[solved] vboxweb-service won´t start as unprivileged user

Discussions related to using VirtualBox on Linux hosts.

[solved] vboxweb-service won´t start as unprivileged user

Postby larsen » 24. Mar 2011, 14:40

Hi,

I have a Debian Squeeze box with virtualbox-4.0 installed from the virtualbox.org APT source. Now, I want to use vboxweb-service so I can manage my VMs with phpVirtualBox. I already got it running as a daemon after creating the file "/etc/default/virtualbox".

Unfortunately, it only works when I use "VBOXWEB_USER=root" - setting it to "VBOXWEB_USER=vbox" doesn´t work:
Code: Select all   Expand viewCollapse view
root@vmserver:/home# /etc/init.d/vboxweb-service start
Starting VirtualBox web service:
 failed!


The user "vbox" has been created by me and its primary group is "vboxusers". The home dir "/home/vbox/" also exists.

What else do I have to do to make this work?


Lars
Last edited by larsen on 5. Apr 2011, 14:54, edited 1 time in total.
larsen
 
Posts: 32
Joined: 14. Oct 2010, 13:56
Primary OS: Debian other
VBox Version: OSE Debian
Guest OSses: Win, Debian

Re: vboxweb-service won´t start as unprivileged user

Postby Perryg » 26. Mar 2011, 01:55

Why are you starting the service as root? Start it as normal user (your vbox you created)
If you can't start it as normal user you will not be able to run it as normal user and must have permission issues.
Perryg
Site Moderator
 
Posts: 34373
Joined: 6. Sep 2008, 22:55
Primary OS: Linux other
VBox Version: OSE self-compiled
Guest OSses: *NIX

Re: vboxweb-service won´t start as unprivileged user

Postby larsen » 28. Mar 2011, 15:12

I have changed it to VBOXWEB_USER=vbox, stopped the already running service, then "su - vbox" and tried to start it:
Code: Select all   Expand viewCollapse view
vbox@atl-vmserver:~$ /etc/init.d/vboxweb-service start
Starting VirtualBox web service:
 failed!


There is no further info in "/var/log/vboxweb" why the service could not be started, but I can start it with:
Code: Select all   Expand viewCollapse view
su vbox -c '/usr/bin/vboxwebsrv -H 192.168.120.140'


Nevertheless, there is an init script so I want to use that so the service is also started automatically at boot time and can be stopped/restarted with the "normal" ways/tools. How can I achieve that?
larsen
 
Posts: 32
Joined: 14. Oct 2010, 13:56
Primary OS: Debian other
VBox Version: OSE Debian
Guest OSses: Win, Debian

Re: vboxweb-service won´t start as unprivileged user

Postby Sasquatch » 28. Mar 2011, 20:24

On what port is it configured to run? If it's on a port below 1024, then that's the problem. Another reason could be that it's configured to run on a port that already has something running on, like a proxy.
Read the Forum Posting Guide before opening a topic.
VirtualBox FAQ: Check this before asking questions.
Online User Manual: A must read if you want to know what we're talking about.
Howto: Install Linux Guest Additions
Howto: Use Shared Folders on Linux Guest
See the Tutorials and FAQ section at the top of the Forum for more guides.
Try searching the forums first with Google and add the site filter for this forum.
E.g. install guest additions site:forums.virtualbox.org

Retired from this Forum since OSSO introduction.
Sasquatch
Volunteer
 
Posts: 17800
Joined: 17. Mar 2008, 13:41
Location: /dev/random
Primary OS: Debian other
VBox Version: PUEL
Guest OSses: Windows XP, Windows 7, Linux

Re: vboxweb-service won´t start as unprivileged user

Postby Perryg » 28. Mar 2011, 21:19

You could post your /etc/default/virtualbox so we can see what the problem is.
Does /etc/init.d/vboxweb-service exist ?
Perryg
Site Moderator
 
Posts: 34373
Joined: 6. Sep 2008, 22:55
Primary OS: Linux other
VBox Version: OSE self-compiled
Guest OSses: *NIX

Re: vboxweb-service won´t start as unprivileged user

Postby larsen » 29. Mar 2011, 11:00

It´s using the default port 18083 (not specifically configured). Nothing else is configured to run on that port (The IP has been changed from .140 to .5 in the meantime).

Code: Select all   Expand viewCollapse view
atl-vmserver:~# cat /etc/default/virtualbox
#VBOXWEB_USER=root
VBOXWEB_USER=vbox
VBOXWEB_HOST=192.168.120.5
VBOXWEB_LOGFILE=/var/log/vboxweb

Code: Select all   Expand viewCollapse view
atl-vmserver:~# ll /etc/init.d/vbox*
-rwxr-xr-x 1 root root 11460 Feb 17 18:22 /etc/init.d/vboxdrv
-rwxr-xr-x 1 root root  8131 Feb 17 18:22 /etc/init.d/vboxweb-service


I was working on another problem yesterday and I am not sure what I have changed that could affect this (if anything), but now I get another error message and it´s a little bit more informative than the "failed" before =)
Code: Select all   Expand viewCollapse view
vbox@atl-vmserver:~$ /etc/init.d/vboxweb-service start
Starting VirtualBox web service:/etc/init.d/vboxweb-service: 369: cannot create /var/run/vboxweb-service: Permission denied
done..

Of course, that´s correct:
Code: Select all   Expand viewCollapse view
vbox@atl-vmserver:~$ ll -d /var/run/
drwxr-xr-x 6 root root 4096 Mar 29 10:42 /var/run/


Now, I don´t think that it would be a good idea to give vbox write permissions on /var/run, would it? Also, wouldn´t the normal(TM) way be to start the service as root on system boot and configure a user to later switch to dropping privileges (like Apache does)?
larsen
 
Posts: 32
Joined: 14. Oct 2010, 13:56
Primary OS: Debian other
VBox Version: OSE Debian
Guest OSses: Win, Debian

Re: vboxweb-service won´t start as unprivileged user

Postby Perryg » 29. Mar 2011, 14:34

The user name that starts the service needs to be the one that is logged into the machine, or if not you should at least have the user in the vboxusers group. ( I have not tested yet) I would think that you would also need to set the VBOX_HOME for the vbox user, but here again I have not tested this either.
Try putting atl-vmserver in the /etc/default/virtualbox file instead of vbox and see if that allows it to start.
remove the VBOX_LOGFILE= for now.
See if this works.
Perryg
Site Moderator
 
Posts: 34373
Joined: 6. Sep 2008, 22:55
Primary OS: Linux other
VBox Version: OSE self-compiled
Guest OSses: *NIX

Re: vboxweb-service won´t start as unprivileged user

Postby larsen » 29. Mar 2011, 15:35

"atl-vmserver" is the hostname, not the username. I have now added "vbox" to the group "vboxusers", removed VBOX_LOGFILE, and set VBOX_HOME (/home/vbox/.VirtualBox) as requested, but as I supposed this didn´t change the permission problem.

Only root has write permissions so I don´t see how an unprivileged user should be able to use the init script. It´s possible to start the webservice manually with that user, but only root can use the init script.

Do you have a server running VirtualBox or do you manually start it?
larsen
 
Posts: 32
Joined: 14. Oct 2010, 13:56
Primary OS: Debian other
VBox Version: OSE Debian
Guest OSses: Win, Debian

Re: vboxweb-service won´t start as unprivileged user

Postby Perryg » 29. Mar 2011, 15:41

It starts all by itself and uses the init.d with normal user able to access. I am currently compiling a huge project on the server but yes I do have it all working.
Give me a bit and I will see if I can reproduce you problem. One question, when you log into the server what name do you use, is it vbox?
Perryg
Site Moderator
 
Posts: 34373
Joined: 6. Sep 2008, 22:55
Primary OS: Linux other
VBox Version: OSE self-compiled
Guest OSses: *NIX

Re: vboxweb-service won´t start as unprivileged user

Postby larsen » 29. Mar 2011, 15:49

Thanks a lot for your help!

I log into the server as root and then I could start VirtualBox with:
Code: Select all   Expand viewCollapse view
su vbox -c '/usr/bin/vboxwebsrv -H 192.168.120.5 --background'

But I want that everything is started automatically.
larsen
 
Posts: 32
Joined: 14. Oct 2010, 13:56
Primary OS: Debian other
VBox Version: OSE Debian
Guest OSses: Win, Debian

Re: vboxweb-service won´t start as unprivileged user

Postby Perryg » 29. Mar 2011, 18:03

OK compile finally stopped and I got a chance to check. I seem to remember running to this and the fix for me was to actually use my user environment for the log file (or not use the log file).

I did check and it is saving in /home/<user>/vboxweb/vboxweb.log and the service does auto start with no error.

If you would rather have this in a different location you would need to contact http://code.google.com/p/phpvirtualbox/ Click on issues and ask them.
Perryg
Site Moderator
 
Posts: 34373
Joined: 6. Sep 2008, 22:55
Primary OS: Linux other
VBox Version: OSE self-compiled
Guest OSses: *NIX

Re: vboxweb-service won´t start as unprivileged user

Postby larsen » 29. Mar 2011, 18:46

How do you automatically start VirtualBox?
With the script "/etc/init.d/vboxweb-service" that is started at boot time as root and then using the user specified in "/etc/default/virtualbox"?
larsen
 
Posts: 32
Joined: 14. Oct 2010, 13:56
Primary OS: Debian other
VBox Version: OSE Debian
Guest OSses: Win, Debian

Re: vboxweb-service won´t start as unprivileged user

Postby Perryg » 29. Mar 2011, 18:55

I login as me (normal user)
/etc/init.d/vboxweb-service /etc/default/virtualbox are configured
My user name is in the vboxusers group.

/etc/default/virtualbox
Code: Select all   Expand viewCollapse view
VBOXWEB_USER=perry
VBOXWEB_PORT=xxxxx
VBOXWEB_LOGFILE=/home/perry/vboxweb/vboxweb.log

If this does not auto start for you you may need to run sudo update-rc.d vboxweb-service defaults
see: http://code.google.com/p/phpvirtualbox/ ... onfigLinux
Perryg
Site Moderator
 
Posts: 34373
Joined: 6. Sep 2008, 22:55
Primary OS: Linux other
VBox Version: OSE self-compiled
Guest OSses: *NIX

Re: vboxweb-service won´t start as unprivileged user

Postby Sasquatch » 29. Mar 2011, 20:33

Wouldn't it be easy to just use VBOXWEB_PIDFILE=/path/to/pidfile, where you specify a location that the user has write access to? You can always create a folder in /var/run and allow the vbox user write permissions there. So you end up with the following:
Code: Select all   Expand viewCollapse view
VBOXWEB_PIDFILE=/var/run/vbox/vboxweb-service

Folder /var/run/vbox has vbox:root ownership or vbox:vboxusers if you prefer. File mask needs to be at least 755, but it can be 775 if you like.
Read the Forum Posting Guide before opening a topic.
VirtualBox FAQ: Check this before asking questions.
Online User Manual: A must read if you want to know what we're talking about.
Howto: Install Linux Guest Additions
Howto: Use Shared Folders on Linux Guest
See the Tutorials and FAQ section at the top of the Forum for more guides.
Try searching the forums first with Google and add the site filter for this forum.
E.g. install guest additions site:forums.virtualbox.org

Retired from this Forum since OSSO introduction.
Sasquatch
Volunteer
 
Posts: 17800
Joined: 17. Mar 2008, 13:41
Location: /dev/random
Primary OS: Debian other
VBox Version: PUEL
Guest OSses: Windows XP, Windows 7, Linux

Re: vboxweb-service won´t start as unprivileged user

Postby larsen » 30. Mar 2011, 09:42

Perryg wrote:I login as me (normal user)
[/code]

Well, IMHO it´s not "autostart" when you have to login. Though, I will play around with some settings in "/etc/default/virtualbox" when the server has moved to it´s final place. Co-workers were complaining that it was too loud =) Perhaps the original problem was the result of some other problem I at first had.

Sasquatch wrote:Wouldn't it be easy to just use VBOXWEB_PIDFILE=/path/to/pidfile, where you specify a location that the user has write access to?

That sounds very promising! I was already using the documentation from phpVirtualBox that Perry noted, but that webpage is missing the pidfile information. Will search for the original docs and ask Ian to update his page and additionally link to the original page.

Thanks again! I will continue to work on this in a few days and keep you updated.
larsen
 
Posts: 32
Joined: 14. Oct 2010, 13:56
Primary OS: Debian other
VBox Version: OSE Debian
Guest OSses: Win, Debian

Next

Return to VirtualBox on Linux Hosts

Who is online

Users browsing this forum: No registered users and 19 guests