|
| From: | Mike Lovell |
| Subject: | Re: [Qemu-discuss] Tap Devices |
| Date: | Fri, 30 Nov 2012 11:31:05 -0700 |
| User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/17.0 Thunderbird/17.0 |
On 11/30/2012 02:26 AM, Frans de Boer wrote:
Hello Mike,Great to have your response. By showing that sudo can be tailored to specific programs, it is possible to remove the suid bit too. Have to check only if I can restrict to one user only, otherwise it does not matter whether the suid is used or sudo. Oh well, gone dive deeper into sudo, which I never have done before.
you can restrict sudo rules to just one person. in the example i listed, you would change %qemu to the username.
Yes, whoami is much better, I knew there was something but could not remember the function name :\.I just wanted to try avoiding using the brcompat component from openvSwitch. On the other hand, I am still experimenting, and maybe the standard kernel bridge is also good enough. Ah well, I keep on experimenting using the various components.
i don't know all the implications of using brcompat so there maybe downsides. it did take a while to get it set up on my ubuntu 12.10 box. it may not be the best answer but it does work.
mike
| [Prev in Thread] | Current Thread | [Next in Thread] |