From nobody Tue Jun 18 06:53:11 2024 X-Original-To: freebsd-virtualization@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4W3HXY5TXnz5NSFf for ; Tue, 18 Jun 2024 06:53:49 +0000 (UTC) (envelope-from odhiambo@gmail.com) Received: from mail-ot1-x331.google.com (mail-ot1-x331.google.com [IPv6:2607:f8b0:4864:20::331]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "WR4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4W3HXY05mMz4jr5 for ; Tue, 18 Jun 2024 06:53:49 +0000 (UTC) (envelope-from odhiambo@gmail.com) Authentication-Results: mx1.freebsd.org; none Received: by mail-ot1-x331.google.com with SMTP id 46e09a7af769-6f978caf8bbso2076179a34.0 for ; Mon, 17 Jun 2024 23:53:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1718693628; x=1719298428; darn=freebsd.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=jOnd5+ksUr0dorfBtZut/87bfmfZhBFBB+qDXjndqNA=; b=ZdpC1ElYE7sNMV71sLabXOon9Gy8BnX7UG8Oz373bBxDAHX3A5J/EOlKGbI7vM8vPD l7GwtKwg5+rGMKyo0HhsYG51QwhF5QsaPQiPXxj0zFPiyA5ERUZj+pn0lN89ergnCWbl rEUj69tzm9LxiFLWzQUtXZkVcC4XnS1VfApKumoP10/UYSCSdDZ3gI3WWfHeIgWWpdKX ANMi6IrIISFGXUKtfDUo30D9R/qM7RMFJl5j9FQ6cSZrEYobFbi/eVr0+gCNnCyI2ewj DDrFs2gsLwQIBuId4xdleOOmbShy1HeMFaGwmxCgcZl6PYuhtun7AfSG2bkNum6vKc7Z +ELA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1718693628; x=1719298428; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=jOnd5+ksUr0dorfBtZut/87bfmfZhBFBB+qDXjndqNA=; b=Vomp5Iz9+MYy5e4I2MX3WA+s6fupMmanDMbKBDKbMu7md3+idYPLA02sUG/sQBkflb RtwYUDAnLULewU2QmjmWNTlj5qT0FkZMI6PAYzLdttbc/4d59Qy74qOGezNEhuT+siEK Ct+/XDAY3haY5FdTXx0VrYwSNFs2jlNT9MEyerIbIwTxzvGqhbbY/1byRvv0Pw/16ikG HpOlDtm6KC0PsOiqD4JqKKIOKViWJmgtcCZ/3PlxJ2lNrq56mQauWkdjKXLtZwHA79/e cC/pmVs1jqUtKDzdhTANimnnEEye07w0q8JPQlyifUZU9vY3TRSIJWq78UX49kd7+GTe +WBw== X-Gm-Message-State: AOJu0Yymp5xhiC40lNMiAymCQJFSkUdk07JBZpkq/cCEWPCLBaZBLbCD GOJq+LRqHk4maw3jXvit8EOX0w5GRxyz3IkxLHE2PdoARzvEDquVI0lIiCLzJQxmUMTAFEc1iaF inbOCJdDNl2bK7UnP2p84qbTUvsyb62S+jxeMQw== X-Google-Smtp-Source: AGHT+IEoOGX9+xTN5vgiC4Q2yGRaarj/q5eVM4H04MgLT1zRJBpY756ZrbiZad2GuevXMbRZlCQmRYb0Yvt+173deuY= X-Received: by 2002:a05:6870:e24a:b0:254:8bb9:d0c4 with SMTP id 586e51a60fabf-25972de7908mr816077fac.15.1718693627765; Mon, 17 Jun 2024 23:53:47 -0700 (PDT) List-Id: Discussion List-Archive: https://lists.freebsd.org/archives/freebsd-virtualization List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: freebsd-virtualization@freebsd.org Sender: owner-freebsd-virtualization@FreeBSD.org MIME-Version: 1.0 References: In-Reply-To: From: Odhiambo Washington Date: Tue, 18 Jun 2024 09:53:11 +0300 Message-ID: Subject: Re: How to launch a bhyve vm as normal user,without being root To: Mario Marietto Cc: FreeBSD virtualization Content-Type: multipart/alternative; boundary="000000000000292e3e061b248b86" X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US] X-Rspamd-Queue-Id: 4W3HXY05mMz4jr5 --000000000000292e3e061b248b86 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable ######/usr/local/etc/doas.conf######################### permit :wheel permit nopass keepenv :wheel permit alice as root permit keepenv bob as root permit cindy as root cmd pkg args update permit cindy as root cmd pkg args upgrade permit nolog david as root cmd id permit www as root cmd pfctl permit nopass *wash* as root cmd bhyve ####### /usr/local/bhyve-vms/scripts/debian.sh############## #!/usr/bin/env bash if ! kldstat | grep -w vmm.ko then kldload -v vmm fi if ! kldstat | grep -w nmdm.ko then kldload -v nmdm fi /usr/sbin/bhyve -S -c sockets=3D2,cores=3D2,threads=3D2 -m 4G -w -H -A \ -s 0,hostbridge \ -s 4,ahci-hd,/usr/local/bhyve-vms/Debian/debian.img,bootindex=3D1 \ -s 5,virtio-net,tap3 \ -s 7,virtio-9p,sharename=3D/ \ -s 8,hda,play=3D/dev/dsp,rec=3D/dev/dsp \ -s 29,fbuf,tcp=3D0.0.0.0:5904,w=3D1600,h=3D950 \ -s 30,xhci,tablet \ -s 31,lpc -l com1,stdio \ -l bootrom,/usr/local/share/uefi-firmware/BHYVE_UEFI.fd \ debian And all I do is `doas /usr/local/bhyve-vms/scripts/debian.sh`. On Mon, Jun 17, 2024 at 6:46=E2=80=AFPM Mario Marietto wrote: > Can you paste here the contents of doas.conf and debian.sh ? thanks. > > On Mon, Jun 17, 2024 at 5:35=E2=80=AFPM Odhiambo Washington > wrote: > >> >> >> On Mon, Jun 17, 2024 at 5:13=E2=80=AFPM Mario Marietto >> wrote: >> >>> Nice idea,but it does not work : >>> >> >> It worked for me! >> >> I created a bash script file named debian.sh which contained all the >> bhyve args to create the VM, then I just did: >> >> doas debian.sh >> >> And I actually successfully installed the VM and it's running >> >> >> -- >> Best regards, >> Odhiambo WASHINGTON, >> Nairobi,KE >> +254 7 3200 0004/+254 7 2274 3223 >> In an Internet failure case, the #1 suspect is a constant: DNS. >> "Oh, the cruft.", egrep -v '^$|^.*#' =C2=AF\_(=E3=83=84)_/=C2=AF :-) >> [How to ask smart questions: >> http://www.catb.org/~esr/faqs/smart-questions.html] >> > > > -- > Mario. > --=20 Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 In an Internet failure case, the #1 suspect is a constant: DNS. "Oh, the cruft.", egrep -v '^$|^.*#' =C2=AF\_(=E3=83=84)_/=C2=AF :-) [How to ask smart questions: http://www.catb.org/~esr/faqs/smart-questions.html] --000000000000292e3e061b248b86 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
######/usr/local/etc/doas.conf#######################= ##
permit :wheel
permit nopass keepenv :wheel
permit alice as root=
permit keepenv bob as root
permit cindy as root cmd pkg args update<= br>permit cindy as root cmd pkg args upgrade
permit nolog david as root = cmd id
permit www as root cmd pfctl
permit nopass wash as root= cmd bhyve

####### /usr/local/bhyve-vms/script= s/debian.sh##############
#!/usr/bin/env bash
if ! kldstat | g= rep -w vmm.ko
then
=C2=A0 =C2=A0 =C2=A0 =C2=A0 kldload -v vmm
fiif ! kldstat | grep -w nmdm.ko
then
=C2=A0 =C2=A0 =C2=A0 =C2=A0 kld= load -v nmdm
fi
/usr/sbin/bhyve -S -c sockets=3D2,cores=3D2,threads= =3D2 -m 4G -w -H -A \
-s 0,hostbridge \
-s 4,ahci-hd,/usr/local/bhyve= -vms/Debian/debian.img,bootindex=3D1 \
-s 5,virtio-net,tap3 \
-s 7,vi= rtio-9p,sharename=3D/ \
-s 8,hda,play=3D/dev/dsp,rec=3D/dev/dsp \
-s = 29,fbuf,tcp=3D0.0.0.0:590= 4,w=3D1600,h=3D950 \
-s 30,xhci,tablet \
-s 31,lpc -l com1,stdio = \
-l bootrom,/usr/local/share/uefi-firmware/BHYVE_UEFI.fd \
debian

And all I do is `doas /usr/local/bhyve-vms/scrip= ts/debian.sh`.


On Mon, Jun 17, 2024 at 6:46=E2=80=AFPM = Mario Marietto <marietto2008@gmail.com> wrote:
Can you paste here the contents = of doas.conf and debian.sh ? thanks.

On Mon, Jun 17, 2024 at 5:35=E2=80= =AFPM Odhiambo Washington <odhiambo@gmail.com> wrote:

<= br>
On Mon,= Jun 17, 2024 at 5:13=E2=80=AFPM Mario Marietto <marietto2008@gmail.com> wrote:<= br>
Nice idea,but it does not work :

It worked for me!

I created a bash script = file named debian.sh which contained all the bhyve args to create the VM, t= hen I just did:

doas debian.sh

And I actually successfully installed the VM and it's running


--
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE<= br>+254 7 3200 0004/+254 7 2274 3223
=C2=A0In=C2=A0an Interne= t failure case, the #1 suspect is a constant: DNS.
"Oh, the cruft.",=C2=A0egrep -v '^$|^= .*#'=C2=A0=C2=AF\_(=E3=83=84)_/=C2=AF<= span style=3D"font-size:12.8px">=C2=A0:-)
[How to ask smart questions:=C2=A0http://www.catb.org/~esr/faqs/smart-questions.html]


--
Mario.


--
--000000000000292e3e061b248b86--