| raw e-mail | index | archive | help
# ~/.zshrc # zsh autocompletion for sudo and doas zstyle ":completion:*:(sudo|su|doas):*" command-path /usr/local/bin /usr/local/sbin /usr/sbin /usr/bin /bin /sbin /bhyve and in /root/.zshrc : # zsh autocompletion for sudo and doas zstyle ":completion:*:(sudo|su|doas):*" command-path /usr/local/bin /usr/local/sbin /usr/sbin /usr/bin /bin /sbin /bhyve but when I try to run the vm like this : [marietto@marietto /bhyve]=3D=3D> doas 12-Win-11-vm12 it says : doas: 12-Win-11-vm12: command not found and when I do : [marietto@marietto /bhyve]=3D=3D> doas ./12-Win-11-vm12 it says : doas: Operation not permitted Why ? On Mon, Jun 17, 2024 at 7:53=E2=80=AFPM Mark Peek <mp@freebsd.org> wrote: > Likely need to add this as it is what you are passing to doas as the > command to execute: > > permit nopass :wheel as root cmd /usr/sbin/12-Win-11-vm12 > > Mark > > On Mon, Jun 17, 2024 at 10:40=E2=80=AFAM Mario Marietto <marietto2008@gma= il.com> > wrote: > > > > [marietto@marietto /bhyve]=3D=3D> sudo cp 12-Win-11-vm12 /usr/sbin > > > > [marietto@marietto /bhyve]=3D=3D> nano /usr/sbin/12-Win-11-vm12 > > > > #!/bin/sh > > > > bhyve-win -S -c sockets=3D4,cores=3D2,threads=3D1 -m 8G -w -H \ > > -S -c sockets=3D4,cores=3D2,threads=3D1 -m 8G -w -H \ > > -s 0,hostbridge \ > > -s 1,ahci-hd,/mnt/da4p2/bhyve/img/Windows/Windows11.img,bootindex=3D1 \ > > -s 2,ahci-hd,/dev/$vmdisk5 \ > > -s 8:0,passthru,2/0/0 \ > > -s 8:1,passthru,2/0/1 \ > > -s 8:2,passthru,2/0/2 \ > > -s 8:3,passthru,2/0/3 \ > > -s 13,virtio-net,tap12 \ > > -s 29,fbuf,tcp=3D0.0.0.0:5912,w=3D1600,h=3D950,wait \ > > -s 30,xhci,tablet \ > > -s 31,lpc \ > > -l bootrom,/usr/local/share/uefi-firmware/BHYVE_UEFI_CODE.fd \ > > vm0:12 < /dev/null & sleep 2 && vncviewer 0:12 > > > > [marietto@marietto /bhyve]=3D=3D> sudo chmod 0755 /usr/sbin/12-Win-11-v= m12 > > > > [marietto@marietto /bhyve]=3D=3D> sudo nano /usr/local/etc/doas.conf > > > > permit nopass :wheel as root cmd /usr/sbin/bhyve-win > > permit nopass :wheel as root cmd /usr/sbin/bhyve-lin > > > > [marietto@marietto /bhyve]=3D=3D> doas /usr/sbin/12-Win-11-vm12 > > doas: Operation not permitted > > > > BUT : > > > > [marietto@marietto /bhyve]=3D=3D> sudo nano /usr/sbin/hallo > > > > #!/bin/sh > > echo hallo $USER > > > > [marietto@marietto /bhyve]=3D=3D> sudo chmod 0755 /usr/sbin/hallo > > > > [marietto@marietto /bhyve]=3D=3D> sudo nano /usr/local/etc/doas.conf > > > > permit nopass :wheel as root cmd hallo > > > > [marietto@marietto /bhyve]=3D=3D> doas hallo > > > > BOOM ! it works : > > > > hallo root > > > > On Mon, Jun 17, 2024 at 6:54=E2=80=AFPM Dave Cottlehuber <dch@skunkwerk= s.at> > wrote: > >> > >> On Mon, 17 Jun 2024, at 14:12, Mario Marietto wrote: > >> > Nice idea,but it does not work : > >> > > >> > nano /home/marietto/.zshrc > >> > > >> > # ~/.zshrc > >> > >> Hi Mario, I think your zsh stuff is getting in the way > >> here. Your zshrc function is not visible to the root user, > >> as doas cleans up all the env and so your function is unknown. > >> > >> So start off with something without bhyve, make sure you are in > >> wheel group, and add a shell script called > >> /usr/local/bin/hallo: > >> > >> ``` > >> #!/bin/sh > >> echo hallo $USER > >> ``` > >> > >> chmod 0755 /usr/local/bin/hallo > >> > >> ``` > >> # /usr/local/etc/doas.conf (per doas.conf manpage) > >> permit nopass :wheel as root cmd /usr/local/bin/hallo > >> ``` > >> > >> $ doas /usr/local/bin/hallo > >> hallo root > >> > >> then replace your bhyve commands in the hallo script. > >> > >> Off the top of my head there's no reason for bhyve to need > >> anything different to hallo script. > >> A+ > >> Dave > > > > > > > > -- > > Mario. > --=20 Mario. --000000000000c863f1061b1a3aa0 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable <div dir=3D"ltr"><div class=3D"gmail-adn gmail-ads"><div class=3D"gmail-gs"= ><div class=3D"gmail-"><div id=3D"gmail-:po" class=3D"gmail-ii gmail-gt"><d= iv id=3D"gmail-:o1" class=3D"gmail-a3s gmail-aiL"><div dir=3D"ltr"><div>If = I keep the bhyve scripts in /usr/sbin,it works. But I want to keep the bhyv= e scripts in /bhyve and I don't want to keep them in /usr/sbin. For thi= s reason I've added the path /bhyve to /home/marietto/.zshrc like this = :<br></div><span class=3D"gmail-im"><div><br></div><div># ~/.zshrc</div><br= ># zsh autocompletion for sudo and doas<br><div>zstyle ":completion:*:= (sudo|su|doas):*" command-path /usr/local/bin /usr/local/sbin /usr/sbi= n /usr/bin /bin /sbin /bhyve</div><div><br></div></span><div>and in /root/.= zshrc :</div><span class=3D"gmail-im"><div><div><br></div># zsh autocomplet= ion for sudo and doas<br><div>zstyle ":completion:*:(sudo|su|doas):*&q= uot; command-path /usr/local/bin /usr/local/sbin /usr/sbin /usr/bin /bin /s= bin /bhyve</div></div><div><br></div></span><div>but when I try to run the = vm like this :</div><span class=3D"gmail-im"><div></div><div><br></div><div= ></div><div></div><div>[marietto@marietto /bhyve]=3D=3D> doas 12-Win-11-= vm12<br></div><div><br></div></span><div>it says :</div><span class=3D"gmai= l-im"><div><br></div><div>doas: 12-Win-11-vm12: command not found</div><div= ><br></div></span><div>and when I do :</div><div><br></div><div><span class= =3D"gmail-im">[marietto@marietto /bhyve]=3D=3D> doas ./12-Win-11-vm12</s= pan></div><div><br></div><div>it says :</div><div><br></div><div>doas: Oper= ation not permitted</div><div><br></div><div>Why ?</div></div></div></div><= /div></div></div><div class=3D"gmail-nH"><div class=3D"gmail-aHU gmail-hx">= <div role=3D"list" class=3D"gmail-bh"><div class=3D"gmail-h7 gmail-bg gmail= -ie" role=3D"listitem" aria-expanded=3D"true" tabindex=3D"-1"><div class=3D= "gmail-Bk"><div class=3D"gmail-G3 gmail-G2"><div><div id=3D"gmail-:um"><div= class=3D"gmail-gA gmail-gt gmail-acV"><div class=3D"gmail-gB gmail-xu"><di= v class=3D"gmail-ip gmail-iq"><div id=3D"gmail-:q6"><table class=3D"gmail-c= f gmail-wS" role=3D"presentation"><tbody><tr><td class=3D"gmail-amr"><br></= td></tr></tbody></table></div></div></div></div></div></div></div></div></d= iv></div></div></div></div><br><div class=3D"gmail_quote"><div dir=3D"ltr" = class=3D"gmail_attr">On Mon, Jun 17, 2024 at 7:53=E2=80=AFPM Mark Peek <= <a href=3D"mailto:mp@freebsd.org">mp@freebsd.org</a>> wrote:<br></div><b= lockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-le= ft:1px solid rgb(204,204,204);padding-left:1ex">Likely need to add this as = it is what you are passing to doas as the<br> command to execute:<br> <br> permit nopass :wheel as root cmd /usr/sbin/12-Win-11-vm12<br> <br> Mark<br> <br> On Mon, Jun 17, 2024 at 10:40=E2=80=AFAM Mario Marietto <<a href=3D"mail= to:marietto2008@gmail.com" target=3D"_blank">marietto2008@gmail.com</a>>= wrote:<br> ><br> > [marietto@marietto /bhyve]=3D=3D> sudo cp 12-Win-11-vm12 /usr/sbin<= br> ><br> > [marietto@marietto /bhyve]=3D=3D> nano /usr/sbin/12-Win-11-vm12<br> ><br> > #!/bin/sh<br> ><br> > bhyve-win -S -c sockets=3D4,cores=3D2,threads=3D1 -m 8G -w -H \<br> > -S -c sockets=3D4,cores=3D2,threads=3D1 -m 8G -w -H \<br> > -s 0,hostbridge \<br> > -s 1,ahci-hd,/mnt/da4p2/bhyve/img/Windows/Windows11.img,bootindex=3D1 = \<br> > -s 2,ahci-hd,/dev/$vmdisk5 \<br> > -s 8:0,passthru,2/0/0 \<br> > -s 8:1,passthru,2/0/1 \<br> > -s 8:2,passthru,2/0/2 \<br> > -s 8:3,passthru,2/0/3 \<br> > -s 13,virtio-net,tap12 \<br> > -s 29,fbuf,tcp=3D<a href=3D"http://0.0.0.0:5912" rel=3D"noreferrer" ta= rget=3D"_blank">0.0.0.0:5912</a>,w=3D1600,h=3D950,wait \<br> > -s 30,xhci,tablet \<br> > -s 31,lpc \<br> > -l bootrom,/usr/local/share/uefi-firmware/BHYVE_UEFI_CODE.fd \<br> > vm0:12 < /dev/null & sleep 2 && vncviewer 0:12<br> ><br> > [marietto@marietto /bhyve]=3D=3D> sudo chmod 0755 /usr/sbin/12-Win-= 11-vm12<br> ><br> > [marietto@marietto /bhyve]=3D=3D> sudo nano /usr/local/etc/doas.con= f<br> ><br> > permit nopass :wheel as root cmd /usr/sbin/bhyve-win<br> > permit nopass :wheel as root cmd /usr/sbin/bhyve-lin<br> ><br> > [marietto@marietto /bhyve]=3D=3D> doas /usr/sbin/12-Win-11-vm12<br> > doas: Operation not permitted<br> ><br> > BUT :<br> ><br> > [marietto@marietto /bhyve]=3D=3D> sudo nano /usr/sbin/hallo<br> ><br> > #!/bin/sh<br> > echo hallo $USER<br> ><br> > [marietto@marietto /bhyve]=3D=3D> sudo chmod 0755 /usr/sbin/hallo<b= r> ><br> > [marietto@marietto /bhyve]=3D=3D> sudo nano /usr/local/etc/doas.con= f<br> ><br> > permit nopass :wheel as root cmd hallo<br> ><br> > [marietto@marietto /bhyve]=3D=3D> doas hallo<br> ><br> > BOOM ! it works :<br> ><br> > hallo root<br> ><br> > On Mon, Jun 17, 2024 at 6:54=E2=80=AFPM Dave Cottlehuber <<a href= =3D"mailto:dch@skunkwerks.at" target=3D"_blank">dch@skunkwerks.at</a>> w= rote:<br> >><br> >> On Mon, 17 Jun 2024, at 14:12, Mario Marietto wrote:<br> >> > Nice idea,but it does not work :<br> >> ><br> >> > nano /home/marietto/.zshrc<br> >> ><br> >> > # ~/.zshrc<br> >><br> >> Hi Mario, I think your zsh stuff is getting in the way<br> >> here. Your zshrc function is not visible to the root user,<br> >> as doas cleans up all the env and so your function is unknown.<br> >><br> >> So start off with something without bhyve, make sure you are in<br= > >> wheel group, and add a shell script called<br> >> /usr/local/bin/hallo:<br> >><br> >> ```<br> >> #!/bin/sh<br> >> echo hallo $USER<br> >> ```<br> >><br> >> chmod 0755 /usr/local/bin/hallo<br> >><br> >> ```<br> >> # /usr/local/etc/doas.conf (per doas.conf manpage)<br> >> permit nopass :wheel as root cmd /usr/local/bin/hallo<br> >> ```<br> >><br> >> $ doas /usr/local/bin/hallo<br> >> hallo root<br> >><br> >> then replace your bhyve commands in the hallo script.<br> >><br> >> Off the top of my head there's no reason for bhyve to need<br> >> anything different to hallo script.<br> >> A+<br> >> Dave<br> ><br> ><br> ><br> > --<br> > Mario.<br> </blockquote></div><br clear=3D"all"><br><span class=3D"gmail_signature_pre= fix">-- </span><br><div dir=3D"ltr" class=3D"gmail_signature">Mario.<br></d= iv> --000000000000c863f1061b1a3aa0--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?>