Re: [libvirt] [PATCH 1/3] Attempt to load tun module on tap add error
On 08/05/10 - 02:12:36PM, Doug Goldstein wrote:
When attempting to add a tap device, the error message is fairly
cryptic
as to what really happened. If possible, try to load the tun module and
then try again to add the tap device again to improve the user
experience.
Signed-off-by: Doug Goldstein <cardoe(a)gentoo.org>
---
src/util/bridge.c | 21 +++++++++++++++++++--
1 files changed, 19 insertions(+), 2 deletions(-)
diff --git a/src/util/bridge.c b/src/util/bridge.c
index 7d0caae..ca4bcc9 100644
--- a/src/util/bridge.c
+++ b/src/util/bridge.c
@@ -486,12 +486,29 @@ brAddTap(brControl *ctl,
{
int fd;
struct ifreq ifr;
+ const char * const argv[] = { "modprobe", "tun", NULL };
+ int err, exitstatus = 0;
Hm, I can't say I like this. Libvirt really shouldn't be in the business
of loading kernel modules (I know, we actually do this in the pci passthrough
code, but I don't think we should). Besides being pretty gross, this will
cause havoc with security policies (like SELinux): you'll need to make the
security module allow libvirtd the ability to modprobe any module, which means
that any flaw in libvirtd turns into a possible system-wide compromise.
--
Chris Lalancette