Re: Running VirtualBox as non-root user
- In reply to: Mario Lobo : "Running VirtualBox as non-root user"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 29 Sep 2021 18:17:18 UTC
On Wed, Sep 29, 2021 at 8:01 PM Mario Lobo <lobo@bsd.com.br> wrote: > > Hi; > > Here is what I've done so far: > > - Created user vbox and put it in vboxuser group > - Went as far as chown -R vbox:vboxuser /usr/local/lib/virtualbox > - Executables are with the SUiD bit set > -r-s--x--- 1 vbox vboxusers 32064 Sep 21 22:18 VBoxSDL > -r-s--x--- 1 vbox vboxusers 16064 Sep 21 22:18 VBoxNetAdpCtl > -r-s--x--- 1 vbox vboxusers 32064 Sep 21 22:18 VBoxNetDHCP > -r-s--x--- 1 vbox vboxusers 32064 Sep 21 22:18 VBoxNetNAT > -r-s--s--- 1 vbox vboxusers 32352 Sep 22 17:55 VirtualBoxVM > > - Imported a test VM > - Ran the VM as root to make sure it's working > - started VirtualBox as user vbox, and it starts fine > > VirtualBox GUI starts fine as user vbox but when I try to start the test VM > from it, I get: > > Effective UID is not root (euid=1001 egid=920 uid=1001 gid=1001) (rc=-10) > where: SUPR3HardenedMain what: 2 VERR_PERMISSION_DENIED (-10) - Permission > denied. > > Starting it from VirtualBoxVM --startvm test issues the same error: > > VirtualBoxVM: Error -10 in SUPR3HardenedMain! > VirtualBoxVM: Effective UID is not root (euid=1001 egid=920 uid=1001 > gid=1001) > where: SUPR3HardenedMain > what: 2 > VERR_PERMISSION_DENIED (-10) - Permission denied. > > Any pointer for anything else I should be doing or is missing? Puh it's been a long time for me but from what I read there are two things that sound problematic to me. 1) vbox uses something that they call "hardening" which does some checks in addition to the suid/sgid bits. Changing permissions and/or user/group is asking for trouble! I'd recommend to reinstall the vbox package in that case. The instructions in the handbook should be enough. pw groupmod vboxusers -m yourusername 2) Starting a VM as root is definitely not a good idea either. The problem is that vbox it will create some temporary files/directories as root somewhere under /tmp or was it /var? When the VM is stopped the directories are left and you won't be able to write to them as user afterwards. If the VM is not running it should be okay to just delete them but please have a look at the content first to make sure. -- Bernhard Froehlich http://www.bluelife.at/