NOTE: This commit does not satisfy backward compatibility.
The creation of the tap interface is performed by ioctl TUNSETIFF. In order to do this, the strong capabilities CAP_NET_RAW and CAP_NET_ADMIN are required. I want gokvm to run with less privileges by default, so I disable it.
NOTE: This commit does not satisfy backward compatibility.
The creation of the tap interface is performed by ioctl TUNSETIFF. In order to do this, the strong capabilities CAP_NET_RAW and CAP_NET_ADMIN are required. I want gokvm to run with less privileges by default, so I disable it.