From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <discuss-bounces@spectrum-os.org>
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on atuin.qyliss.net
X-Spam-Level: 
X-Spam-Status: No, score=-3.6 required=3.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,
	HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE,
	RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,WEIRD_PORT autolearn=unavailable
	autolearn_force=no version=3.4.4
Received: by atuin.qyliss.net (Postfix, from userid 496)
	id C48684E558; Thu,  7 Jan 2021 11:39:09 +0000 (UTC)
Received: from [127.0.0.1] (localhost [IPv6:::1])
	by atuin.qyliss.net (Postfix) with ESMTP id 32A874E596;
	Thu,  7 Jan 2021 11:38:50 +0000 (UTC)
Received: by atuin.qyliss.net (Postfix, from userid 496)
	id A2F2D4E4FB; Thu,  7 Jan 2021 11:38:47 +0000 (UTC)
Received: from mail-lf1-f52.google.com (mail-lf1-f52.google.com [209.85.167.52])
	by atuin.qyliss.net (Postfix) with ESMTPS id 78B914E529
	for <discuss@spectrum-os.org>; Thu,  7 Jan 2021 11:38:43 +0000 (UTC)
Received: by mail-lf1-f52.google.com with SMTP id l11so13936163lfg.0
        for <discuss@spectrum-os.org>; Thu, 07 Jan 2021 03:38:43 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=bZWi3D2rNGTD+tT+H9rsf2heEUhNezWR2kxbWtb2ZWE=;
        b=gQk5EuV8l89J7JLDljA6U2+macbqbCc2FPdXiTxM/NPT06W9FJDhyj8DAqGLWyQQbj
         s4MvATf/RezbRxoZh2JYuzhgcKzVJGWbk6jb900RP0f7+TYTLuj+uTJswy9Hw9hHnpY0
         earCLCRCSQvBS6kfb5c22mnMrcRDqJTQdf0831EFlvac2a1LHYEV0nMTnXCE2WQI1x+9
         bi0e/HbpnStt5l4di0T5Cb3SusFU3O826WY5pHSRq/0qRUjWWyuhOgQFctGtVC7ficz5
         8pF3FEXeIvHWg1A6KPMOl+MtPECdrWrbjouD15U7SdpL7nfDRMIRoPAhbbKRG4v0RXm+
         fYJA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=bZWi3D2rNGTD+tT+H9rsf2heEUhNezWR2kxbWtb2ZWE=;
        b=d0LJ/0oo5XisfmgxR7I8tw4w8fWfJfFCIcETwXRTZkl9kLu7Wk8kvNUZmzmv2FMFMn
         xYdNswLIqv/pxXXTHgT7qCt19A2uRWa7hZ/8X/dJ73Pxkg8Kbi5DRd9BDKptFDQwQiYB
         Y2YRMSjIa5T+yFnd+TkXxizHZQp8rUG+0BAZbNanR48FAGFBYALp2c79smnpWbQ5sVio
         jpR4197inD7gmNS9R4hK+cQ/+g+NIY6noENDW8tPH1FYPlbyySs5gaSW9pNp4KoTq+XD
         KcOUytPCrGzX4OLnIF1P+WNd+l1zWKqTPM3GUWnCNWpjx8eWnMSXTCJwBnfLyae5bLMQ
         AZ+g==
X-Gm-Message-State: AOAM533dQoHbpfSuwPeX3CDASaSwniqO6QJRrwUK2YRbbUiktDDUEdAk
	PTtAiwDE1cnzGZsI+BSp+343RZsK5AB9tRPcGeI=
X-Google-Smtp-Source: ABdhPJw1I/12XRzA7UkduNUrfBnTw33LZ9dJvy4zM3Djr5BysTv9TUkUOpdETGxKjj4LTCcMCDUWduJE1JJ7dh0KHII=
X-Received: by 2002:a2e:b8d1:: with SMTP id s17mr4194104ljp.472.1610019522393;
 Thu, 07 Jan 2021 03:38:42 -0800 (PST)
MIME-Version: 1.0
References: <CAG4opy_hz_ESEpY0TqJy7u3ZSiOOMPWmQkmmDZbi-pjY3cF=YQ@mail.gmail.com>
 <87ble2czx6.fsf@alyssa.is> <CAG4opy_9Q2aeX1UZkksnVfZbeA51UoL6xFkY5N4xny=XFUdnYQ@mail.gmail.com>
In-Reply-To: <CAG4opy_9Q2aeX1UZkksnVfZbeA51UoL6xFkY5N4xny=XFUdnYQ@mail.gmail.com>
From: Thomas Leonard <talex5@gmail.com>
Date: Thu, 7 Jan 2021 11:38:31 +0000
Message-ID: <CAG4opy8_BZOZmWGqoG3u4DiQ_EDaLFXCjrY773=SZrfZgN3GNQ@mail.gmail.com>
Subject: Re: New user getting started questions
To: Alyssa Ross <hi@alyssa.is>
Content-Type: text/plain; charset="UTF-8"
Message-ID-Hash: UQZVYQRZJGLH7OLHJESQEGPSEIWKD7BP
X-Message-ID-Hash: UQZVYQRZJGLH7OLHJESQEGPSEIWKD7BP
X-MailFrom: talex5@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header
CC: Michael Raskin <7c6f434c@mail.ru>, discuss@spectrum-os.org
X-Mailman-Version: 3.3.1
Precedence: list
List-Id: General high-level discussion about Spectrum <discuss.spectrum-os.org>
Archived-At: <https://spectrum-os.org/lists/hyperkitty/list/discuss@spectrum-os.org/message/UQZVYQRZJGLH7OLHJESQEGPSEIWKD7BP/>
List-Archive: <https://spectrum-os.org/lists/hyperkitty/list/discuss@spectrum-os.org/>
List-Help: <mailto:discuss-request@spectrum-os.org?subject=help>
List-Post: <mailto:discuss@spectrum-os.org>
List-Subscribe: <mailto:discuss-join@spectrum-os.org>
List-Unsubscribe: <mailto:discuss-leave@spectrum-os.org>

On Wed, 6 Jan 2021 at 15:56, Thomas Leonard <talex5@gmail.com> wrote:
[...]
> exec sudo "$mktuntap" -pvB 3 \
>   sudo -u "$USER" -C 4 \
>    "$crosvm" run \
>     -p init=/sbin/init \
>     -p "spectrumcmd=$(printf %s "$command" | base64 -w0)" \
>     --tap-fd 3 \
>     --seccomp-log-failures \
>     --root "$rootfs" \
>     --host_ip 10.0.0.1 \
>     --netmask 255.0.0.0 \
>     --mac c0:ff:ee:c0:ff:ee \
>     -m 4096 \
>     "$@" \
>     "$kernel"
>
> I got "sudo: you are not permitted to use the -C option", which I
> fixed by editing the sudoers file. Then it fails with:
>
> [ERROR:src/main.rs:1351] The architecture failed to build the vm:
> error creating devices: failed to set up virtio networking: failed to
> open tap device: failed to create tap interface: Operation not
> permitted (os error 1)

D'oh! I just realised you're not supposed to use the other network
options when using `--tap-fd`!

I was then able to browse the web from crosvm, like this:

- Add pkgs/os-specific/linux/spectrum/rootfs/etc/resolv.conf with e.g.
"nameserver 8.8.8.8".
- Configure the virtual eth0 in the VM setup script:
   foreground { ifconfig eth0 10.0.0.2 up }
   foreground { route add default gateway 10.0.0.1 }
- Enable NAT in configuration.nix, e.g.
  networking.nat = {
    enable = true;
    externalInterface = "eno2";
    internalIPs = [ "10.0.0.0/8" ];
  };
- Start the VM.
- Run "sudo ifconfig tap0 10.0.0.1 up" on host.
- Run firefox in VM to browse the web :-)


-- 
talex5 (GitHub/Twitter)        http://roscidus.com/blog/
GPG: 5DD5 8D70 899C 454A 966D  6A51 7513 3C8F 94F6 E0CC