Description:

The tuntap connection type requires both a User and a Group to be defined. However, when configuring a tuntap device in the kernel, the device's uid and gid must both match for someone to be able to use the device. The only way to create a tuntap device accessible to a group of users is therefore to avoid specifying the user argument to "ip tuntap add."

This is a feature request to configure the tuntap device appropriately if the User parameter has not been defined, by simply not supplying the user or group argument. A simple patch to the tuntap connection script is attached.

Additional info:
* package version(s)

netctl 0.8-1

* config and/or log files etc.


Steps to reproduce:

Try finding any combination of configuration arguments that will make netctl create a group-accessible tuntap device. For example, say you want to see this:

$ ip tuntap
kvm0: tap group 78

You can get tuntap to do something like this:

$ ip tuntap
kvm0: tap user 0 group 78

but then you have to be root to use the kvm0 device. (Maybe it shouldn't be that way, but it is--try it.)