Site Navigation

Date:      Tue, 18 Jun 2024 01:26:32 +0200
From:      Mario Marietto <marietto2008@gmail.com>
To:        Dave Cottlehuber <dch@skunkwerks.at>
Cc:        Odhiambo Washington <odhiambo@gmail.com>,  freebsd-virtualization <freebsd-virtualization@freebsd.org>
Subject:   Re: How to launch a bhyve vm as normal user,without being root
Message-ID:  <CA%2B1FSiguSV08%2BEHEE8qOBRy2mz-eTW-cz0qj1PQvtfg9fTEthw@mail.gmail.com>
In-Reply-To: <2245d71d-33a0-49ee-9648-e3e6b9a96ae0@app.fastmail.com>
References:  <CA%2B1FSiimo=-0s80QeGMuLnJAzxi53-V6s303YuW36UkYnqfB-g@mail.gmail.com> <CAAdA2WPrtG_VaLuE8UfBwxanyfNzgLqeBCvpJMvRETdcUSmMEg@mail.gmail.com> <CA%2B1FSijLiq0WMdCvJfQC%2BvtBxXc6iSMD6WQAMavGpg%2BsmCuTFg@mail.gmail.com> <86a551c1-7f10-450d-a282-b33f959ed93e@app.fastmail.com> <CA%2B1FSighjAkOAtzyX3HBy4h0ZnTVckjF9adnWMpAR3m=xW0dUA@mail.gmail.com> <2245d71d-33a0-49ee-9648-e3e6b9a96ae0@app.fastmail.com>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

--000000000000d2fa98061b1e4d9c
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

I want to keep the bhyve scripts in /bhyve and I've added the path /bhyve
to /home/marietto/.zshrc and on /root/.zshrc like this :

# sudo nano /home/marietto/.zshrc

export PATH=3D/bhyve:$PATH
# zsh autocompletion for sudo and doas
zstyle ":completion:*:(sudo|su|doas):*" command-path /usr/local/bin
/usr/local/sbin /usr/sbin /usr/bin /bin /sbin /bhyve


and in /root/.zshrc :

# sudo nano /root/.zshrc

export PATH=3D/bhyve:$PATH
# zsh autocompletion for sudo and doas
zstyle ":completion:*:(sudo|su|doas):*" command-path /usr/local/bin
/usr/local/sbin /usr/sbin /usr/bin /bin /sbin /bhyve


with :

nano /usr/local/etc/doas.conf :

permit nopass :wheel as root cmd bhyve-win
permit nopass :wheel as root cmd bhyve-lin
permit nopass :wheel as root cmd /bhyve/12-Win-11-vm12


but when I try to run the vm like this :

[marietto@marietto /bhyve]=3D=3D> doas 10-Debian-Now_wine-tkg-vm10


it says :

doas: Operation not permitted


even if /bhyve is in $PATH :

[marietto@marietto /bhyve]=3D=3D> echo $PATH
/bhyve:/home/marietto/bin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr=
/local/sbin


and it is also on :

zstyle ":completion:*:(sudo|su|doas):*" command-path


If I keep the bhyve scripts in /usr/sbin,it works. But I want to keep the
bhyve scripts in /bhyve.

I found how it works :

[marietto@marietto /bhyve]=3D=3D> doas /bhyve/12-Win-11-vm12

I expect that this :

[marietto@marietto /bhyve]=3D=3D> doas 12-Win-11-vm12

works. And I would like to use it instead of doing : doas
/bhyve/12-Win-11-vm12.



On Tue, Jun 18, 2024 at 12:36=E2=80=AFAM Dave Cottlehuber <dch@skunkwerks.a=
t> wrote:

> On Mon, 17 Jun 2024, at 17:39, Mario Marietto wrote:
> > [marietto@marietto /bhyve]=3D=3D> sudo cp 12-Win-11-vm12 /usr/sbin
>
> this filepath is /usr/sbin/12-Win-11-vm12
>
> > permit nopass :wheel as root cmd /usr/sbin/bhyve-win
>
> this file path is /usr/sbin/bhyve-win
>
> these things need to be identical, like in the hallo example.
>
> > permit nopass :wheel as root cmd /usr/sbin/bhyve-win
>
> should be
>
> permit nopass :wheel as root cmd /usr/sbin/12-Win-11-vm12
>
> A+
> Dave
>


--=20
Mario.

--000000000000d2fa98061b1e4d9c
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">I want to keep the bhyve scripts in /bhyve and I&#39;ve ad=
ded the path /bhyve to /home/marietto/.zshrc and on /root/.zshrc like this =
:<br>
<br>

=09
=09


<div>
	<div></div>
	<div dir=3D"ltr">
		<pre dir=3D"ltr"><code># sudo nano /home/marietto/.zshrc

export PATH=3D/bhyve:$PATH
# zsh autocompletion for sudo and doas
zstyle &quot;:completion:*:(sudo|su|doas):*&quot; command-path /usr/local/b=
in /usr/local/sbin /usr/sbin /usr/bin /bin /sbin /bhyve


and in /root/.zshrc :
<br>
# sudo nano /root/.zshrc

export PATH=3D/bhyve:$PATH
# zsh autocompletion for sudo and doas
zstyle &quot;:completion:*:(sudo|su|doas):*&quot; command-path /usr/local/b=
in /usr/local/sbin /usr/sbin /usr/bin /bin /sbin /bhyve</code></pre>
	</div>
</div><br>
with :<br>
<br>

=09
=09


<div>
	<div></div>
	<div dir=3D"ltr">
		<pre dir=3D"ltr"><code>nano /usr/local/etc/doas.conf :

permit nopass :wheel as root cmd bhyve-win
permit nopass :wheel as root cmd bhyve-lin
permit nopass :wheel as root cmd /bhyve/12-Win-11-vm12</code></pre>
	</div>
</div><br>
but when I try to run the vm like this :<br>
<br>

=09
=09


<div>
	<div></div>
	<div dir=3D"ltr">
		<pre dir=3D"ltr"><code>[marietto@marietto /bhyve]=3D=3D&gt; doas 10-Debia=
n-Now_wine-tkg-vm10</code></pre>
	</div>
</div><br>
it says :<br>
<br>

=09
=09


<div>
	<div></div>
	<div dir=3D"ltr">
		<pre dir=3D"ltr">doas: Operation not permitted</pre>
	</div>
</div><br>
even if /bhyve is in $PATH :<br>
<br>

=09
=09


<div>
	<div></div>
	<div dir=3D"ltr">
		<pre dir=3D"ltr"><code>[marietto@marietto /bhyve]=3D=3D&gt; echo $PATH   =
          =20
/bhyve:/home/marietto/bin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr=
/local/sbin</code></pre>
	</div>
</div><br>
and it is also on :<br>
<br>

=09
=09


<div>
	<div></div>
	<div dir=3D"ltr">
		<pre dir=3D"ltr"><code>zstyle &quot;:completion:*:(sudo|su|doas):*&quot; =
command-path</code></pre>
	</div>
</div><br>If I keep the bhyve scripts in /usr/sbin,it works. But I want to =
keep the bhyve scripts in /bhyve.<br>
<br> I found how it works :<br>
<br>

=09
=09


<div><div dir=3D"ltr">
		<pre dir=3D"ltr"><code>[marietto@marietto /bhyve]=3D=3D&gt; doas /bhyve/1=
2-Win-11-vm12<br><br></code></pre><div> I expect that this :<br></div><div>=
<br></div><div><span class=3D"gmail-im"><div>[marietto@marietto /bhyve]=3D=
=3D&gt; doas 12-Win-11-vm12</div><div><br></div></span><div>works. And I wo=
uld like to use it instead of doing : doas /bhyve/12-Win-11-vm12.</div><div=
></div><div><br><br></div></div>
	</div>
</div></div><br><div class=3D"gmail_quote"><div dir=3D"ltr" class=3D"gmail_=
attr">On Tue, Jun 18, 2024 at 12:36=E2=80=AFAM Dave Cottlehuber &lt;<a href=
=3D"mailto:dch@skunkwerks.at" target=3D"_blank">dch@skunkwerks.at</a>&gt; w=
rote:<br></div><blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0p=
x 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">On Mon, 17=
 Jun 2024, at 17:39, Mario Marietto wrote:<br>
&gt; [marietto@marietto /bhyve]=3D=3D&gt; sudo cp 12-Win-11-vm12 /usr/sbin<=
br>
<br>
this filepath is /usr/sbin/12-Win-11-vm12<br>
<br>
&gt; permit nopass :wheel as root cmd /usr/sbin/bhyve-win<br>
<br>
this file path is /usr/sbin/bhyve-win<br>
<br>
these things need to be identical, like in the hallo example.<br>
<br>
&gt; permit nopass :wheel as root cmd /usr/sbin/bhyve-win<br>
<br>
should be <br>
<br>
permit nopass :wheel as root cmd /usr/sbin/12-Win-11-vm12<br>
<br>
A+<br>
Dave<br>
</blockquote></div><br clear=3D"all"><br><span class=3D"gmail_signature_pre=
fix">-- </span><br><div dir=3D"ltr" class=3D"gmail_signature">Mario.<br></d=
iv>

--000000000000d2fa98061b1e4d9c--

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CA%2B1FSiguSV08%2BEHEE8qOBRy2mz-eTW-cz0qj1PQvtfg9fTEthw>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact