Md at debian.org

tales of a debian maintainer

Running kvm without root privileges

This is my recipe for easily running kvm as an unprivileged user without using sudo and custom network configuration scripts.

/etc/network/interfaces:

iface kvmnet inet static
        address         10.5.0.1
        netmask         255.255.255.0
        broadcast       10.5.0.255
        pre-up          ip tuntap add dev $IFACE mode tap user md
        post-down       ip tuntap del dev $IFACE mode tap
        # if you have an old release of iproute use these commands instead:
        #pre-up         vde_tunctl -t $IFACE -u md
        #post-down      vde_tunctl -d $IFACE
        up              echo 1 > /proc/sys/net/ipv4/ip_forward
        up              iptables --table nat --append POSTROUTING --jump MASQUERADE --source $IF_ADDRESS/$IF_NETMASK
        down            iptables --table nat --delete POSTROUTING --jump MASQUERADE --source $IF_ADDRESS/$IF_NETMASK

~/bin/kvm:

#!/bin/sh -e

iface='kvmnet'
macaddr='DE:AD:42:00:00:01'
model='virtio'

exec kvm \
    -net nic,vlan=0,macaddr=$macaddr,model=$model \
    -net tap,vlan=0,ifname=$iface,script=no,downscript=no \
    "$@"

Configuring a PV network interface is optional, but it is more efficient and if the guest uses udev and a modern kernel it will just work.

Bonus tip: use "-vnc :0 -usbdevice tablet -serial telnet:127.0.0.1:4444,server,nowait" for a headless guest which if needed will still have proper consoles.

About

This is the blog of Marco d'Itri.

S M T W T F S
      1 2 3 4
5 6 7 8 9 10 11
12 13 14 15 16 17 18
19 20 21 22 23 24 25
26 27 28 29 30 31  

See also:

My blogroll:


W3C HTML 4.01
W3C CSS 2.0     

Powered by Bryar.pm.