Date: Mon, 17 Jun 2024 13:18:26 +0200 From: Mario Marietto <marietto2008@gmail.com> To: FreeBSD virtualization <freebsd-virtualization@freebsd.org> Subject: How to launch a bhyve vm as normal user,without being root Message-ID: <CA%2B1FSiimo=-0s80QeGMuLnJAzxi53-V6s303YuW36UkYnqfB-g@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
--000000000000f0593b061b142192
Content-Type: text/plain; charset="UTF-8"
Hello.
someone of you has been able to launch a bhyve vm as user using doas ?
I'm trying but without success. First of all I created my doas.conf :
nano /usr/local/etc/doas.conf
permit nopass :marietto cmd bhyve
permit nopass :marietto cmd vm-create
and then I tried to lauch the vm below :
doas bhyve -S -c sockets=2,cores=2,threads=2 -m 8G -w -H -A \
-s 0,hostbridge \
-s 1,ahci-hd,/mnt/zroot-133/bhyve/img/Linux/Debian-now.img,bootindex=1 \
-s 11,hda,play=/dev/dsp,rec=/dev/dsp \
-s 13,virtio-net,tap16 \
-s 14,virtio-9p,sharename=/ \
-s 29,fbuf,tcp=0.0.0.0:5916,w=1600,h=950,wait \
-s 30,xhci,tablet \
-s 31,lpc \
-l bootrom,/usr/local/share/uefi-firmware/BHYVE_UEFI_CODE.fd \
vm0:16 < /dev/null & sleep 2 && vncviewer 0:16
The error is : vm_create: Operation not permitted
These variations don't work :
permit nopass :wheel cmd bhyve
permit nopass :wheel cmd vm_create
permit nopass marietto cmd bhyve
permit nopass marietto cmd vm_create
Doas/Sudo is being root,but it does not work. But if I become root,I can
launch a bhyve vm.
--
Mario.
--000000000000f0593b061b142192
Content-Type: text/html; charset="UTF-8"
<div dir="ltr">
<span>
</span>
<div class="gmail-text-neutral-content">
<div class="gmail-mb-sm gmail-mb-xs gmail-px-md gmail-xs:px-0">
<div id="gmail-t3_1dgm9w5-post-rtjson-content" class="gmail-md gmail-text-14">
<p>
Hello.
</p><p>
someone of you has been able to launch a bhyve vm as user using doas ?
</p><p>
I'm trying but without success. First of all I created my doas.conf :</p><p><br></p><p></p><pre>nano /usr/local/etc/doas.conf
permit nopass :marietto cmd bhyve
permit nopass :marietto cmd vm-create<br><br></pre><p>
and then I tried to lauch the vm below : <br></p><p><br></p><pre>doas bhyve -S -c sockets=2,cores=2,threads=2 -m 8G -w -H -A \
-s 0,hostbridge \
-s 1,ahci-hd,/mnt/zroot-133/bhyve/img/Linux/Debian-now.img,bootindex=1 \
-s 11,hda,play=/dev/dsp,rec=/dev/dsp \
-s 13,virtio-net,tap16 \
-s 14,virtio-9p,sharename=/ \
-s 29,fbuf,tcp=<a href="http://0.0.0.0:5916">0.0.0.0:5916</a>,w=1600,h=950,wait \
-s 30,xhci,tablet \
-s 31,lpc \
-l bootrom,/usr/local/share/uefi-firmware/BHYVE_UEFI_CODE.fd \
vm0:16 < /dev/null & sleep 2 && vncviewer 0:16</pre><p><br>
</p><p>The error is : vm_create: Operation not permitted</p>
</div>
</div>
</div><div></div><div><br></div><div><div class="gmail-md gmail-text-14 gmail-rounded-[8px] gmail-pb-2xs" id="gmail-t1_l8rw020-comment-rtjson-content">
<div id="gmail--post-rtjson-content" class="gmail-py-0 gmail-xs:mx-xs gmail-mx-2xs gmail-inline-block gmail-max-w-full">
<p>
These variations don't work :
</p><p><br>
</p><p>permit nopass :wheel cmd bhyve
</p><p>
permit nopass :wheel cmd vm_create
</p><p>
permit nopass marietto cmd bhyve
</p><p>
permit nopass marietto cmd vm_create</p><p><br>
</p>
</div>
</div></div><div><div class="gmail-md gmail-text-14 gmail-rounded-[8px] gmail-pb-2xs" id="gmail-t1_l8uq5h6-comment-rtjson-content">
<div id="gmail--post-rtjson-content" class="gmail-py-0 gmail-xs:mx-xs gmail-mx-2xs gmail-inline-block gmail-max-w-full">
<p>
Doas/Sudo is being root,but it does not work. But if I become root,I can launch a bhyve vm.</p><p>
</p>
</div>
</div></div><div><span class="gmail_signature_prefix">-- </span></div><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature">Mario.<br></div></div>
--000000000000f0593b061b142192--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CA%2B1FSiimo=-0s80QeGMuLnJAzxi53-V6s303YuW36UkYnqfB-g>