OK, I tried like this:
exec sudo "$mktuntap" -pvB 3 \ sudo -u "$USER" -C 4 \ "$crosvm" run \ -p init=/sbin/init \ -p "spectrumcmd=$(printf %s "$command" | base64 -w0)" \ --tap-fd 3 \ --seccomp-log-failures \ --root "$rootfs" \ --host_ip 10.0.0.1 \ --netmask 255.0.0.0 \ --mac c0:ff:ee:c0:ff:ee \ -m 4096 \ "$@" \ "$kernel"
I got "sudo: you are not permitted to use the -C option", which I fixed by editing the sudoers file. Then it fails with:
[ERROR:src/main.rs:1351] The architecture failed to build the vm: error creating devices: failed to set up virtio networking: failed to open tap device: failed to create tap interface: Operation not permitted (os error 1)
Strace shows:
openat(AT_FDCWD, "/dev/net/tun", O_RDWR|O_NONBLOCK|O_CLOEXEC) = 31 ioctl(31, TUNSETIFF, 0x7ffee7ede238) = -1 EPERM (Operation not permitted)
Maybe it's just because my crosvm is too old?
This is because if you specify --host_ip, --netmask, or --mac, crosvm will try to create its own TAP device. If you omit all those arguments I think it should work.
Oh, whoops, I missed your reply about having worked this out already!