Date: Mon, 17 Jun 2024 16:12:51 +0200 From: Mario Marietto <marietto2008@gmail.com> To: Odhiambo Washington <odhiambo@gmail.com> Cc: FreeBSD virtualization <freebsd-virtualization@freebsd.org> Subject: Re: How to launch a bhyve vm as normal user,without being root Message-ID: <CA%2B1FSijLiq0WMdCvJfQC%2BvtBxXc6iSMD6WQAMavGpg%2BsmCuTFg@mail.gmail.com> In-Reply-To: <CAAdA2WPrtG_VaLuE8UfBwxanyfNzgLqeBCvpJMvRETdcUSmMEg@mail.gmail.com> References: <CA%2B1FSiimo=-0s80QeGMuLnJAzxi53-V6s303YuW36UkYnqfB-g@mail.gmail.com> <CAAdA2WPrtG_VaLuE8UfBwxanyfNzgLqeBCvpJMvRETdcUSmMEg@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] Nice idea,but it does not work : nano /home/marietto/.zshrc # ~/.zshrc # zsh autocompletion for sudo and doas zstyle ":completion:*:(sudo|su|doas):*" command-path /usr/local/bin /usr/local/sbin /usr/sbin /usr/bin /bin /sbin /bhyve nano doas.conf permit nopass marietto as root cmd bhyve-lin permit nopass marietto as root cmd bhyve-win nano 10-Debian-Now_wine-tkg-vm10 doas /usr/sbin/./bhyve-lin -S -c sockets=2,cores=2,threads=2 -m 8G -w -H -A \ -s 0,hostbridge \ -s 1,ahci-hd,/mnt/zroot-133/bhyve/img/Linux/Debian-now-wine-tkg.img,bootindex=1 \ -s 11,hda,play=/dev/dsp,rec=/dev/dsp \ -s 13,virtio-net,tap10 \ -s 14,virtio-9p,sharename=/ \ -s 29,fbuf,tcp=0.0.0.0:5910,w=1600,h=950,wait \ -s 30,xhci,tablet \ -s 31,lpc \ -l bootrom,/usr/local/share/uefi-firmware/BHYVE_UEFI_CODE.fd \ vm0:10 < /dev/null & sleep 2 && vncviewer 0:10 = doas: Operation not permitted On Mon, Jun 17, 2024 at 2:24 PM Odhiambo Washington <odhiambo@gmail.com> wrote: > > > On Mon, Jun 17, 2024 at 2:19 PM Mario Marietto <marietto2008@gmail.com> > wrote: > >> Hello. >> >> someone of you has been able to launch a bhyve vm as user using doas ? >> >> I'm trying but without success. First of all I created my doas.conf : >> >> >> nano /usr/local/etc/doas.conf >> >> permit nopass :marietto cmd bhyve >> permit nopass :marietto cmd vm-create >> >> > permit nopass marietto as root cmd bhyve > > -- > Best regards, > Odhiambo WASHINGTON, > Nairobi,KE > +254 7 3200 0004/+254 7 2274 3223 > In an Internet failure case, the #1 suspect is a constant: DNS. > "Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-) > [How to ask smart questions: > http://www.catb.org/~esr/faqs/smart-questions.html] > -- Mario. [-- Attachment #2 --] <div dir="ltr"><div>Nice idea,but it does not work :</div><div><br></div><div>nano /home/marietto/.zshrc</div><div><br></div><div># ~/.zshrc<br># zsh autocompletion for sudo and doas<br>zstyle ":completion:*:(sudo|su|doas):*" command-path /usr/local/bin /usr/local/sbin /usr/sbin /usr/bin /bin /sbin /bhyve</div><div><br></div><div>nano doas.conf</div><div><br></div><div>permit nopass marietto as root cmd bhyve-lin<br>permit nopass marietto as root cmd bhyve-win</div><div><br></div><div></div><div>nano 10-Debian-Now_wine-tkg-vm10<br></div><div><br></div><div>doas /usr/sbin/./bhyve-lin -S -c sockets=2,cores=2,threads=2 -m 8G -w -H -A \<br>-s 0,hostbridge \<br>-s 1,ahci-hd,/mnt/zroot-133/bhyve/img/Linux/Debian-now-wine-tkg.img,bootindex=1 \<br>-s 11,hda,play=/dev/dsp,rec=/dev/dsp \<br>-s 13,virtio-net,tap10 \<br>-s 14,virtio-9p,sharename=/ \<br>-s 29,fbuf,tcp=<a href="http://0.0.0.0:5910" target="_blank">0.0.0.0:5910</a>,w=1600,h=950,wait \<br>-s 30,xhci,tablet \<br>-s 31,lpc \<br>-l bootrom,/usr/local/share/uefi-firmware/BHYVE_UEFI_CODE.fd \<br>vm0:10 < /dev/null & sleep 2 && vncviewer 0:10</div><div><br></div><div>=<br></div><div><br></div><div>doas: Operation not permitted</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, Jun 17, 2024 at 2:24 PM Odhiambo Washington <<a href="mailto:odhiambo@gmail.com" target="_blank">odhiambo@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div dir="ltr"><br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, Jun 17, 2024 at 2:19 PM Mario Marietto <<a href="mailto:marietto2008@gmail.com" target="_blank">marietto2008@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"> <span> </span> <div> <div> <div id="m_-478838054079622550m_-7454093540265596212m_-8944768810968800024gmail-t3_1dgm9w5-post-rtjson-content"> <p> Hello. </p><p> someone of you has been able to launch a bhyve vm as user using doas ? </p><p> I'm trying but without success. First of all I created my doas.conf :</p><p><br></p><p></p><pre>nano /usr/local/etc/doas.conf permit nopass :marietto cmd bhyve permit nopass :marietto cmd vm-create<br></pre></div></div></div></div></blockquote><div></div></div><div><br></div>permit nopass marietto as root cmd bhyve<br><div><br></div><span class="gmail_signature_prefix">-- </span><br><div dir="ltr" class="gmail_signature"><div dir="ltr"><div dir="ltr"><div>Best regards,<br>Odhiambo WASHINGTON,<br>Nairobi,KE<br>+254 7 3200 0004/+254 7 2274 3223</div><div><span style="color:rgb(34,34,34)"> In </span><span style="color:rgb(34,34,34)">an Internet failure case, the #1 suspect is a constant: DNS.</span><br>"<span style="font-size:12.8px">Oh, the cruft.</span><span style="font-size:12.8px">", </span><span style="font-size:12.8px">egrep -v '^$|^.*#' </span><span style="background-color:rgb(34,34,34);color:rgb(238,238,238);font-family:"Lucida Console",Consolas,"Courier New",monospace;font-size:13.6px">¯\_(ツ)_/¯</span><span style="font-size:12.8px"> :-)</span></div><div><span style="font-size:12.8px">[How to ask smart questions: </span><span style="font-size:12.8px"><a href="http://www.catb.org/~esr/faqs/smart-questions.html" target="_blank">http://www.catb.org/~esr/faqs/smart-questions.html</a>]</span></div></div></div></div></div>; </blockquote></div><br clear="all"><br><span class="gmail_signature_prefix">-- </span><br><div dir="ltr" class="gmail_signature">Mario.<br></div>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CA%2B1FSijLiq0WMdCvJfQC%2BvtBxXc6iSMD6WQAMavGpg%2BsmCuTFg>