Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 18 Jun 2024 01:26:32 +0200
From:      Mario Marietto <marietto2008@gmail.com>
To:        Dave Cottlehuber <dch@skunkwerks.at>
Cc:        Odhiambo Washington <odhiambo@gmail.com>,  freebsd-virtualization <freebsd-virtualization@freebsd.org>
Subject:   Re: How to launch a bhyve vm as normal user,without being root
Message-ID:  <CA%2B1FSiguSV08%2BEHEE8qOBRy2mz-eTW-cz0qj1PQvtfg9fTEthw@mail.gmail.com>
In-Reply-To: <2245d71d-33a0-49ee-9648-e3e6b9a96ae0@app.fastmail.com>
References:  <CA%2B1FSiimo=-0s80QeGMuLnJAzxi53-V6s303YuW36UkYnqfB-g@mail.gmail.com> <CAAdA2WPrtG_VaLuE8UfBwxanyfNzgLqeBCvpJMvRETdcUSmMEg@mail.gmail.com> <CA%2B1FSijLiq0WMdCvJfQC%2BvtBxXc6iSMD6WQAMavGpg%2BsmCuTFg@mail.gmail.com> <86a551c1-7f10-450d-a282-b33f959ed93e@app.fastmail.com> <CA%2B1FSighjAkOAtzyX3HBy4h0ZnTVckjF9adnWMpAR3m=xW0dUA@mail.gmail.com> <2245d71d-33a0-49ee-9648-e3e6b9a96ae0@app.fastmail.com>
index | next in thread | previous in thread | raw e-mail 

[-- Attachment #1 --]
I want to keep the bhyve scripts in /bhyve and I've added the path /bhyve
to /home/marietto/.zshrc and on /root/.zshrc like this :

# sudo nano /home/marietto/.zshrc

export PATH=/bhyve:$PATH
# zsh autocompletion for sudo and doas
zstyle ":completion:*:(sudo|su|doas):*" command-path /usr/local/bin
/usr/local/sbin /usr/sbin /usr/bin /bin /sbin /bhyve


and in /root/.zshrc :

# sudo nano /root/.zshrc

export PATH=/bhyve:$PATH
# zsh autocompletion for sudo and doas
zstyle ":completion:*:(sudo|su|doas):*" command-path /usr/local/bin
/usr/local/sbin /usr/sbin /usr/bin /bin /sbin /bhyve


with :

nano /usr/local/etc/doas.conf :

permit nopass :wheel as root cmd bhyve-win
permit nopass :wheel as root cmd bhyve-lin
permit nopass :wheel as root cmd /bhyve/12-Win-11-vm12


but when I try to run the vm like this :

[marietto@marietto /bhyve]==> doas 10-Debian-Now_wine-tkg-vm10


it says :

doas: Operation not permitted


even if /bhyve is in $PATH :

[marietto@marietto /bhyve]==> echo $PATH
/bhyve:/home/marietto/bin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin


and it is also on :

zstyle ":completion:*:(sudo|su|doas):*" command-path


If I keep the bhyve scripts in /usr/sbin,it works. But I want to keep the
bhyve scripts in /bhyve.

I found how it works :

[marietto@marietto /bhyve]==> doas /bhyve/12-Win-11-vm12

I expect that this :

[marietto@marietto /bhyve]==> doas 12-Win-11-vm12

works. And I would like to use it instead of doing : doas
/bhyve/12-Win-11-vm12.



On Tue, Jun 18, 2024 at 12:36 AM Dave Cottlehuber <dch@skunkwerks.at> wrote:

> On Mon, 17 Jun 2024, at 17:39, Mario Marietto wrote:
> > [marietto@marietto /bhyve]==> sudo cp 12-Win-11-vm12 /usr/sbin
>
> this filepath is /usr/sbin/12-Win-11-vm12
>
> > permit nopass :wheel as root cmd /usr/sbin/bhyve-win
>
> this file path is /usr/sbin/bhyve-win
>
> these things need to be identical, like in the hallo example.
>
> > permit nopass :wheel as root cmd /usr/sbin/bhyve-win
>
> should be
>
> permit nopass :wheel as root cmd /usr/sbin/12-Win-11-vm12
>
> A+
> Dave
>


-- 
Mario.

[-- Attachment #2 --]
<div dir="ltr">I want to keep the bhyve scripts in /bhyve and I&#39;ve added the path /bhyve to /home/marietto/.zshrc and on /root/.zshrc like this :<br>
<br>

	
	


<div>
	<div></div>
	<div dir="ltr">
		<pre dir="ltr"><code># sudo nano /home/marietto/.zshrc

export PATH=/bhyve:$PATH
# zsh autocompletion for sudo and doas
zstyle &quot;:completion:*:(sudo|su|doas):*&quot; command-path /usr/local/bin /usr/local/sbin /usr/sbin /usr/bin /bin /sbin /bhyve


and in /root/.zshrc :
<br>
# sudo nano /root/.zshrc

export PATH=/bhyve:$PATH
# zsh autocompletion for sudo and doas
zstyle &quot;:completion:*:(sudo|su|doas):*&quot; command-path /usr/local/bin /usr/local/sbin /usr/sbin /usr/bin /bin /sbin /bhyve</code></pre>
	</div>
</div><br>
with :<br>
<br>

	
	


<div>
	<div></div>
	<div dir="ltr">
		<pre dir="ltr"><code>nano /usr/local/etc/doas.conf :

permit nopass :wheel as root cmd bhyve-win
permit nopass :wheel as root cmd bhyve-lin
permit nopass :wheel as root cmd /bhyve/12-Win-11-vm12</code></pre>
	</div>
</div><br>
but when I try to run the vm like this :<br>
<br>

	
	


<div>
	<div></div>
	<div dir="ltr">
		<pre dir="ltr"><code>[marietto@marietto /bhyve]==&gt; doas 10-Debian-Now_wine-tkg-vm10</code></pre>
	</div>
</div><br>
it says :<br>
<br>

	
	


<div>
	<div></div>
	<div dir="ltr">
		<pre dir="ltr">doas: Operation not permitted</pre>
	</div>
</div><br>
even if /bhyve is in $PATH :<br>
<br>

	
	


<div>
	<div></div>
	<div dir="ltr">
		<pre dir="ltr"><code>[marietto@marietto /bhyve]==&gt; echo $PATH              
/bhyve:/home/marietto/bin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin</code></pre>
	</div>
</div><br>
and it is also on :<br>
<br>

	
	


<div>
	<div></div>
	<div dir="ltr">
		<pre dir="ltr"><code>zstyle &quot;:completion:*:(sudo|su|doas):*&quot; command-path</code></pre>
	</div>
</div><br>If I keep the bhyve scripts in /usr/sbin,it works. But I want to keep the bhyve scripts in /bhyve.<br>
<br> I found how it works :<br>
<br>

	
	


<div><div dir="ltr">
		<pre dir="ltr"><code>[marietto@marietto /bhyve]==&gt; doas /bhyve/12-Win-11-vm12<br><br></code></pre><div> I expect that this :<br></div><div><br></div><div><span class="gmail-im"><div>[marietto@marietto /bhyve]==&gt; doas 12-Win-11-vm12</div><div><br></div></span><div>works. And I would like to use it instead of doing : doas /bhyve/12-Win-11-vm12.</div><div></div><div><br><br></div></div>
	</div>
</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Jun 18, 2024 at 12:36 AM Dave Cottlehuber &lt;<a href="mailto:dch@skunkwerks.at" target="_blank">dch@skunkwerks.at</a>&gt; wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">On Mon, 17 Jun 2024, at 17:39, Mario Marietto wrote:<br>
&gt; [marietto@marietto /bhyve]==&gt; sudo cp 12-Win-11-vm12 /usr/sbin<br>
<br>
this filepath is /usr/sbin/12-Win-11-vm12<br>
<br>
&gt; permit nopass :wheel as root cmd /usr/sbin/bhyve-win<br>
<br>
this file path is /usr/sbin/bhyve-win<br>
<br>
these things need to be identical, like in the hallo example.<br>
<br>
&gt; permit nopass :wheel as root cmd /usr/sbin/bhyve-win<br>
<br>
should be <br>
<br>
permit nopass :wheel as root cmd /usr/sbin/12-Win-11-vm12<br>
<br>
A+<br>
Dave<br>
</blockquote></div><br clear="all"><br><span class="gmail_signature_prefix">-- </span><br><div dir="ltr" class="gmail_signature">Mario.<br></div>
help

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CA%2B1FSiguSV08%2BEHEE8qOBRy2mz-eTW-cz0qj1PQvtfg9fTEthw>