the Internet. But I have to be root, or use ‘sudo’, which is inconvenient. I think I can put my user account into some group so I can access the net device without root privilege. I tried the netdev group, but does not work. My account is already in the kvm group.
What else should I do? Or is there any way to allow me using KVM freely without permission issue?
Answers:
Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.
Method 1
The group is whoever has read and write permissions to /dev/net/tun. The default setup varies from distribution to distribution. The ownership and permissions of devices is set by udev.
Create a file /etc/udev/rules.d/zzz_net_tun.rules containing
KERNEL=="tun", GROUP="netdev", MODE="0660", OPTIONS+="static_node=net/tun"
This will make the device accessible by all users in the netdev group. The setting takes effect when the device is created, so if it already exists, do chgrp netdev /dev/net/tun; chmod 660 /dev/net/tun.
(adapted from the Gentoo Wiki wiki)
Method 2
Make sure you are part of the KVM group also. The recommendantion is to make every virtualization things (network configuration, firmware access, qemu configuration) available for the kvm group.
All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0