cap_sysctlbyname for hw.vmm.destroy
Mark Johnston
markj at freebsd.org
Mon Apr 26 17:40:07 UTC 2021
On Mon, Apr 26, 2021 at 05:16:14PM +0300, Ionuț Mihalache wrote:
> Hello,
>
> I am working on adding capsicum support for the bhyve snapshot feature. At
> the end of the suspend process, the guest should be destroyed and the code
> handles this part with a sysctlbyname call which is not working in
> capability mode. I don't know what is the problem but even when using
> cap_sysctlbyname I still get the same error code (EPERM). I tried the
> example from the documentation aswell [1] and still the same error code.
> What could be the problem? I have a FreeBSD13 host and a FreeBSD13 guest.
I'm not sure why it would happen unless the casper process is somehow
running as a non-root user. Can you share the code you're testing
somewhere?
More information about the freebsd-hackers
mailing list