---
date: 2019-06-19T12:03:33+02:00
description: "How to use virtuals environments Python on OpenBSD with W^X security."
draft: false
tags: ['Python','Environnement','OpenBSD']
title: "Python: virtual environment on OpenBSD"
translationKey: "python-env-openbsd"
---
## Description
* OS : OpenBSD 6.x
Since OpenBSD 6.0, `wxallowed` is a mount option, by default on `/usr/local`.
If the partition has this option, the software is allowed to run from that
partition, otherwise it won't be able to run and will issue a `W^X` violation
message:
`$ dmesg | grep wxallowed`
`/home/hs/.local/share/virtualenvs/mybeautifullproject-q1koN8ay/bin/python3(26392): W^X binary outside wxallowed mountpoint`
In fact, since only `/usr/local` had this actived option, if you attempt
to run one program, by example on your `$HOME`, this one will not execute.
That's the whole problem with Python environments that need to work in
your home directory.
Here the problem with `virtualenv`:
{{< code "dev-python-env-openbsd-virtualenv-error-permission-denied" sh >}}
Egual for `pipenv`:
{{< code "dev-python-env-openbsd-pipenv-failed-create" shell >}}
## Configuration
One only little system change will make our lives easier:
- create a folder user into `/usr/local`, i.e.:
`# mkdir -p /usr/local/${my_user}/python`
- chown user and group rights:
`# chown -R ${my_user}:wheel /usr/local/${my_user}`
- create symbolic link:
`# ln -s /usr/local/${my_user}/python $home/python`
*Of course, replace `${my_user}` by your id!* ;-)
If you use `pipenv`, you need to create a new folder and symlink; read the
{{< anchor "TL;DR" tldr >}} below.
## TL;DR
Replace `${my_user}` by your session id!
=> For **virtualenv**:
`# mkdir -p /usr/local/${my_user}/python`
`# chown -R ${my_user}:wheel /usr/local/${my_user}`
`# ln -s /usr/local/${my_user}/python $home/python`
=> For **pipenv**, you need to add more:
`$ mkdir /usr/local/$USER/python/virtualenvs`
`$ ln -s /usr/local/$USER/python/virtualenvs $HOME/.local/share/virtualenvs`
## Documentations
* The **pipenv**: https://pipenv.readthedocs.io/en/latest/
* About the mount option **wxallowed**: [EN][1]
## Aknowledgements
* This article would not exists without [Xavier][4]…
* and, this other [article][5]: "***Using cabal on OpenBSD***"
---
[1]: https://www.openbsd.org/faq/upgrade60.html
[2]: https://wiki.openbsd.fr.eu.org/doku.php/openbsd.org/faq/upgrade60#changement-de-configuration-et-de-syntaxe
[3]: https://forum.openbsd.fr.eu.org/showthread.php?tid=2352&pid=18773#pid18773
[4]: https://ybad.name/sdj.html
[5]: https://deftly.net/posts/2017-10-12-using-cabal-on-openbsd.html
---