Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 28 Mar 2026 04:42:28 -0400
From:      Mark Johnston <markj@freebsd.org>
To:        Roman Bogorodskiy <novel@freebsd.org>
Cc:        freebsd-virtualization@freebsd.org
Subject:   Re: bhyve(load) does not start in jail on -CURRENT
Message-ID:  <aceUdJV_TtM5Q8PP@framework>
In-Reply-To: <aca_1N4J9ErYvHCs@tulp>
index | next in thread | previous in thread | raw e-mail 

On Fri, Mar 27, 2026 at 06:35:16PM +0100, Roman Bogorodskiy wrote:
> Hi,
> 
> I'm using jails to run some tests with bhyve and this setup works for me
> with 15.0-RELEASE, but does not with 16.0-CURRENT.
> 
> The setup is as follows:
> 
> jail.conf:
> 
> testrunnergit {
>   enforce_statfs = 2;
>   devfs_ruleset = 44;
>   exec.clean;
>   exec.consolelog = /var/log/bastille/testrunnergit_console.log;
>   exec.start = '/bin/sh /etc/rc';
>   exec.stop = '/bin/sh /etc/rc.shutdown';
>   host.hostname = testrunnergit;
>   mount.devfs;
>   mount.fstab = /usr/local/bastille/jails/testrunnergit/fstab;
>   path = /usr/local/bastille/jails/testrunnergit/root;
>   osrelease = 16.0-CURRENT;
> 
>   vnet;
>   vnet.interface = e0b_bastille1;
>   exec.prestart += "jib addm bastille1 vtnet0";
>   exec.prestart += "ifconfig e0a_bastille1 description \"vnet0 host interface for Bastille jail testrunnergit\"";
>   exec.poststop += "ifconfig e0a_bastille1 destroy";
>   allow.chflags = 1;
>   allow.raw_sockets = 1;
>   allow.vmm = 1;
>   allow.mount;
>   allow.mount.devfs;
>   allow.mount.fdescfs;
>   allow.mount.procfs;
>   mount.fdescfs;
>   mount.procfs;
> }
> 
> When I try to run bhyveload:
> 
> root@testrunnergit:~ # bhyveload -m 1024 -d /var/cache/libvirt-tck/os-x86_64-hvm/disk-freebsd-11.1.img tck32424
> bhyveload: vm_create: Operation not permitted (An unprivileged user must run VMs in monitor mode)
> root@testrunnergit:~ #
> 
> root@freebsd16-current:~ # jls -j testrunnergit allow.vmm
> true
> root@freebsd16-current:~ # devfs -m /usr/local/bastille/jails/testrunnergit/root/dev rule show
> 100 include 4
> 200 path vmmctl unhide
> 300 path vmm unhide
> 400 path vmm/* unhide
> 500 path tap* unhide
> 600 path mem unhide
> 700 path kmem unhide
> 800 path nmdm* unhide
> 900 path pci unhide
> 1000 path io unhide
> 1100 path pf unhide
> root@freebsd16-current:~ #
> 
> Am I missing anything?

I think this is a regression.  Could you please try the patch here?
https://reviews.freebsd.org/D56119
home | help

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?aceUdJV_TtM5Q8PP>