Date: Tue, 18 Jun 2024 09:53:11 +0300 From: Odhiambo Washington <odhiambo@gmail.com> To: Mario Marietto <marietto2008@gmail.com> Cc: FreeBSD virtualization <freebsd-virtualization@freebsd.org> Subject: Re: How to launch a bhyve vm as normal user,without being root Message-ID: <CAAdA2WMUX6E6VPhbtR9=Z9fp4_1e47A=izpiCBNDLsCU7zdtUA@mail.gmail.com> In-Reply-To: <CA%2B1FSig=GAH0OSSVwbYSgG_XYjGcqV2g4X4cMCm777et=Vgg5w@mail.gmail.com> References: <CA%2B1FSiimo=-0s80QeGMuLnJAzxi53-V6s303YuW36UkYnqfB-g@mail.gmail.com> <CAAdA2WPrtG_VaLuE8UfBwxanyfNzgLqeBCvpJMvRETdcUSmMEg@mail.gmail.com> <CA%2B1FSijLiq0WMdCvJfQC%2BvtBxXc6iSMD6WQAMavGpg%2BsmCuTFg@mail.gmail.com> <CAAdA2WMw49ySJWY4OMOh%2BtuEK7gUwjq2a92dsrpaAfYbkx_Upg@mail.gmail.com> <CA%2B1FSig=GAH0OSSVwbYSgG_XYjGcqV2g4X4cMCm777et=Vgg5w@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--000000000000292e3e061b248b86
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
######/usr/local/etc/doas.conf#########################
permit :wheel
permit nopass keepenv :wheel
permit alice as root
permit keepenv bob as root
permit cindy as root cmd pkg args update
permit cindy as root cmd pkg args upgrade
permit nolog david as root cmd id
permit www as root cmd pfctl
permit nopass *wash* as root cmd bhyve
####### /usr/local/bhyve-vms/scripts/debian.sh##############
#!/usr/bin/env bash
if ! kldstat | grep -w vmm.ko
then
kldload -v vmm
fi
if ! kldstat | grep -w nmdm.ko
then
kldload -v nmdm
fi
/usr/sbin/bhyve -S -c sockets=3D2,cores=3D2,threads=3D2 -m 4G -w -H -A \
-s 0,hostbridge \
-s 4,ahci-hd,/usr/local/bhyve-vms/Debian/debian.img,bootindex=3D1 \
-s 5,virtio-net,tap3 \
-s 7,virtio-9p,sharename=3D/ \
-s 8,hda,play=3D/dev/dsp,rec=3D/dev/dsp \
-s 29,fbuf,tcp=3D0.0.0.0:5904,w=3D1600,h=3D950 \
-s 30,xhci,tablet \
-s 31,lpc -l com1,stdio \
-l bootrom,/usr/local/share/uefi-firmware/BHYVE_UEFI.fd \
debian
And all I do is `doas /usr/local/bhyve-vms/scripts/debian.sh`.
On Mon, Jun 17, 2024 at 6:46=E2=80=AFPM Mario Marietto <marietto2008@gmail.=
com>
wrote:
> Can you paste here the contents of doas.conf and debian.sh ? thanks.
>
> On Mon, Jun 17, 2024 at 5:35=E2=80=AFPM Odhiambo Washington <odhiambo@gma=
il.com>
> wrote:
>
>>
>>
>> On Mon, Jun 17, 2024 at 5:13=E2=80=AFPM Mario Marietto <marietto2008@gma=
il.com>
>> wrote:
>>
>>> Nice idea,but it does not work :
>>>
>>
>> It worked for me!
>>
>> I created a bash script file named debian.sh which contained all the
>> bhyve args to create the VM, then I just did:
>>
>> doas debian.sh
>>
>> And I actually successfully installed the VM and it's running
>>
>>
>> --
>> Best regards,
>> Odhiambo WASHINGTON,
>> Nairobi,KE
>> +254 7 3200 0004/+254 7 2274 3223
>> In an Internet failure case, the #1 suspect is a constant: DNS.
>> "Oh, the cruft.", egrep -v '^$|^.*#' =C2=AF\_(=E3=83=84)_/=C2=AF :-)
>> [How to ask smart questions:
>> http://www.catb.org/~esr/faqs/smart-questions.html]
>>
>
>
> --
> Mario.
>
--=20
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
In an Internet failure case, the #1 suspect is a constant: DNS.
"Oh, the cruft.", egrep -v '^$|^.*#' =C2=AF\_(=E3=83=84)_/=C2=AF :-)
[How to ask smart questions:
http://www.catb.org/~esr/faqs/smart-questions.html]
--000000000000292e3e061b248b86
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><div>######/usr/local/etc/doas.conf#######################=
##<br>permit :wheel<br>permit nopass keepenv :wheel<br>permit alice as root=
<br>permit keepenv bob as root<br>permit cindy as root cmd pkg args update<=
br>permit cindy as root cmd pkg args upgrade<br>permit nolog david as root =
cmd id<br>permit www as root cmd pfctl<br>permit nopass <b>wash</b> as root=
cmd bhyve<br></div><div><br></div><div>####### /usr/local/bhyve-vms/script=
s/debian.sh##############</div><div>#!/usr/bin/env bash<br>if ! kldstat | g=
rep -w vmm.ko<br>then<br>=C2=A0 =C2=A0 =C2=A0 =C2=A0 kldload -v vmm<br>fi<b=
r>if ! kldstat | grep -w nmdm.ko<br>then<br>=C2=A0 =C2=A0 =C2=A0 =C2=A0 kld=
load -v nmdm<br>fi<br>/usr/sbin/bhyve -S -c sockets=3D2,cores=3D2,threads=
=3D2 -m 4G -w -H -A \<br>-s 0,hostbridge \<br>-s 4,ahci-hd,/usr/local/bhyve=
-vms/Debian/debian.img,bootindex=3D1 \<br>-s 5,virtio-net,tap3 \<br>-s 7,vi=
rtio-9p,sharename=3D/ \<br>-s 8,hda,play=3D/dev/dsp,rec=3D/dev/dsp \<br>-s =
29,fbuf,tcp=3D<a href=3D"http://0.0.0.0:5904" target=3D"_blank">0.0.0.0:590=
4</a>,w=3D1600,h=3D950 \<br>-s 30,xhci,tablet \<br>-s 31,lpc -l com1,stdio =
\<br>-l bootrom,/usr/local/share/uefi-firmware/BHYVE_UEFI.fd \<br>debian<br=
></div><div><br></div><div>And all I do is `doas /usr/local/bhyve-vms/scrip=
ts/debian.sh`.</div><div><br></div></div><br><div class=3D"gmail_quote"><di=
v dir=3D"ltr" class=3D"gmail_attr">On Mon, Jun 17, 2024 at 6:46=E2=80=AFPM =
Mario Marietto <<a href=3D"mailto:marietto2008@gmail.com" target=3D"_bla=
nk">marietto2008@gmail.com</a>> wrote:<br></div><blockquote class=3D"gma=
il_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,2=
04,204);padding-left:1ex"><div dir=3D"ltr">Can you paste here the contents =
of doas.conf and debian.sh ? thanks.<br></div><br><div class=3D"gmail_quote=
"><div dir=3D"ltr" class=3D"gmail_attr">On Mon, Jun 17, 2024 at 5:35=E2=80=
=AFPM Odhiambo Washington <<a href=3D"mailto:odhiambo@gmail.com" target=
=3D"_blank">odhiambo@gmail.com</a>> wrote:<br></div><blockquote class=3D=
"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(2=
04,204,204);padding-left:1ex"><div dir=3D"ltr"><div dir=3D"ltr"><br></div><=
br><div class=3D"gmail_quote"><div dir=3D"ltr" class=3D"gmail_attr">On Mon,=
Jun 17, 2024 at 5:13=E2=80=AFPM Mario Marietto <<a href=3D"mailto:marie=
tto2008@gmail.com" target=3D"_blank">marietto2008@gmail.com</a>> wrote:<=
br></div><blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8e=
x;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir=3D"ltr"=
><div>Nice idea,but it does not work :</div></div></blockquote><div><br></d=
iv><div>It worked for me!</div><div><br></div><div>I created a bash script =
file named debian.sh which contained all the bhyve args to create the VM, t=
hen I just did:</div><div><br></div><div>doas debian.sh</div><div><br></div=
><div>And I actually successfully installed the VM and it's running</di=
v><div><br></div></div><div><br></div><span class=3D"gmail_signature_prefix=
">-- </span><br><div dir=3D"ltr" class=3D"gmail_signature"><div dir=3D"ltr"=
><div dir=3D"ltr"><div>Best regards,<br>Odhiambo WASHINGTON,<br>Nairobi,KE<=
br>+254 7 3200 0004/+254 7 2274 3223</div><div><span style=3D"color:rgb(34,=
34,34)">=C2=A0In=C2=A0</span><span style=3D"color:rgb(34,34,34)">an Interne=
t failure case, the #1 suspect is a constant: DNS.</span><br>"<span st=
yle=3D"font-size:12.8px">Oh, the cruft.</span><span style=3D"font-size:12.8=
px">",=C2=A0</span><span style=3D"font-size:12.8px">egrep -v '^$|^=
.*#'=C2=A0</span><span style=3D"background-color:rgb(34,34,34);color:rg=
b(238,238,238);font-family:"Lucida Console",Consolas,"Courie=
r New",monospace;font-size:13.6px">=C2=AF\_(=E3=83=84)_/=C2=AF</span><=
span style=3D"font-size:12.8px">=C2=A0:-)</span></div><div><span style=3D"f=
ont-size:12.8px">[How to ask smart questions:=C2=A0</span><span style=3D"fo=
nt-size:12.8px"><a href=3D"http://www.catb.org/~esr/faqs/smart-questions.ht=
ml" target=3D"_blank">http://www.catb.org/~esr/faqs/smart-questions.html</a=
>]</span></div></div></div></div></div>
</blockquote></div><br clear=3D"all"><br><span class=3D"gmail_signature_pre=
fix">-- </span><br><div dir=3D"ltr" class=3D"gmail_signature">Mario.<br></d=
iv>
</blockquote></div><br clear=3D"all"><div><br></div><span class=3D"gmail_si=
gnature_prefix">-- </span><br><div dir=3D"ltr" class=3D"gmail_signature"><d=
iv dir=3D"ltr"><div dir=3D"ltr"><div>Best regards,<br>Odhiambo WASHINGTON,<=
br>Nairobi,KE<br>+254 7 3200 0004/+254 7 2274 3223</div><div><span style=3D=
"color:rgb(34,34,34)">=C2=A0In=C2=A0</span><span style=3D"color:rgb(34,34,3=
4)">an Internet failure case, the #1 suspect is a constant: DNS.</span><br>=
"<span style=3D"font-size:12.8px">Oh, the cruft.</span><span style=3D"=
font-size:12.8px">",=C2=A0</span><span style=3D"font-size:12.8px">egre=
p -v '^$|^.*#'=C2=A0</span><span style=3D"background-color:rgb(34,3=
4,34);color:rgb(238,238,238);font-family:"Lucida Console",Consola=
s,"Courier New",monospace;font-size:13.6px">=C2=AF\_(=E3=83=84)_/=
=C2=AF</span><span style=3D"font-size:12.8px">=C2=A0:-)</span></div><div><s=
pan style=3D"font-size:12.8px">[How to ask smart questions:=C2=A0</span><sp=
an style=3D"font-size:12.8px"><a href=3D"http://www.catb.org/~esr/faqs/smar=
t-questions.html" target=3D"_blank">http://www.catb.org/~esr/faqs/smart-que=
stions.html</a>]</span></div></div></div></div>
--000000000000292e3e061b248b86--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAAdA2WMUX6E6VPhbtR9=Z9fp4_1e47A=izpiCBNDLsCU7zdtUA>