Re: non-root bridge set-up on Fedora 39 aarch64

On 2/19/24 10:21 AM, Chuck Lever wrote: If you run virsh as a normal user, it will auto-create an unprivileged ("session mode") libvirt instance, and connect to that rather than the single privileged (ie. run as root) libvirt instance that is managed by systemd. Because this libvirt is running as a normal user with no elevated privileges, it is unable to create a virtual network. What you probably wanted to do was to connect to the system-wide privileged libvirt, you can do this by either running virsh as root (or with sudo), or by using   # virsh -c qemu:///system rather than straight "virsh". Whichever method you choose, you'll want to do that for all of your virsh commands, both for creating/managing networks and guests. /etc/qemu/bridge.conf is used by the QEMU package's qemu-bridge-helper binary (an SUID root program that creates a tap device attached to an existing bridge, and can be executed by an unprivileged qemu or libvirt that doesn't have permission to create a tap device or attach a tap to a bridge). The only place where bridge.conf matters is if you are using session mode libvirt for your guest you can use <interface type='bridge'> ... <source bridge='virbr0'/> to "make an end run" around libvirt's own network management and connect the guest's tap device to (in this example) virbr0 (assuming it already exists, for example if you've started the default virtual network in the system/privileged libvirt).