On 08/05/10 - 02:12:36PM, Doug Goldstein wrote:
When attempting to add a tap device, the error message is fairly cryptic as to what really happened. If possible, try to load the tun module and then try again to add the tap device again to improve the user experience.
Signed-off-by: Doug Goldstein <cardoe@gentoo.org> --- src/util/bridge.c | 21 +++++++++++++++++++-- 1 files changed, 19 insertions(+), 2 deletions(-)
diff --git a/src/util/bridge.c b/src/util/bridge.c index 7d0caae..ca4bcc9 100644 --- a/src/util/bridge.c +++ b/src/util/bridge.c @@ -486,12 +486,29 @@ brAddTap(brControl *ctl, { int fd; struct ifreq ifr; + const char * const argv[] = { "modprobe", "tun", NULL }; + int err, exitstatus = 0;
Hm, I can't say I like this. Libvirt really shouldn't be in the business of loading kernel modules (I know, we actually do this in the pci passthrough code, but I don't think we should). Besides being pretty gross, this will cause havoc with security policies (like SELinux): you'll need to make the security module allow libvirtd the ability to modprobe any module, which means that any flaw in libvirtd turns into a possible system-wide compromise. -- Chris Lalancette