website/content/en/docs/faq/_index.md
ssh -L, automated by watching /proc/net/tcp and iptables events in the guestFor Linux and FreeBSD guests, the password is disabled and locked by default.
You have to use limactl shell <INSTANCE> (or lima) instead of the video console to open a shell.
{{% fixlinks %}}
See also [Usage » SSH]({{< ref "/docs/usage/ssh" >}}) for SSH with publickey authentication.
{{% /fixlinks %}}
For macOS guests, the password is randomly generated and stored as ~/password in the guest.
Yes
AlmaLinux, Alpine, Arch Linux, Debian, Fedora, openSUSE, Oracle Linux, and Rocky are also known to work.
{{% fixlinks %}}
See ./templates/.
{{% /fixlinks %}}
Starting with Lima v2.1, non-Linux guests such as macOS guests are experimentally supported too.
An image for Linux guests has to satisfy the following requirements:
sudosshfsnewuidmap and newgidmapapt-get, dnf, apk, pacman, or zypper (if you want to contribute support for another package manager, run git grep apt-get to find out where to modify){{% fixlinks %}} Yes, any container engine should work with Lima.
Container runtime templates:
./templates/docker.yaml: Docker./templates/podman.yaml: Podman./templates/apptainer.yaml: ApptainerContainer image builder templates:
./templates/buildkit.yaml: BuildKitContainer orchestrator templates:
./templates/k3s.yaml: Kubernetes (k3s)./templates/k8s.yaml: Kubernetes (kubeadm)The default Ubuntu image also contains LXD. Run lima sudo lxc init to set up LXD.
See also third party containerd projects based on Lima:
Or third party "containers" projects compatible with Lima:
{{% /fixlinks %}}
Lima itself does not support connecting to a remote Linux machine, but sshocker, the predecessor or Lima, provides similar features for remote Linux machines.
e.g., run sshocker -v /Users/foo:/home/foo/mnt -p 8080:80 <USER>@<HOST> to expose /Users/foo to the remote machine as /home/foo/mnt,
and forward localhost:8080 to the port 80 of the remote machine.
Lima is free software (Apache License 2.0), while Docker for Mac is not.
Yes, since Lima v0.18:
{{< tabpane text=true >}} {{% tab header="CLI" %}}
limactl start --plain
{{% /tab %}} {{% tab header="YAML" %}}
plain: true
{{% /tab %}} {{< /tabpane >}}
When the "plain" mode is enabled:
User-specified provisioning scripts will be still executed.
HV_ERROR"If you have installed QEMU v6.0.0 or later on macOS 11 via homebrew, your QEMU binary should have been already automatically signed to enable HVF acceleration.
However, if you see HV_ERROR, you might need to sign the binary manually.
cat >entitlements.xml <<EOF
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>com.apple.security.hypervisor</key>
<true/>
</dict>
</plist>
EOF
codesign -s - --entitlements entitlements.xml --force /usr/local/bin/qemu-system-x86_64
Note: Only on macOS versions before 10.15.7 you might need to add this entitlement in addition:
<key>com.apple.vm.hypervisor</key>
<true/>
{{% fixlinks %}}
com.apple.security.hypervisor entitlement. See "QEMU crashes with HV_ERROR".Configuration guide » Intel-on-ARM and ARM-on-Intel]({{< ref "/docs/config/multi-arch" >}}) for a workaround.
{{% /fixlinks %}}HV_ERROR".com.apple.vm.hypervisor is not added. It only works on older macOS versions. You can clear the codesigning with codesign --remove-signature /usr/local/bin/qemu-system-x86_64 and start over.vmx_write_mem: mmu_gva_to_gpa XXXXXXXXXXXXXXXX failed"This error is known to happen when running an image of RHEL8-compatible distribution such as Rocky Linux 8.x on Intel Mac.
A workaround is to set environment variable QEMU_SYSTEM_X86_64="qemu-system-x86_64 -cpu Haswell-v4".
https://bugs.launchpad.net/qemu/+bug/1838390
Installing rosetta..."Try softwareupdate --install-rosetta from a terminal.
{{% fixlinks %}} The default guest IP 192.168.5.15 is not accessible from the host and other guests.
To add another IP address that is accessible from the host and other virtual machines, enable socket_vmnet (since Lima v0.12).
See [Configuration guide » Network]({{< ref "/docs/config/network" >}}).
{{% /fixlinks %}}
Lima uses QEMU's SLIRP networking which does not support ping out of the box:
$ ping google.com
PING google.com (172.217.165.14): 56 data bytes
64 bytes from 172.217.165.14: seq=0 ttl=42 time=2395159.646 ms
64 bytes from 172.217.165.14: seq=0 ttl=42 time=2396160.798 ms (DUP!)
For more details, see Documentation/Networking.
Try the following commands:
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --add /usr/libexec/bootpd
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --unblock /usr/libexec/bootpd
{{% fixlinks %}}
Try virtiofs. See [Configuration guide » Filesystem mounts]({{< ref "/docs/config/mount" >}})
{{% /fixlinks %}}
The home directory is mounted as read-only by default.
To enable writing, specify writable: true in the YAML:
mounts:
- location: "~"
writable: true
Run limactl edit <INSTANCE> to open the YAML editor for an existing instance.
Lima v1.0 changed the default mount type for QEMU from reverse-sshfs to 9p.
The 9p mount type is known to be incompatible with the following guest operating systems:
A new instance of these OS still use reverse-sshfs by default.
However, an existing instance created with a previous version of Lima may potentially need
running the following command (usually not needed):
limactl edit --mount-type=reverse-sshfs <NAME>
Ubuntu users are not affected by this issue.
Rancher Desktop includes the rdctl tool (installed in ~/.rd/bin/rdctl) that provides shell access via rdctl shell.
It is not recommended to directly interact with the Rancher Desktop VM via limactl.
If you need to create an override.yaml file, its location should be:
$HOME/Library/Application Support/rancher-desktop/lima/_config/override.yaml$HOME/.local/share/rancher-desktop/lima/_config/override.yamllimactl --debug start$HOME/.lima/<INSTANCE>/serial.log/var/log/cloud-init-output.log (inside the guest)/var/log/cloud-init.log (inside the guest)