[libvirt] possible 0.9.8 regression?

Hi All, I've noticed a regression in libvirt 0.9.8 on some of my kvm test machines # virsh start opensuse12 error: Failed to start domain opensuse12 error: Cannot open network interface control socket: Permission denied Opening a control socket for setting MAC addr, etc. failed with EACCES. In 0.9.7, the socket was opened with domain AF_INET, type SOCK_STREAM, which of course works on this system. In 0.9.8, the socket is opened with AF_PACKET, SOCK_DGRAM. Interestingly, a small test program calling 'socket(AF_PACKET, SOCK_DGRAM, 0)' works on this system. libvirt is built with '--without-capng --without-apparmor --without-selinux' and libvirtd is running with uid=euid=0. I'm really baffled why this fails in libvirtd but works otherwise. Any ideas? Thanks, Jim #include <stdio.h> #include <stdlib.h> #include <string.h> #include <errno.h> #include <unistd.h> #include <sys/socket.h> #include <netpacket/packet.h> #include <net/ethernet.h> int main(int argc, char **argv) { int fd; printf("Testing socket(2)...\n"); printf("Opening AF_INET, SOCK_STREAM socket\n"); fd = socket(AF_INET, SOCK_STREAM, 0); if (fd < 0) { printf("socket(2) failed with %s\n", strerror(errno)); exit(1); } close(fd); printf("Opening AF_PACKET, SOCK_DGRAM socket\n"); fd = socket(AF_PACKET, SOCK_DGRAM, 0); if (fd < 0) { printf("socket(2) failed with %s\n", strerror(errno)); exit(1); } close(fd); printf("Done!\n"); exit(0); }