Some time ago a Kernel change broke a qemu-kvm feature known as ifup script.

I came across this while i was installing convirt (a nice web management tool for not only kvm). New VMs with bridged ethernet just wouldnt start and spit out an error like:

could not configure /dev/net/tun (tap%d): Operation not permitted

A few google searches later i tried the suggestion over linux capabilities (libcap2), but that did not worked for me. Also running the VMs as root was not an option!

Luckily, /usr/sbin/kvm is just a symlink on gentoo, so i made a little wrapper-script for creating the tap interfaces on demand!

Be aware that your ifup-script might be called different, if youre not using convirt! I also had to set the suid bit on brctl as well as tunctl!

#!/bin/bash

setup_tap()
{
NEWTAP=`tunctl -u convirt | cut -d “‘” -f 2`
/sbin/brctl addif br0 $NEWTAP
}

for PARAM in $@; do
if `echo $PARAM | grep -q “qemu-ifup-br0″ `; then
setup_tap
NEWPARAM=`echo $PARAM | sed ‘s//etc/kvm/qemu-ifup-br0/no,ifname=’$NEWTAP’/g’`
PARAMSTRING=”$PARAMSTRING
$NEWPARAM”
else
PARAMSTRING=”$PARAMSTRING $PARAM”
fi
done

/usr/bin/qemu-kvm $PARAMSTRING