From nobody Mon Jun 17 16:54:03 2024
X-Original-To: freebsd-virtualization@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4W2ww207cNz5PDr4
	for <freebsd-virtualization@mlmmj.nyi.freebsd.org>; Mon, 17 Jun 2024 16:54:26 +0000 (UTC)
	(envelope-from dch@skunkwerks.at)
Received: from fhigh2-smtp.messagingengine.com (fhigh2-smtp.messagingengine.com [103.168.172.153])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mx1.freebsd.org (Postfix) with ESMTPS id 4W2ww136H4z40hd
	for <freebsd-virtualization@freebsd.org>; Mon, 17 Jun 2024 16:54:25 +0000 (UTC)
	(envelope-from dch@skunkwerks.at)
Authentication-Results: mx1.freebsd.org;
	none
Received: from compute2.internal (compute2.nyi.internal [10.202.2.46])
	by mailfhigh.nyi.internal (Postfix) with ESMTP id 2EBC4114023F;
	Mon, 17 Jun 2024 12:54:24 -0400 (EDT)
Received: from imap44 ([10.202.2.94])
  by compute2.internal (MEProxy); Mon, 17 Jun 2024 12:54:24 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=skunkwerks.at;
	 h=cc:cc:content-type:content-type:date:date:from:from
	:in-reply-to:in-reply-to:message-id:mime-version:references
	:reply-to:subject:subject:to:to; s=fm2; t=1718643264; x=
	1718729664; bh=gOVimCjhZMS21h0csB1DS+DrditWc2epAml401Zro98=; b=X
	jGKBAObDu7ZdnAWtdFsGPviH9Wn2mEDz6Kw8w7RMTwiD4gGq2ol3v1AFS8ATjWAK
	6qk6gxtayzCQPAnlzp+ycBC9/mxrwQ9BKv6hH4tdSxtcG/xkFZNymPiT5d4gLyo9
	aHjBub4/xfynM5Qx5DnZssEk/KYdAyDWQdtVvdqOOX+VfC/ivgdr78AVLdQz1EVx
	/MTpnIpc0kz62mZcOHxDBvHKCt4ZnYYte8gb4QNKt0idbrEjo2r9s89QAc3mIIPk
	ufEGBezzot4MApiUoHLWh2O3BOO5R9h6K/b6+6NQVXJw7xkHrYN+WikB9dRjSDbd
	3JXRXy50Pda7MifsQCDlQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
	messagingengine.com; h=cc:cc:content-type:content-type:date:date
	:feedback-id:feedback-id:from:from:in-reply-to:in-reply-to
	:message-id:mime-version:references:reply-to:subject:subject:to
	:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=
	fm1; t=1718643264; x=1718729664; bh=gOVimCjhZMS21h0csB1DS+DrditW
	c2epAml401Zro98=; b=TYTGNpNBy6E6AX0WhOh5YaqU/E/Fh7YhOhMnjWMUM2F0
	5bClWzvzNFcF41kwS2deUNlTor+QgxserBQ3NVfeUI8YEKJ1iZ67DKJfgFyXD+C2
	xGAsberkojnc1GXTSbZSxsLzmmm1yflxFOgBnnNWGEymCLkaCphk0uWP1jO/zqUH
	44dL3Ijyeerj1rGgudSe3cz1ZGkW64nHfyPzmPNC6rNFrR708nINg4oINS4gUEPt
	Ke6e279A9L4NpFFHeBMEkpwl47yqgUfo/flW3fht3hNkobsQj7X4qm4WkllwFz1R
	iVYwFCTt6RJVg913/zdGpLVzc9TQ6Yo0N6jkAQkNJA==
X-ME-Sender: <xms:P2pwZrfVa421n6i5jUIs5d9OhbtEesLehzazCvYJRHxpeg33KGtklQ>
    <xme:P2pwZhOFlheCAUPZ4FQHSFr1tvKs7dpUO9q_p_pDZLspQMArg1D2UqCk8gFgMkRAW
    -Er2LAvaxoNEPQ57Q>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvledrfedvhedguddtiecutefuodetggdotefrod
    ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh
    necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd
    enucfjughrpefofgggkfgjfhffhffvvefutgesthdtredtreertdenucfhrhhomhepfdff
    rghvvgcuvehothhtlhgvhhhusggvrhdfuceouggthhesshhkuhhnkhifvghrkhhsrdgrth
    eqnecuggftrfgrthhtvghrnheptddtteduvdffuedviefhjedtlefggeelhfelieetgfeh
    tdduieeguddtkedtudfhnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrg
    hilhhfrhhomhepuggthhesshhkuhhnkhifvghrkhhsrdgrth
X-ME-Proxy: <xmx:P2pwZkgTimWHmdQieuXJc95rbln7LtAU5XipIKI43Yx0jGEXT6aXHA>
    <xmx:P2pwZs9RYMTG3Ln2Bhs96rOZdLwq2vQiA5RcRXbTy3ObZYivtnZG2Q>
    <xmx:P2pwZnuTmk98WPRIeRG20gxmu0qhNYZQ17W3ASh0tFoONM8rbNrUDA>
    <xmx:P2pwZrHpm-W8J-wTu5z2eOdU2bDCfx7ICgDeViWbO_eH3C9FCLHn9Q>
    <xmx:QGpwZg51GLc19PCRGKww5jkyr3DK2HeA-AuMLywSx3KOjp4Gjw9J4ysr>
Feedback-ID: ic0e84090:Fastmail
Received: by mailuser.nyi.internal (Postfix, from userid 501)
	id D5D5336A0076; Mon, 17 Jun 2024 12:54:23 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.11.0-alpha0-522-ga39cca1d5-fm-20240610.002-ga39cca1d
List-Id: Discussion <freebsd-virtualization.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-virtualization
List-Help: <mailto:virtualization+help@freebsd.org>
List-Post: <mailto:virtualization@freebsd.org>
List-Subscribe: <mailto:virtualization+subscribe@freebsd.org>
List-Unsubscribe: <mailto:virtualization+unsubscribe@freebsd.org>
X-BeenThere: freebsd-virtualization@freebsd.org
Sender: owner-freebsd-virtualization@FreeBSD.org
MIME-Version: 1.0
Message-Id: <86a551c1-7f10-450d-a282-b33f959ed93e@app.fastmail.com>
In-Reply-To: 
 <CA+1FSijLiq0WMdCvJfQC+vtBxXc6iSMD6WQAMavGpg+smCuTFg@mail.gmail.com>
References: 
 <CA+1FSiimo=-0s80QeGMuLnJAzxi53-V6s303YuW36UkYnqfB-g@mail.gmail.com>
 <CAAdA2WPrtG_VaLuE8UfBwxanyfNzgLqeBCvpJMvRETdcUSmMEg@mail.gmail.com>
 <CA+1FSijLiq0WMdCvJfQC+vtBxXc6iSMD6WQAMavGpg+smCuTFg@mail.gmail.com>
Date: Mon, 17 Jun 2024 16:54:03 +0000
From: "Dave Cottlehuber" <dch@skunkwerks.at>
To: "Mario Marietto" <marietto2008@gmail.com>,
 "Odhiambo Washington" <odhiambo@gmail.com>
Cc: freebsd-virtualization <freebsd-virtualization@freebsd.org>
Subject: Re: How to launch a bhyve vm as normal user,without being root
Content-Type: text/plain
X-Spamd-Bar: ----
X-Rspamd-Pre-Result: action=no action;
	module=replies;
	Message is reply to one we originated
X-Spamd-Result: default: False [-4.00 / 15.00];
	REPLY(-4.00)[];
	ASN(0.00)[asn:209242, ipnet:103.168.172.0/24, country:US]
X-Rspamd-Queue-Id: 4W2ww136H4z40hd

On Mon, 17 Jun 2024, at 14:12, Mario Marietto wrote:
> Nice idea,but it does not work :
>
> nano /home/marietto/.zshrc
>
> # ~/.zshrc

Hi Mario, I think your zsh stuff is getting in the way
here. Your zshrc function is not visible to the root user,
as doas cleans up all the env and so your function is unknown.

So start off with something without bhyve, make sure you are in
wheel group, and add a shell script called
/usr/local/bin/hallo:

```
#!/bin/sh
echo hallo $USER
```

chmod 0755 /usr/local/bin/hallo

```
# /usr/local/etc/doas.conf (per doas.conf manpage)
permit nopass :wheel as root cmd /usr/local/bin/hallo
```

$ doas /usr/local/bin/hallo
hallo root

then replace your bhyve commands in the hallo script.

Off the top of my head there's no reason for bhyve to need
anything different to hallo script.
A+
Dave