Running VirtualBox as non-root user
dalescott at shaw.ca
Wed Sep 29 19:08:05 UTC 2021
I don't have a solution, but I can report I'm happily running virtualbox-ose headless as a non-root user (me, the vm's are stored in my user directory) using phpvirtualbox served by Apache.
dale at whizzer:~ % sudo pkg info | grep virtual
phpvirtualbox-6.1 AJAX Web Interface for VirtualBox
virtualbox-ose-kmod-6.1.22_1 VirtualBox kernel module for FreeBSD
virtualbox-ose-nox11-6.1.22_2 General-purpose full virtualizer for x86 hardware
dale at whizzer:~ % uname -a
FreeBSD whizzer.dalescott.net 12.2-RELEASE-p7 FreeBSD 12.2-RELEASE-p7 GENERIC amd64
dale at whizzer:~ %
----- Original Message -----
> From: "Bernhard Fröhlich" <decke at freebsd.org>
> To: "Mario Lobo" <lobo at bsd.com.br>
> Cc: "freebsd-questions" <FreeBSD-Questions at freebsd.org>, freebsd-virtualization at freebsd.org
> Sent: Wednesday, September 29, 2021 12:17:18 PM
> Subject: Re: Running VirtualBox as non-root user
> On Wed, Sep 29, 2021 at 8:01 PM Mario Lobo <lobo at bsd.com.br> wrote:
>> Here is what I've done so far:
>> - Created user vbox and put it in vboxuser group
>> - Went as far as chown -R vbox:vboxuser /usr/local/lib/virtualbox
>> - Executables are with the SUiD bit set
>> -r-s--x--- 1 vbox vboxusers 32064 Sep 21 22:18 VBoxSDL
>> -r-s--x--- 1 vbox vboxusers 16064 Sep 21 22:18 VBoxNetAdpCtl
>> -r-s--x--- 1 vbox vboxusers 32064 Sep 21 22:18 VBoxNetDHCP
>> -r-s--x--- 1 vbox vboxusers 32064 Sep 21 22:18 VBoxNetNAT
>> -r-s--s--- 1 vbox vboxusers 32352 Sep 22 17:55 VirtualBoxVM
>> - Imported a test VM
>> - Ran the VM as root to make sure it's working
>> - started VirtualBox as user vbox, and it starts fine
>> VirtualBox GUI starts fine as user vbox but when I try to start the test VM
>> from it, I get:
>> Effective UID is not root (euid=1001 egid=920 uid=1001 gid=1001) (rc=-10)
>> where: SUPR3HardenedMain what: 2 VERR_PERMISSION_DENIED (-10) - Permission
>> Starting it from VirtualBoxVM --startvm test issues the same error:
>> VirtualBoxVM: Error -10 in SUPR3HardenedMain!
>> VirtualBoxVM: Effective UID is not root (euid=1001 egid=920 uid=1001
>> where: SUPR3HardenedMain
>> what: 2
>> VERR_PERMISSION_DENIED (-10) - Permission denied.
>> Any pointer for anything else I should be doing or is missing?
> Puh it's been a long time for me but from what I read there are two things that
> sound problematic to me.
> 1) vbox uses something that they call "hardening" which does some checks
> in addition to the suid/sgid bits. Changing permissions and/or
> user/group is asking
> for trouble! I'd recommend to reinstall the vbox package in that case. The
> instructions in the handbook should be enough.
> pw groupmod vboxusers -m yourusername
> 2) Starting a VM as root is definitely not a good idea either. The
> problem is that
> vbox it will create some temporary files/directories as root somewhere
> under /tmp
> or was it /var? When the VM is stopped the directories are left and you won't be
> able to write to them as user afterwards. If the VM is not running it
> should be okay
> to just delete them but please have a look at the content first to make sure.
> Bernhard Froehlich
> freebsd-questions at freebsd.org mailing list
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
More information about the freebsd-questions