Please make qemu-bridge-helper suid as suggested in the qemu docs
Bug #1882420 reported by
Wren Turkal
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| qemu (Ubuntu) |
Incomplete
|
Undecided
|
Unassigned | ||
Bug Description
The script at /usr/lib/
Bridge.conf should probably contain a commented example.
Or may even better would be to create a default virbr0 bridge and just add that to the bridge.conf. Maybe use IPs from one of the test nets for ipv4 and something appropriate from ipv6 private space. Here's an RFC that lists all the reserved private nets. https:/
For more info on the qemu stuff, please see https:/
| no longer affects: | debian |
Revision history for this message
| Paride Legovini (paride) wrote | #1 |
| Changed in qemu (Ubuntu): | |
| status: | New → Incomplete |
Revision history for this message
| Nikos Mavrogiannopoulos (nmavrogiannopoulos) wrote | #2 |
To post a comment you must log in.
Hi Wren,
Not setting the suid bit on qemu-bridge-helper is a deliberate choice due to the security concerns outlined in [1], see also the Ubuntu changelog entry for version 2.1+dfsg-3 of qemu.
On setting up a default bridge: I don't think it's something the qemu package should do, as things like networking are normally manager by higher level tools (e.g. libvirt), and there's not way to add a default that fits a broad enough set of cases without interfering with the existing setups.
I think this is a "Won't Fix" bug, but I'm setting it to Incomplete for the moment, to leave it open to further discussion, if needed. If you do not agree please change the bug status back to New after commenting back and we'll look at it again; if you do agree please change the status to Won't Fix.
Thanks!
[1] https:/