Re: [libvirt-users] How to use /dev/net/tun from libvirt-lxc with user namespacing enabled
On Wed, Jan 31, 2018 at 6:18 AM, Daniel P. Berrangé <berrange(a)redhat.com> wrote:
That config makes the filesystem containing the device node visible,
but
does not grant access to device nodes themselves.
You instead need device passthrough
<hostdev mode='capabilities' type='misc'>
<source>
<char>/dev/net/tun</char>
</source>
</hostdev>
Just tried adding the suggested <hostdev> snippet but /dev/net/tun is
still not accessible:
$ cat /dev/net/tun
cat: /dev/net/tun: Operation not permitted
Where outside the container or when in LXD or systemd-nspawn I see:
$ cat /dev/net/tun
cat: /dev/net/tun: File descriptor in bad state
(Which is the expected output)