Re: How to launch a bhyve vm as normal user,without being root
Date: Mon, 17 Jun 2024 17:52:53 UTC
Likely need to add this as it is what you are passing to doas as the command to execute: permit nopass :wheel as root cmd /usr/sbin/12-Win-11-vm12 Mark On Mon, Jun 17, 2024 at 10:40 AM Mario Marietto <marietto2008@gmail.com> wrote: > > [marietto@marietto /bhyve]==> sudo cp 12-Win-11-vm12 /usr/sbin > > [marietto@marietto /bhyve]==> nano /usr/sbin/12-Win-11-vm12 > > #!/bin/sh > > bhyve-win -S -c sockets=4,cores=2,threads=1 -m 8G -w -H \ > -S -c sockets=4,cores=2,threads=1 -m 8G -w -H \ > -s 0,hostbridge \ > -s 1,ahci-hd,/mnt/da4p2/bhyve/img/Windows/Windows11.img,bootindex=1 \ > -s 2,ahci-hd,/dev/$vmdisk5 \ > -s 8:0,passthru,2/0/0 \ > -s 8:1,passthru,2/0/1 \ > -s 8:2,passthru,2/0/2 \ > -s 8:3,passthru,2/0/3 \ > -s 13,virtio-net,tap12 \ > -s 29,fbuf,tcp=0.0.0.0:5912,w=1600,h=950,wait \ > -s 30,xhci,tablet \ > -s 31,lpc \ > -l bootrom,/usr/local/share/uefi-firmware/BHYVE_UEFI_CODE.fd \ > vm0:12 < /dev/null & sleep 2 && vncviewer 0:12 > > [marietto@marietto /bhyve]==> sudo chmod 0755 /usr/sbin/12-Win-11-vm12 > > [marietto@marietto /bhyve]==> sudo nano /usr/local/etc/doas.conf > > permit nopass :wheel as root cmd /usr/sbin/bhyve-win > permit nopass :wheel as root cmd /usr/sbin/bhyve-lin > > [marietto@marietto /bhyve]==> doas /usr/sbin/12-Win-11-vm12 > doas: Operation not permitted > > BUT : > > [marietto@marietto /bhyve]==> sudo nano /usr/sbin/hallo > > #!/bin/sh > echo hallo $USER > > [marietto@marietto /bhyve]==> sudo chmod 0755 /usr/sbin/hallo > > [marietto@marietto /bhyve]==> sudo nano /usr/local/etc/doas.conf > > permit nopass :wheel as root cmd hallo > > [marietto@marietto /bhyve]==> doas hallo > > BOOM ! it works : > > hallo root > > On Mon, Jun 17, 2024 at 6:54 PM Dave Cottlehuber <dch@skunkwerks.at> wrote: >> >> On Mon, 17 Jun 2024, at 14:12, Mario Marietto wrote: >> > Nice idea,but it does not work : >> > >> > nano /home/marietto/.zshrc >> > >> > # ~/.zshrc >> >> Hi Mario, I think your zsh stuff is getting in the way >> here. Your zshrc function is not visible to the root user, >> as doas cleans up all the env and so your function is unknown. >> >> So start off with something without bhyve, make sure you are in >> wheel group, and add a shell script called >> /usr/local/bin/hallo: >> >> ``` >> #!/bin/sh >> echo hallo $USER >> ``` >> >> chmod 0755 /usr/local/bin/hallo >> >> ``` >> # /usr/local/etc/doas.conf (per doas.conf manpage) >> permit nopass :wheel as root cmd /usr/local/bin/hallo >> ``` >> >> $ doas /usr/local/bin/hallo >> hallo root >> >> then replace your bhyve commands in the hallo script. >> >> Off the top of my head there's no reason for bhyve to need >> anything different to hallo script. >> A+ >> Dave > > > > -- > Mario.