---
date: 2019-06-19T12:03:33+02:00
description: "How to use virtuals environments Python on OpenBSD with W^X security."
draft: false
tags: ['Python','Environnement','OpenBSD']
title: "Python: virtual environment on OpenBSD"
translationKey: "python-env-openbsd"
---

## Description

* OS : OpenBSD 6.x

Since OpenBSD 6.0, `wxallowed` is a mount option, by default on `/usr/local`.

If the partition has this option, the software is allowed to run from that 
partition, otherwise it won't be able to run and will issue a `W^X` violation 
message: 

`$ dmesg | grep wxallowed` <br>
`/home/hs/.local/share/virtualenvs/mybeautifullproject-q1koN8ay/bin/python3(26392): W^X binary outside wxallowed mountpoint`

In fact, since only `/usr/local` had this actived option, if you attempt 
to run one program, by example on your `$HOME`, this one will not execute. <br>
That's the whole problem with Python environments that need to work in 
your home directory. 

Here the problem with `virtualenv`:

{{< code "dev-python-env-openbsd-virtualenv-error-permission-denied" sh >}}

Egual for `pipenv`:

{{< code "dev-python-env-openbsd-pipenv-failed-create" shell >}}

## Configuration

One only little system change will make our lives easier: 

- create a folder user into `/usr/local`, i.e.: <br> `# mkdir -p /usr/local/${my_user}/python`
- chown user and group rights: <br> `# chown -R ${my_user}:wheel /usr/local/${my_user}`
- create symbolic link:  <br> `# ln -s /usr/local/${my_user}/python $home/python` 

*Of course, replace `${my_user}` by your id!* ;-)

If you use `pipenv`, you need to create a new folder and symlink; read the 
{{< anchor "TL;DR" tldr >}} below.


## TL;DR

Replace `${my_user}` by your session id!

=> For **virtualenv**:  <br>
`# mkdir -p /usr/local/${my_user}/python` <br>
`# chown -R ${my_user}:wheel /usr/local/${my_user}` <br>
`# ln -s /usr/local/${my_user}/python $home/python`

=> For **pipenv**, you need to add more: <br>
`$ mkdir /usr/local/$USER/python/virtualenvs` <br>
`$ ln -s /usr/local/$USER/python/virtualenvs $HOME/.local/share/virtualenvs`

## Documentations

* The **pipenv**: https://pipenv.readthedocs.io/en/latest/
* About the mount option **wxallowed**: [EN][1]

## Aknowledgements

* This article would not exists without [Xavier][4]… 
* and, this other [article][5]: "***Using cabal on OpenBSD***"


---

[1]: https://www.openbsd.org/faq/upgrade60.html
[2]: https://wiki.openbsd.fr.eu.org/doku.php/openbsd.org/faq/upgrade60#changement-de-configuration-et-de-syntaxe
[3]: https://forum.openbsd.fr.eu.org/showthread.php?tid=2352&pid=18773#pid18773
[4]: https://ybad.name/sdj.html
[5]: https://deftly.net/posts/2017-10-12-using-cabal-on-openbsd.html

---