Linux Administration for Nerds
Copyright 2018 Brian Davis - CC-BY-NC-SA
Virtualization is the act of creating a virtual computer. It creates an abstraction layer between hardware and the operating system and allows multiple operating systems or instances of a single operating system to coexist on a single physical machine. She virtual computer is called a virtual machine or VM.
The software that runs virtual machine is called a hypervisor. A type 1 or native hypervisor is an operating system itself that runs on bare hardware. VirtualBox is an example of a type 2 or hosted hypervisor, a piece of software that runs inside a host operating system. The operating system running inside the virtual machine is called the guest. VirtualBox is capable of being running on Windows and Linux hosts, and can have a very wide array of guests.
I use VirtualBox for two main purposes:
- Testing out new operating systems
- Running Windows only apps on a Linux system.
When testing out a new operating system it is very convenient to build the system in VirtualBox, clone it to a USB and then go around installing it on whatever machines I want, be they online or offline. In my chapter on installation methods I will go over this procedure in detail.
VirtualBox gives you a notion of snapshots. These allow you to make backups of the virtual disk to restore. I use these before testing out a new feature, so that I can return to a known good state when something breaks.
In the case where I am running a Windows VM inside VirtualBox it is very convenient to have a snapshot that restores the system to working order. These gives a measure of security, if the Windows system were to become compromised I can easily restore to a known good state. However, in order to really make a VM useful it is necessary to setup a shared folder between the host and guest operating system. This provides a means by which an attack could escape the virtual machine. Using a folder mounted with noexec in Linux provides some mitigation but not completely. This discussion will be continued in the chapter on security.
In my opinion, the greater threat to Windows systems is the constant updates from Microsoft that change settings and functionality without the permission of the user. Having a virtual machine isolated from MS, and with a restore point provides a very stable experience.
Guest Additions (debian)
apt-get install build-essential module-assistant sudo m-a prepare mount [Guest Additions CD] sudo sh /media/cdrom/VBoxLinuxAdditions.run
Remove Guest additions
Setup Shared Folder
This mounts a shared folder from a Windows host into a Linux filesystem. in /etc/rc.local:
mount -t vboxsf -o rw,uid=1000,gid=1000 sf_me /home/brian/me
Watch out for name of shared folder ==
For systemd OSes, see fstab solution below.
me /home/brian/me vboxsf uid=brian,gid=brian,rw,dmode=700,fmode=600,comment=systemd.automount 0 0