Hi Andrea,
do you see any particolar problem (devices who need to have the owner
changed, limitations of any kind...?) in running BHyVe as non-root?

There's 2 issues - firstly, bhyve is new and hasn't had a lot of exposure. It's probably safest to restrict it to root for a while to avoid exposing non-root users to unforeseen security issues.

Secondly, the current implementation doesn't tie all resource usage to a process. The split of bhyveload/bhyve allows VM memory to be tied to a memory object associated with the VM. This complicates the tracking system memory usage, which is usually done on a process basis. The fix for this, in progress, is to use a single process for a VM, and avoid a separate loading process.

The goal is to allow non-root usage, but there's still a ways to go for that.


freebsd-virtualization@freebsd.org mailing list
To unsubscribe, send any mail to 

Reply via email to