Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enabling the creation of TUN devices #178

Open
icsy7867 opened this issue Jan 26, 2024 · 1 comment
Open

Enabling the creation of TUN devices #178

icsy7867 opened this issue Jan 26, 2024 · 1 comment

Comments

@icsy7867
Copy link

Hello! I have a rather strange implementation. I am trying to connect the jail to another host via a wireguard tunnel. If using docker, it works fine. However enroot does not seem to allow the creation of network interfaces.

ERROR: (peer) 2024/01/26 13:54:06 Failed to create TUN device: operation not permitted
Unable to access interface: Protocol not supported

I was curious if anyone knew of a setting or a way to make something like this work. Thanks!
@3XX0
Copy link
Member

3XX0 commented Jan 26, 2024

You need privileges to do that and Enroot by design doesn't grant you more privileges that you have. There's no network namespace by default either for the same reason.

You can run the container as root (superuser) if your enroot config allows it. Alternatively you can unshare a network namespace inside the container, but you would have to wire it to your host network somehow (slirp, veth, etc)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@3XX0 @icsy7867