Harold Grovesteen wrote:
Mark A. Stevens wrote:
# Note: Hercules's networking support requires privileged
# access to your host's networking devices. If Hercules is
# not started with Administrative (root) privileges then
# initialization of your networking devices will fail and
# your guest's networking will not work.
This is only true if Hercules SDL is dynamically creating the
interface on Linux or perhaps some other platforms. If the
interface is created outside of Hercules these privileges are
not required.
Correct. As you explained, if one uses pre-configured interfaces on Linux et al., then Hercules does not need to run as root, because the network interface it needs to use already exists and is already properly configured (because you already created and configured it yourself before you even started Hercules! So there's nothing Hercules needs to do before it can use it).
If you *don't* use pre-configured interfaces however (and instead rely on Hercules itself to both create and configure your networking interface), then *yes*, Hercules obviously needs to be started as root in order to be able to do that.
This is why using pre-configured interfaces on *Nix et al. is so highly recommended: so that you DON'T need to run Hercules as root.
On Windows however, due to the way CTCI-WIN works, Administrative privileges is *always* required, as it hooks directly into Windows's real network adapter's networking stack to be able to read packets directly from and write packets directly to the real physical adapter's stack.
I should try to make all of that a little bit clearer in the documentation.
This ability was brought over from the original Hyperion system
from which SDL Hercules was cloned.
Correct.
To my knowledge, which is not close to the details any more, I will
admit, this might have changed in SDL Hercules.
Nope.
This is not to say this specific environment does not require
privileged access, just that it is not always required, as far
as I know. I am happily corrected if this is no longer the case.
No, you are 100% correct, Harold.
--
"Fish" (David B. Trout)
Software Development Laboratories
mail: fish@...
