Oracle® VM VirtualBox®

User Manual

Oracle Corporation


Table of Contents

Preface
1. Audience
2. Related Documents
3. Conventions
4. Documentation Accessibility
5. Access to Oracle Support
1. First Steps
1.1. Why is Virtualization Useful?
1.2. Some Terminology
1.3. Features Overview
1.4. Supported Host Operating Systems
1.5. Host CPU Requirements
1.6. Installing Oracle VM VirtualBox and Extension Packs
1.7. Starting Oracle VM VirtualBox
1.8. Creating Your First Virtual Machine
1.9. Running Your Virtual Machine
1.9.1. Starting a New VM for the First Time
1.9.2. Capturing and Releasing Keyboard and Mouse
1.9.3. Typing Special Characters
1.9.4. Changing Removable Media
1.9.5. Resizing the Machine's Window
1.9.6. Saving the State of the Machine
1.10. Using VM Groups
1.11. Snapshots
1.11.1. Taking, Restoring, and Deleting Snapshots
1.11.2. Snapshot Contents
1.12. Virtual Machine Configuration
1.13. Removing and Moving Virtual Machines
1.14. Cloning Virtual Machines
1.15. Importing and Exporting Virtual Machines
1.15.1. About the OVF Format
1.15.2. Importing an Appliance in OVF Format
1.15.3. Exporting an Appliance in OVF Format
1.15.4. Exporting an Appliance to Oracle Cloud Infrastructure
1.15.5. The Cloud Profile Manager
1.16. Global Settings
1.17. Alternative Front-Ends
2. Installation Details
2.1. Installing on Windows Hosts
2.1.1. Prerequisites
2.1.2. Performing the Installation
2.1.3. Uninstallation
2.1.4. Unattended Installation
2.1.5. Public Properties
2.2. Installing on Mac OS X Hosts
2.2.1. Performing the Installation
2.2.2. Uninstallation
2.2.3. Unattended Installation
2.3. Installing on Linux Hosts
2.3.1. Prerequisites
2.3.2. The Oracle VM VirtualBox Driver Modules
2.3.3. Performing the Installation
2.3.4. The vboxusers Group
2.3.5. Starting Oracle VM VirtualBox on Linux
2.4. Installing on Oracle Solaris Hosts
2.4.1. Performing the Installation
2.4.2. The vboxuser Group
2.4.3. Starting Oracle VM VirtualBox on Oracle Solaris
2.4.4. Uninstallation
2.4.5. Unattended Installation
2.4.6. Configuring a Zone for Running Oracle VM VirtualBox
3. Configuring Virtual Machines
3.1. Supported Guest Operating Systems
3.1.1. Mac OS X Guests
3.1.2. 64-bit Guests
3.2. Unattended Guest Installation
3.2.1. An Example of Unattended Guest Installation
3.3. Emulated Hardware
3.4. General Settings
3.4.1. Basic Tab
3.4.2. Advanced Tab
3.4.3. Description Tab
3.4.4. Disk Encryption Tab
3.5. System Settings
3.5.1. Motherboard Tab
3.5.2. Processor Tab
3.5.3. Acceleration Tab
3.6. Display Settings
3.6.1. Screen Tab
3.6.2. Remote Display Tab
3.6.3. Recording Tab
3.7. Storage Settings
3.8. Audio Settings
3.9. Network Settings
3.10. Serial Ports
3.11. USB Support
3.11.1. USB Settings
3.11.2. Implementation Notes for Windows and Linux Hosts
3.12. Shared Folders
3.13. User Interface
3.14. Alternative Firmware (EFI)
3.14.1. Video Modes in EFI
3.14.2. Specifying Boot Arguments
4. Guest Additions
4.1. Introduction to Guest Additions
4.2. Installing and Maintaining Guest Additions
4.2.1. Guest Additions for Windows
4.2.2. Guest Additions for Linux
4.2.3. Guest Additions for Oracle Solaris
4.2.4. Guest Additions for OS/2
4.3. Shared Folders
4.3.1. Manual Mounting
4.3.2. Automatic Mounting
4.4. Drag and Drop
4.4.1. Supported Formats
4.4.2. Known Limitations
4.5. Hardware-Accelerated Graphics
4.5.1. Hardware 3D Acceleration (OpenGL and Direct3D 8/9)
4.5.2. Hardware 2D Video Acceleration for Windows Guests
4.6. Seamless Windows
4.7. Guest Properties
4.7.1. Using Guest Properties to Wait on VM Events
4.8. Guest Control File Manager
4.8.1. Using the Guest Control File Manager
4.9. Guest Control of Applications
4.10. Memory Overcommitment
4.10.1. Memory Ballooning
4.10.2. Page Fusion
5. Virtual Storage
5.1. Hard Disk Controllers: IDE, SATA (AHCI), SCSI, SAS, USB MSD, NVMe
5.2. Disk Image Files (VDI, VMDK, VHD, HDD)
5.3. The Virtual Media Manager
5.4. Special Image Write Modes
5.5. Differencing Images
5.6. Cloning Disk Images
5.7. Host Input/Output Caching
5.8. Limiting Bandwidth for Disk Images
5.9. CD/DVD Support
5.10. iSCSI Servers
5.11. vboximg-mount: A Utility for FUSE Mounting a Virtual Disk Image
5.11.1. Viewing Detailed Information About a Virtual Disk Image
5.11.2. Mounting a Virtual Disk Image
6. Virtual Networking
6.1. Virtual Networking Hardware
6.2. Introduction to Networking Modes
6.3. Network Address Translation (NAT)
6.3.1. Configuring Port Forwarding with NAT
6.3.2. PXE Booting with NAT
6.3.3. NAT Limitations
6.4. Network Address Translation Service
6.5. Bridged Networking
6.6. Internal Networking
6.7. Host-Only Networking
6.8. UDP Tunnel Networking
6.9. VDE Networking
6.10. Limiting Bandwidth for Network Input/Output
6.11. Improving Network Performance
7. Remote Virtual Machines
7.1. Remote Display (VRDP Support)
7.1.1. Common Third-Party RDP Viewers
7.1.2. VBoxHeadless, the Remote Desktop Server
7.1.3. Step by Step: Creating a Virtual Machine on a Headless Server
7.1.4. Remote USB
7.1.5. RDP Authentication
7.1.6. RDP Encryption
7.1.7. Multiple Connections to the VRDP Server
7.1.8. Multiple Remote Monitors
7.1.9. VRDP Video Redirection
7.1.10. VRDP Customization
7.2. Teleporting
8. VBoxManage
8.1. Introduction
8.2. Commands Overview
8.3. General Options
8.4. VBoxManage list
8.5. VBoxManage showvminfo
8.6. VBoxManage registervm/unregistervm
8.7. VBoxManage createvm
8.8. VBoxManage modifyvm
8.8.1. General Settings
8.8.2. Networking Settings
8.8.3. Miscellaneous Settings
8.8.4. Recording Settings
8.8.5. Remote Machine Settings
8.8.6. Teleporting Settings
8.8.7. Debugging Settings
8.8.8. USB Card Reader Settings
8.8.9. Autostarting VMs During Host System Boot
8.9. VBoxManage clonevm
8.10. VBoxManage movevm
8.11. VBoxManage import
8.12. VBoxManage export
8.12.1. Export to OVF
8.12.2. Export to Oracle Cloud Infrastructure
8.13. VBoxManage startvm
8.14. VBoxManage controlvm
8.15. VBoxManage discardstate
8.16. VBoxManage adoptstate
8.17. VBoxManage snapshot
8.18. VBoxManage closemedium
8.19. VBoxManage storageattach
8.20. VBoxManage storagectl
8.21. VBoxManage bandwidthctl
8.22. VBoxManage showmediuminfo
8.23. VBoxManage createmedium
8.24. VBoxManage modifymedium
8.25. VBoxManage clonemedium
8.26. VBoxManage mediumproperty
8.27. VBoxManage encryptmedium
8.28. VBoxManage checkmediumpwd
8.29. VBoxManage convertfromraw
8.30. VBoxManage getextradata/setextradata
8.31. VBoxManage setproperty
8.32. VBoxManage usbfilter add/modify/remove
8.33. VBoxManage sharedfolder add/remove
8.34. VBoxManage guestproperty
8.35. VBoxManage guestcontrol
8.36. VBoxManage metrics
8.37. VBoxManage natnetwork
8.38. VBoxManage hostonlyif
8.39. VBoxManage dhcpserver
8.40. VBoxManage usbdevsource
8.41. VBoxManage mediumio
8.42. VBoxManage debugvm
8.43. VBoxManage extpack
8.44. VBoxManage unattended
9. Advanced Topics
9.1. Automated Guest Logins
9.1.1. Automated Windows Guest Logins
9.1.2. Automated Linux and UNIX Guest Logins
9.2. Advanced Configuration for Windows Guests
9.2.1. Automated Windows System Preparation
9.3. Advanced Configuration for Linux and Oracle Solaris Guests
9.3.1. Manual Setup of Selected Guest Services on Linux
9.3.2. Guest Graphics and Mouse Driver Setup in Depth
9.4. CPU Hot-Plugging
9.5. PCI Passthrough
9.6. Webcam Passthrough
9.6.1. Using a Host Webcam in the Guest
9.6.2. Windows Hosts
9.6.3. Mac OS X Hosts
9.6.4. Linux and Oracle Solaris Hosts
9.7. Advanced Display Configuration
9.7.1. Custom VESA Resolutions
9.7.2. Configuring the Maximum Resolution of Guests When Using the Graphical Frontend
9.8. Advanced Storage Configuration
9.8.1. Using a Raw Host Hard Disk From a Guest
9.8.2. Configuring the Hard Disk Vendor Product Data (VPD)
9.8.3. Access iSCSI Targets Using Internal Networking
9.9. Legacy Commands for Using Serial Ports
9.10. Fine Tuning the Oracle VM VirtualBox NAT Engine
9.10.1. Configuring the Address of a NAT Network Interface
9.10.2. Configuring the Boot Server (Next Server) of a NAT Network Interface
9.10.3. Tuning TCP/IP Buffers for NAT
9.10.4. Binding NAT Sockets to a Specific Interface
9.10.5. Enabling DNS Proxy in NAT Mode
9.10.6. Using the Host's Resolver as a DNS Proxy in NAT Mode
9.10.7. Configuring Aliasing of the NAT Engine
9.11. Configuring the BIOS DMI Information
9.12. Configuring Custom ACPI Tables
9.13. Fine Tuning Timers and Time Synchronization
9.13.1. Configuring the Guest Time Stamp Counter (TSC) to Reflect Guest Execution
9.13.2. Accelerate or Slow Down the Guest Clock
9.13.3. Tuning the Guest Additions Time Synchronization Parameters
9.13.4. Disabling the Guest Additions Time Synchronization
9.14. Installing the Alternate Bridged Networking Driver on Oracle Solaris 11 hosts
9.15. Oracle VM VirtualBox VNIC Templates for VLANs on Oracle Solaris 11 Hosts
9.16. Configuring Multiple Host-Only Network Interfaces on Oracle Solaris Hosts
9.17. Configuring the Oracle VM VirtualBox CoreDumper on Oracle Solaris Hosts
9.18. Oracle VM VirtualBox and Oracle Solaris Kernel Zones
9.19. Locking Down the Oracle VM VirtualBox GUI
9.19.1. Customizing the VirtualBox Manager
9.19.2. VM Selector Customization
9.19.3. Configure VM Selector Menu Entries
9.19.4. Configure VM Window Menu Entries
9.19.5. Configure VM Window Status Bar Entries
9.19.6. Configure VM Window Visual Modes
9.19.7. Host Key Customization
9.19.8. Action when Terminating the VM
9.19.9. Default Action when Terminating the VM
9.19.10. Action for Handling a Guru Meditation
9.19.11. Configuring Automatic Mouse Capturing
9.19.12. Requesting Legacy Full-Screen Mode
9.20. Starting the Oracle VM VirtualBox Web Service Automatically
9.20.1. Linux: Starting the Web Service With init
9.20.2. Oracle Solaris: Starting the Web Service With SMF
9.20.3. Mac OS X: Starting the Web Service With launchd
9.21. Oracle VM VirtualBox Watchdog
9.21.1. Memory Ballooning Control
9.21.2. Host Isolation Detection
9.21.3. More Information
9.21.4. Linux: Starting the Watchdog Service With init
9.21.5. Oracle Solaris: Starting the Watchdog Service With SMF
9.22. Other Extension Packs
9.23. Starting Virtual Machines During System Boot
9.23.1. Linux: Starting the Autostart Service With init
9.23.2. Oracle Solaris: Starting the Autostart Service With SMF
9.23.3. Mac OS X: Starting the Autostart Service With launchd
9.24. Oracle VM VirtualBox Expert Storage Management
9.25. Handling of Host Power Management Events
9.26. Passing Through SSE4.1/SSE4.2 Instructions
9.27. Support for Keyboard Indicator Synchronization
9.28. Capturing USB Traffic for Selected Devices
9.29. Configuring the Heartbeat Service
9.30. Encryption of Disk Images
9.30.1. Limitations of Disk Encryption
9.30.2. Encrypting Disk Images
9.30.3. Starting a VM with Encrypted Images
9.30.4. Decrypting Encrypted Images
9.31. Paravirtualized Debugging
9.31.1. Hyper-V Debug Options
9.32. PC Speaker Passthrough
9.33. Accessing USB devices Exposed Over the Network with USB/IP
9.33.1. Setting up USB/IP Support on a Linux System
9.33.2. Security Considerations
9.34. Using Hyper-V with Oracle VM VirtualBox
9.35. Nested Virtualization
9.36. VISO file format / RTIsoMaker
10. Technical Background
10.1. Where Oracle VM VirtualBox Stores its Files
10.1.1. Machines Created by Oracle VM VirtualBox Version 4.0 or Later
10.1.2. Machines Created by Oracle VM VirtualBox Versions Before 4.0
10.1.3. Global Configuration Data
10.1.4. Summary of 4.0 Configuration Changes
10.1.5. Oracle VM VirtualBox XML Files
10.2. Oracle VM VirtualBox Executables and Components
10.3. Hardware vs. Software Virtualization
10.4. Paravirtualization Providers
10.5. Details About Software Virtualization
10.6. Details About Hardware Virtualization
10.7. Nested Paging and VPIDs
11. Oracle VM VirtualBox Programming Interfaces
12. Troubleshooting
12.1. Procedures and Tools
12.1.1. Categorizing and Isolating Problems
12.1.2. Collecting Debugging Information
12.1.3. The Built-In VM Debugger
12.1.4. VM Core Format
12.2. General Troubleshooting
12.2.1. Guest Shows IDE/SATA Errors for File-Based Images on Slow Host File System
12.2.2. Responding to Guest IDE/SATA Flush Requests
12.2.3. Performance Variation with Frequency Boosting
12.2.4. Frequency Scaling Effect on CPU Usage
12.2.5. Inaccurate Windows CPU Usage Reporting
12.2.6. Poor Performance Caused by Host Power Management
12.2.7. GUI: 2D Video Acceleration Option is Grayed Out
12.3. Windows Guests
12.3.1. No USB 3.0 Support in Windows 7 Guests
12.3.2. Windows Bluescreens After Changing VM Configuration
12.3.3. Windows 0x101 Bluescreens with SMP Enabled (IPI Timeout)
12.3.4. Windows 2000 Installation Failures
12.3.5. How to Record Bluescreen Information from Windows Guests
12.3.6. PCnet Driver Failure in 32-bit Windows Server 2003 Guests
12.3.7. No Networking in Windows Vista Guests
12.3.8. Windows Guests may Cause a High CPU Load
12.3.9. Long Delays When Accessing Shared Folders
12.3.10. USB Tablet Coordinates Wrong in Windows 98 Guests
12.3.11. Windows Guests are Removed From an Active Directory Domain After Restoring a Snapshot
12.3.12. Restoring d3d8.dll and d3d9.dll
12.3.13. Windows 3.x Limited to 64 MB RAM
12.4. Linux and X11 Guests
12.4.1. Linux Guests May Cause a High CPU load
12.4.2. AMD Barcelona CPUs
12.4.3. Buggy Linux 2.6 Kernel Versions
12.4.4. Shared Clipboard, Auto-Resizing, and Seamless Desktop in X11 Guests
12.5. Oracle Solaris Guests
12.5.1. Older Oracle Solaris 10 Releases Crash in 64-bit Mode
12.5.2. Certain Oracle Solaris 10 Releases May Take a Long Time to Boot with SMP
12.5.3. Solaris 8 5/01 and Earlier May Crash on Startup
12.6. FreeBSD Guests
12.6.1. FreeBSD 10.0 May Hang with xHCI
12.7. Windows Hosts
12.7.1. VBoxSVC Out-of-Process COM Server Issues
12.7.2. CD/DVD Changes Not Recognized
12.7.3. Sluggish Response When Using Microsoft RDP Client
12.7.4. Running an iSCSI Initiator and Target on a Single System
12.7.5. Bridged Networking Adapters Missing
12.7.6. Host-Only Networking Adapters Cannot be Created
12.8. Linux Hosts
12.8.1. Linux Kernel Module Refuses to Load
12.8.2. Linux Host CD/DVD Drive Not Found
12.8.3. Linux Host CD/DVD Drive Not Found (Older Distributions)
12.8.4. Linux Host Floppy Not Found
12.8.5. Strange Guest IDE Error Messages When Writing to CD/DVD
12.8.6. VBoxSVC IPC Issues
12.8.7. USB Not Working
12.8.8. PAX/grsec Kernels
12.8.9. Linux Kernel vmalloc Pool Exhausted
12.9. Oracle Solaris Hosts
12.9.1. Cannot Start VM, Not Enough Contiguous Memory
12.9.2. VM Aborts With Out of Memory Errors on Oracle Solaris 10 Hosts
13. Security Guide
13.1. General Security Principles
13.2. Secure Installation and Configuration
13.2.1. Installation Overview
13.2.2. Post Installation Configuration
13.3. Security Features
13.3.1. The Security Model
13.3.2. Secure Configuration of Virtual Machines
13.3.3. Configuring and Using Authentication
13.3.4. Potentially Insecure Operations
13.3.5. Encryption
13.4. Security Recommendations
13.4.1. CVE-2018-3646
14. Known Limitations
14.1. Experimental Features
14.2. Known Issues
15. Change Log
15.1. Version 6.0.6 (2019-04-17)
15.2. Version 6.0.4 (2019-01-28)
15.3. Version 6.0.2 (2019-01-15)
15.4. Version 6.0.0 (2018-12-18)
15.5. Change Logs for Legacy Versions
A. Third-Party Materials and Licenses
A.1. Third-Party Materials
A.2. Third-Party Licenses
A.2.1. GNU General Public License (GPL)
A.2.2. GNU Lesser General Public License (LGPL)
A.2.3. Mozilla Public License (MPL)
A.2.4. MIT License
A.2.5. X Consortium License (X11)
A.2.6. zlib License
A.2.7. OpenSSL License
A.2.8. Slirp License
A.2.9. liblzf License
A.2.10. libpng License
A.2.11. lwIP License
A.2.12. libxml License
A.2.13. libxslt Licenses
A.2.14. gSOAP Public License Version 1.3a
A.2.15. Chromium Licenses
A.2.16. curl License
A.2.17. libgd License
A.2.18. BSD License from Intel
A.2.19. libjpeg License
A.2.20. x86 SIMD Extension for IJG JPEG Library License
A.2.21. FreeBSD License
A.2.22. NetBSD License
A.2.23. PCRE License
A.2.24. libffi License
A.2.25. FLTK License
A.2.26. Expat License
A.2.27. Fontconfig License
A.2.28. Freetype License
A.2.29. VPX License
A.2.30. Opus License
A.2.31. FUSE for macOS License
B. Oracle VM VirtualBox Privacy Information
Glossary

List of Figures

1.1. Windows Server 2016 Virtual Machine, Displayed on a Mac OS X Host
1.2. VirtualBox Manager Window, After Initial Startup
1.3. VirtualBox Manager Window, After Creating Virtual Machines
1.4. Creating a New Virtual Machine: Name and Operating System
1.5. Creating a New Virtual Machine: Hard Disk
1.6. Creating a New Virtual Machine: File Location and Size
1.7. Host Key Setting on the Virtual Machine Task Bar
1.8. Closing Down a Virtual Machine
1.9. Groups of Virtual Machines
1.10. Snapshots List For a Virtual Machine
1.11. The Clone Virtual Machine Wizard
1.12. Appliance Settings Screen for Import Appliance
1.13. Appliance Settings Screen, Showing Cloud Profile Settings
1.14. The Cloud Profile Manager
3.1. Storage Settings for a Virtual Machine
4.1. Drag and Drop Menu Options
4.2. Seamless Windows on a Host Desktop
4.3. Guest Control File Manager
5.1. The Virtual Media Manager
5.2. Differencing Images, Shown in Virtual Media Manager

List of Tables

6.1. Overview of Networking Modes
9.1. Host Key Customization
9.2. Web Service Configuration Parameters
9.3. Oracle VM VirtualBox Watchdog Configuration Parameters
9.4. PC Speaker Configuration Options
10.1. Configuration Changes in Version 4.0 or Above

Preface

The Oracle VM VirtualBox User Manual provides an introduction to using Oracle VM VirtualBox. The manual provides information on how to install Oracle VM VirtualBox and use it to create and configure virtual machines.

Audience

This document is intended for both new and existing users of Oracle VM VirtualBox. It is assumed that readers are familiar with Web technologies and have a general understanding of Windows and UNIX platforms.

Related Documents

The documentation for this product is available at:

https://www.oracle.com/technetwork/server-storage/virtualbox/documentation/index.html

Conventions

The following text conventions are used in this document:

  • boldface: Boldface type indicates graphical user interface elements associated with an action, or terms defined in text or the glossary.

  • italic: Italic type indicates book titles, emphasis, or placeholder variables for which you supply particular values.

  • monospace: Monospace type indicates commands within a paragraph, URLs, code in examples, text that appears on the screen, or text that you enter.

Documentation Accessibility

For information about Oracle's commitment to accessibility, visit the Oracle Accessibility Program website at http://www.oracle.com/pls/topic/lookup?ctx=acc&id=docacc.

Access to Oracle Support

Oracle customers that have purchased support have access to electronic support through My Oracle Support. For information, visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=info or visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=trs if you are hearing impaired.

Chapter 1. First Steps

Welcome to Oracle VM VirtualBox.

Oracle VM VirtualBox is a cross-platform virtualization application. What does that mean? For one thing, it installs on your existing Intel or AMD-based computers, whether they are running Windows, Mac OS X, Linux, or Oracle Solaris operating systems (OSes). Secondly, it extends the capabilities of your existing computer so that it can run multiple OSes, inside multiple virtual machines, at the same time. As an example, you can run Windows and Linux on your Mac, run Windows Server 2016 on your Linux server, run Linux on your Windows PC, and so on, all alongside your existing applications. You can install and run as many virtual machines as you like. The only practical limits are disk space and memory.

Oracle VM VirtualBox is deceptively simple yet also very powerful. It can run everywhere from small embedded systems or desktop class machines all the way up to datacenter deployments and even Cloud environments.

The following screenshot shows how Oracle VM VirtualBox, installed on an Apple Mac OS X computer, is running Windows Server 2016 in a virtual machine window.

Figure 1.1. Windows Server 2016 Virtual Machine, Displayed on a Mac OS X Host

Windows Server 2016 Virtual Machine, Displayed on a Mac OS X Host

In this User Manual, we will begin simply with a quick introduction to virtualization and how to get your first virtual machine running with the easy-to-use Oracle VM VirtualBox graphical user interface. Subsequent chapters will go into much more detail covering more powerful tools and features, but fortunately, it is not necessary to read the entire User Manual before you can use Oracle VM VirtualBox.

You can find a summary of Oracle VM VirtualBox's capabilities in Section 1.3, “Features Overview”. For existing Oracle VM VirtualBox users who just want to find out what is new in this release, see the Chapter 15, Change Log.

1.1. Why is Virtualization Useful?

The techniques and features that Oracle VM VirtualBox provides are useful in the following scenarios:

  • Running multiple operating systems simultaneously. Oracle VM VirtualBox enables you to run more than one OS at a time. This way, you can run software written for one OS on another, such as Windows software on Linux or a Mac, without having to reboot to use it. Since you can configure what kinds of virtual hardware should be presented to each such OS, you can install an old OS such as DOS or OS/2 even if your real computer's hardware is no longer supported by that OS.

  • Easier software installations. Software vendors can use virtual machines to ship entire software configurations. For example, installing a complete mail server solution on a real machine can be a tedious task. With Oracle VM VirtualBox, such a complex setup, often called an appliance, can be packed into a virtual machine. Installing and running a mail server becomes as easy as importing such an appliance into Oracle VM VirtualBox.

  • Testing and disaster recovery. Once installed, a virtual machine and its virtual hard disks can be considered a container that can be arbitrarily frozen, woken up, copied, backed up, and transported between hosts.

    On top of that, with the use of another Oracle VM VirtualBox feature called snapshots, one can save a particular state of a virtual machine and revert back to that state, if necessary. This way, one can freely experiment with a computing environment. If something goes wrong, such as prolems after installing software or infecting the guest with a virus, you can easily switch back to a previous snapshot and avoid the need of frequent backups and restores.

    Any number of snapshots can be created, allowing you to travel back and forward in virtual machine time. You can delete snapshots while a VM is running to reclaim disk space.

  • Infrastructure consolidation. Virtualization can significantly reduce hardware and electricity costs. Most of the time, computers today only use a fraction of their potential power and run with low average system loads. A lot of hardware resources as well as electricity is thereby wasted. So, instead of running many such physical computers that are only partially used, one can pack many virtual machines onto a few powerful hosts and balance the loads between them.

1.2. Some Terminology

When dealing with virtualization, and also for understanding the following chapters of this documentation, it helps to acquaint oneself with a bit of crucial terminology, especially the following terms:

  • Host operating system (host OS). This is the OS of the physical computer on which Oracle VM VirtualBox was installed. There are versions of Oracle VM VirtualBox for Windows, Mac OS X, Linux, and Oracle Solaris hosts. See Section 1.4, “Supported Host Operating Systems”.

    Most of the time, this manual discusses all Oracle VM VirtualBox versions together. There may be platform-specific differences which we will point out where appropriate.

  • Guest operating system (guest OS). This is the OS that is running inside the virtual machine. Theoretically, Oracle VM VirtualBox can run any x86 OS. such as DOS, Windows, OS/2, FreeBSD, and OpenBSD. But to achieve near-native performance of the guest code on your machine, we had to go through a lot of optimizations that are specific to certain OSes. So while your favorite OS may run as a guest, we officially support and optimize for a select few, which include the most common OSes.

    See Section 3.1, “Supported Guest Operating Systems”.

  • Virtual machine (VM). This is the special environment that Oracle VM VirtualBox creates for your guest OS while it is running. In other words, you run your guest OS in a VM. Normally, a VM will be shown as a window on your computer's desktop, but depending on which of the various frontends of Oracle VM VirtualBox you use, it can be displayed in full screen mode or remotely on another computer.

    In a more abstract way, internally, Oracle VM VirtualBox thinks of a VM as a set of parameters that determine its behavior. They include hardware settings, such as: how much memory the VM should have, what hard disks Oracle VM VirtualBox should virtualize through which container files, what CDs are mounted. They also include state information, such as: whether the VM is currently running, saved, if the VM has snapshots. These settings are mirrored in the VirtualBox Manager window, as well as the VBoxManage command. See Chapter 8, VBoxManage. In other words, a VM is also what you can see in its Settings dialog.

  • Guest Additions. This refers to special software packages which are shipped with Oracle VM VirtualBox but designed to be installed inside a VM to improve performance of the guest OS and to add extra features. See Chapter 4, Guest Additions.

1.3. Features Overview

The following is a brief outline of Oracle VM VirtualBox's main features:

  • Portability. Oracle VM VirtualBox runs on a large number of 32-bit and 64-bit host OS. See Section 1.4, “Supported Host Operating Systems”.

    Oracle VM VirtualBox is a so-called hosted hypervisor, sometimes referred to as a type 2 hypervisor. Whereas a bare-metal or type 1 hypervisor would run directly on the hardware, Oracle VM VirtualBox requires an existing OS to be installed. It can thus run alongside existing applications on that host.

    To a very large degree, Oracle VM VirtualBox is functionally identical on all of the host platforms, and the same file and image formats are used. This enables you to run virtual machines created on one host on another host with a different host OS. For example, you can create a virtual machine on Windows and then run it under Linux.

    In addition, virtual machines can easily be imported and exported using the Open Virtualization Format (OVF), an industry standard created for this purpose. You can even import OVFs that were created with a different virtualization software. See Section 1.15, “Importing and Exporting Virtual Machines”.

  • No hardware virtualization required. For many scenarios, Oracle VM VirtualBox does not require the processor features built into newer hardware like Intel VT-x or AMD-V. As opposed to many other virtualization solutions, you can therefore use Oracle VM VirtualBox even on older hardware where these features are not present. See Section 10.3, “Hardware vs. Software Virtualization”.

  • Guest Additions: shared folders, seamless windows, 3D virtualization. The Oracle VM VirtualBox Guest Additions are software packages which can be installed inside of supported guest systems to improve their performance and to provide additional integration and communication with the host system. After installing the Guest Additions, a virtual machine will support automatic adjustment of video resolutions, seamless windows, accelerated 3D graphics and more. See Chapter 4, Guest Additions.

    In particular, Guest Additions provide for "shared folders", which let you access files from the host system from within a guest machine. See Section 4.3, “Shared Folders”.

  • Great hardware support. Among others, Oracle VM VirtualBox supports the following:

    • Guest multiprocessing (SMP). Oracle VM VirtualBox can present up to 32 virtual CPUs to each virtual machine, irrespective of how many CPU cores are physically present on your host.

    • USB device support. Oracle VM VirtualBox implements a virtual USB controller and enables you to connect arbitrary USB devices to your virtual machines without having to install device-specific drivers on the host. USB support is not limited to certain device categories. See Section 3.11.1, “USB Settings”.

    • Hardware compatibility. Oracle VM VirtualBox virtualizes a vast array of virtual devices, among them many devices that are typically provided by other virtualization platforms. That includes IDE, SCSI and SATA hard disk controllers, several virtual network cards and sound cards, virtual serial and parallel ports and an Input/Output Advanced Programmable Interrupt Controller (I/O APIC), which is found in many modern PC systems. This eases cloning of PC images from real machines and importing of third-party virtual machines into Oracle VM VirtualBox.

    • Full ACPI support. The Advanced Configuration and Power Interface (ACPI) is fully supported by Oracle VM VirtualBox. This eases cloning of PC images from real machines or third-party virtual machines into Oracle VM VirtualBox. With its unique ACPI power status support, Oracle VM VirtualBox can even report to ACPI-aware guest OSes the power status of the host. For mobile systems running on battery, the guest can thus enable energy saving and notify the user of the remaining power, for example in full screen modes.

    • Multiscreen resolutions. Oracle VM VirtualBox virtual machines support screen resolutions many times that of a physical screen, allowing them to be spread over a large number of screens attached to the host system.

    • Built-in iSCSI support. This unique feature enables you to connect a virtual machine directly to an iSCSI storage server without going through the host system. The VM accesses the iSCSI target directly without the extra overhead that is required for virtualizing hard disks in container files. See Section 5.10, “iSCSI Servers”.

    • PXE Network boot. The integrated virtual network cards of Oracle VM VirtualBox fully support remote booting using the Preboot Execution Environment (PXE).

  • Multigeneration branched snapshots. Oracle VM VirtualBox can save arbitrary snapshots of the state of the virtual machine. You can go back in time and revert the virtual machine to any such snapshot and start an alternative VM configuration from there, effectively creating a whole snapshot tree. See Section 1.11, “Snapshots”. You can create and delete snapshots while the virtual machine is running.

  • VM groups. Oracle VM VirtualBox provides a groups feature that enables the user to organize and control virtual machines collectively, as well as individually. In addition to basic groups, it is also possible for any VM to be in more than one group, and for groups to be nested in a hierarchy. This means you can have groups of groups. In general, the operations that can be performed on groups are the same as those that can be applied to individual VMs: Start, Pause, Reset, Close (Save state, Send Shutdown, Poweroff), Discard Saved State, Show in File System, Sort.

  • Clean architecture and unprecedented modularity. Oracle VM VirtualBox has an extremely modular design with well-defined internal programming interfaces and a clean separation of client and server code. This makes it easy to control it from several interfaces at once. For example, you can start a VM simply by clicking on a button in the Oracle VM VirtualBox graphical user interface and then control that machine from the command line, or even remotely. See Section 1.17, “Alternative Front-Ends”.

    Due to its modular architecture, Oracle VM VirtualBox can also expose its full functionality and configurability through a comprehensive software development kit (SDK), which enables integration of Oracle VM VirtualBox with other software systems. See Chapter 11, Oracle VM VirtualBox Programming Interfaces.

  • Remote machine display. The VirtualBox Remote Desktop Extension (VRDE) enables high-performance remote access to any running virtual machine. This extension supports the Remote Desktop Protocol (RDP) originally built into Microsoft Windows, with special additions for full client USB support.

    The VRDE does not rely on the RDP server that is built into Microsoft Windows. Instead, the VRDE is plugged directly into the virtualization layer. As a result, it works with guest OSes other than Windows, even in text mode, and does not require application support in the virtual machine either. The VRDE is described in detail in Section 7.1, “Remote Display (VRDP Support)”.

    On top of this special capacity, Oracle VM VirtualBox offers you more unique features:

    • Extensible RDP authentication. Oracle VM VirtualBox already supports Winlogon on Windows and PAM on Linux for RDP authentication. In addition, it includes an easy-to-use SDK which enables you to create arbitrary interfaces for other methods of authentication. See Section 7.1.5, “RDP Authentication”.

    • USB over RDP. Using RDP virtual channel support, Oracle VM VirtualBox also enables you to connect arbitrary USB devices locally to a virtual machine which is running remotely on a Oracle VM VirtualBox RDP server. See Section 7.1.4, “Remote USB”.

1.4. Supported Host Operating Systems

Currently, Oracle VM VirtualBox runs on the following host OSes:

  • Windows hosts (64-bit):

    • Windows 7

    • Windows 8

    • Windows 8.1

    • Windows 10 RTM (1507) build 10240

    • Windows 10 November Update (1511) build 10586

    • Windows 10 Anniversary Update (1607) build 14393

    • Windows 10 Creators Update (1703) build 15063

    • Windows 10 Fall Creators Update (1709) build 16299

    • Windows 10 April 2018 Update (1803) build 17134

    • Windows 10 October 2018 Update (1809) build 17763

    • Windows Server 2008 R2

    • Windows Server 2012

    • Windows Server 2012 R2

    • Windows Server 2016

    • Windows Server 2019

  • Mac OS X hosts (64-bit):

    • 10.12 (Sierra)

    • 10.13 (High Sierra)

    • 10.14 (Mojave)

    Intel hardware is required. See also Chapter 14, Known Limitations.

  • Linux hosts (64-bit). Includes the following:

    • Ubuntu 16.04 LTS, 18.04 LTS and 18.10

    • Debian GNU/Linux 9 ("Stretch")

    • Oracle Linux 6 and 7

    • Redhat Enterprise Linux 6 and 7

    • Fedora 28 and 29

    • Gentoo Linux

    • SUSE Linux Enterprise server 12 and 15

    • openSUSE Leap 42.3 and 15.0

    It should be possible to use Oracle VM VirtualBox on most systems based on Linux kernel 2.6 or 3.x using either the Oracle VM VirtualBox installer or by doing a manual installation. See Section 2.3, “Installing on Linux Hosts”. However, the formally tested and supported Linux distributions are those for which we offer a dedicated package.

    Note that Linux 2.4-based host OSes are no longer supported.

  • Oracle Solaris hosts (64-bit only). The following versions are supported with the restrictions listed in Chapter 14, Known Limitations:

    • Oracle Solaris 11

Note that the above list is informal. Oracle support for customers who have a support contract is limited to a subset of the listed host OSes. Also, any feature which is marked as experimental is not supported. Feedback and suggestions about such features are welcome.

1.5. Host CPU Requirements

SSE2 is required, starting with Oracle VM VirtualBox version 5.2.10 and version 5.1.24.

1.6. Installing Oracle VM VirtualBox and Extension Packs

Oracle VM VirtualBox comes in many different packages, and installation depends on your host OS. If you have installed software before, installation should be straightforward. On each host platform, Oracle VM VirtualBox uses the installation method that is most common and easy to use. If you run into trouble or have special requirements, see Chapter 2, Installation Details for details about the various installation methods.

Oracle VM VirtualBox is split into the following components:

1.7. Starting Oracle VM VirtualBox

After installation, you can start Oracle VM VirtualBox as follows:

  • On a Windows host, in the Programs menu, click on the item in the VirtualBox group. On Vista or Windows 7, you can also enter VirtualBox in the search box of the Start menu.

  • On a Mac OS X host, in the Finder, double-click on the VirtualBox item in the Applications folder. You may want to drag this item onto your Dock.

  • On a Linux or Oracle Solaris host, depending on your desktop environment, an Oracle VM VirtualBox item may have been placed in either the System or System Tools group of your Applications menu. Alternatively, you can enter VirtualBox in a terminal window.

When you start Oracle VM VirtualBox for the first time, a window like the following is displayed:

Figure 1.2. VirtualBox Manager Window, After Initial Startup

VirtualBox Manager Window, After Initial Startup

This window is called the VirtualBox Manager. The left pane will later list all your virtual machines. Since you have not yet created any virtual machines, this list is empty. The Tools button provides access to user tools, such as the Virtual Media Manager.

The pane on the right displays the properties of the currently selected virtual machine. Since you do not have any machines yet, the pane displays a welcome message.

The buttons on the right pane are used to create and work with VMs.

The following figure gives an idea of what Oracle VM VirtualBox might look like after you have created some VMs.

Figure 1.3. VirtualBox Manager Window, After Creating Virtual Machines

VirtualBox Manager Window, After Creating Virtual Machines

1.8. Creating Your First Virtual Machine

Click New in the VirtualBox Manager window. A wizard is shown, to guide you through setting up a new virtual machine (VM).

Figure 1.4. Creating a New Virtual Machine: Name and Operating System

Creating a New Virtual Machine: Name and Operating System

On the following pages, the wizard will ask you for the bare minimum of information that is needed to create a VM, in particular:

  1. The Name of the VM will later be shown in the machine list of the VirtualBox Manager window, and it will be used for the VM's files on disk. Even though any name can be used, bear in mind that if you create a few VMs, you will appreciate if you have given your VMs rather informative names."My VM" would thus be less useful than "Windows XP SP2 with OpenOffice", for example.

  2. The Machine Folder is the location where VMs are stored on your computer. The default folder location is shown.

  3. For Operating System Type select the OS that you want to install later. The supported OSes are grouped. If you want to install something very unusual that is not listed, select Other. Depending on your selection, Oracle VM VirtualBox will enable or disable certain VM settings that your guest OS may require. This is particularly important for 64-bit guests. See Section 3.1.2, “64-bit Guests”. It is therefore recommended to always set it to the correct value.

  4. On the next page, select the Memory (RAM) that Oracle VM VirtualBox should allocate every time the virtual machine is started. The amount of memory given here will be taken away from your host machine and presented to the guest OS, which will report this size as the virtual computer's installed RAM.

    Caution

    Choose this setting carefully. The memory you give to the VM will not be available to your host OS while the VM is running, so do not specify more than you can spare. For example, if your host machine has 1 GB of RAM and you enter 512 MB as the amount of RAM for a particular virtual machine, while that VM is running, you will only have 512 MB left for all the other software on your host. If you run two VMs at the same time, even more memory will be allocated for the second VM, which may not even be able to start if that memory is not available. On the other hand, you should specify as much as your guest OS and your applications will require to run properly.

    A Windows XP guest will require at least a few hundred MB of RAM to run properly, and Windows Vista will not install with less than 512 MB. If you want to run graphics-intensive applications in your VM, you may require even more RAM.

    As a rule of thumb, if you have 1 GB of RAM or more in your host computer, it is usually safe to allocate 512 MB to each VM. In any case, make sure you always have at least 256 to 512 MB of RAM left on your host OS. Otherwise you may cause your host OS to excessively swap out memory to your hard disk, effectively bringing your host system to a standstill.

    As with the other settings, you can change this setting later, after you have created the VM.

  5. Next, you must specify a Virtual Hard Disk for your VM.

    There are many and potentially complicated ways in which Oracle VM VirtualBox can provide hard disk space to a VM, see Chapter 5, Virtual Storage, but the most common way is to use a large image file on your "real" hard disk, whose contents Oracle VM VirtualBox presents to your VM as if it were a complete hard disk. This file represents an entire hard disk then, so you can even copy it to another host and use it with another Oracle VM VirtualBox installation.

    The wizard displays the following window:

    Figure 1.5. Creating a New Virtual Machine: Hard Disk

    Creating a New Virtual Machine: Hard Disk

    At this screen, you have the following options:

    • To create a new, empty virtual hard disk, click the Create button.

    • You can pick an existing disk image file.

      The drop-down list presented in the window lists all disk images which are currently remembered by Oracle VM VirtualBox. These disk images are currently attached to a virtual machine, or have been attached to a virtual machine.

      Alternatively, click on the small folder icon next to the drop-down list. In the displayed file dialog, you can click Add to select any disk image file on your host disk.

    If you are using Oracle VM VirtualBox for the first time, you will want to create a new disk image. Click the Create button.

    This displays another window, the Create Virtual Hard Disk Wizard wizard. This wizard helps you to create a new disk image file in the new virtual machine's folder.

    Oracle VM VirtualBox supports the following types of image files:

    • A dynamically allocated file will only grow in size when the guest actually stores data on its virtual hard disk. It will therefore initially be small on the host hard drive and only later grow to the size specified as it is filled with data.

    • A fixed-size file will immediately occupy the file specified, even if only a fraction of the virtual hard disk space is actually in use. While occupying much more space, a fixed-size file incurs less overhead and is therefore slightly faster than a dynamically allocated file.

    For details about the differences, see Section 5.2, “Disk Image Files (VDI, VMDK, VHD, HDD)”.

    To prevent your physical hard disk from running full, Oracle VM VirtualBox limits the size of the image file. Still, it needs to be large enough to hold the contents of your OS and the applications you want to install. For a modern Windows or Linux guest, you will probably need several gigabytes for any serious use. The limit of the image file size can be changed later, see Section 8.24, “VBoxManage modifymedium”.

    Figure 1.6. Creating a New Virtual Machine: File Location and Size

    Creating a New Virtual Machine: File Location and Size

    After having selected or created your image file, click Next to go to the next page.

  6. Click Create, to create your new virtual machine. The virtual machine is displayed in the list on the left side of the VirtualBox Manager window, with the name that you entered initially.

Note

After becoming familiar with the use of wizards, consider using the Expert Mode available in some wizards. Where available, this is selectable using a button, and speeds up the process of using wizards.

1.9. Running Your Virtual Machine

To start a virtual machine, you have several options:

  • Double-click on the VM's entry in the list in the VirtualBox Manager window.

  • Select the VM's entry in the list in the VirtualBox Manager window, and click Start at the top of the window.

  • Go to the VirtualBox VMs folder in your system user's home directory. Find the subdirectory of the machine you want to start and double-click on the machine settings file. This file has a .vbox file extension.

Starting a virtual machine displays a new window, and the virtual machine which you selected will boot up. Everything which would normally be seen on the virtual system's monitor is shown in the window. See the screenshot image in Chapter 1, First Steps.

In general, you can use the virtual machine as you would use a real computer. There are couple of points worth mentioning however.

1.9.1. Starting a New VM for the First Time

When a VM is started for the first time, the First Start Wizard, is displayed. This wizard helps you to select an installation medium. Since the VM is created empty, it would otherwise behave just like a real computer with no OS installed. It will do nothing and display an error message that no bootable OS was found.

For this reason, the wizard helps you to select a medium to install an OS from.

  • If you have physical CD or DVD media from which you want to install your guest OS, such as a Windows installation CD or DVD, put the media into your host's CD or DVD drive.

    In the wizard's drop-down list of installation media, select Host Drive with the correct drive letter. In the case of a Linux host, choose a device file. This will allow your VM to access the media in your host drive, and you can proceed to install from there.

  • If you have downloaded installation media from the Internet in the form of an ISO image file such as with a Linux distribution, you would normally burn this file to an empty CD or DVD and proceed as described above. With Oracle VM VirtualBox however, you can skip this step and mount the ISO file directly. Oracle VM VirtualBox will then present this file as a CD or DVD-ROM drive to the virtual machine, much like it does with virtual hard disk images.

    In this case, the wizard's drop-down list contains a list of installation media that were previously used with Oracle VM VirtualBox.

    If your medium is not in the list, especially if you are using Oracle VM VirtualBox for the first time, click the small folder icon next to the drop-down list to display a standard file dialog. Here you can pick an image file on your host disks.

After completing the choices in the wizard, you will be able to install your OS.

1.9.2. Capturing and Releasing Keyboard and Mouse

Oracle VM VirtualBox provides a virtual USB tablet device to new virtual machines through which mouse events are communicated to the guest OS. If you are running a modern guest OS that can handle such devices, mouse support may work out of the box without the mouse being captured as described below. See Section 3.5.1, “Motherboard Tab”.

Otherwise, if the virtual machine only sees standard PS/2 mouse and keyboard devices, since the OS in the virtual machine does not know that it is not running on a real computer, it expects to have exclusive control over your keyboard and mouse. But unless you are running the VM in full screen mode, your VM needs to share keyboard and mouse with other applications and possibly other VMs on your host.

After installing a guest OS and before you install the Guest Additions, described later, either your VM or the rest of your computer can "own" the keyboard and the mouse. Both cannot own the keyboard and mouse at the same time. You will see a second mouse pointer which is always confined to the limits of the VM window. You activate the VM by clicking inside it.

To return ownership of keyboard and mouse to your host OS, Oracle VM VirtualBox reserves a special key on your keyboard: the Host key. By default, this is the right Ctrl key on your keyboard. On a Mac host, the default Host key is the left Command key. You can change this default in the Oracle VM VirtualBox Global Settings. See Section 1.16, “Global Settings”. The current setting for the Host key is always displayed at the bottom right of your VM window.

Figure 1.7. Host Key Setting on the Virtual Machine Task Bar

Host Key Setting on the Virtual Machine Task Bar

This means the following:

  • Your keyboard is owned by the VM if the VM window on your host desktop has the keyboard focus. If you have many windows open in your guest OS, the window that has the focus in your VM is used. This means that if you want to enter text within your VM, click on the title bar of your VM window first.

    To release keyboard ownership, press the Host key. As explained above, this is typically the right Ctrl key.

    Note that while the VM owns the keyboard, some key sequences, such as Alt-Tab, will no longer be seen by the host, but will go to the guest instead. After you press the Host key to reenable the host keyboard, all key presses will go through the host again, so that sequences such as Alt-Tab will no longer reach the guest. For technical reasons it may not be possible for the VM to get all keyboard input even when it does own the keyboard. Examples of this are the Ctrl-Alt-Del sequence on Windows hosts or single keys grabbed by other applications on X11 hosts like the GNOME desktop's "Control key highlights mouse pointer" functionality.

  • Your mouse is owned by the VM only after you have clicked in the VM window. The host mouse pointer will disappear, and your mouse will drive the guest's pointer instead of your normal mouse pointer.

    Note that mouse ownership is independent of that of the keyboard. Even after you have clicked on a titlebar to be able to enter text into the VM window, your mouse is not necessarily owned by the VM yet.

    To release ownership of your mouse by the VM, press the Host key.

As this behavior can be inconvenient, Oracle VM VirtualBox provides a set of tools and device drivers for guest systems called the Oracle VM VirtualBox Guest Additions which make VM keyboard and mouse operation a lot more seamless. Most importantly, the Additions will get rid of the second "guest" mouse pointer and make your host mouse pointer work directly in the guest. See Chapter 4, Guest Additions.

1.9.3. Typing Special Characters

OSes expect certain key combinations to initiate certain procedures. Some of these key combinations may be difficult to enter into a virtual machine, as there are three candidates as to who receives keyboard input: the host OS, Oracle VM VirtualBox, or the guest OS. Which of these three receives keypresses depends on a number of factors, including the key itself.

  • Host OSes reserve certain key combinations for themselves. For example, it is impossible to enter the Ctrl+Alt+Delete combination if you want to reboot the guest OS in your virtual machine, because this key combination is usually hard-wired into the host OS, both Windows and Linux intercept this, and pressing this key combination will therefore reboot your host.

    On Linux and Oracle Solaris hosts, which use the X Window System, the key combination Ctrl+Alt+Backspace normally resets the X server and restarts the entire graphical user interface. As the X server intercepts this combination, pressing it will usually restart your host graphical user interface and kill all running programs, including Oracle VM VirtualBox, in the process.

    On Linux hosts supporting virtual terminals, the key combination Ctrl+Alt+Fx, where Fx is one of the function keys from F1 to F12, normally enables you to switch between virtual terminals. As with Ctrl+Alt+Delete, these combinations are intercepted by the host OS and therefore always switch terminals on the host.

    If, instead, you want to send these key combinations to the guest OS in the virtual machine, you will need to use one of the following methods:

    • Use the items in the Input, Keyboard menu of the virtual machine window. This menu includes the settings Insert Ctrl+Alt+Delete and Ctrl+Alt+Backspace. The latter will only have an effect with Linux or Oracle Solaris guests, however.

      This menu also includes an option for inserting the Host key combination.

    • Use special key combinations with the Host key, normally the right Control key. Oracle VM VirtualBox will then translate these key combinations for the virtual machine:

      • Host key + Del to send Ctrl+Alt+Del to reboot the guest.

      • Host key + Backspace to send Ctrl+Alt+Backspace to restart the graphical user interface of a Linux or Oracle Solaris guest.

      • Host key + Function key. For example, to simulate Ctrl+Alt+Fx to switch between virtual terminals in a Linux guest.

  • For some other keyboard combinations such as Alt-Tab to switch between open windows, Oracle VM VirtualBox enables you to configure whether these combinations will affect the host or the guest, if a virtual machine currently has the focus. This is a global setting for all virtual machines and can be found under File, Preferences, Input.

1.9.4. Changing Removable Media

While a virtual machine is running, you can change removable media in the Devices menu of the VM's window. Here you can select in detail what Oracle VM VirtualBox presents to your VM as a CD, DVD, or floppy drive.

The settings are the same as those available for the VM in the Settings dialog of the Oracle VM VirtualBox main window. But as the Settings dialog is disabled while the VM is in the Running or Saved state, the Devices menu saves you from having to shut down and restart the VM every time you want to change media.

Using the Devices menu, you can attach the host drive to the guest or select a floppy or DVD image, as described in Section 3.7, “Storage Settings”.

The Devices menu also includes an option for creating a virtual ISO (VISO) from selected files on the host.

1.9.5. Resizing the Machine's Window

You can resize the virtual machine's window when it is running. In that case, one of the following things will happen:

  1. If you have scaled mode enabled, then the virtual machine's screen will be scaled to the size of the window. This can be useful if you have many machines running and want to have a look at one of them while it is running in the background. Alternatively, it might be useful to enlarge a window if the VM's output screen is very small, for example because you are running an old OS in it.

    To enable scaled mode, press Host key + C, or select Scaled Mode from the View menu in the VM window. To leave scaled mode, press Host key + C again.

    The aspect ratio of the guest screen is preserved when resizing the window. To ignore the aspect ratio, press Shift during the resize operation.

    See Chapter 14, Known Limitations for additional remarks.

  2. If you have the Guest Additions installed and they support automatic resizing, the Guest Additions will automatically adjust the screen resolution of the guest OS. For example, if you are running a Windows guest with a resolution of 1024x768 pixels and you then resize the VM window to make it 100 pixels wider, the Guest Additions will change the Windows display resolution to 1124x768.

    See Chapter 4, Guest Additions.

  3. Otherwise, if the window is bigger than the VM's screen, the screen will be centered. If it is smaller, then scroll bars will be added to the machine window.

1.9.6. Saving the State of the Machine

When you click on the Close button of your virtual machine window, at the top right of the window, just like you would close any other window on your system, Oracle VM VirtualBox asks you whether you want to save or power off the VM. As a shortcut, you can also press Host key + Q.

Figure 1.8. Closing Down a Virtual Machine

Closing Down a Virtual Machine

The difference between the three options is crucial. They mean the following:

  • Save the machine state: With this option, Oracle VM VirtualBox freezes the virtual machine by completely saving its state to your local disk.

    When you start the VM again later, you will find that the VM continues exactly where it was left off. All your programs will still be open, and your computer resumes operation. Saving the state of a virtual machine is thus in some ways similar to suspending a laptop computer by closing its lid.

  • Send the shutdown signal. This will send an ACPI shutdown signal to the virtual machine, which has the same effect as if you had pressed the power button on a real computer. So long as the VM is running a fairly modern OS, this should trigger a proper shutdown mechanism from within the VM.

  • Power off the machine: With this option, Oracle VM VirtualBox also stops running the virtual machine, but without saving its state.

    Warning

    This is equivalent to pulling the power plug on a real computer without shutting it down properly. If you start the machine again after powering it off, your OS will have to reboot completely and may begin a lengthy check of its virtual system disks. As a result, this should not normally be done, since it can potentially cause data loss or an inconsistent state of the guest system on disk.

    As an exception, if your virtual machine has any snapshots, see Section 1.11, “Snapshots”, you can use this option to quickly restore the current snapshot of the virtual machine. In that case, powering off the machine will not disrupt its state, but any changes made since that snapshot was taken will be lost.

The Discard button in the VirtualBox Manager window discards a virtual machine's saved state. This has the same effect as powering it off, and the same warnings apply.

1.10. Using VM Groups

VM groups enable the user to create ad hoc groups of VMs, and to manage and perform functions on them collectively, as well as individually.

The following figure shows VM groups displayed in VirtualBox Manager.

Figure 1.9. Groups of Virtual Machines

Groups of Virtual Machines

The following features are available for groups:

  • Create a group using the VirtualBox Manager. Do one of the following:

    • Drag one VM on top of another VM.

    • Select multiple VMs and select Group from the right-click menu.

  • Create and manage a group using the command line. Do one of the following:

    • Create a group and assign a VM. For example:

      VBoxManage modifyvm "vm01" --groups "/TestGroup"

      This command creates a group "TestGroup" and attaches the VM "vm01" to that group.

    • Detach a VM from the group, and delete the group if empty. For example:

      VBoxManage modifyvm "vm01" --groups ""

      This command detaches all groups from the VM "vm01" and deletes the empty group.

  • Create multiple groups. For example:

    VBoxManage modifyvm "vm01" --groups "/TestGroup,/TestGroup2"

    This command creates the groups "TestGroup" and "TestGroup2", if they do not exist, and attaches the VM "vm01" to both of them.

  • Create nested groups, having a group hierarchy. For example:

    VBoxManage modifyvm "vm01" --groups "/TestGroup/TestGroup2"

    This command attaches the VM "vm01" to the subgroup "TestGroup2" of the "TestGroup" group.

  • The following is a summary of group commands: Start, Pause, Reset, Close (save state, send shutdown signal, poweroff), Discard Saved State, Show in File System, Sort.

1.11. Snapshots

With snapshots, you can save a particular state of a virtual machine for later use. At any later time, you can revert to that state, even though you may have changed the VM considerably since then. A snapshot of a virtual machine is thus similar to a machine in Saved state, but there can be many of them, and these saved states are preserved.

To see the snapshots of a virtual machine, click on the machine name in VirtualBox Manager. Then click the List icon next to the machine name, and select Snapshots. Until you take a snapshot of the machine, the list of snapshots will be empty except for the Current State item, which represents the "now" point in the lifetime of the virtual machine.

1.11.1. Taking, Restoring, and Deleting Snapshots

There are three operations related to snapshots, as follows:

  1. Take a snapshot. This makes a copy of the machine's current state, to which you can go back at any given time later.

    • If your VM is running, select Take Snapshot from the Machine pull-down menu of the VM window.

    • If your VM is in either the Saved or the Powered Off state, as displayed next to the VM name in the Oracle VM VirtualBox main window, click the List icon next to the machine name and select Snapshots. The snapshots window is shown. Do one of the following:

      • Click the Take icon.

      • Right-click on the Current State item in the list and select Take.

    In either case, a window is displayed prompting you for a snapshot name. This name is purely for reference purposes to help you remember the state of the snapshot. For example, a useful name would be "Fresh installation from scratch, no Guest Additions", or "Service Pack 3 just installed". You can also add a longer text in the Description field.

    Your new snapshot will then appear in the snapshots list. Underneath your new snapshot, you will see an item called Current State, signifying that the current state of your VM is a variation based on the snapshot you took earlier. If you later take another snapshot, you will see that they are displayed in sequence, and that each subsequent snapshot is derived from an earlier one.

    Figure 1.10. Snapshots List For a Virtual Machine

    Snapshots List For a Virtual Machine

    Oracle VM VirtualBox imposes no limits on the number of snapshots you can take. The only practical limitation is disk space on your host. Each snapshot stores the state of the virtual machine and thus occupies some disk space. See Section 1.11.2, “Snapshot Contents” for details on what is stored in a snapshot.

  2. Restore a snapshot. In the list of snapshots, right-click on any snapshot you have taken and select Restore. By restoring a snapshot, you go back or forward in time. The current state of the machine is lost, and the machine is restored to the exact state it was in when the snapshot was taken.

    Note

    Restoring a snapshot will affect the virtual hard drives that are connected to your VM, as the entire state of the virtual hard drive will be reverted as well. This means also that all files that have been created since the snapshot and all other file changes will be lost. In order to prevent such data loss while still making use of the snapshot feature, it is possible to add a second hard drive in write-through mode using the VBoxManage interface and use it to store your data. As write-through hard drives are not included in snapshots, they remain unaltered when a machine is reverted. See Section 5.4, “Special Image Write Modes”.

    To avoid losing the current state when restoring a snapshot, you can create a new snapshot before the restore operation.

    By restoring an earlier snapshot and taking more snapshots from there, it is even possible to create a kind of alternate reality and to switch between these different histories of the virtual machine. This can result in a whole tree of virtual machine snapshots, as shown in the screenshot above.

  3. Delete a snapshot. This does not affect the state of the virtual machine, but only releases the files on disk that Oracle VM VirtualBox used to store the snapshot data, thus freeing disk space. To delete a snapshot, right-click on the snapshot name in the snapshots tree and select Delete. Snapshots can be deleted even while a machine is running.

    Note

    Whereas taking and restoring snapshots are fairly quick operations, deleting a snapshot can take a considerable amount of time since large amounts of data may need to be copied between several disk image files. Temporary disk files may also need large amounts of disk space while the operation is in progress.

    There are some situations which cannot be handled while a VM is running, and you will get an appropriate message that you need to perform this snapshot deletion when the VM is shut down.

1.11.2. Snapshot Contents

Think of a snapshot as a point in time that you have preserved. More formally, a snapshot consists of the following:

  • The snapshot contains a complete copy of the VM settings, including the hardware configuration, so that when you restore a snapshot, the VM settings are restored as well. For example, if you changed the hard disk configuration or the VM's system settings, that change is undone when you restore the snapshot.

    The copy of the settings is stored in the machine configuration, an XML text file, and thus occupies very little space.

  • The complete state of all the virtual disks attached to the machine is preserved. Going back to a snapshot means that all changes that had been made to the machine's disks, file by file and bit by bit, will be undone as well. Files that were since created will disappear, files that were deleted will be restored, changes to files will be reverted.

    Strictly speaking, this is only true for virtual hard disks in "normal" mode. You can configure disks to behave differently with snapshots, see Section 5.4, “Special Image Write Modes”. In technical terms, it is not the virtual disk itself that is restored when a snapshot is restored. Instead, when a snapshot is taken, Oracle VM VirtualBox creates differencing images which contain only the changes since the snapshot were taken. When the snapshot is restored, Oracle VM VirtualBox throws away that differencing image, thus going back to the previous state. This is both faster and uses less disk space. For the details, which can be complex, see Section 5.5, “Differencing Images”.

    Creating the differencing image as such does not occupy much space on the host disk initially, since the differencing image will initially be empty and grow dynamically later with each write operation to the disk. The longer you use the machine after having created the snapshot, however, the more the differencing image will grow in size.

  • If you took a snapshot while the machine was running, the memory state of the machine is also saved in the snapshot. This is in the same way that memory can be saved when you close a VM window. When you restore such a snapshot, execution resumes at exactly the point when the snapshot was taken.

    The memory state file can be as large as the memory size of the virtual machine and will therefore occupy quite some disk space as well.

1.12. Virtual Machine Configuration

When you select a virtual machine from the list in the VirtualBox Manager window, you will see a summary of that machine's settings on the right.

Clicking on Settings displays a window, where you can configure many of the properties of the selected VM. But be careful when changing VM settings. It is possible to change all VM settings after installing a guest OS, but certain changes might prevent a guest OS from functioning correctly if done after installation.

Note

The Settings button is disabled while a VM is either in the Running or Saved state. This is because the Settings dialog enables you to change fundamental characteristics of the virtual machine that is created for your guest OS. For example, the guest OS may not perform well if half of its memory is taken away. As a result, if the Settings button is disabled, shut down the current VM first.

Oracle VM VirtualBox provides a wide range of parameters that can be changed for a virtual machine. The various settings that can be changed in the Settings window are described in detail in Chapter 3, Configuring Virtual Machines. Even more parameters are available when using the VBoxManage command line interface. See Chapter 8, VBoxManage.

1.13. Removing and Moving Virtual Machines

You can remove a VM from Oracle VM VirtualBox or move the VM and its associated files, such as disk images, to another location on the host.

  • Removing a VM. To remove a VM, right-click on the VM in the VirtualBox Manager's machine list and select Remove.

    The confirmation dialog enables you to specify whether to only remove the VM from the list of machines or to remove the files associated with the VM.

    Note that the Remove menu item is disabled while a VM is running.

  • Moving a VM. To move a VM to a new location on the host, right-click on the VM in the VirtualBox Manager's machine list and select Move.

    The file dialog prompts you to specify a new location for the VM.

    When you move a VM, Oracle VM VirtualBox configuration files are updated automatically to use the new location on the host.

    Note that the Move menu item is disabled while a VM is running.

    You can also use the VBoxManage movevm command to move a VM. See Section 8.10, “VBoxManage movevm”.

For information about removing or moving a disk image file from Oracle VM VirtualBox, see Section 5.3, “The Virtual Media Manager”.

1.14. Cloning Virtual Machines

You can create a full copy or a linked copy of an existing VM. This copy is called a clone. You might use a cloned VM to experiment with a VM configuration, to test different guest OS levels, or to back up a VM.

The Clone Virtual Machine wizard guides you through the cloning process.

Figure 1.11. The Clone Virtual Machine Wizard

The Clone Virtual Machine Wizard

Start the wizard by clicking Clone in the right-click menu of the VirtualBox Manager's machine list or in the Snapshots view of the selected VM.

Specify a new Name for the clone. You can choose a Path for the cloned virtual machine, otherwise Oracle VM VirtualBox uses the default machines folder.

The Clone Type option specifies whether to create a clone linked to the source VM or to create a fully independent clone:

  • Full Clone: Copies all dependent disk images to the new VM folder. A full clone can operate fully without the source VM.

  • Linked Clone: Creates new differencing disk images based on the source VM disk images. If you select the current state of the source VM as the clone point, Oracle VM VirtualBox creates a new snapshot.

The Snapshots option specifies whether to create a clone of the current machine state only or of everything.

  • Everything: Clones the current machine state and all its snapshots.

  • Current Machine State and All Children:. Clones a VM snapshot and all its child snapshots.

The following clone options are available:

  • MAC Address Policy: Specifies how to retain network card MAC addresses when cloning the VM.

    For example, the Generate New MAC Addresses For All Network Adapters value assigns a new MAC address to each network card during cloning. This is the default setting. This is the best option when both the source VM and the cloned VM must operate on the same network. Other values enable you to retain the existing MAC addresses in the cloned VM.

  • Keep Disk Names: Retains the disk image names when cloning the VM.

  • Keep Hardware UUIDs: Retains the hardware universally unique identifiers (UUIDs) when cloning the VM.

The duration of the clone operation depends on the size and number of attached disk images. In addition, the clone operation saves all the differencing disk images of a snapshot.

Note that the Clone menu item is disabled while a machine is running.

You can also use the VBoxManage clonevm command to clone a VM. See Section 8.9, “VBoxManage clonevm”.

1.15. Importing and Exporting Virtual Machines

Oracle VM VirtualBox can import and export virtual machines in the following formats:

1.15.1. About the OVF Format

OVF is a cross-platform standard supported by many virtualization products which enables the creation of ready-made virtual machines that can then be imported into a hypervisor such as Oracle VM VirtualBox. Oracle VM VirtualBox makes OVF import and export easy to do, using the VirtualBox Manager window or the command-line interface.

Using OVF enables packaging of virtual appliances. These are disk images, together with configuration settings that can be distributed easily. This way one can offer complete ready-to-use software packages, including OSes with applications, that need no configuration or installation except for importing into Oracle VM VirtualBox.

Note

The OVF standard is complex, and support in Oracle VM VirtualBox is an ongoing process. In particular, no guarantee is made that Oracle VM VirtualBox supports all appliances created by other virtualization software. For a list of known limitations, see Chapter 14, Known Limitations.

Appliances in OVF format can appear in the following variants:

  • They can come in several files, as one or several disk images, typically in the widely-used VMDK format. See Section 5.2, “Disk Image Files (VDI, VMDK, VHD, HDD)”. They also include a textual description file in an XML dialect with an .ovf extension. These files must then reside in the same directory for Oracle VM VirtualBox to be able to import them.

  • Alternatively, the above files can be packed together into a single archive file, typically with an .ova extension. Such archive files use a variant of the TAR archive format and can therefore be unpacked outside of Oracle VM VirtualBox with any utility that can unpack standard TAR files.

Note

OVF cannot describe snapshots that were taken for a virtual machine. As a result, when you export a virtual machine that has snapshots, only the current state of the machine will be exported. The disk images in the export will have a flattened state identical to the current state of the virtual machine.

1.15.2. Importing an Appliance in OVF Format

The following steps show how to import an appliance in OVF format.

  1. Double-click on the OVF or OVA file.

    Oracle VM VirtualBox creates file type associations automatically for any OVF and OVA files on your host OS.

  2. Select File, Import Appliance from the VirtualBox Manager window.

    From the file dialog, go to the file with either the .ovf or the .ova file extension.

    Click Import to open the Appliance Settings screen.

    Figure 1.12. Appliance Settings Screen for Import Appliance

    Appliance Settings Screen for Import Appliance

    This screen shows the VMs described in the OVF or OVA file and enables you to change the VM settings.

    By default, membership of VM groups is preserved on import for VMs that were initially exported from Oracle VM VirtualBox. You can change this behavior by using the Primary Group setting for the VM.

    The following global settings apply to all of the VMs that you import:

    • Base Folder: Specifies the directory on the host in which to store the imported VMs.

      If an appliance has multiple VMs, you can specify a different directory for each VM by editing the Base Folder setting for the VM.

    • MAC Address Policy: Reinitializes the MAC addresses of network cards in your VMs prior to import, by default. You can override the default behavior and preserve the MAC addresses on import.

    • Import Hard Drives as VDI: Imports hard drives in the VDI format rather that in the defalut VMDK format.

  3. Click Import to import the appliance.

    Oracle VM VirtualBox copies the disk images and creates local VMs with the settings described on the Appliance Settings screen. The imported VMs are shown in the list of VMs in VirtualBox Manager.

    Because disk images are large, the VMDK images that are included with virtual appliances are shipped in a compressed format that cannot be used directly by VMs. So, the images are first unpacked and copied, which might take several minutes.

You can use the VBoxManage import command to import an appliance. See Section 8.11, “VBoxManage import”.

1.15.3. Exporting an Appliance in OVF Format

The following steps show how to export an appliance in OVF format.

  1. Select File, Export Appliance to open the Export Virtual Appliance wizard.

    From the initial window, you can combine several VMs into an OVF appliance.

    Select one or more VMs to export, and click Next.

  2. The Appliance Settings screen enables you to select the following settings:

    • Format: Selects the Open Virtualization Format value for the output files.

      The Oracle Cloud Infrastructure value exports export to Oracle Cloud Infrastructure. See Section 1.15.4, “Exporting an Appliance to Oracle Cloud Infrastructure”.

    • File: Selects the location in which to store the exported files.

    • MAC Address Policy: Specifies whether to retain or reassign network card MAC addresses on export.

    • Write Manifest File: Enables you to include a manifest file in the exported archive file.

    • Include ISO Image Files: Enables you to include ISO image files in the exported archive file.

  3. Click Next to show the Virtual System Settings screen.

    You can edit settings for the virtual appliance. For example, you can change the name of the virtual appliance or add product information, such as vendor details or license text.

    Double-click the appropriate field to change its value.

  4. Click Export to begin the export process. Note that this operation might take several minutes.

You can use the VBoxManage export command to export an appliance. See Section 8.12, “VBoxManage export”.

1.15.4. Exporting an Appliance to Oracle Cloud Infrastructure

Oracle VM VirtualBox supports the export of VMs to an Oracle Cloud Infrastructure service.

Before you can export a VM to Oracle Cloud Infrastructure, ensure that you perform the following configuration steps:

  • Generate an API signing key pair that is used for API requests to Oracle Cloud Infrastructure.

    • The key pair is usually installed in the .oci folder in your home directory. For example, ~/.oci on a Linux system.

    • Upload the public key of the key pair to the cloud service.

    For step-by-step instructions for creating and uploading an API signing key for Oracle Cloud Infrastructure, see:

    https://docs.cloud.oracle.com/iaas/Content/API/Concepts/apisigningkey.htm#How

  • Create a profile for your cloud account.

    The cloud profile contains resource identifiers for your cloud account, such as your user OCID, and the fingerprint for your public key. You can create a cloud profile in the following ways:

    • Automatically by using the Cloud Profile Manager. See Section 1.15.5, “The Cloud Profile Manager”.

    • Manually by creating an oci_config file in your Oracle VM VirtualBox global configuration directory. For example, this is $HOME/.config/VirtualBox/oci_config on a Linux host.

    • Manually by creating a config file in your Oracle Cloud Infrastructure configuration directory. For example, this is $HOME/.oci/config on a Linux host.

      This is the same file that is used by the Oracle Cloud Infrastructure command line interface.

      Oracle VM VirtualBox automatically uses the config file if no cloud profile file is present in your global configuration directory. Alternatively, you can import this file manually into the Cloud Profile Manager.

    For more information about the cloud profile settings used by Oracle Cloud Infrastructure see:

    https://docs.cloud.oracle.com/iaas/Content/API/Concepts/sdkconfig.htm

  • Ensure that the subnets that are used by source VMs are available in the target compartment on the cloud service.

Perform the following steps to export a VM to Oracle Cloud Infrastructure:

  1. Select File, Export Appliance to open the Export Virtual Appliance wizard.

    Select a VM to export and click Next to open the Appliance Settings screen.

  2. From the Format drop-down list, select Oracle Cloud Infrastructure.

    In the Account drop-down list, select your Oracle Cloud Infrastructure account.

    You can set up Oracle Cloud Infrastructure accounts by using the Cloud Profile Manager.

    The list after the Account field shows the profile settings for your cloud account.

    Figure 1.13. Appliance Settings Screen, Showing Cloud Profile Settings

    Appliance Settings Screen, Showing Cloud Profile Settings

    Click Next to make an API request to the Oracle Cloud Infrastructure service and open the Virtual System Settings screen.

  3. Optionally edit settings used for the virtual machine on Oracle Cloud Infrastructure.

    For example, you can edit the Disk Size and Shape used for the VM instance.

    Click Export to export the VMs to the cloud service.

    The VMs are uploaded to Oracle Cloud Infrastructure.

    Instances are created for the uploaded VMs.

    By default, the VM instance is started after upload to Oracle Cloud Infrastructure.

  4. Monitor the export process by using the Oracle Cloud Infrastructure Console.

You can also use the VBoxManage export command to export a VM to Oracle Cloud Infrastructure. See Section 8.12.2, “Export to Oracle Cloud Infrastructure”.

1.15.5. The Cloud Profile Manager

The Cloud Profile Manager is a component of Oracle VM VirtualBox that enables you to create, edit, and manage cloud profiles for your cloud service accounts.

Figure 1.14. The Cloud Profile Manager

The Cloud Profile Manager

To open the Cloud Profile Manager select File, Cloud Profile Manager from the VirtualBox Manager window.

Use the Cloud Profile Manager to create a new cloud profile automatically. Or, create a cloud profile by importing settings from your Oracle Cloud Infrastructure configuration file into the Cloud Profile Manager.

Perform the following steps to create a new cloud profile:

  1. Click the Add icon and specify a Name for the profile.

  2. Click Properties and specify the following property values for the profile:

    • Compartment OCID

    • Fingerprint of the public key

    • Location of the private key on the client device

    • (Optional) Passphrase for the private key, if the key is encrypted

    • Region OCID

    • Tenancy OCID

    • User OCID

    Some of these are settings for your Oracle Cloud Infrastructure account, which you can view from the Oracle Cloud Infrastructure Console.

  3. Click Apply to save your changes.

    The cloud profile settings are saved in the oci_config file in your Oracle VM VirtualBox global settings directory.

Perform the following steps to import an existing Oracle Cloud Infrastructure configuration file:

  1. Ensure that a config file is present in your Oracle Cloud Infrastructure configuration directory. For example, this is $HOME/.oci/config on a Linux host.

  2. Click the Import icon to open a dialog that prompts you to import cloud profiles from external files.

    Warning

    This action overwrites any cloud profiles that are in your Oracle VM VirtualBox global settings directory.

  3. Click Import.

    Your cloud profile settings are saved to the oci_config file in your Oracle VM VirtualBox global settings directory.

  4. Click Properties to show the cloud profile settings.

    Double-click on the appropriate field to change the value.

  5. Click Apply to save your changes.

1.16. Global Settings

The Global Settings dialog can be displayed using the File menu, by clicking the Preferences item. This dialog offers a selection of settings, most of which apply to all virtual machines of the current user. The Extensions option applies to the entire system.

The following settings are available:

  • General. Enables the user to specify the default folder/directory for VM files, and the VRDP Authentication Library.

  • Input. Enables the user to specify the Host key. It identifies the key that toggles whether the cursor is in the focus of the VM or the Host OS windows, see Section 1.9.2, “Capturing and Releasing Keyboard and Mouse”, and which is also used to trigger certain VM actions, see Section 1.9.3, “Typing Special Characters”.

  • Update. Enables the user to specify various settings for Automatic Updates.

  • Language. Enables the user to specify the GUI language.

  • Display. Enables the user to specify the screen resolution, and its width and height. A default scale factor can be specified for all guest screens.

  • Network. Enables the user to configure the details of Host Only Networks.

  • Extensions. Enables the user to list and manage the installed extension packages.

  • Proxy. Enables the user to configure a HTTP Proxy Server.

1.17. Alternative Front-Ends

As briefly mentioned in Section 1.3, “Features Overview”, Oracle VM VirtualBox has a very flexible internal design that enables you to use multiple interfaces to control the same virtual machines. For example, you can start a virtual machine with the VirtualBox Manager window and then stop it from the command line. With Oracle VM VirtualBox's support for the Remote Desktop Protocol (RDP), you can even run virtual machines remotely on a headless server and have all the graphical output redirected over the network.

The following front-ends are shipped in the standard Oracle VM VirtualBox package:

  • VirtualBox. This is the VirtualBox Manager, a graphical user interface that uses the Qt toolkit. This interface is described throughout this manual. While this is the simplest and easiest front-end to use, some of the more advanced Oracle VM VirtualBox features are not included.

  • VBoxManage. A command-line interface for automated and detailed control of every aspect of Oracle VM VirtualBox. See Chapter 8, VBoxManage.

  • VBoxHeadless. A front-end that produces no visible output on the host at all, but can act as a RDP server if the VirtualBox Remote Desktop Extension (VRDE) is installed and enabled for the VM. As opposed to the other graphical interfaces, the headless front-end requires no graphics support. This is useful, for example, if you want to host your virtual machines on a headless Linux server that has no X Window system installed. See Section 7.1.2, “VBoxHeadless, the Remote Desktop Server”.

If the above front-ends still do not satisfy your particular needs, it is possible to create yet another front-end to the complex virtualization engine that is the core of Oracle VM VirtualBox, as the Oracle VM VirtualBox core neatly exposes all of its features in a clean API. See Chapter 11, Oracle VM VirtualBox Programming Interfaces.

Chapter 2. Installation Details

As installation of Oracle VM VirtualBox varies depending on your host operating system, the following sections provide installation instructions for Windows, Mac OS X, Linux, and Oracle Solaris.

2.1. Installing on Windows Hosts

2.1.1. Prerequisites

For the various versions of Windows that are supported as host operating systems, please refer to Section 1.4, “Supported Host Operating Systems”.

In addition, Windows Installer 1.1 or later must be present on your system. This should be the case if you have all recent Windows updates installed.

2.1.2. Performing the Installation

The Oracle VM VirtualBox installation can be started in either of the following ways:

  • By double-clicking on the executable file, which contains both 32-bit and 64-bit architectures.

  • By entering the following command:

    VirtualBox-<version>-<revision>-Win.exe -extract

    This will extract both installers into a temporary directory, along with .MSI files. Run the following command to to perform the installation:

    msiexec /i VirtualBox-<version>-<revision>-MultiArch_<x86|amd64>.msi

Using either way displays the installation Welcome dialog and enables you to choose where to install Oracle VM VirtualBox, and which components to install. In addition to the Oracle VM VirtualBox application, the following components are available:

  • USB support. This package contains special drivers for your Windows host that Oracle VM VirtualBox requires to fully support USB devices inside your virtual machines.

  • Networking. This package contains extra networking drivers for your Windows host that Oracle VM VirtualBox needs to support Bridged Networking. This enables your VM's virtual network cards to be accessed from other machines on your physical network.

  • Python support. This package contains Python scripting support for the Oracle VM VirtualBox API, see Chapter 11, Oracle VM VirtualBox Programming Interfaces. For this to work, an already working Windows Python installation on the system is required.

    See, for example: http://www.python.org/download/windows/.

    Note

    Python version at least 2.6 is required. Since Oracle VM VirtualBox 5.1, Python 3 is also supported.

Depending on your Windows configuration, you may see warnings about unsigned drivers, or similar. Click Continue for these warnings, as otherwise Oracle VM VirtualBox might not function correctly after installation.

The installer will create a Oracle VM VirtualBox group in the Windows Start menu, which enables you to launch the application and access its documentation.

With standard settings, Oracle VM VirtualBox will be installed for all users on the local system. If this is not wanted, you must invoke the installer by first extracting as follows:

VirtualBox.exe -extract

Then, run either of the following commands on the extracted .MSI files. This will install Oracle VM VirtualBox only for the current user.

VirtualBox.exe -msiparams ALLUSERS=2
msiexec /i VirtualBox-<version>-MultiArch_<x86|amd64>.msi ALLUSERS=2

If you do not want to install all features of Oracle VM VirtualBox, you can set the optional ADDLOCAL parameter to explicitly name the features to be installed. The following features are available:

VBoxApplication

Main binaries of Oracle VM VirtualBox.

Note

This feature must not be absent, since it contains the minimum set of files to have working Oracle VM VirtualBox installation.

VBoxUSB

USB support.

VBoxNetwork

All networking support. This includes the VBoxNetworkFlt and VBoxNetworkAdp features.

VBoxNetworkFlt

Bridged networking support.

VBoxNetworkAdp

Host-only networking support

VBoxPython

Python support

Note

Python version at least 2.6 is required. Since Oracle VM VirtualBox 5.1, Python 3 is also supported.

For example, to only install USB support along with the main binaries, run either of the following commands:

VirtualBox.exe -msiparams ADDLOCAL=VBoxApplication,VBoxUSB
msiexec /i VirtualBox-<version>-MultiArch_<x86|amd64>.msi ADDLOCAL=VBoxApplication,VBoxUSB

The user is able to choose between NDIS5 and NDIS6 host network filter drivers during the installation. This is done using a command line parameter, NETWORKTYPE. The NDIS6 driver is default for Windows Vista and later. For older Windows versions, the installer will automatically select the NDIS5 driver and this cannot be changed. For Windows Vista and later the user can force an install of the legacy NDIS5 host network filter driver by using NETWORKTYPE=NDIS5. For example, to install the NDIS5 driver on Windows 7 use either of the following commands:

VirtualBox.exe -msiparams NETWORKTYPE=NDIS5
msiexec /i VirtualBox-<version>-MultiArch_<x86|amd64>.msi NETWORKTYPE=NDIS5

2.1.3. Uninstallation

As Oracle VM VirtualBox uses the standard Microsoft Windows installer, Oracle VM VirtualBox can be safely uninstalled at any time. Click the program entry in the Add/Remove Programs list in the Windows Control Panel.

2.1.4. Unattended Installation

Unattended installations can be performed using the standard MSI support.

2.1.5. Public Properties

Public properties can be specified with the MSI API, to control additional behavior and features of the Windows host installer. Use either of the following commands:

VirtualBox.exe -msiparams NAME=VALUE [...]
msiexec /i VirtualBox-<version>-MultiArch_<x86|amd64>.msi NAME=VALUE [...]

The following public properties are available.

  • VBOX_INSTALLDESKTOPSHORTCUT

    Specifies whether or not an Oracle VM VirtualBox icon on the desktop should be created.

    Set to 1 to enable, 0 to disable. Default is 1.

  • VBOX_INSTALLQUICKLAUNCHSHORTCUT

    Specifies whether or not an Oracle VM VirtualBox icon in the Quick Launch Bar should be created.

    Set to 1 to enable, 0 to disable. Default is 1.

  • VBOX_REGISTERFILEEXTENSIONS

    Specifies whether or not the file extensions .vbox, .vbox-extpack, .ovf, .ova, .vdi, .vmdk, .vhd and .vdd should be associated with Oracle VM VirtualBox. Files of these types then will be opened with Oracle VM VirtualBox.

    Set to 1 to enable, 0 to disable. Default is 1.

  • VBOX_START

    Specifies whether to start Oracle VM VirtualBox right after successful installation.

    Set to 1 to enable, 0 to disable. Default is 1.

2.2. Installing on Mac OS X Hosts

2.2.1. Performing the Installation

For Mac OS X hosts, Oracle VM VirtualBox ships in a dmg disk image file. Perform the following steps to install on a Mac OS X host:

  1. Double-click on the dmg file, to mount the contents.

  2. A window opens, prompting you to double-click on the VirtualBox.pkg installer file displayed in that window.

  3. This will start the installer, which enables you to select where to install Oracle VM VirtualBox.

After installation, you can find an Oracle VM VirtualBox icon in the "Applications" folder in the Finder.

2.2.2. Uninstallation

To uninstall Oracle VM VirtualBox, open the disk image dmg file and double-click on the uninstall icon shown.

2.2.3. Unattended Installation

To perform a non-interactive installation of Oracle VM VirtualBox you can use the command line version of the installer application.

Mount the dmg disk image file, as described in the installation procedure, or use the following command line:

hdiutil attach /path/to/VirtualBox-xyz.dmg

Open a terminal session and run the following command:

sudo installer -pkg /Volumes/VirtualBox/VirtualBox.pkg -target /Volumes/Macintosh\ HD

2.3. Installing on Linux Hosts

2.3.1. Prerequisites

For the various versions of Linux that are supported as host operating systems, see Section 1.4, “Supported Host Operating Systems”.

You will need to install the following packages on your Linux system before starting the installation. Some systems will do this for you automatically when you install Oracle VM VirtualBox.

  • Qt 5.3.2 or later. Qt 5.6.2 or later is recommended.

  • SDL 1.2.7 or later. This graphics library is typically called libsdl or similar.

Note

These packages are only required if you want to run the Oracle VM VirtualBox graphical user interfaces. In particular, VirtualBox, the graphical VirtualBox Manager, requires both Qt and SDL. If you only want to run VBoxHeadless, neither Qt nor SDL are required.

2.3.2. The Oracle VM VirtualBox Driver Modules

In order to run other operating systems in virtual machines alongside your main operating system, Oracle VM VirtualBox needs to integrate very tightly into the system. To do this it installs a driver module called vboxdrv which does a lot of that work into the system kernel, which is the part of the operating system which controls your processor and physical hardware. Without this kernel module, you can still use the VirtualBox Manager to configure virtual machines, but they will not start. It also installs network drivers called vboxnetflt and vboxnetadp which enable virtual machines to make more use of your computer's network capabilities and are needed for any virtual machine networking beyond the basic NAT mode.

Since distributing driver modules separately from the kernel is not something which Linux supports well, the install process creates the modules on the system where they will be used. This usually means first installing software packages from the distribution which are needed for the build process. Normally, these will be the GNU compiler (GCC), GNU Make (make) and packages containing header files for your kernel, as well as making sure that all system updates are installed and that the system is running the most up-to-date kernel included in the distribution. The running kernel and the header files must be updated to matching versions. The following list includes some instructions for common distributions. For most of them you may want to start by finding the version name of your kernel, using the command uname -r in a terminal. The instructions assume that you have not changed too much from the original installation, particularly not installed a different kernel type. If you have, then you will need to determine yourself what to set up.

  • With Debian and Ubuntu-based distributions, you must install the correct version of the linux-headers, usually whichever of linux-headers-generic, linux-headers-amd64, linux-headers-i686 or linux-headers-i686-pae best matches the kernel version name. Also, the linux-kbuild package if it exists. Basic Ubuntu releases should have the correct packages installed by default.

  • On Fedora, Redhat, Oracle Linux and many other RPM-based systems, the kernel version sometimes has a code of letters or a word close to the end of the version name. For example "uek" for the Oracle Enterprise kernel or "default" or "desktop" for the standard SUSE kernels. In this case, the package name is kernel-uek-devel or equivalent. If there is no such code, it is usually kernel-devel.

  • On older SUSE and openSUSE Linux, you must install the kernel-source and kernel-syms packages.

If you suspect that something has gone wrong with module installation, check that your system is set up as described above and try running the following command, as root:

rcvboxdrv setup

2.3.3. Performing the Installation

Oracle VM VirtualBox is available in a number of package formats native to various common Linux distributions. See Section 1.4, “Supported Host Operating Systems”. In addition, there is an alternative generic installer (.run) which should work on most Linux distributions. The generic installer packages are built on EL5 systems and thus require reasonably old versions of glibc, such as version 2.5, and other system libraries.

2.3.3.1. Installing Oracle VM VirtualBox from a Debian/Ubuntu Package

Download the appropriate package for your distribution. The following examples assume that you are installing to a 32-bit Ubuntu Wily system. Use dpkg to install the Debian package,as follows:

sudo dpkg -i virtualbox-5.0_version-number_Ubuntu_wily_i386.deb

The installer will also try to build kernel modules suitable for the current running kernel. If the build process is not successful you will be shown a warning and the package will be left unconfigured. Look at /var/log/vbox-install.log to find out why the compilation failed. You may have to install the appropriate Linux kernel headers, see Section 2.3.2, “The Oracle VM VirtualBox Driver Modules”. After correcting any problems, run the following command:

sudo rcvboxdrv setup

This will start a second attempt to build the module.

If a suitable kernel module was found in the package or the module was successfully built, the installation script will attempt to load that module. If this fails, please see Section 12.8.1, “Linux Kernel Module Refuses to Load” for further information.

Once Oracle VM VirtualBox has been successfully installed and configured, you can start it by clicking VirtualBox in your Start menu or from the command line. See Section 2.3.5, “Starting Oracle VM VirtualBox on Linux”.

2.3.3.2. Using the Alternative Generic Installer (VirtualBox.run)

The alternative generic installer performs the following steps:

  • Unpacks the application files to the target directory /opt/VirtualBox/, which cannot be changed.

  • Builds and installs the Oracle VM VirtualBox kernel modules: vboxdrv, vboxnetflt, and vboxnetadp.

  • Creates /sbin/rcvboxdrv, an init script to start the Oracle VM VirtualBox kernel module.

  • Creates a new system group called vboxusers.

  • Creates symbolic links in /usr/bin to a shell script /opt/VirtualBox/VBox which does some sanity checks and dispatches to the actual executables: VirtualBox, VBoxVRDP, VBoxHeadless and VBoxManage.

  • Creates /etc/udev/rules.d/60-vboxdrv.rules, a description file for udev, if that is present, which makes the USB devices accessible to all users in the vboxusers group.

  • Writes the installation directory to /etc/vbox/vbox.cfg.

The installer must be executed as root with either install or uninstall as the first parameter. For example:

sudo ./VirtualBox.run install

Or if you do not have the sudo command available, run the following as root instead:

./VirtualBox.run install

Add every user who needs to access USB devices from a VirtualBox guests to the group vboxusers. Either use the GUI user management tools or run the following command as root:

sudo usermod -a -G vboxusers username

Note

The usermod command of some older Linux distributions does not support the -a option, which adds the user to the given group without affecting membership of other groups. In this case, find out the current group memberships with the groups command and add all these groups in a comma-separated list to the command line after the -G option. For example: usermod -G group1,group2,vboxusers username.

2.3.3.3. Performing a Manual Installation

If you cannot use the shell script installer described in Section 2.3.3.2, “Using the Alternative Generic Installer (VirtualBox.run)”, you can perform a manual installation. Run the installer as follows:

./VirtualBox.run --keep --noexec

This will unpack all the files needed for installation in the directory install under the current directory. The Oracle VM VirtualBox application files are contained in VirtualBox.tar.bz2 which you can unpack to any directory on your system. For example:

sudo mkdir /opt/VirtualBox
sudo tar jxf ./install/VirtualBox.tar.bz2 -C /opt/VirtualBox

To run the same example as root, use the following commands:

mkdir /opt/VirtualBox
tar jxf ./install/VirtualBox.tar.bz2 -C /opt/VirtualBox

The sources for Oracle VM VirtualBox's kernel module are provided in the src directory. To build the module, change to the directory and use the following command:

make

If everything builds correctly, run the following command to install the module to the appropriate module directory:

sudo make install

In case you do not have sudo, switch the user account to root and run the following command:

make install

The Oracle VM VirtualBox kernel module needs a device node to operate. The above make command will tell you how to create the device node, depending on your Linux system. The procedure is slightly different for a classical Linux setup with a /dev directory, a system with the now deprecated devfs and a modern Linux system with udev.

On certain Linux distributions, you might experience difficulties building the module. You will have to analyze the error messages from the build system to diagnose the cause of the problems. In general, make sure that the correct Linux kernel sources are used for the build process.

Note that the /dev/vboxdrv kernel module device node must be owned by root:root and must be read/writable only for the user.

Next, you install the system initialization script for the kernel module and activate the initialization script using the right method for your distribution, as follows:

cp /opt/VirtualBox/vboxdrv.sh /sbin/rcvboxdrv

This example assumes you installed Oracle VM VirtualBox to the /opt/VirtualBox directory.

Create a configuration file for Oracle VM VirtualBox, as follows:

mkdir /etc/vbox
echo INSTALL_DIR=/opt/VirtualBox > /etc/vbox/vbox.cfg

Create the following symbolic links:

ln -sf /opt/VirtualBox/VBox.sh /usr/bin/VirtualBox
ln -sf /opt/VirtualBox/VBox.sh /usr/bin/VBoxManage
ln -sf /opt/VirtualBox/VBox.sh /usr/bin/VBoxHeadless

2.3.3.4. Updating and Uninstalling Oracle VM VirtualBox

Before updating or uninstalling Oracle VM VirtualBox, you must terminate any virtual machines which are currently running and exit the Oracle VM VirtualBox or VBoxSVC applications. To update Oracle VM VirtualBox, simply run the installer of the updated version. To uninstall Oracle VM VirtualBox, run the installer as follows:

sudo ./VirtualBox.run uninstall

As root, you can use the following command:

./VirtualBox.run uninstall

You can uninstall the .run package as follows:

/opt/VirtualBox/uninstall.sh

To manually uninstall Oracle VM VirtualBox, perform the manual installation steps in reverse order.

2.3.3.5. Automatic Installation of Debian Packages

The Debian packages will request some user feedback when installed for the first time. The debconf system is used to perform this task. To prevent any user interaction during installation, default values can be defined. A file vboxconf can contain the following debconf settings:

virtualbox virtualbox/module-compilation-allowed boolean true
virtualbox virtualbox/delete-old-modules boolean true

The first line enables compilation of the vboxdrv kernel module if no module was found for the current kernel. The second line enables the package to delete any old vboxdrv kernel modules compiled by previous installations.

These default settings can be applied prior to the installation of the Oracle VM VirtualBox Debian package, as follows:

debconf-set-selections vboxconf

In addition there are some common configuration options that can be set prior to the installation. See Section 2.3.3.7, “Automatic Installation Options”.

2.3.3.6. Automatic Installation of RPM Packages

The RPM format does not provide a configuration system comparable to the debconf system. See Section 2.3.3.7, “Automatic Installation Options” for how to set some common installation options provided by Oracle VM VirtualBox.

2.3.3.7. Automatic Installation Options

To configure the installation process for .deb and .rpm packages, you can create a response file named /etc/default/virtualbox. The automatic generation of the udev rule can be prevented with the following setting:

INSTALL_NO_UDEV=1

The creation of the group vboxusers can be prevented as follows:

INSTALL_NO_GROUP=1

If the following line is specified, the package installer will not try to build the vboxdrv kernel module if no module fitting the current kernel was found.

INSTALL_NO_VBOXDRV=1

2.3.4. The vboxusers Group

The Linux installers create the system user group vboxusers during installation. Any system user who is going to use USB devices from Oracle VM VirtualBox guests must be a member of that group. A user can be made a member of the group vboxusers through the GUI user/group management or using the following command:

sudo usermod -a -G vboxusers username

2.3.5. Starting Oracle VM VirtualBox on Linux

The easiest way to start a Oracle VM VirtualBox program is by running the program of your choice (VirtualBox, VBoxManage, or VBoxHeadless) from a terminal. These are symbolic links to VBox.sh that start the required program for you.

The following detailed instructions should only be of interest if you wish to execute Oracle VM VirtualBox without installing it first. You should start by compiling the vboxdrv kernel module and inserting it into the Linux kernel. Oracle VM VirtualBox consists of a service daemon, VBoxSVC, and several application programs. The daemon is automatically started if necessary. All Oracle VM VirtualBox applications will communicate with the daemon through UNIX local domain sockets. There can be multiple daemon instances under different user accounts and applications can only communicate with the daemon running under the user account as the application. The local domain socket resides in a subdirectory of your system's directory for temporary files called .vbox-<username>-ipc. In case of communication problems or server startup problems, you may try to remove this directory.

All Oracle VM VirtualBox applications (VirtualBox, VBoxManage, and VBoxHeadless) require the Oracle VM VirtualBox directory to be in the library path, as follows:

LD_LIBRARY_PATH=. ./VBoxManage showvminfo "Windows XP"

2.4. Installing on Oracle Solaris Hosts

For the specific versions of Oracle Solaris that are supported as host operating systems, see Section 1.4, “Supported Host Operating Systems”.

If you have a previously installed instance of Oracle VM VirtualBox on your Oracle Solaris host, please uninstall it first before installing a new instance. See Section 2.4.4, “Uninstallation” for uninstall instructions.

2.4.1. Performing the Installation

Oracle VM VirtualBox is available as a standard Oracle Solaris package. Download the Oracle VM VirtualBox SunOS package which includes the 64-bit versions of Oracle VM VirtualBox. The installation must be performed as root and from the global zone as the Oracle VM VirtualBox installer loads kernel drivers which cannot be done from non-global zones. To verify which zone you are currently in, execute the zonename command. Execute the following commands:

gunzip -cd VirtualBox-version-number-SunOS.tar.gz | tar xvf -

The Oracle VM VirtualBox kernel package is no longer a separate package and has been integrated into the main package. Install the Oracle VM VirtualBox package as follows:

pkgadd -d VirtualBox-version-number-SunOS.pkg

The installer will then prompt you to enter the package you wish to install. Choose 1 or all and proceed. Next the installer will ask you if you want to allow the postinstall script to be executed. Choose y and proceed, as it is essential to execute this script which installs the Oracle VM VirtualBox kernel module. Following this confirmation the installer will install Oracle VM VirtualBox and execute the postinstall setup script.

Once the postinstall script has been executed your installation is now complete. You may now safely delete the uncompressed package and autoresponse files from your system. Oracle VM VirtualBox is installed in /opt/VirtualBox.

Note

If you need to use Oracle VM VirtualBox from non-global zones, see Section 2.4.6, “Configuring a Zone for Running Oracle VM VirtualBox”.

2.4.2. The vboxuser Group

The installer creates the system user group vboxuser during installation for Oracle Solaris hosts that support the USB features required by Oracle VM VirtualBox. Any system user who is going to use USB devices from Oracle VM VirtualBox guests must be a member of this group. A user can be made a member of this group through the GUI user/group management or at the command line by executing as root:

usermod -G vboxuser username

Note that adding an active user to that group will require that user to log out and back in again. This should be done manually after successful installation of the package.

2.4.3. Starting Oracle VM VirtualBox on Oracle Solaris

The easiest way to start a Oracle VM VirtualBox program is by running the program of your choice (VirtualBox, VBoxManage, or VBoxHeadless) from a terminal. These are symbolic links to VBox.sh that start the required program for you.

Alternatively, you can directly invoke the required programs from /opt/VirtualBox. Using the links provided is easier as you do not have to enter the full path.

You can configure some elements of the VirtualBox Qt GUI, such as fonts and colours, by running VBoxQtconfig from the terminal.

2.4.4. Uninstallation

Uninstallation of Oracle VM VirtualBox on Oracle Solaris requires root permissions. To perform the uninstallation, start a root terminal session and run the following command:

pkgrm SUNWvbox

After confirmation, this will remove Oracle VM VirtualBox from your system.

If you are uninstalling Oracle VM VirtualBox version 3.0 or lower, you need to remove the Oracle VM VirtualBox kernel interface package, as follows:

pkgrm SUNWvboxkern

2.4.5. Unattended Installation

To perform a non-interactive installation of Oracle VM VirtualBox there is a response file named autoresponse, that the installer will use for responses to inputs rather than ask them from you.

Extract the tar.gz package as described in the normal installation instructions. Then open a root terminal session and run the following command:

pkgadd -d VirtualBox-version-number-SunOS-x86 -n -a autoresponse SUNWvbox

To perform a non-interactive uninstallation, open a root terminal session and run the following command:

pkgrm -n -a /opt/VirtualBox/autoresponse SUNWvbox

2.4.6. Configuring a Zone for Running Oracle VM VirtualBox

Assuming that Oracle VM VirtualBox has already been installed into your zone, you need to give the zone access to Oracle VM VirtualBox's device node. This is done by performing the following steps. Start a root terminal and run the following command:

zonecfg -z vboxzone

Replace "vboxzone" with the name of the zone where you intend to run Oracle VM VirtualBox.

Usezonecfg to add the device resource and match properties to the zone, as follows:

zonecfg:vboxzone>add device
zonecfg:vboxzone:device>set match=/dev/vboxdrv
zonecfg:vboxzone:device>end
zonecfg:vboxzone>add device
zonecfg:vboxzone:device>set match=/dev/vboxdrvu
zonecfg:vboxzone:device>end
zonecfg:vboxzone>exit

If you are running Oracle VM VirtualBox 2.2.0 or above on Oracle Solaris 11 or above, you may also add a device for /dev/vboxusbmon, similar to that shown above. This does not apply to Oracle Solaris 10 hosts, due to lack of USB support.

If you are not using sparse root zones, you will need to loopback mount /opt/VirtualBox from the global zone into the non-global zone at the same path. This is specified below using the dir attribute and the special attribute. For example:

zonecfg:vboxzone>add fs
zonecfg:vboxzone:device>set dir=/opt/VirtualBox
zonecfg:vboxzone:device>set special=/opt/VirtualBox
zonecfg:vboxzone:device>set type=lofs
zonecfg:vboxzone:device>end
zonecfg:vboxzone>exit

Reboot the zone using zoneadm and you should be able to run Oracle VM VirtualBox from within the configured zone.

Chapter 3. Configuring Virtual Machines

This chapter provides detailed steps for configuring an Oracle VM VirtualBox virtual machine (VM). For an introduction to Oracle VM VirtualBox and steps to get your first virtual machine running, see Chapter 1, First Steps.

You have considerable latitude when deciding what virtual hardware to provide to the guest. Use virtual hardware to communicate with the host system or with other guests. For example, you can use virtual hardware in the following ways:

  • Have Oracle VM VirtualBox present an ISO CD-ROM image to a guest system as if it were a physical CD-ROM.

  • Provide a guest system access to the physical network through its virtual network card.

  • Provide the host system, other guests, and computers on the Internet access to the guest system.

3.1. Supported Guest Operating Systems

Because Oracle VM VirtualBox is designed to provide a generic virtualization environment for x86 systems, it can run operating systems (OSes) of any kind. However, Oracle VM VirtualBox focuses on the following guest systems:

  • Windows NT 4.0:

    • Fully supports all versions, editions, and service packs. Note that you might encounter issues with some older service packs, so install at least service pack 6a.

    • Guest Additions are available with a limited feature set.

  • Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, Windows Server 2012 R2, Windows 10 (non-Insider Preview releases), Windows Server 2016, Windows Server 2019:

    • Fully supports all versions, editions, and service packs, including 64-bit versions.

    • Note that you must enable hardware virtualization when running at least Windows 8.

    • Guest Additions are available.

  • MS-DOS, Windows 3.x, Windows 95, Windows 98, Windows ME:

    • Limited testing has been performed.

    • Use beyond legacy installation mechanisms is not recommended.

    • Guest Additions are not available.

  • Linux 2.4:

    Limited support.

  • Linux 2.6:

    • Fully supports all versions and editions, both 32-bit and 64-bit.

    • For best performance, use at least Linux kernel version 2.6.13.

    • Guest Additions are available.

    Note

    Certain Linux kernel releases have bugs that prevent them from executing in a virtual environment. See Section 12.4.3, “Buggy Linux 2.6 Kernel Versions”.

  • Linux 3.x and later:

    • Fully supports all versions and editions, both 32-bit and 64-bit.

    • Guest Additions are available.

  • Oracle Solaris 10 and Oracle Solaris 11:

    • Fully supports all versions starting with Oracle Solaris 10 8/08 and Oracle Solaris 11.

    • Supports 64-bit prior to Oracle Solaris 11 11/11, and 32-bit.

    • Guest Additions are available.

  • FreeBSD:

    • Limited support.

    • Note that you must enable hardware virtualization when running FreeBSD.

    • Guest Additions are not available.

  • OpenBSD:

    • Supports at least version 3.7.

    • Note that you must enable hardware virtualization when running OpenBSD.

    • Guest Additions are not available.

  • OS/2 Warp 4.5:

    • Only MCP2 is supported. Other OS/2 versions might not work.

    • Note that you must enable hardware virtualization when running OS/2 Warp 4.5.

    • Guest Additions are available with a limited feature set. See Chapter 14, Known Limitations.

  • Mac OS X:

3.1.1. Mac OS X Guests

Oracle VM VirtualBox enables you to install and execute unmodified versions of Mac OS X guests on supported host hardware. Note that this feature is experimental and thus unsupported.

Oracle VM VirtualBox is the first product to provide the modern PC architecture expected by OS X without requiring any of the modifications used by competing virtualization solutions. For example, some competing solutions perform modifications to the Mac OS X install DVDs, such as a different boot loader and replaced files.

Be aware of the following important issues before you attempt to install a Mac OS X guest:

  • Mac OS X is commercial, licensed software and contains both license and technical restrictions that limit its use to certain hardware and usage scenarios. You must understand and comply with these restrictions.

    In particular, Apple prohibits the installation of most versions of Mac OS X on non-Apple hardware.

    These license restrictions are also enforced on a technical level. Mac OS X verifies that it is running on Apple hardware. Most DVDs that accompany Apple hardware check for the exact model. These restrictions are not circumvented by Oracle VM VirtualBox and continue to apply.

  • Only CPUs that are known and tested by Apple are supported. As a result, if your Intel CPU is newer than the Mac OS X build, or if you have a non-Intel CPU, you will likely encounter a panic during bootup with an "Unsupported CPU" exception.

    Ensure that you use the Mac OS X DVD that comes with your Apple hardware.

  • The Mac OS X installer expects the hard disk to be partitioned. So, the installer will not offer a partition selection to you. Before you can install the software successfully, start the Disk Utility from the Tools menu and partition the hard disk. Close the Disk Utility and proceed with the installation.

  • In addition, Mac OS X support in Oracle VM VirtualBox is an experimental feature. See Chapter 14, Known Limitations.

3.1.2. 64-bit Guests

Oracle VM VirtualBox enables you to run 64-bit guest OSes even on a 32-bit host OS. To run a 64-bit guest OS on a 32-bit host system, ensure that you meet the following conditions:

  • You need a 64-bit processor that has hardware virtualization support. See Section 10.3, “Hardware vs. Software Virtualization”.

  • You must enable hardware virtualization for the particular VM that requires 64-bit support. Software virtualization is not supported for 64-bit VMs.

  • To use 64-bit guest support on a 32-bit host OS, you must select a 64-bit OS for the particular VM. Since supporting 64 bits on 32-bit hosts incurs additional overhead, Oracle VM VirtualBox only enables this support only upon explicit request.

    64-bit hosts typically come with hardware virtualization support. So, you can install a 64-bit guest OS in the guest regardless of the settings.

Warning

Be sure to enable I/O APIC for virtual machines that you intend to use in 64-bit mode. This is especially true for 64-bit Windows VMs. See Section 3.4.2, “Advanced Tab”. For 64-bit Windows guests, ensure that the VM uses the Intel networking device because there is no 64-bit driver support for the AMD PCNet card. See Section 6.1, “Virtual Networking Hardware”.

If you use the Create VM wizard of the Oracle VM VirtualBox graphical user interface (GUI), Oracle VM VirtualBox automatically uses the correct settings for each selected 64-bit OS type. See Section 1.8, “Creating Your First Virtual Machine”.

3.2. Unattended Guest Installation

Oracle VM VirtualBox can install a guest OS automatically. You only need to provide the installation medium and a few other parameters, such as the name of the default user.

Performing an unattended guest installation involves the following steps:

  • Create a new VM. Use one of the following methods:

    For the new VM, choose the guest OS type and accept the default settings for that OS. The following sections in this chapter describe how to change the settings for a VM.

  • Prepare the VM for unattended guest installation. Use the VBoxManage unattended command, see Section 8.44, “VBoxManage unattended”.

    During this step, Oracle VM VirtualBox scans the installation medium and changes certain parameters to ensure a seamless installation as a guest running on Oracle VM VirtualBox.

  • Start the VM. Use the VirtualBox Manager or the VBoxManage startvm command.

    When you start the VM, the unattended installation is performed automatically.

    The installation operation changes the boot device order to boot the virtual hard disk first and then the virtual DVD drive. If the virtual hard disk is empty prior to the automatic installation, the VM boots from the virtual DVD drive and begins the installation.

    If the virtual hard disk contains a bootable OS, the installation operation exits. In this case, change the boot device order manually by pressing F12 during the BIOS splash screen.

Section 3.2.1, “An Example of Unattended Guest Installation” describes how to perform an unattended guest installation for an Oracle Linux guest.

3.2.1. An Example of Unattended Guest Installation

The following example shows how to perform an unattended guest installation for an Oracle Linux VM. The example uses various VBoxManage commands to prepare the guest VM. The VBoxManage unattended install command is then used to install and configure the guest OS.

  1. Create the virtual machine.

    # VM="ol7-autoinstall"
    # VBoxManage list ostypes
    # VBoxManage createvm --name $VM --ostype "Oracle_64" --register

    Note the following:

    • The $VM variable represents the name of the VM.

    • The VBoxManage list ostypes command lists the guest OSes supported by Oracle VM VirtualBox, including the name used for each OS in the VBoxManage commands.

    • A 64-bit Oracle Linux 7 VM is created and registered with Oracle VM VirtualBox.

    • The VM has a unique UUID.

    • An XML settings file is generated.

  2. Create a virtual hard disk and storage devices for the VM.

    # VBoxManage createhd --filename /VirtualBox/$VM/$VM.vdi --size 32768
    # VBoxManage storagectl $VM --name "SATA Controller" --add sata --controller IntelAHCI
    # VBoxManage storageattach $VM --storagectl "SATA Controller" --port 0 --device 0 \
    --type hdd --medium /VirtualBox/$VM/$VM.vdi
    # VBoxManage storagectl $VM --name "IDE Controller" --add ide
    # VBoxManage storageattach $VM --storagectl "IDE Controller" --port 0 --device 0 \
    --type dvddrive --medium /u01/Software/OL/OracleLinux-R7-U6-Server-x86_64-dvd.iso

    The previous commands do the following:

    • Create a 32768 MB virtual hard disk.

    • Create a SATA storage controller and attach the virtual hard disk.

    • Create an IDE storage controller for a virtual DVD drive and attach an Oracle Linux installation ISO.

  3. (Optional) Configure some settings for the VM.

    # VBoxManage modifyvm $VM --ioapic on
    # VBoxManage modifyvm $VM --boot1 dvd --boot2 disk --boot3 none --boot4 none
    # VBoxManage modifyvm $VM --memory 8192 --vram 128

    The previous commands do the following:

    • Enable I/O APIC for the motherboard of the VM.

    • Configure the boot device order for the VM.

    • Allocate 8192 MB of RAM and 128 MB of video RAM to the VM.

  4. Perform an unattended install of the OS.

    # VBoxManage unattended install $VM \
    --iso=/u01/Software/OL/OracleLinux-R7-U6-Server-x86_64-dvd.iso \
    --user=login --full-user-name=name --password password \
    --install-additions --time-zone=CET

    The previous command does the following:

    • Specifies an Oracle Linux ISO as the installation ISO.

    • Specifies a login name, full name, and login password for a default user on the guest OS.

      Note that the specified password is also used for the root user account on the guest.

    • Installs the Guest Additions on the VM.

    • Sets the time zone for the guest OS to Central European Time (CET).

  5. Start the virtual machine.

    This step completes the unattended installation process.

    # VBoxManage startvm $VM --type headless

    The VM starts in headless mode, which means that the VirtualBox Manager window does not open.

  6. (Optional) Update the guest OS to use the latest Oracle Linux packages.

    On the guest VM, run the following command:

    # yum update

3.3. Emulated Hardware

Oracle VM VirtualBox virtualizes nearly all hardware of the host. Depending on a VM's configuration, the guest will see the following virtual hardware:

  • Input devices. By default, Oracle VM VirtualBox emulates a standard PS/2 keyboard and mouse. These devices are supported by almost all past and present OSes.

    In addition, Oracle VM VirtualBox can provide virtual USB input devices to avoid having to capture mouse and keyboard, as described in Section 1.9.2, “Capturing and Releasing Keyboard and Mouse”.

  • Graphics. The Oracle VM VirtualBox graphics device, sometimes referred to as a VGA device, is not based on any physical counterpart. This is unlike nearly all other emulated devices. It is a simple, synthetic device which provides compatibility with standard VGA and several extended registers used by the VESA BIOS Extensions (VBE).

  • Storage. Oracle VM VirtualBox currently emulates the standard ATA interface found on Intel PIIX3/PIIX4 chips, the SATA (AHCI) interface, and two SCSI adapters (LSI Logic and BusLogic). See Section 5.1, “Hard Disk Controllers: IDE, SATA (AHCI), SCSI, SAS, USB MSD, NVMe” for details. Whereas providing one of these would be enough for Oracle VM VirtualBox by itself, this multitude of storage adapters is required for compatibility with other hypervisors. Windows is particularly picky about its boot devices, and migrating VMs between hypervisors is very difficult or impossible if the storage controllers are different.

  • Networking. See Section 6.1, “Virtual Networking Hardware”.

  • USB. Oracle VM VirtualBox emulates three USB host controllers: xHCI, EHCI, and OHCI. While xHCI handles all USB transfer speeds, only guest OSes released approximately after 2011 support xHCI. Note that for Windows 7 guests, 3rd party drivers must be installed for xHCI support.

    Older OSes typically support OHCI and EHCI. The two controllers are needed because OHCI only handles USB low-speed and full-speed devices (both USB 1.x and 2.0), while EHCI only handles high-speed devices (USB 2.0 only).

    The emulated USB controllers do not communicate directly with devices on the host but rather with a virtual USB layer which abstracts the USB protocol and enables the use of remote USB devices.

  • Audio. See Section 3.8, “Audio Settings”.

3.4. General Settings

In the Settings window, under General, you can configure the most fundamental aspects of the virtual machine such as memory and essential hardware. The following tabs are available.

3.4.1. Basic Tab

In the Basic tab of the General settings category, you can find these settings:

  • Name: The name under which the VM is shown in the list of VMs in the main window. Under this name, Oracle VM VirtualBox also saves the VM's configuration files. By changing the name, Oracle VM VirtualBox renames these files as well. As a result, you can only use characters which are allowed in your host OS's file names.

    Note that internally, Oracle VM VirtualBox uses unique identifiers (UUIDs) to identify virtual machines. You can display these with VBoxManage.

  • Type: The type of the guest OS for the VM. This is the same setting that is specified in the New Virtual Machine wizard. See Section 1.8, “Creating Your First Virtual Machine”.

    Whereas the default settings of a newly created VM depend on the selected OS type, changing the type later has no effect on VM settings. This value is purely informational and decorative.

  • Version: The version of the guest OS for the VM. This is the same setting that is specified in the New Virtual Machine wizard. See Section 1.8, “Creating Your First Virtual Machine”.

3.4.2. Advanced Tab

The following settings are available in the Advanced tab:

  • Snapshot Folder: By default, Oracle VM VirtualBox saves snapshot data together with your other Oracle VM VirtualBox configuration data. See Section 10.1, “Where Oracle VM VirtualBox Stores its Files”. With this setting, you can specify any other folder for each VM.

  • Shared Clipboard: You can select here whether the clipboard of the guest OS should be shared with that of your host. If you select Bidirectional, then Oracle VM VirtualBox will always make sure that both clipboards contain the same data. If you select Host to Guest or Guest to Host, then Oracle VM VirtualBox will only ever copy clipboard data in one direction.

    Clipboard sharing requires that the Oracle VM VirtualBox Guest Additions be installed. In such a case, this setting has no effect. See Chapter 4, Guest Additions.

    For security reasons, the shared clipboard is disabled by default. This setting can be changed at any time using the Shared Clipboard menu item in the Devices menu of the virtual machine.

  • Drag and Drop: This setting enables support for drag and drop. Select an object, such as a file, from the host or guest and directly copy or open it on the guest or host. Multiple per-VM drag and drop modes allow restricting access in either direction.

    For drag and drop to work the Guest Additions need to be installed on the guest.

    Note

    Drag and drop is disabled by default. This setting can be changed at any time using the Drag and Drop menu item in the Devices menu of the virtual machine.

    See Section 4.4, “Drag and Drop”.

3.4.3. Description Tab

On the Description tab you can enter a description for your virtual machine. This has no effect on the functionality of the machine, but you may find this space useful to note down things such as the configuration of a virtual machine and the software that has been installed into it.

To insert a line break into the Description text field, press Shift+Enter.

3.4.4. Disk Encryption Tab

The Disk Encryption tab enables you to encrypt disks that are attached to the virtual machine.

To enable disk encryption, select the Enable Disk Encryption check box.

Settings are available to configure the cipher used for encryption and the encryption password.

3.5. System Settings

The System category groups various settings that are related to the basic hardware that is presented to the virtual machine.

Note

As the activation mechanism of Microsoft Windows is sensitive to hardware changes, if you are changing hardware settings for a Windows guest, some of these changes may trigger a request for another activation with Microsoft.

The following tabs are available.

3.5.1. Motherboard Tab

On the Motherboard tab, you can configure virtual hardware that would normally be on the motherboard of a real computer.

  • Base Memory: Sets the amount of RAM that is allocated and given to the VM when it is running. The specified amount of memory will be requested from the host OS, so it must be available or made available as free memory on the host when attempting to start the VM and will not be available to the host while the VM is running. This is the same setting that was specified in the New Virtual Machine wizard, as described in Section 1.8, “Creating Your First Virtual Machine”.

    Generally, it is possible to change the memory size after installing the guest OS. But you must not reduce the memory to an amount where the OS would no longer boot.

  • Boot Order: Determines the order in which the guest OS will attempt to boot from the various virtual boot devices. Analogous to a real PC's BIOS setting, Oracle VM VirtualBox can tell a guest OS to start from the virtual floppy, the virtual CD/DVD drive, the virtual hard drive (each of these as defined by the other VM settings), the network, or none of these.

    If you select Network, the VM will attempt to boot from a network using the PXE mechanism. This needs to be configured in detail on the command line. See Section 8.8, “VBoxManage modifyvm”.

  • Chipset: You can select which chipset will be presented to the virtual machine. In legacy versions of Oracle VM VirtualBox, PIIX3 was the only available option. For modern guest OSes such as Mac OS X, that old chipset is no longer well supported. As a result, Oracle VM VirtualBox supports an emulation of the more modern ICH9 chipset, which supports PCI express, three PCI buses, PCI-to-PCI bridges and Message Signaled Interrupts (MSI). This enables modern OSes to address more PCI devices and no longer requires IRQ sharing. Using the ICH9 chipset it is also possible to configure up to 36 network cards, up to 8 network adapters with PIIX3. Note that the ICH9 support is experimental and not recommended for guest OSes which do not require it.

  • Pointing Device: The default virtual pointing devices for older guests is the traditional PS/2 mouse. If set to USB tablet, Oracle VM VirtualBox reports to the virtual machine that a USB tablet device is present and communicates mouse events to the virtual machine through this device. The third setting is a USB Multi-Touch Tablet which is suited for recent Windows guests.

    Using the virtual USB tablet has the advantage that movements are reported in absolute coordinates, instead of as relative position changes. This enables Oracle VM VirtualBox to translate mouse events over the VM window into tablet events without having to "capture" the mouse in the guest as described in Section 1.9.2, “Capturing and Releasing Keyboard and Mouse”. This makes using the VM less tedious even if Guest Additions are not installed.

  • Enable I/O APIC: Advanced Programmable Interrupt Controllers (APICs) are a newer x86 hardware feature that have replaced old-style Programmable Interrupt Controllers (PICs) in recent years. With an I/O APIC, OSes can use more than 16 interrupt requests (IRQs) and therefore avoid IRQ sharing for improved reliability.

    Note

    Enabling the I/O APIC is required for 64-bit guest OSes, especially Windows Vista. It is also required if you want to use more than one virtual CPU in a virtual machine.

    However, software support for I/O APICs has been unreliable with some OSes other than Windows. Also, the use of an I/O APIC slightly increases the overhead of virtualization and therefore slows down the guest OS a little.

    Warning

    All Windows OSes starting with Windows 2000 install different kernels, depending on whether an I/O APIC is available. As with ACPI, the I/O APIC therefore must not be turned off after installation of a Windows guest OS. Turning it on after installation will have no effect however.

  • Enable EFI: Enables Extensible Firmware Interface (EFI), which replaces the legacy BIOS and may be useful for certain advanced use cases. See Section 3.14, “Alternative Firmware (EFI)”.

  • Hardware Clock in UTC Time: If selected, Oracle VM VirtualBox will report the system time in UTC format to the guest instead of the local (host) time. This affects how the virtual real-time clock (RTC) operates and may be useful for UNIX-like guest OSes, which typically expect the hardware clock to be set to UTC.

In addition, you can turn off the Advanced Configuration and Power Interface (ACPI) which Oracle VM VirtualBox presents to the guest OS by default.

ACPI is the current industry standard to allow OSes to recognize hardware, configure motherboards and other devices and manage power. As all modern PCs contain this feature and Windows and Linux have been supporting it for years, it is also enabled by default in Oracle VM VirtualBox. ACPI can only be turned off using the command line. See Section 8.8, “VBoxManage modifyvm”.

Warning

All Windows OSes starting with Windows 2000 install different kernels, depending on whether ACPI is available. This means that ACPI must not be turned off after installation of a Windows guest OS. However, turning it on after installation will have no effect.

3.5.2. Processor Tab

On the Processor tab, you can configure settings for the CPU used by the virtual machine.

  • Processor(s): Sets the number of virtual CPU cores the guest OSes can see. Oracle VM VirtualBox supports symmetrical multiprocessing (SMP) and can present up to 32 virtual CPU cores to each virtual machine.

    You should not configure virtual machines to use more CPU cores than are available physically. This includes real cores, with no hyperthreads.

  • Execution Cap: Configures the CPU execution cap. This limits the amount of time a host CPU spends to emulate a virtual CPU. The default setting is 100%, meaning that there is no limitation. A setting of 50% implies a single virtual CPU can use up to 50% of a single host CPU. Note that limiting the execution time of the virtual CPUs may cause guest timing problems.

    A warning is displayed at the bottom of the Processor tab if an Execution Cap setting is made that may affect system performance.

  • Enable PAE/NX: Determines whether the PAE and NX capabilities of the host CPU will be exposed to the virtual machine.

    PAE stands for Physical Address Extension. Normally, if enabled and supported by the OS, then even a 32-bit x86 CPU can access more than 4 GB of RAM. This is made possible by adding another 4 bits to memory addresses, so that with 36 bits, up to 64 GB can be addressed. Some OSes, such as Ubuntu Server, require PAE support from the CPU and cannot be run in a virtual machine without it.

  • Enable Nested VT-x/AMD-V: Enables nested virtualization, with passthrough of hardware virtualization functions to the guest VM.

    This feature is available on host systems that use an AMD CPU. For Intel CPUs, the option is grayed out.

With virtual machines running modern server OSes, Oracle VM VirtualBox also supports CPU hot-plugging. For details, see Section 9.4, “CPU Hot-Plugging”.

3.5.3. Acceleration Tab

On this tab, you can configure Oracle VM VirtualBox to use hardware virtualization extensions that your host CPU supports.

  • Paravirtualization Interface: Oracle VM VirtualBox provides paravirtualization interfaces to improve time-keeping accuracy and performance of guest OSes. The options available are documented under the paravirtprovider option in Section 8.8, “VBoxManage modifyvm”. For further details on the paravirtualization providers, see Section 10.4, “Paravirtualization Providers”.

  • Hardware Virtualization: You can select for each virtual machine individually whether Oracle VM VirtualBox should use software or hardware virtualization.

    • Enable VT-x/AMD-V: Enables Intel VT-x and AMD-V hardware extensions if the host CPU supports them.

    • Enable Nested Paging: If the host CPU supports the nested paging (AMD-V) or EPT (Intel VT-x) features, then you can expect a significant performance increase by enabling nested paging in addition to hardware virtualization. For technical details, see Section 10.7, “Nested Paging and VPIDs”. For Intel EPT security recommendations, see Section 13.4.1, “CVE-2018-3646”.

    Advanced users may be interested in technical details about software versus hardware virtualization. See Section 10.3, “Hardware vs. Software Virtualization”.

In most cases, the default settings on the Acceleration tab will work well. Oracle VM VirtualBox selects sensible defaults, depending on the OS that you selected when you created the virtual machine. In certain situations, however, you may want to change the preconfigured defaults.

3.6. Display Settings

The following tabs are available for configuring the display for a virtual machine.

3.6.1. Screen Tab

  • Video Memory: Sets the size of the memory provided by the virtual graphics card available to the guest, in MB. As with the main memory, the specified amount will be allocated from the host's resident memory. Based on the amount of video memory, higher resolutions and color depths may be available.

    The GUI will show a warning if the amount of video memory is too small to be able to switch the VM into full screen mode. The minimum value depends on the number of virtual monitors, the screen resolution and the color depth of the host display as well as on the use of 3D acceleration and 2D video acceleration. A rough estimate is (color depth / 8) x vertical pixels x horizontal pixels x number of screens = number of bytes. Extra memory may be required if display acceleration is used.

  • Monitor Count: With this setting, Oracle VM VirtualBox can provide more than one virtual monitor to a virtual machine. If a guest OS supports multiple attached monitors, Oracle VM VirtualBox can pretend that multiple virtual monitors are present. Up to eight such virtual monitors are supported.

    The output of the multiple monitors are displayed on the host in multiple VM windows which are running side by side. However, in full screen and seamless mode, they use the available physical monitors attached to the host. As a result, for full screen and seamless modes to work with multiple monitors, you will need at least as many physical monitors as you have virtual monitors configured, or Oracle VM VirtualBox will report an error.

    You can configure the relationship between guest and host monitors using the View menu by pressing Host key + Home when you are in full screen or seamless mode.

    See also Chapter 14, Known Limitations.

  • Scale Factor: Enables scaling of the display size. For multiple monitor displays, you can set the scale factor for individual monitors, or globally for all of the monitors. Use the slider to select a scaling factor up to 200%.

    You can set a default scale factor for all VMs. Use the Display tab in the Global Settings dialogs.

  • Enable 3D Acceleration: If a virtual machine has Guest Additions installed, you can select here whether the guest should support accelerated 3D graphics. See Section 4.5.1, “Hardware 3D Acceleration (OpenGL and Direct3D 8/9)”.

  • Enable 2D Video Acceleration: If a virtual machine with Microsoft Windows has Guest Additions installed, you can select here whether the guest should support accelerated 2D video graphics. See Section 4.5.2, “Hardware 2D Video Acceleration for Windows Guests”.

  • Graphics Controller: Specifies the graphics adapter type used by the guest VM. Note that you must install the Guest Additions on the guest VM to specify the VBoxSVGA or VMSVGA graphics controller. The following options are available:

    • VBoxSVGA: The default graphics controller for new VMs that use Windows 7 or later.

      This graphics controller improves performance and 3D support when compared to the legacy VBoxVGA option.

    • VBoxVGA: Use this graphics controller for legacy guest OSes. This is the default graphics controller for Windows versions before Windows 7 and for Oracle Solaris.

    • VMSVGA: Use this graphics controller to emulate a VMware SVGA graphics device. This is the default graphics controller for Linux guests.

    • None: Does not emulate a graphics adapter type.

3.6.2. Remote Display Tab

On the Remote Display tab, if the VirtualBox Remote Display Extension (VRDE) is installed, you can enable the VRDP server that is built into Oracle VM VirtualBox. This enables you to connect to the console of the virtual machine remotely with any standard RDP viewer, such as mstsc.exe that comes with Microsoft Windows. On Linux and Oracle Solaris systems you can use the standard open source rdesktop program. These features are described in Section 7.1, “Remote Display (VRDP Support)”.

  • Enable Server: Select this check box and configure settings for the remote display connection.

3.6.3. Recording Tab

On the Recording tab you can enable video and audio recording for a virtual machine and change related settings. Note that these features can be enabled and disabled while a VM is running.

  • Enable Recording: Select this check box and select a Recording Mode option.

  • Recording Mode: You can choose to record video, audio, or both video and audio.

    Some settings on the Recording tab may be grayed out, depending on the Recording Mode setting.

  • File Path: The file where the recording is saved.

  • Frame Size: The video resolution of the recorded video, in pixels. The drop-down list enables you to select from common frame sizes.

  • Frame Rate: Use the slider to set the maximum number of video frames per second (FPS) to record. Frames that have a higher frequency are skipped. Increasing this value reduces the number of skipped frames and increases the file size.

  • Quality: Use the slider to set the the bit rate of the video in kilobits per second. Increasing this value improves the appearance of the video at the cost of an increased file size.

  • Audio Quality: Use the slider to set the quality of the audio recording. Increasing this value improves the audio quality at the cost of an increased file size.

  • Screens: For a multiple monitor display, you can select which screens to record video from.

As you adjust the video and audio recording settings, the approximate output file size for a five minute video is shown.

3.7. Storage Settings

The Storage category in the VM settings enables you to connect virtual hard disk, CD/DVD, and floppy images and drives to your virtual machine.

In a real PC, so-called storage controllers connect physical disk drives to the rest of the computer. Similarly, Oracle VM VirtualBox presents virtual storage controllers to a virtual machine. Under each controller, the virtual devices, such as hard disks, CD/DVD or floppy drives, attached to the controller are shown.

Note

This section gives a quick introduction to the Oracle VM VirtualBox storage settings. See Chapter 5, Virtual Storage for a full description of the available storage settings in Oracle VM VirtualBox.

If you have used the Create VM wizard to create a machine, you will normally see something like the following:

Figure 3.1. Storage Settings for a Virtual Machine

Storage Settings for a Virtual Machine

Depending on the guest OS type that you selected when you created the VM, a new VM includes the following storage devices:

  • IDE controller. A virtual CD/DVD drive is attached to the secondary master port of the IDE controller.

  • SATA controller. This is a modern type of storage controller for higher hard disk data throughput, to which the virtual hard disks are attached. Initially you will normally have one such virtual disk, but as shown in the previous screenshot, you can have more than one. Each is represented by a disk image file, such as a VDI file in this example.

If you created your VM with an older version of Oracle VM VirtualBox, the default storage layout may differ. You might then only have an IDE controller to which both the CD/DVD drive and the hard disks have been attached. This might also apply if you selected an older OS type when you created the VM. Since older OSes do not support SATA without additional drivers, Oracle VM VirtualBox will make sure that no such devices are present initially. See Section 5.1, “Hard Disk Controllers: IDE, SATA (AHCI), SCSI, SAS, USB MSD, NVMe”.

Oracle VM VirtualBox also provides a floppy controller. You cannot add devices other than floppy drives to this controller. Virtual floppy drives, like virtual CD/DVD drives, can be connected to either a host floppy drive, if you have one, or a disk image, which in this case must be in RAW format.

You can modify these media attachments freely. For example, if you wish to copy some files from another virtual disk that you created, you can connect that disk as a second hard disk, as in the above screenshot. You could also add a second virtual CD/DVD drive, or change where these items are attached. The following options are available:

  • To add another virtual hard disk, or a CD/DVD or floppy drive, select the storage controller to which it should be added (IDE, SATA, SCSI, SAS, floppy controller) and then click the Add Disk button below the tree. You can then either select Add CD/DVD Device or Add Hard Disk. If you clicked on a floppy controller, you can add a floppy drive instead. Alternatively, right-click on the storage controller and select a menu item there.

    On the right part of the window, you can then set the following:

    1. The device slot of the controller that the virtual disk is connected to. IDE controllers have four slots which have traditionally been called primary master, primary slave, secondary master, and secondary slave. By contrast, SATA and SCSI controllers offer you up to 30 slots for attaching virtual devices.

    2. The image file to use.

      • For virtual hard disks, a button with a drop-down list appears on the right, offering you to either select a virtual hard disk file using a standard file dialog or to create a new hard disk (image file). The latter option displays the Create New Disk wizard, described in Section 1.8, “Creating Your First Virtual Machine”.

        For virtual floppy drives, a dialog enables you to create and format a new floppy disk image automatically.

        For details on the image file types that are supported, see Section 5.2, “Disk Image Files (VDI, VMDK, VHD, HDD)”.

      • For virtual CD/DVD drives, the image files will typically be in the standard ISO format instead. Most commonly, you will select this option when installing an OS from an ISO file that you have obtained from the Internet. For example, most Linux distributions are available in this way.

        For virtual CD/DVD drives, the following additional options are available:

        • If you select Host Drive from the list, then the physical device of the host computer is connected to the VM, so that the guest OS can read from and write to your physical device. This is, for instance, useful if you want to install Windows from a real installation CD. In this case, select your host drive from the drop-down list presented.

          If you want to write, or burn, CDs or DVDs using the host drive, you need to also enable the Passthrough option. See Section 5.9, “CD/DVD Support”.

        • If you select Remove Disk from Virtual Drive, Oracle VM VirtualBox will present an empty CD/DVD drive to the guest into which no media has been inserted.

  • To remove an attachment, either select it and click on the Remove icon at the bottom, or right-click on it and select the menu item.

Removable media, such as CD/DVDs and floppies, can be changed while the guest is running. Since the Settings dialog is not available at that time, you can also access these settings from the Devices menu of your virtual machine window.

3.8. Audio Settings

The Audio section in a virtual machine's Settings window determines whether the VM will detect a connected sound card, and if the audio output should be played on the host system.

To enable audio for a guest, select the Enable Audio check box. The following settings are available:

  • Host Audio Driver: The audio driver that Oracle VM VirtualBox uses on the host. On a Linux host, depending on your host configuration, you can select between the OSS, ALSA, or the PulseAudio subsystem. On newer Linux distributions, the PulseAudio subsystem is preferred.

    Only OSS is supported on Oracle Solaris hosts. The Oracle Solaris Audio audio backend is no longer supported on Oracle Solaris hosts.

  • Audio Controller: You can choose between the emulation of an Intel AC'97 controller, an Intel HD Audio controller, or a SoundBlaster 16 card.

  • Enable Audio Output: Enables audio output only for the VM.

  • Enable Audio Input: Enables audio input only for the VM.

3.9. Network Settings

The Network section in a virtual machine's Settings window enables you to configure how Oracle VM VirtualBox presents virtual network cards to your VM, and how they operate.

When you first create a virtual machine, Oracle VM VirtualBox by default enables one virtual network card and selects the Network Address Translation (NAT) mode for it. This way the guest can connect to the outside world using the host's networking and the outside world can connect to services on the guest which you choose to make visible outside of the virtual machine.

This default setup is good for the majority of Oracle VM VirtualBox users. However, Oracle VM VirtualBox is extremely flexible in how it can virtualize networking. It supports many virtual network cards per virtual machine. The first four virtual network cards can be configured in detail in the VirtualBox Manager window. Additional network cards can be configured using the VBoxManage command.

Many networking options are available. See Chapter 6, Virtual Networking for more information.

3.10. Serial Ports

Oracle VM VirtualBox supports the use of virtual serial ports in a virtual machine.

Ever since the original IBM PC, personal computers have been equipped with one or two serial ports, also called COM ports by DOS and Windows. Serial ports were commonly used with modems, and some computer mice used to be connected to serial ports before USB became commonplace.

While serial ports are no longer as common as they used to be, there are still some important uses left for them. For example, serial ports can be used to set up a primitive network over a null-modem cable, in case Ethernet is not available. Also, serial ports are indispensable for system programmers needing to do kernel debugging, since kernel debugging software usually interacts with developers over a serial port. With virtual serial ports, system programmers can do kernel debugging on a virtual machine instead of needing a real computer to connect to.

If a virtual serial port is enabled, the guest OS sees a standard 16550A compatible UART device. Other UART types can be configured using the VBoxManage modifyvm command. Both receiving and transmitting data is supported. How this virtual serial port is then connected to the host is configurable, and the details depend on your host OS.

You can use either the Settings tabs or the VBoxManage command to set up virtual serial ports. For the latter, see Section 8.8, “VBoxManage modifyvm” for information on the --uart, --uartmode and --uarttype options.

You can configure up to four virtual serial ports per virtual machine. For each device, you must set the following:

  1. Port Number: This determines the serial port that the virtual machine should see. For best results, use the traditional values as follows:

    • COM1: I/O base 0x3F8, IRQ 4

    • COM2: I/O base 0x2F8, IRQ 3

    • COM3: I/O base 0x3E8, IRQ 4

    • COM4: I/O base 0x2E8, IRQ 3

    You can also configure a user-defined serial port. Enter an I/O base address and interrupt (IRQ).

    See also http://en.wikipedia.org/wiki/COM_(hardware_interface).

  2. Port Mode: What the virtual port is connected to. For each virtual serial port, you have the following options:

    • Disconnected: The guest will see the device, but it will behave as if no cable had been connected to it.

    • Host Device: Connects the virtual serial port to a physical serial port on your host. On a Windows host, this will be a name like COM1. On Linux or Oracle Solaris hosts, it will be a device node like /dev/ttyS0. Oracle VM VirtualBox will then simply redirect all data received from and sent to the virtual serial port to the physical device.

    • Host Pipe: Configure Oracle VM VirtualBox to connect the virtual serial port to a software pipe on the host. This depends on your host OS, as follows:

      • On a Windows host, data will be sent and received through a named pipe. The pipe name must be in the format \\.\pipe\<name> where <name> should identify the virtual machine but may be freely chosen.

      • On a Mac, Linux, or Oracle Solaris host, a local domain socket is used instead. The socket filename must be chosen such that the user running Oracle VM VirtualBox has sufficient privileges to create and write to it. The /tmp directory is often a good candidate.

        On Linux there are various tools which can connect to a local domain socket or create one in server mode. The most flexible tool is socat and is available as part of many distributions.

      In this case, you can configure whether Oracle VM VirtualBox should create the named pipe, or the local domain socket non-Windows hosts, itself or whether Oracle VM VirtualBox should assume that the pipe or socket exists already. With the VBoxManage command-line options, this is referred to as server mode or client mode, respectively.

      For a direct connection between two virtual machines, corresponding to a null-modem cable, simply configure one VM to create a pipe or socket and another to attach to it.

    • Raw File: Send the virtual serial port output to a file. This option is very useful for capturing diagnostic output from a guest. Any file may be used for this purpose, as long as the user running Oracle VM VirtualBox has sufficient privileges to create and write to the file.

    • TCP Socket: Useful for forwarding serial traffic over TCP/IP, acting as a server, or it can act as a TCP client connecting to other servers. This option enables a remote machine to directly connect to the guest's serial port using TCP.

      • TCP Server: Deselect the Connect to Existing Pipe/Socket check box and specify the port number in the Path/Address field. This is typically 23 or 2023. Note that on UNIX-like systems you will have to use a port a number greater than 1024 for regular users.

        The client can use software such as PuTTY or the telnet command line tool to access the TCP Server.

      • TCP Client: To create a virtual null-modem cable over the Internet or LAN, the other side can connect using TCP by specifying hostname:port in the Path/Address field. The TCP socket will act in client mode if you select the Connect to Existing Pipe/Socket check box.

Up to four serial ports can be configured per virtual machine, but you can pick any port numbers out of the above. However, serial ports cannot reliably share interrupts. If both ports are to be used at the same time, they must use different interrupt levels, for example COM1 and COM2, but not COM1 and COM3.

3.11. USB Support

3.11.1. USB Settings

The USB section in a virtual machine's Settings window enables you to configure Oracle VM VirtualBox's sophisticated USB support.

Oracle VM VirtualBox can enable virtual machines to access the USB devices on your host directly. To achieve this, Oracle VM VirtualBox presents the guest OS with a virtual USB controller. As soon as the guest system starts using a USB device, it will appear as unavailable on the host.

Note

  • Be careful with USB devices that are currently in use on the host. For example, if you allow your guest to connect to your USB hard disk that is currently mounted on the host, when the guest is activated, it will be disconnected from the host without a proper shutdown. This may cause data loss.

  • Oracle Solaris hosts have a few known limitations regarding USB support. See Chapter 14, Known Limitations.

In addition to allowing a guest access to your local USB devices, Oracle VM VirtualBox even enables your guests to connect to remote USB devices by use of the VirtualBox Remote Desktop Extension (VRDE). See Section 7.1.4, “Remote USB”.

To enable USB for a VM, select the Enable USB Controller check box. The following settings are available:

  • USB Controller: Selects a controller with the specified level of USB support, as follows:

    • OHCI for USB 1.1

    • EHCI for USB 2.0. This also enables OHCI.

    • xHCI for USB 3.0. This supports all USB speeds.

    Note

    The xHCI and EHCI controllers are shipped as an Oracle VM VirtualBox extension package, which must be installed separately. See Section 1.6, “Installing Oracle VM VirtualBox and Extension Packs”.

  • USB Device Filters: When USB support is enabled for a VM, you can determine in detail which devices will be automatically attached to the guest. For this, you can create filters by specifying certain properties of the USB device. USB devices with a matching filter will be automatically passed to the guest once they are attached to the host. USB devices without a matching filter can be passed manually to the guest, for example by using the Devices, USB menu.

    Clicking on the + button to the right of the USB Device Filters window creates a new filter. You can give the filter a name, for later reference, and specify the filter criteria. The more criteria you specify, the more precisely devices will be selected. For instance, if you specify only a vendor ID of 046d, all devices produced by Logitech will be available to the guest. If you fill in all fields, on the other hand, the filter will only apply to a particular device model from a particular vendor, and not even to other devices of the same type with a different revision and serial number.

    In detail, the following criteria are available:

    • Vendor and Product ID. With USB, each vendor of USB products carries an identification number that is unique world-wide, called the vendor ID. Similarly, each line of products is assigned a product ID number. Both numbers are commonly written in hexadecimal, and a colon separates the vendor from the product ID. For example, 046d:c016 stands for Logitech as a vendor, and the M-UV69a Optical Wheel Mouse product.

      Alternatively, you can also specify Manufacturer and Product by name.

      To list all the USB devices that are connected to your host machine with their respective vendor IDs and product IDs, use the following command:

      VBoxManage list usbhost

      On Windows, you can also see all USB devices that are attached to your system in the Device Manager. On Linux, you can use the lsusb command.

    • Serial Number. While vendor ID and product ID are quite specific to identify USB devices, if you have two identical devices of the same brand and product line, you will also need their serial numbers to filter them out correctly.

    • Remote. This setting specifies whether the device will be local only, remote only, such as over VRDP, or either.

    On a Windows host, you will need to unplug and reconnect a USB device to use it after creating a filter for it.

    As an example, you could create a new USB filter and specify a vendor ID of 046d for Logitech, Inc, a manufacturer index of 1, and "not remote". Then any USB devices on the host system produced by Logitech, Inc with a manufacturer index of 1 will be visible to the guest system.

    Several filters can select a single device. For example, a filter which selects all Logitech devices, and one which selects a particular webcam.

    You can deactivate filters without deleting them by deselecting the check box next to the filter name.

3.11.2. Implementation Notes for Windows and Linux Hosts

On Windows hosts, a kernel mode device driver provides USB proxy support. It implements both a USB monitor, which enables Oracle VM VirtualBox to capture devices when they are plugged in, and a USB device driver to claim USB devices for a particular virtual machine. As opposed to Oracle VM VirtualBox versions before 1.4.0, system reboots are no longer necessary after installing the driver. Also, you no longer need to replug devices for Oracle VM VirtualBox to claim them.

On newer Linux hosts, Oracle VM VirtualBox accesses USB devices through special files in the file system. When Oracle VM VirtualBox is installed, these are made available to all users in the vboxusers system group. In order to be able to access USB from guest systems, make sure that you are a member of this group.

On older Linux hosts, USB devices are accessed using the usbfs file system. Therefore, the user executing Oracle VM VirtualBox needs read and write permission to the USB file system. Most distributions provide a group, such as usbusers, which the Oracle VM VirtualBox user needs to be added to. Also, Oracle VM VirtualBox can only proxy to virtual machines USB devices which are not claimed by a Linux host USB driver. The Driver= entry in /proc/bus/usb/devices will show you which devices are currently claimed. See also Section 12.8.7, “USB Not Working” for details about usbfs.

3.12. Shared Folders

Shared folders enable you to easily exchange data between a virtual machine and your host. This feature requires that the Oracle VM VirtualBox Guest Additions be installed in a virtual machine and is described in detail in Section 4.3, “Shared Folders”.

3.13. User Interface

The User Interface section enables you to change certain aspects of the user interface of this VM.

  • Menu Bar: This widget enables you to disable menus by clicking on the menu to release it, menu entries by deselecting the check box of the entry to disable it and the complete menu bar by deselecting the rightmost check box.

  • Mini ToolBar: In full screen or seamless mode, Oracle VM VirtualBox can display a small toolbar that contains some of the items that are normally available from the virtual machine's menu bar. This toolbar reduces itself to a small gray line unless you move the mouse over it. With the toolbar, you can return from full screen or seamless mode, control machine execution or enable certain devices. If you do not want to see the toolbar, disable this setting.

    The second setting enables you to show the toolbar at the top of the screen, instead of showing it at the bottom.

  • Status Bar: This widget enables you to disable icons on the status bar by deselecting the check box of an icon to disable it, to rearrange icons by dragging and dropping the icon, and to disable the complete status bar by deselecting the leftmost check box.

3.14. Alternative Firmware (EFI)

Oracle VM VirtualBox includes experimental support for the Extensible Firmware Interface (EFI), which is a new industry standard intended to eventually replace the legacy BIOS as the primary interface for bootstrapping computers and certain system services later.

By default, Oracle VM VirtualBox uses the BIOS firmware for virtual machines. To use EFI for a given virtual machine, you can enable EFI in the machine's Settings dialog. See Section 3.5.1, “Motherboard Tab”. Alternatively, use the VBoxManage command line interface as follows:

VBoxManage modifyvm "VM name" --firmware efi

To switch back to using the BIOS:

VBoxManage modifyvm "VM name" --firmware bios

One notable user of EFI is Apple Mac OS X. More recent Linux versions and Windows releases, starting with Vista, also offer special versions that can be booted using EFI.

Another possible use of EFI in Oracle VM VirtualBox is development and testing of EFI applications, without booting any OS.

Note that the Oracle VM VirtualBox EFI support is experimental and will be enhanced as EFI matures and becomes more widespread. Mac OS X, Linux, and newer Windows guests are known to work fine. Windows 7 guests are unable to boot with the Oracle VM VirtualBox EFI implementation.

3.14.1. Video Modes in EFI

EFI provides two distinct video interfaces: GOP (Graphics Output Protocol) and UGA (Universal Graphics Adapter). Modern OSes, such as Mac OS X, generally use GOP, while some older ones still use UGA. Oracle VM VirtualBox provides a configuration option to control the graphics resolution for both interfaces, making the difference mostly irrelevant for users.

The default resolution is 1024x768. To select a graphics resolution for EFI, use the following VBoxManage command:

VBoxManage setextradata "VM name" VBoxInternal2/EfiGraphicsResolution HxV

Determine the horizontal resolution H and the vertical resolution V from the following list of default resolutions:

VGA

640x480, 32bpp, 4:3

SVGA

800x600, 32bpp, 4:3

XGA

1024x768, 32bpp, 4:3

XGA+

1152x864, 32bpp, 4:3

HD

1280x720, 32bpp, 16:9

WXGA

1280x800, 32bpp, 16:10

SXGA

1280x1024, 32bpp, 5:4

SXGA+

1400x1050, 32bpp, 4:3

WXGA+

1440x900, 32bpp, 16:10

HD+

1600x900, 32bpp, 16:9

UXGA

1600x1200, 32bpp, 4:3

WSXGA+

1680x1050, 32bpp, 16:10

Full HD

1920x1080, 32bpp, 16:9

WUXGA

1920x1200, 32bpp, 16:10

DCI 2K

2048x1080, 32bpp, 19:10

Full HD+

2160x1440, 32bpp, 3:2

Unnamed

2304x1440, 32bpp, 16:10

QHD

2560x1440, 32bpp, 16:9

WQXGA

2560x1600, 32bpp, 16:10

QWXGA+

2880x1800, 32bpp, 16:10

QHD+

3200x1800, 32bpp, 16:9

WQSXGA

3200x2048, 32bpp, 16:10

4K UHD

3840x2160, 32bpp, 16:9

WQUXGA

3840x2400, 32bpp, 16:10

DCI 4K

4096x2160, 32bpp, 19:10

HXGA

4096x3072, 32bpp, 4:3

UHD+

5120x2880, 32bpp, 16:9

WHXGA

5120x3200, 32bpp, 16:10

WHSXGA

6400x4096, 32bpp, 16:10

HUXGA

6400x4800, 32bpp, 4:3

8K UHD2

7680x4320, 32bpp, 16:9

If this list of default resolution does not cover your needs, see Section 9.7.1, “Custom VESA Resolutions”. Note that the color depth value specified in a custom video mode must be specified. Color depths of 8, 16, 24, and 32 are accepted. EFI assumes a color depth of 32 by default.

The EFI default video resolution settings can only be changed when the VM is powered off.

3.14.2. Specifying Boot Arguments

It is currently not possible to manipulate EFI variables from within a running guest. For example, setting the "boot-args" variable by running the nvram tool in a Mac OS X guest will not work. As an alternative way, "VBoxInternal2/EfiBootArgs" extradata can be passed to a VM in order to set the "boot-args" variable. To change the "boot-args" EFI variable, use the following command:

VBoxManage setextradata "VM name" VBoxInternal2/EfiBootArgs <value>

Chapter 4. Guest Additions

The previous chapter covered getting started with Oracle VM VirtualBox and installing operating systems in a virtual machine. For any serious and interactive use, the Oracle VM VirtualBox Guest Additions will make your life much easier by providing closer integration between host and guest and improving the interactive performance of guest systems. This chapter describes the Guest Additions in detail.

4.1. Introduction to Guest Additions

As mentioned in Section 1.2, “Some Terminology”, the Guest Additions are designed to be installed inside a virtual machine after the guest operating system has been installed. They consist of device drivers and system applications that optimize the guest operating system for better performance and usability. See Section 3.1, “Supported Guest Operating Systems” for details on what guest operating systems are fully supported with Guest Additions by Oracle VM VirtualBox.

The Oracle VM VirtualBox Guest Additions for all supported guest operating systems are provided as a single CD-ROM image file which is called VBoxGuestAdditions.iso. This image file is located in the installation directory of Oracle VM VirtualBox. To install the Guest Additions for a particular VM, you mount this ISO file in your VM as a virtual CD-ROM and install from there.

The Guest Additions offer the following features:

  • Mouse pointer integration. To overcome the limitations for mouse support described in Section 1.9.2, “Capturing and Releasing Keyboard and Mouse”, this feature provides you with seamless mouse support. You will only have one mouse pointer and pressing the Host key is no longer required to "free" the mouse from being captured by the guest OS. To make this work, a special mouse driver is installed in the guest that communicates with the "real" mouse driver on your host and moves the guest mouse pointer accordingly.

  • Shared folders. These provide an easy way to exchange files between the host and the guest. Much like ordinary Windows network shares, you can tell Oracle VM VirtualBox to treat a certain host directory as a shared folder, and Oracle VM VirtualBox will make it available to the guest operating system as a network share, irrespective of whether guest actually has a network. See Section 4.3, “Shared Folders”.

  • Better video support. While the virtual graphics card which Oracle VM VirtualBox emulates for any guest operating system provides all the basic features, the custom video drivers that are installed with the Guest Additions provide you with extra high and non-standard video modes, as well as accelerated video performance.

    In addition, with Windows, Linux, and Oracle Solaris guests, you can resize the virtual machine's window if the Guest Additions are installed. The video resolution in the guest will be automatically adjusted, as if you had manually entered an arbitrary resolution in the guest's Display settings. See Section 1.9.5, “Resizing the Machine's Window”.

    If the Guest Additions are installed, 3D graphics and 2D video for guest applications can be accelerated. See Section 4.5, “Hardware-Accelerated Graphics”.

  • Seamless windows. With this feature, the individual windows that are displayed on the desktop of the virtual machine can be mapped on the host's desktop, as if the underlying application was actually running on the host. See Section 4.6, “Seamless Windows”.

  • Generic host/guest communication channels. The Guest Additions enable you to control and monitor guest execution. The "guest properties" provide a generic string-based mechanism to exchange data bits between a guest and a host, some of which have special meanings for controlling and monitoring the guest. See Section 4.7, “Guest Properties”.

    Additionally, applications can be started in a guest from the host. See Section 4.9, “Guest Control of Applications”.

  • Time synchronization. With the Guest Additions installed, Oracle VM VirtualBox can ensure that the guest's system time is better synchronized with that of the host.

    For various reasons, the time in the guest might run at a slightly different rate than the time on the host. The host could be receiving updates through NTP and its own time might not run linearly. A VM could also be paused, which stops the flow of time in the guest for a shorter or longer period of time. When the wall clock time between the guest and host only differs slightly, the time synchronization service attempts to gradually and smoothly adjust the guest time in small increments to either "catch up" or "lose" time. When the difference is too great, for example if a VM paused for hours or restored from saved state, the guest time is changed immediately, without a gradual adjustment.

    The Guest Additions will resynchronize the time regularly. See Section 9.13.3, “Tuning the Guest Additions Time Synchronization Parameters” for how to configure the parameters of the time synchronization mechanism.

  • Shared clipboard. With the Guest Additions installed, the clipboard of the guest operating system can optionally be shared with your host operating system. See Section 3.4, “General Settings”.

  • Automated logins. Also called credentials passing. See Section 9.1, “Automated Guest Logins”.

Each version of Oracle VM VirtualBox, even minor releases, ship with their own version of the Guest Additions. While the interfaces through which the Oracle VM VirtualBox core communicates with the Guest Additions are kept stable so that Guest Additions already installed in a VM should continue to work when Oracle VM VirtualBox is upgraded on the host, for best results, it is recommended to keep the Guest Additions at the same version.

The Windows and Linux Guest Additions therefore check automatically whether they have to be updated. If the host is running a newer Oracle VM VirtualBox version than the Guest Additions, a notification with further instructions is displayed in the guest.

To disable this update check for the Guest Additions of a given virtual machine, set the value of its /VirtualBox/GuestAdd/CheckHostVersion guest property to 0. See Section 4.7, “Guest Properties”.

4.2. Installing and Maintaining Guest Additions

Guest Additions are available for virtual machines running Windows, Linux, Oracle Solaris, or OS/2. The following sections describe the specifics of each variant in detail.

4.2.1. Guest Additions for Windows

The Oracle VM VirtualBox Windows Guest Additions are designed to be installed in a virtual machine running a Windows operating system. The following versions of Windows guests are supported:

  • Microsoft Windows NT 4.0 (any service pack)

  • Microsoft Windows 2000 (any service pack)

  • Microsoft Windows XP (any service pack)

  • Microsoft Windows Server 2003 (any service pack)

  • Microsoft Windows Server 2008

  • Microsoft Windows Vista (all editions)

  • Microsoft Windows 7 (all editions)

  • Microsoft Windows 8 (all editions)

  • Microsoft Windows 10 RTM build 10240

  • Microsoft Windows Server 2012

4.2.1.1. Installing the Windows Guest Additions

In the Devices menu in the virtual machine's menu bar, Oracle VM VirtualBox has a menu item Insert Guest Additions CD Image, which mounts the Guest Additions ISO file inside your virtual machine. A Windows guest should then automatically start the Guest Additions installer, which installs the Guest Additions on your Windows guest.

For other guest operating systems, or if automatic start of software on a CD is disabled, you need to do a manual start of the installer.

Note

For the basic Direct3D acceleration to work in a Windows guest, you have to install the WDDM video driver available for Windows Vista or later.

For Windows 8 and later, only the WDDM Direct3D video driver is available. For basic Direct3D acceleration to work in Windows XP guests, you have to install the Guest Additions in Safe Mode. See Chapter 14, Known Limitations for details.

If you prefer to mount the Guest Additions manually, you can perform the following steps:

  1. Start the virtual machine in which you have installed Windows.

  2. Select Mount CD/DVD-ROM from the Devices menu in the virtual machine's menu bar and then CD/DVD-ROM Image. This displays the Virtual Media Manager, described in Section 5.3, “The Virtual Media Manager”.

  3. In the Virtual Media Manager, click Add and browse your host file system for the VBoxGuestAdditions.iso file.

    • On a Windows host, this file is in the Oracle VM VirtualBox installation directory, usually in C:\Program files\Oracle\VirtualBox.

    • On Mac OS X hosts, this file is in the application bundle of Oracle VM VirtualBox. Right-click on the Oracle VM VirtualBox icon in Finder and choose Show Package Contents. The file is located in the Contents/MacOS folder.

    • On a Linux host, this file is in the additions folder where you installed Oracle VM VirtualBox, usually /opt/VirtualBox/.

    • On Oracle Solaris hosts, this file is in the additions folder where you installed Oracle VM VirtualBox, usually /opt/VirtualBox.

  4. In the Virtual Media Manager, select the ISO file and click Select button. This mounts the ISO file and presents it to your Windows guest as a CD-ROM.

Unless you have the Autostart feature disabled in your Windows guest, Windows will now autostart the Oracle VM VirtualBox Guest Additions installation program from the Additions ISO. If the Autostart feature has been turned off, choose VBoxWindowsAdditions.exe from the CD/DVD drive inside the guest to start the installer.

The installer will add several device drivers to the Windows driver database and then invoke the hardware detection wizard.

Depending on your configuration, it might display warnings that the drivers are not digitally signed. You must confirm these in order to continue the installation and properly install the Additions.

After installation, reboot your guest operating system to activate the Additions.

4.2.1.2. Updating the Windows Guest Additions

Windows Guest Additions can be updated by running the installation program again. This replaces the previous Additions drivers with updated versions.

Alternatively, you can also open the Windows Device Manager and select Update Driver... for the following devices:

  1. Oracle VM VirtualBox Graphics Adapter

  2. Oracle VM VirtualBox System Device

For each, choose the option to provide your own driver, click Have Disk and navigate to the CD-ROM drive with the Guest Additions.

4.2.1.3. Unattended Installation

To avoid popups when performing an unattended installation of the Oracle VM VirtualBox Guest Additions, the code signing certificates used to sign the drivers needs to be installed in the correct certificate stores on the guest operating system. Failure to do this will cause a typical Windows installation to display multiple dialogs asking whether you want to install a particular driver.

Note

On some Windows versions, such as Windows 2000 and Windows XP, the user intervention popups mentioned above are always displayed, even after importing the Oracle certificates.

Installing the code signing certificates on a Windows guest can be done automatically. Use the VBoxCertUtil.exe utility from the cert folder on the Guest Additions installation CD.

Use the following steps:

  1. Log in as Administrator on the guest.

  2. Mount the Oracle VM VirtualBox Guest Additions .ISO.

  3. Open a command line window on the guest and change to the cert folder on the Oracle VM VirtualBox Guest Additions CD.

  4. Run the following command:

    VBoxCertUtil.exe add-trusted-publisher vbox*.cer --root vbox*.cer

    This command installs the certificates to the certificate store. When installing the same certificate more than once, an appropriate error will be displayed.

To allow for completely unattended guest installations, you can specify a command line parameter to the install launcher:

VBoxWindowsAdditions.exe /S

This automatically installs the right files and drivers for the corresponding platform, either 32-bit or 64-bit.

Note

By default on an unattended installation on a Vista or Windows 7 guest, there will be the XPDM graphics driver installed. This graphics driver does not support Windows Aero / Direct3D on the guest. Instead, the WDDM graphics driver needs to be installed. To select this driver by default, add the command line parameter /with_wddm when invoking the Windows Guest Additions installer. This is only required for Vista and Windows 7.

Note

For Windows Aero to run correctly on a guest, the guest's VRAM size needs to be configured to at least 128 MB.

For more options regarding unattended guest installations, consult the command line help by using the command:

VBoxWindowsAdditions.exe /?

4.2.1.4. Manual File Extraction

If you would like to install the files and drivers manually, you can extract the files from the Windows Guest Additions setup as follows:

VBoxWindowsAdditions.exe /extract

To explicitly extract the Windows Guest Additions for another platform than the current running one, such as 64-bit files on a 32-bit system, you must use the appropriate platform installer. Use VBoxWindowsAdditions-x86.exe or VBoxWindowsAdditions-amd64.exe with the /extract parameter.

4.2.2. Guest Additions for Linux

Like the Windows Guest Additions, the Oracle VM VirtualBox Guest Additions for Linux are a set of device drivers and system applications which may be installed in the guest operating system.

The following Linux distributions are officially supported:

  • Oracle Linux as of version 5, including UEK kernels

  • Fedora as of Fedora Core 4

  • Redhat Enterprise Linux as of version 3

  • SUSE and openSUSE Linux as of version 9

  • Ubuntu as of version 5.10

Many other distributions are known to work with the Guest Additions.

The version of the Linux kernel supplied by default in SUSE and openSUSE 10.2, Ubuntu 6.10 (all versions) and Ubuntu 6.06 (server edition) contains a bug which can cause it to crash during startup when it is run in a virtual machine. The Guest Additions work in those distributions.

Note that some Linux distributions already come with all or part of the Oracle VM VirtualBox Guest Additions. You may choose to keep the distribution's version of the Guest Additions but these are often not up to date and limited in functionality, so we recommend replacing them with the Guest Additions that come with Oracle VM VirtualBox. The Oracle VM VirtualBox Linux Guest Additions installer tries to detect an existing installation and replace them but depending on how the distribution integrates the Guest Additions, this may require some manual interaction. It is highly recommended to take a snapshot of the virtual machine before replacing preinstalled Guest Additions.

4.2.2.1. Installing the Linux Guest Additions

The Oracle VM VirtualBox Guest Additions for Linux are provided on the same virtual CD-ROM file as the Guest Additions for Windows. See Section 4.2.1.1, “Installing the Windows Guest Additions”. They also come with an installation program that guides you through the setup process. However, due to the significant differences between Linux distributions, installation may be slightly more complex when compared to Windows.

Installation generally involves the following steps:

  1. Before installing the Guest Additions, you prepare your guest system for building external kernel modules. This works as described in Section 2.3.2, “The Oracle VM VirtualBox Driver Modules”, except that this step must be performed in your Linux guest instead of on a Linux host system.

    If you suspect that something has gone wrong, check that your guest is set up correctly and run the following command as root:

    rcvboxadd setup
  2. Insert the VBoxGuestAdditions.iso CD file into your Linux guest's virtual CD-ROM drive, as described for a Windows guest in Section 4.2.1.1, “Installing the Windows Guest Additions”.

  3. Change to the directory where your CD-ROM drive is mounted and run the following command as root:

    sh ./VBoxLinuxAdditions.run

4.2.2.2. Graphics and Mouse Integration

In Linux and Oracle Solaris guests, Oracle VM VirtualBox graphics and mouse integration goes through the X Window System. Oracle VM VirtualBox can use the X.Org variant of the system, or XFree86 version 4.3 which is identical to the first X.Org release. During the installation process, the X.Org display server will be set up to use the graphics and mouse drivers which come with the Guest Additions.

After installing the Guest Additions into a fresh installation of a supported Linux distribution or Oracle Solaris system, many unsupported systems will work correctly too, the guest's graphics mode will change to fit the size of the Oracle VM VirtualBox window on the host when it is resized. You can also ask the guest system to switch to a particular resolution by sending a video mode hint using the VBoxManage tool.

Multiple guest monitors are supported in guests using the X.Org server version 1.3, which is part of release 7.3 of the X Window System version 11, or a later version. The layout of the guest screens can be adjusted as needed using the tools which come with the guest operating system.

If you want to understand more about the details of how the X.Org drivers are set up, in particular if you wish to use them in a setting which our installer does not handle correctly, see Section 9.3.2, “Guest Graphics and Mouse Driver Setup in Depth”.

4.2.2.3. Updating the Linux Guest Additions

The Guest Additions can simply be updated by going through the installation procedure again with an updated CD-ROM image. This will replace the drivers with updated versions. You should reboot after updating the Guest Additions.

4.2.2.4. Uninstalling the Linux Guest Additions

If you have a version of the Guest Additions installed on your virtual machine and wish to remove it without installing new ones, you can do so by inserting the Guest Additions CD image into the virtual CD-ROM drive as described above. Then run the installer for the current Guest Additions with the uninstall parameter from the path that the CD image is mounted on in the guest, as follows:

sh ./VBoxLinuxAdditions.run uninstall

While this will normally work without issues, you may need to do some manual cleanup of the guest in some cases, especially of the XFree86Config or xorg.conf file. In particular, if the Additions version installed or the guest operating system were very old, or if you made your own changes to the Guest Additions setup after you installed them.

You can uninstall the Additions as follows:

/opt/VBoxGuestAdditions-version/uninstall.sh

Replace /opt/VBoxGuestAdditions-version with the correct Guest Additions installation directory.

4.2.3. Guest Additions for Oracle Solaris

Like the Windows Guest Additions, the Oracle VM VirtualBox Guest Additions for Oracle Solaris take the form of a set of device drivers and system applications which may be installed in the guest operating system.

The following Oracle Solaris distributions are officially supported:

  • Oracle Solaris 11, including Oracle Solaris 11 Express

  • Oracle Solaris 10 4/08 and later

Other distributions may work if they are based on comparable software releases.

4.2.3.1. Installing the Oracle Solaris Guest Additions

The Oracle VM VirtualBox Guest Additions for Oracle Solaris are provided on the same ISO CD-ROM as the Additions for Windows and Linux. They come with an installation program that guides you through the setup process.

Installation involves the following steps:

  1. Mount the VBoxGuestAdditions.iso file as your Oracle Solaris guest's virtual CD-ROM drive, exactly the same way as described for a Windows guest in Section 4.2.1.1, “Installing the Windows Guest Additions”.

    If the CD-ROM drive on the guest does not get mounted, as seen with some versions of Oracle Solaris 10, run the following command as root:

    svcadm restart volfs
  2. Change to the directory where your CD-ROM drive is mounted and run the following command as root:

    pkgadd -G -d ./VBoxSolarisAdditions.pkg
  3. Choose 1 and confirm installation of the Guest Additions package. After the installation is complete, log out and log in to X server on your guest, to activate the X11 Guest Additions.

4.2.3.2. Uninstalling the Oracle Solaris Guest Additions

The Oracle Solaris Guest Additions can be safely removed by removing the package from the guest. Open a root terminal session and run the following command:

pkgrm SUNWvboxguest

4.2.3.3. Updating the Oracle Solaris Guest Additions

The Guest Additions should be updated by first uninstalling the existing Guest Additions and then installing the new ones. Attempting to install new Guest Additions without removing the existing ones is not possible.

4.2.4. Guest Additions for OS/2

Oracle VM VirtualBox also ships with a set of drivers that improve running OS/2 in a virtual machine. Due to restrictions of OS/2 itself, this variant of the Guest Additions has a limited feature set. See Chapter 14, Known Limitations for details.

The OS/2 Guest Additions are provided on the same ISO CD-ROM as those for the other platforms. Mount the ISO in OS/2 as described previously. The OS/2 Guest Additions are located in the directory \OS2.

We do not provide an automatic installer at this time. See the readme.txt file in the CD-ROM directory, which describes how to install the OS/2 Guest Additions manually.

4.3. Shared Folders

With the shared folders feature of Oracle VM VirtualBox, you can access files of your host system from within the guest system. This is similar to how you would use network shares in Windows networks, except that shared folders do not require networking, only the Guest Additions. Shared folders are supported with Windows 2000 or later, Linux, and Oracle Solaris guests. Oracle VM VirtualBox release 6.0 includes experimental support for Mac OS X and OS/2 guests.

Shared folders physically reside on the host and are then shared with the guest, which uses a special file system driver in the Guest Additions to talk to the host. For Windows guests, shared folders are implemented as a pseudo-network redirector. For Linux and Oracle Solaris guests, the Guest Additions provide a virtual file system.

To share a host folder with a virtual machine in Oracle VM VirtualBox, you must specify the path of the folder and choose a share name that the guest can use to access the shared folder. This happens on the host. In the guest you can then use the share name to connect to it and access files.

There are several ways in which shared folders can be set up for a virtual machine:

  • In the window of a running VM, you select Shared Folders from the Devices menu, or click on the folder icon on the status bar in the bottom right corner.

  • If a VM is not currently running, you can configure shared folders in the virtual machine's Settings dialog.

  • From the command line, you can create shared folders using VBoxManage, as follows:

    VBoxManage sharedfolder add "VM name" --name "sharename" --hostpath "C:\test"

    See Section 8.33, “VBoxManage sharedfolder add/remove”.

There are two types of shares:

  • Permanent shares, that are saved with the VM settings.

  • Transient shares, that are added at runtime and disappear when the VM is powered off. These can be created using a checkbox in the VirtualBox Manager, or by using the --transient option of the VBoxManage sharedfolder add command.

Shared folders can either be read-write or read-only. This means that the guest is either allowed to both read and write, or just read files on the host. By default, shared folders are read-write. Read-only folders can be created using a checkbox in the VirtualBox Manager, or with the --readonly option of the VBoxManage sharedfolder add command.

Oracle VM VirtualBox shared folders also support symbolic links, also called symlinks, under the following conditions:

  • The host operating system must support symlinks. For example, a Mac OS X, Linux, or Oracle Solaris host is required.

  • Currently only Linux and Oracle Solaris Guest Additions support symlinks.

  • For security reasons the guest OS is not allowed to create symlinks by default. If you trust the guest OS to not abuse the functionality, you can enable creation of symlinks for a shared folder as follows:

    VBoxManage setextradata "VM name" VBoxInternal2/SharedFoldersEnableSymlinksCreate/sharename 1

4.3.1. Manual Mounting

You can mount the shared folder from inside a VM, in the same way as you would mount an ordinary network share:

  • In a Windows guest, shared folders are browseable and therefore visible in Windows Explorer. To attach the host's shared folder to your Windows guest, open Windows Explorer and look for the folder in My Networking Places, Entire Network, Oracle VM VirtualBox Shared Folders. By right-clicking on a shared folder and selecting Map Network Drive from the menu that pops up, you can assign a drive letter to that shared folder.

    Alternatively, on the Windows command line, use the following command:

    net use x: \\vboxsvr\sharename

    While vboxsvr is a fixed name, note that vboxsrv would also work, replace x: with the drive letter that you want to use for the share, and sharename with the share name specified with VBoxManage.

  • In a Linux guest, use the following command:

    mount -t vboxsf [-o OPTIONS] sharename mountpoint

    To mount a shared folder during boot, add the following entry to /etc/fstab:

    sharename   mountpoint   vboxsf   defaults  0   0
  • In a Oracle Solaris guest, use the following command:

    mount -F vboxfs [-o OPTIONS] sharename mountpoint

    Replace sharename, use a lowercase string, with the share name specified with VBoxManage or the GUI. Replace mountpoint with the path where you want the share to be mounted on the guest, such as /mnt/share. The usual mount rules apply. For example, create this directory first if it does not exist yet.

    Here is an example of mounting the shared folder for the user jack on Oracle Solaris:

    $ id
    uid=5000(jack) gid=1(other)
    $ mkdir /export/home/jack/mount
    $ pfexec mount -F vboxfs -o uid=5000,gid=1 jackshare /export/home/jack/mount
    $ cd ~/mount
    $ ls
    sharedfile1.mp3 sharedfile2.txt
    $

    Beyond the standard options supplied by the mount command, the following are available:

    iocharset CHARSET

    This option sets the character set used for I/O operations. Note that on Linux guests, if the iocharset option is not specified, then the Guest Additions driver will attempt to use the character set specified by the CONFIG_NLS_DEFAULT kernel option. If this option is not set either, then UTF-8 is used.

    convertcp CHARSET

    This option specifies the character set used for the shared folder name. This is UTF-8 by default.

    The generic mount options, documented in the mount manual page, apply also. Especially useful are the options uid, gid and mode, as they can allow access by normal users in read/write mode, depending on the settings, even if root has mounted the filesystem.

  • In an OS/2 guest, use the VBoxControl command to manage shared folders. For example:

    VBoxControl sharedfolder use D: MyShareName
    VBoxControl sharedfolder unuse D:
    VBoxControl sharedfolder list

    As with Windows guests, shared folders can also be accessed via UNC using \\VBoxSF\, \\VBoxSvr\ or \\VBoxSrv\ as the server name and the shared folder name as sharename.

4.3.2. Automatic Mounting

Oracle VM VirtualBox provides the option to mount shared folders automatically. When automatic mounting is enabled for a shared folder, the Guest Additions service will mount it for you automatically. For Windows or OS/2, a preferred drive letter can also be specified. For Linux or Oracle Solaris, a mount point directory can also be specified.

If a drive letter or mount point is not specified, or is in use already, an alternative location is found by the Guest Additions service. The service searches for an alternative location depending on the guest OS, as follows:

  • Windows and OS/2 guests. Search for a free drive letter, starting at Z:. If all drive letters are assigned, the folder is not mounted.

  • Linux and Oracle Solaris guests. Folders are mounted under the /media directory. The folder name is normalized (no spaces, slashes or colons) and is prefixed with sf_.

    For example, if you have a shared folder called myfiles, it will appear as /media/sf_myfiles in the guest.

    The guest properties /VirtualBox/GuestAdd/SharedFolders/MountDir and the more generic /VirtualBox/GuestAdd/SharedFolders/MountPrefix can be used to override the automatic mount directory and prefix. See Section 4.7, “Guest Properties”.

Access to an automatically mounted shared folder is granted to everyone in a Windows guest, including the guest user. For Linux and Oracle Solaris guests, access is restricted to members of the group vboxsf and the root user.

4.4. Drag and Drop

Oracle VM VirtualBox enables you to drag and drop content from the host to the guest, and vice versa. For this to work the latest Guest Additions must be installed on the guest.

Drag and drop transparently allows copying or opening files, directories, and even certain clipboard formats from one end to the other. For example, from the host to the guest or from the guest to the host. You then can perform drag and drop operations between the host and a VM, as it would be a native drag and drop operation on the host OS.

At the moment drag and drop is implemented for Windows-based and X-Windows-based systems, both on the host and guest side. As X-Windows supports many different drag and drop protocols only the most common one, XDND, is supported for now. Applications using other protocols, such as Motif or OffiX, will not be recognized by Oracle VM VirtualBox.

In the context of using drag and drop, the origin of the data is called the source. That is, where the actual data comes from and is specified. The target specifies where the data from the source should go to. Transferring data from the source to the target can be done in various ways, such as copying, moving, or linking.

Note

At the moment only copying of data is supported. Moving or linking is not yet implemented.

When transferring data from the host to the guest OS, the host in this case is the source, whereas the guest OS is the target. However, when transferring data from the guest OS to the host, the guest OS this time became the source and the host is the target.

For security reasons drag and drop can be configured at runtime on a per-VM basis either using the Drag and Drop menu item in the Devices menu of the virtual machine, as shown below, or the VBoxManage command.

Figure 4.1. Drag and Drop Menu Options

Drag and Drop Menu Options

The following drag and drop modes are available:

  • Disabled. Disables the drag and drop feature entirely. This is the default when creating a new VM.

  • Host To Guest. Enables drag and drop operations from the host to the guest only.

  • Guest To Host. Enables drag and drop operations from the guest to the host only.

  • Bidirectional. Enables drag and drop operations in both directions: from the host to the guest, and from the guest to the host.

Note

Drag and drop support depends on the frontend being used. At the moment, only the VirtualBox Manager frontend provides this functionality.

To use the VBoxManage command to control the current drag and drop mode, see Chapter 8, VBoxManage. The modifyvm and controlvm commands enable setting of a VM's current drag and drop mode from the command line.

4.4.1. Supported Formats

As Oracle VM VirtualBox can run on a variety of host operating systems and also supports a wide range of guests, certain data formats must be translated after transfer. This is so that the target operating system, which receiving the data, is able to handle them in an appropriate manner.

Note

When dragging files no data conversion is done in any way. For example, when transferring a file from a Linux guest to a Windows host the Linux-specific line endings are not converted to Windows line endings.

The following formats are handled by the Oracle VM VirtualBox drag and drop service:

  • Plain text: From applications such as text editors, internet browsers and terminal windows.

  • Files: From file managers such as Windows Explorer, Nautilus, and Finder.

  • Directories: For directories, the same formats apply as for files.

4.4.2. Known Limitations

The following limitations are known for drag and drop:

On Windows hosts, dragging and dropping content between UAC-elevated (User Account Control) programs and non-UAC-elevated programs is not allowed. If you start Oracle VM VirtualBox with Administrator privileges then drag and drop will not work with Windows Explorer, which runs with regular user privileges by default.

4.5. Hardware-Accelerated Graphics

4.5.1. Hardware 3D Acceleration (OpenGL and Direct3D 8/9)

The Oracle VM VirtualBox Guest Additions contain experimental hardware 3D support for Windows, Linux, and Oracle Solaris guests.

With this feature, if an application inside your virtual machine uses 3D features through the OpenGL or Direct3D 8/9 programming interfaces, instead of emulating them in software, which would be slow, Oracle VM VirtualBox will attempt to use your host's 3D hardware. This works for all supported host platforms, provided that your host operating system can make use of your accelerated 3D hardware in the first place.

The 3D acceleration feature currently has the following preconditions:

  • It is only available for certain Windows, Linux, and Oracle Solaris guests. In particular:

    • 3D acceleration with Windows guests requires Windows 2000, Windows XP, Vista, or Windows 7. Apart from on Windows 2000 guests, both OpenGL and Direct3D 8/9 are supported on an experimental basis.

    • OpenGL on Linux requires kernel 2.6.27 or later, as well as X.org server version 1.5 or later. Ubuntu 10.10 and Fedora 14 have been tested and confirmed as working.

    • OpenGL on Oracle Solaris guests requires X.org server version 1.5 or later.

  • The Guest Additions must be installed.

    Note

    For the basic Direct3D acceleration to work in a Windows Guest, Oracle VM VirtualBox needs to replace Windows system files in the virtual machine. As a result, the Guest Additions installation program offers Direct3D acceleration as an option that must be explicitly enabled. Also, you must install the Guest Additions in Safe Mode. This does not apply to the WDDM Direct3D video driver available for Windows Vista and later. See Chapter 14, Known Limitations for details.

  • Because 3D support is still experimental at this time, it is disabled by default and must be manually enabled in the VM settings. See Section 3.6, “Display Settings”.

    Note

    Untrusted guest systems should not be allowed to use the 3D acceleration features of Oracle VM VirtualBox, just as untrusted host software should not be allowed to use 3D acceleration. Drivers for 3D hardware are generally too complex to be made properly secure and any software which is allowed to access them may be able to compromise the operating system running them. In addition, enabling 3D acceleration gives the guest direct access to a large body of additional program code in the Oracle VM VirtualBox host process which it might conceivably be able to use to crash the virtual machine.

To enable Aero theme support, the Oracle VM VirtualBox WDDM video driver must be installed, which is available with the Guest Additions installation. The WDDM driver is not installed by default for Vista and Windows 7 guest and must be manually selected in the Guest Additions installer by clicking No in the Would You Like to Install Basic Direct3D Support dialog displayed when the Direct3D feature is selected.

The Aero theme is not enabled by default. To enable it, do the following:

  • Windows Vista guests: Right-click on the desktop and select Personalize, then select Windows Color and Appearance in the Personalization window. In the Appearance Settings dialog, select Windows Aero and click OK.

  • Windows 7 guests: Right-click on the desktop and select Personalize. Select any Aero theme in the Personalization window.

Technically, Oracle VM VirtualBox implements this by installing an additional hardware 3D driver inside your guest when the Guest Additions are installed. This driver acts as a hardware 3D driver and reports to the guest operating system that the virtual hardware is capable of 3D hardware acceleration. When an application in the guest then requests hardware acceleration through the OpenGL or Direct3D programming interfaces, these are sent to the host through a special communication tunnel implemented by Oracle VM VirtualBox, and then the host performs the requested 3D operation using the host's programming interfaces.

4.5.2. Hardware 2D Video Acceleration for Windows Guests

The Oracle VM VirtualBox Guest Additions contain experimental hardware 2D video acceleration support for Windows guests.

With this feature, if an application such as a video player inside your Windows VM uses 2D video overlays to play a movie clip, then Oracle VM VirtualBox will attempt to use your host's video acceleration hardware instead of performing overlay stretching and color conversion in software, which would be slow. This currently works for Windows, Linux and Mac OS X host platforms, provided that your host operating system can make use of 2D video acceleration in the first place.

Hardware 2D video acceleration currently has the following preconditions:

  • Only available for Windows guests, running Windows XP or later.

  • Guest Additions must be installed.

  • Because 2D support is still experimental at this time, it is disabled by default and must be manually enabled in the VM settings. See Section 3.6, “Display Settings”.

Technically, Oracle VM VirtualBox implements this by exposing video overlay DirectDraw capabilities in the Guest Additions video driver. The driver sends all overlay commands to the host through a special communication tunnel implemented by Oracle VM VirtualBox. On the host side, OpenGL is then used to implement color space transformation and scaling

4.6. Seamless Windows

With the seamless windows feature of Oracle VM VirtualBox, you can have the windows that are displayed within a virtual machine appear side by side next to the windows of your host. This feature is supported for the following guest operating systems, provided that the Guest Additions are installed:

  • Windows guests. Support was added in Oracle VM VirtualBox 1.5.

  • Supported Linux or Oracle Solaris guests running the X Window System. Support was added with Oracle VM VirtualBox 1.6.

After seamless windows are enabled, Oracle VM VirtualBox suppresses the display of the desktop background of your guest, allowing you to run the windows of your guest operating system seamlessly next to the windows of your host.

Figure 4.2. Seamless Windows on a Host Desktop

Seamless Windows on a Host Desktop

To enable seamless mode, after starting the virtual machine, press the Host key + L. The Host key is normally the right control key. This will enlarge the size of the VM's display to the size of your host screen and mask out the guest operating system's background. To disable seamless windows and go back to the normal VM display, press the Host key + L again.

4.7. Guest Properties

Oracle VM VirtualBox enables requests of some properties from a running guest, provided that the Oracle VM VirtualBox Guest Additions are installed and the VM is running. This provides the following advantages:

  • A number of predefined VM characteristics are automatically maintained by Oracle VM VirtualBox and can be retrieved on the host. For example, to monitor VM performance and statistics.

  • Arbitrary string data can be exchanged between guest and host. This works in both directions.

To accomplish this, Oracle VM VirtualBox establishes a private communication channel between the Oracle VM VirtualBox Guest Additions and the host, and software on both sides can use this channel to exchange string data for arbitrary purposes. Guest properties are simply string keys to which a value is attached. They can be set, or written to, by either the host and the guest. They can also be read from both sides.

In addition to establishing the general mechanism of reading and writing values, a set of predefined guest properties is automatically maintained by the Oracle VM VirtualBox Guest Additions to allow for retrieving interesting guest data such as the guest's exact operating system and service pack level, the installed version of the Guest Additions, users that are currently logged into the guest OS, network statistics and more. These predefined properties are all prefixed with /VirtualBox/ and organized into a hierarchical tree of keys.

Some of this runtime information is shown when you select Session Information Dialog from a virtual machine's Machine menu.

A more flexible way to use this channel is with the VBoxManage guestproperty command. See Section 8.34, “VBoxManage guestproperty”. For example, to have all the available guest properties for a given running VM listed with their respective values, use this command:

$ VBoxManage guestproperty enumerate "Windows Vista III"
VirtualBox Command Line Management Interface Version version-number
(C) 2005-2018 Oracle Corporation
All rights reserved.

Name: /VirtualBox/GuestInfo/OS/Product, value: Windows Vista Business Edition,
    timestamp: 1229098278843087000, flags:
Name: /VirtualBox/GuestInfo/OS/Release, value: 6.0.6001,
    timestamp: 1229098278950553000, flags:
Name: /VirtualBox/GuestInfo/OS/ServicePack, value: 1,
    timestamp: 1229098279122627000, flags:
Name: /VirtualBox/GuestAdd/InstallDir,
    value: C:/Program Files/Oracle/VirtualBox
    Guest Additions, timestamp: 1229098279269739000, flags:
Name: /VirtualBox/GuestAdd/Revision, value: 40720,
    timestamp: 1229098279345664000, flags:
Name: /VirtualBox/GuestAdd/Version, value: version-number,
    timestamp: 1229098279479515000, flags:
Name: /VirtualBox/GuestAdd/Components/VBoxControl.exe, value: version-numberr40720,
    timestamp: 1229098279651731000, flags:
Name: /VirtualBox/GuestAdd/Components/VBoxHook.dll, value: version-numberr40720,
    timestamp: 1229098279804835000, flags:
Name: /VirtualBox/GuestAdd/Components/VBoxDisp.dll, value: version-numberr40720,
    timestamp: 1229098279880611000, flags:
Name: /VirtualBox/GuestAdd/Components/VBoxMRXNP.dll, value: version-numberr40720,
    timestamp: 1229098279882618000, flags:
Name: /VirtualBox/GuestAdd/Components/VBoxService.exe, value: version-numberr40720,
    timestamp: 1229098279883195000, flags:
Name: /VirtualBox/GuestAdd/Components/VBoxTray.exe, value: version-numberr40720,
    timestamp: 1229098279885027000, flags:
Name: /VirtualBox/GuestAdd/Components/VBoxGuest.sys, value: version-numberr40720,
    timestamp: 1229098279886838000, flags:
Name: /VirtualBox/GuestAdd/Components/VBoxMouse.sys, value: version-numberr40720,
    timestamp: 1229098279890600000, flags:
Name: /VirtualBox/GuestAdd/Components/VBoxSF.sys, value: version-numberr40720,
    timestamp: 1229098279893056000, flags:
Name: /VirtualBox/GuestAdd/Components/VBoxVideo.sys, value: version-numberr40720,
    timestamp: 1229098279895767000, flags:
Name: /VirtualBox/GuestInfo/OS/LoggedInUsers, value: 1,
    timestamp: 1229099826317660000, flags:
Name: /VirtualBox/GuestInfo/OS/NoLoggedInUsers, value: false,
    timestamp: 1229098455580553000, flags:
Name: /VirtualBox/GuestInfo/Net/Count, value: 1,
    timestamp: 1229099826299785000, flags:
Name: /VirtualBox/HostInfo/GUI/LanguageID, value: C,
    timestamp: 1229098151272771000, flags:
Name: /VirtualBox/GuestInfo/Net/0/V4/IP, value: 192.168.2.102,
    timestamp: 1229099826300088000, flags:
Name: /VirtualBox/GuestInfo/Net/0/V4/Broadcast, value: 255.255.255.255,
    timestamp: 1229099826300220000, flags:
Name: /VirtualBox/GuestInfo/Net/0/V4/Netmask, value: 255.255.255.0,
    timestamp: 1229099826300350000, flags:
Name: /VirtualBox/GuestInfo/Net/0/Status, value: Up,
    timestamp: 1229099826300524000, flags:
Name: /VirtualBox/GuestInfo/OS/LoggedInUsersList, value: username,
    timestamp: 1229099826317386000, flags:

To query the value of a single property, use the get subcommand as follows:

$ VBoxManage guestproperty get "Windows Vista III" "/VirtualBox/GuestInfo/OS/Product"
VirtualBox Command Line Management Interface Version version-number
(C) 2005-2018 Oracle Corporation
All rights reserved.

Value: Windows Vista Business Edition

To add or change guest properties from the guest, use the tool VBoxControl. This tool is included in the Guest Additions of Oracle VM VirtualBox 2.2 or later. When started from a Linux guest, this tool requires root privileges for security reasons:

$ sudo VBoxControl guestproperty enumerate
VirtualBox Guest Additions Command Line Management Interface Version version-number
(C) 2005-2018 Oracle Corporation
All rights reserved.

Name: /VirtualBox/GuestInfo/OS/Release, value: 2.6.28-18-generic,
    timestamp: 1265813265835667000, flags: <NULL>
Name: /VirtualBox/GuestInfo/OS/Version, value: #59-Ubuntu SMP Thu Jan 28 01:23:03 UTC 2010,
    timestamp: 1265813265836305000, flags: <NULL>
      ...

For more complex needs, you can use the Oracle VM VirtualBox programming interfaces. See Chapter 11, Oracle VM VirtualBox Programming Interfaces.

4.7.1. Using Guest Properties to Wait on VM Events

The properties /VirtualBox/HostInfo/VBoxVer, /VirtualBox/HostInfo/VBoxVerExt or /VirtualBox/HostInfo/VBoxRev can be waited on to detect that the VM state was restored from saved state or snapshot:

$ VBoxControl guestproperty wait /VirtualBox/HostInfo/VBoxVer

Similarly the /VirtualBox/HostInfo/ResumeCounter can be used to detect that a VM was resumed from the paused state or saved state.

4.8. Guest Control File Manager

The Guest Control File Manager is a feature of the Guest Additions that enables easy copying and moving of files between a guest and the host system. Other file management operations provide support to create new folders and to rename or delete files.

Figure 4.3. Guest Control File Manager

Guest Control File Manager

The Guest Control File Manager works by mounting the host file system. Guest users must authenticate and create a guest session before they can transfer files.

4.8.1. Using the Guest Control File Manager

The following steps describe how to use the Guest Control File Manager.

  1. Open the Guest Control File Manager.

    In the guest VM, select Machine, File Manager.

    The left pane shows the files on the host system.

  2. Create a guest session.

    At the bottom of the Guest Control File Manager, enter authentication credentials for a user on the guest system.

    Click Create Session.

    The contents of the guest VM file system appears in the right pane of the Guest Control File Manager.

  3. Transfer files between the guest and the host system by using the move and copy file transfer icons.

    You can copy and move files from a guest to the host system or from the host system to the guest.

  4. Close the Guest Control File Manager.

    Click Close to end the guest session.

4.9. Guest Control of Applications

The Guest Additions enable starting of applications inside a VM from the host system.

For this to work, the application needs to be installed inside the guest. No additional software needs to be installed on the host. Additionally, text mode output to stdout and stderr can be shown on the host for further processing. There are options to specify user credentials and a timeout value, in milliseconds, to limit the time the application is able to run.

This feature can be used to automate deployment of software within the guest.

The Guest Additions for Windows allow for automatic updating. This applies for already installed Guest Additions version 4.0 or later. Also, copying files from host to the guest as well as remotely creating guest directories is available.

To use these features, use the Oracle VM VirtualBox command line. See Section 8.35, “VBoxManage guestcontrol”.

4.10. Memory Overcommitment

In server environments with many VMs, the Guest Additions can be used to share physical host memory between several VMs. This reduces the total amount of memory in use by the VMs. If memory usage is the limiting factor and CPU resources are still available, this can help with running more VMs on each host.

4.10.1. Memory Ballooning

The Guest Additions can change the amount of host memory that a VM uses, while the machine is running. Because of how this is implemented, this feature is called memory ballooning.

Note

  • Oracle VM VirtualBox supports memory ballooning only on 64-bit hosts. It is not supported on Mac OS X hosts.

  • Memory ballooning does not work with large pages enabled. To turn off large pages support for a VM, run VBoxManage modifyvm <VM name> --largepages off

Normally, to change the amount of memory allocated to a virtual machine, you have to shut down the virtual machine entirely and modify its settings. With memory ballooning, memory that was allocated for a virtual machine can be given to another virtual machine without having to shut the machine down.

When memory ballooning is requested, the Oracle VM VirtualBox Guest Additions, which run inside the guest, allocate physical memory from the guest operating system on the kernel level and lock this memory down in the guest. This ensures that the guest will not use that memory any longer. No guest applications can allocate it, and the guest kernel will not use it either. Oracle VM VirtualBox can then reuse this memory and give it to another virtual machine.

The memory made available through the ballooning mechanism is only available for reuse by Oracle VM VirtualBox. It is not returned as free memory to the host. Requesting balloon memory from a running guest will therefore not increase the amount of free, unallocated memory on the host. Effectively, memory ballooning is therefore a memory overcommitment mechanism for multiple virtual machines while they are running. This can be useful to temporarily start another machine, or in more complicated environments, for sophisticated memory management of many virtual machines that may be running in parallel depending on how memory is used by the guests.

At this time, memory ballooning is only supported through VBoxManage. Use the following command to increase or decrease the size of the memory balloon within a running virtual machine that has Guest Additions installed:

VBoxManage controlvm "VM name" guestmemoryballoon n

where VM name is the name or UUID of the virtual machine in question and n is the amount of memory to allocate from the guest in megabytes. See Section 8.14, “VBoxManage controlvm”.

You can also set a default balloon that will automatically be requested from the VM every time after it has started up with the following command:

VBoxManage modifyvm "VM name" --guestmemoryballoon n

By default, no balloon memory is allocated. This is a VM setting, like other modifyvm settings, and therefore can only be set while the machine is shut down. See Section 8.8, “VBoxManage modifyvm”.

4.10.2. Page Fusion

Whereas memory ballooning simply reduces the amount of RAM that is available to a VM, Page Fusion works differently. It avoids memory duplication between several similar running VMs.

In a server environment running several similar VMs on the same host, lots of memory pages are identical. For example, if the VMs are using identical operating systems. Oracle VM VirtualBox's Page Fusion technology can efficiently identify these identical memory pages and share them between multiple VMs.

Note

Oracle VM VirtualBox supports Page Fusion only on 64-bit hosts, and it is not supported on Mac OS X hosts. Page Fusion currently works only with Windows 2000 and later guests.

The more similar the VMs on a given host are, the more efficiently Page Fusion can reduce the amount of host memory that is in use. It therefore works best if all VMs on a host run identical operating systems, such as Windows XP Service Pack 2. Instead of having a complete copy of each operating system in each VM, Page Fusion identifies the identical memory pages in use by these operating systems and eliminates the duplicates, sharing host memory between several machines. This is called deduplication. If a VM tries to modify a page that has been shared with other VMs, a new page is allocated again for that VM with a copy of the shared page. This is called copy on write. All this is fully transparent to the virtual machine.

You may be familiar with this kind of memory overcommitment from other hypervisor products, which call this feature page sharing or same page merging. However, Page Fusion differs significantly from those other solutions, whose approaches have several drawbacks:

  • Traditional hypervisors scan all guest memory and compute checksums, also called hashes, for every single memory page. Then, they look for pages with identical hashes and compare the entire content of those pages. If two pages produce the same hash, it is very likely that the pages are identical in content. This process can take rather long, especially if the system is not idling. As a result, the additional memory only becomes available after a significant amount of time, such as hours or sometimes days. Even worse, this kind of page sharing algorithm generally consumes significant CPU resources and increases the virtualization overhead by 10 to 20%.

    Page Fusion in Oracle VM VirtualBox uses logic in the Oracle VM VirtualBox Guest Additions to quickly identify memory cells that are most likely identical across VMs. It can therefore achieve most of the possible savings of page sharing almost immediately and with almost no overhead.

  • Page Fusion is also much less likely to be confused by identical memory that it will eliminate, just to learn seconds later that the memory will now change and having to perform a highly expensive and often service-disrupting reallocation.

At this time, Page Fusion can only be controlled with VBoxManage, and only while a VM is shut down. To enable Page Fusion for a VM, use the following command:

VBoxManage modifyvm "VM name" --pagefusion on

You can observe Page Fusion operation using some metrics. RAM/VMM/Shared shows the total amount of fused pages, whereas the per-VM metric Guest/RAM/Usage/Shared will return the amount of fused memory for a given VM. See Section 8.36, “VBoxManage metrics” for information on how to query metrics.

Note

Enabling Page Fusion might indirectly increase the chances for malicious guests to successfully attack other VMs running on the same host. See Section 13.3.4, “Potentially Insecure Operations”.

Chapter 5. Virtual Storage

As the virtual machine will most probably expect to see a hard disk built into its virtual computer, Oracle VM VirtualBox must be able to present real storage to the guest as a virtual hard disk. There are presently three methods by which to achieve this:

Each such virtual storage device, such as an image file, iSCSI target, or physical hard disk, needs to be connected to the virtual hard disk controller that Oracle VM VirtualBox presents to a virtual machine. This is explained in the next section.

5.1. Hard Disk Controllers: IDE, SATA (AHCI), SCSI, SAS, USB MSD, NVMe

In a real PC, hard disks and CD/DVD drives are connected to a device called hard disk controller which drives hard disk operation and data transfers. Oracle VM VirtualBox can emulate the five most common types of hard disk controllers typically found in today's PCs: IDE, SATA (AHCI), SCSI, SAS, USB-based, and NVMe mass storage devices.

  • IDE (ATA) controllers are a backwards compatible yet very advanced extension of the disk controller in the IBM PC/AT (1984). Initially, this interface worked only with hard disks, but was later extended to also support CD-ROM drives and other types of removable media. In physical PCs, this standard uses flat ribbon parallel cables with 40 or 80 wires. Each such cable can connect two devices to a controller, which have traditionally been called master and slave. Typical PCs had two connectors for such cables. As a result, support for up to four IDE devices was most common.

    In Oracle VM VirtualBox, each virtual machine may have one IDE controller enabled, which gives you up to four virtual storage devices that you can attach to the machine. By default, one of these virtual storage devices, the secondary master, is preconfigured to be the virtual machine's virtual CD/DVD drive. However, you can change the default setting.

    Even if your guest OS has no support for SCSI or SATA devices, it should always be able to see an IDE controller.

    You can also select which exact type of IDE controller hardware Oracle VM VirtualBox should present to the virtual machine: PIIX3, PIIX4, or ICH6. This makes no difference in terms of performance, but if you import a virtual machine from another virtualization product, the OS in that machine may expect a particular controller type and crash if it is not found.

    After you have created a new virtual machine with the New Virtual Machine wizard of the graphical user interface, you will typically see one IDE controller in the machine's Storage settings. The virtual CD/DVD drive will be attached to one of the four ports of this controller.

  • Serial ATA (SATA) is a newer standard introduced in 2003. Compared to IDE, it supports both much higher speeds and more devices per controller. Also, with physical hardware, devices can be added and removed while the system is running. The standard interface for SATA controllers is called Advanced Host Controller Interface (AHCI).

    Like a real SATA controller, Oracle VM VirtualBox's virtual SATA controller operates faster and also consumes fewer CPU resources than the virtual IDE controller. Also, this enables you to connect up to 30 virtual hard disks to one machine instead of just three, when compared to the Oracle VM VirtualBox IDE controller with a DVD drive attached.

    For this reason, depending on the selected guest OS, Oracle VM VirtualBox uses SATA as the default for newly created virtual machines. One virtual SATA controller is created by default, and the default disk that is created with a new VM is attached to this controller.

    Warning

    The entire SATA controller and the virtual disks attached to it, including those in IDE compatibility mode, will not be seen by OSes that do not have device support for AHCI. In particular, there is no support for AHCI in Windows before Windows Vista. So Windows XP, even SP3, will not see such disks unless you install additional drivers. It is possible to switch from IDE to SATA after installation by installing the SATA drivers and changing the controller type in the VM Settings dialog.

    Oracle VM VirtualBox recommends the Intel Matrix Storage drivers, which can be downloaded from http://downloadcenter.intel.com/Product_Filter.aspx?ProductID=2101.

    To add a SATA controller to a machine for which it has not been enabled by default, either because it was created by an earlier version of Oracle VM VirtualBox, or because SATA is not supported by default by the selected guest OS, do the following. Go to the Storage page of the machine's Settings dialog, click Add Controller under the Storage Tree box and then select Add SATA Controller. The new controller appears as a separate PCI device in the virtual machine, and you can add virtual disks to it.

    To change the IDE compatibility mode settings for the SATA controller, see Section 8.20, “VBoxManage storagectl”.

  • SCSI is another established industry standard, standing for Small Computer System Interface. SCSI was standardized as early as 1986 as a generic interface for data transfer between all kinds of devices, including storage devices. Today SCSI is still used for connecting hard disks and tape devices, but it has mostly been displaced in commodity hardware. It is still in common use in high-performance workstations and servers.

    Primarily for compatibility with other virtualization software, Oracle VM VirtualBox optionally supports LSI Logic and BusLogic SCSI controllers, to each of which up to 15 virtual hard disks can be attached.

    To enable a SCSI controller, on the Storage page of a virtual machine's Settings dialog, click Add Controller under the Storage Tree box and then select Add SCSI Controller. The new controller appears as a separate PCI device in the virtual machine.

    Warning

    As with the other controller types, a SCSI controller will only be seen by OSes with device support for it. Windows 2003 and later ships with drivers for the LSI Logic controller, while Windows NT 4.0 and Windows 2000 ships with drivers for the BusLogic controller. Windows XP ships with drivers for neither.

  • Serial Attached SCSI (SAS) is another bus standard which uses the SCSI command set. As opposed to SCSI, however, with physical devices, serial cables are used instead of parallel ones, which simplifies physical device connections. In some ways, therefore, SAS is to SCSI what SATA is to IDE: it enables more reliable and faster connections.

    To support high-end guests which require SAS controllers, Oracle VM VirtualBox emulates a LSI Logic SAS controller, which can be enabled much the same way as a SCSI controller. At this time, up to eight devices can be connected to the SAS controller.

    Warning

    As with SATA, the SAS controller will only be seen by OSes with device support for it. In particular, there is no support for SAS in Windows before Windows Vista. So Windows XP, even SP3, will not see such disks unless you install additional drivers.

  • The USB mass storage device class is a standard to connect external storage devices like hard disks or flash drives to a host through USB. All major OSes support these devices for a long time and ship generic drivers making third-party drivers superfluous. In particular, legacy OSes without support for SATA controllers may benefit from USB mass storage devices.

    The virtual USB storage controller offered by Oracle VM VirtualBox works differently to the other storage controller types. While most storage controllers appear as a single PCI device to the guest with multiple disks attached to it, the USB-based storage controller does not appear as virtual storage controller. Each disk attached to the controller appears as a dedicated USB device to the guest.

    Warning

    Booting from drives attached using USB is only supported when EFI is used as the BIOS lacks USB support.

  • Non volatile memory express (NVMe) is a standard which emerged in 2011 for connecting non volatile memory (NVM) directly over PCI express to lift the bandwidth limitation of the previously used SATA protocol for SSDs. Unlike other standards the command set is very simple to achieve maximum throughput and is not compatible with ATA or SCSI. OSes need to support NVMe devices to make use of them. For example, Windows 8.1 added native NVMe support. For Windows 7, native support was added with an update.

    The NVMe controller is part of the extension pack.

    Warning

    Booting from drives attached using NVMe is only supported when EFI is used as the BIOS lacks the appropriate driver.

In summary, Oracle VM VirtualBox gives you the following categories of virtual storage slots:

  • Four slots attached to the traditional IDE controller, which are always present. One of these is typically a virtual CD/DVD drive.

  • 30 slots attached to the SATA controller, if enabled and supported by the guest OS.

  • 15 slots attached to the SCSI controller, if enabled and supported by the guest OS.

  • Eight slots attached to the SAS controller, if enabled and supported by the guest OS.

  • Eight slots attached to the virtual USB controller, if enabled and supported by the guest OS.

  • Up to 255 slots attached to the NVMe controller, if enabled and supported by the guest OS.

Given this large choice of storage controllers, you may not know which one to choose. In general, you should avoid IDE unless it is the only controller supported by your guest. Whether you use SATA, SCSI, or SAS does not make any real difference. The variety of controllers is only supplied by Oracle VM VirtualBox for compatibility with existing hardware and other hypervisors.

5.2. Disk Image Files (VDI, VMDK, VHD, HDD)

Disk image files reside on the host system and are seen by the guest systems as hard disks of a certain geometry. When a guest OS reads from or writes to a hard disk, Oracle VM VirtualBox redirects the request to the image file.

Like a physical disk, a virtual disk has a size, or capacity, which must be specified when the image file is created. As opposed to a physical disk however, Oracle VM VirtualBox enables you to expand an image file after creation, even if it has data already. See Section 8.24, “VBoxManage modifymedium”.

Oracle VM VirtualBox supports the following types of disk image files:

  • VDI. Normally, Oracle VM VirtualBox uses its own container format for guest hard disks. This is called a Virtual Disk Image (VDI) file. This format is used when you create a new virtual machine with a new disk.

  • VMDK. Oracle VM VirtualBox also fully supports the popular and open VMDK container format that is used by many other virtualization products, such as VMware.

  • VHD. Oracle VM VirtualBox also fully supports the VHD format used by Microsoft.

  • HDD. Image files of Parallels version 2 (HDD format) are also supported.

    Due to lack of documentation of the format, newer versions such as 3 and 4 are not supported. You can however convert such image files to version 2 format using tools provided by Parallels.

Irrespective of the disk capacity and format, as mentioned in Section 1.8, “Creating Your First Virtual Machine”, there are two options for creating a disk image: fixed-size or dynamically allocated.

  • Fixed-size. If you create a fixed-size image, an image file will be created on your host system which has roughly the same size as the virtual disk's capacity. So, for a 10 GB disk, you will have a 10 GB file. Note that the creation of a fixed-size image can take a long time depending on the size of the image and the write performance of your hard disk.

  • Dynamically allocated. For more flexible storage management, use a dynamically allocated image. This will initially be very small and not occupy any space for unused virtual disk sectors, but will grow every time a disk sector is written to for the first time, until the drive reaches the maximum capacity chosen when the drive was created. While this format takes less space initially, the fact that Oracle VM VirtualBox needs to expand the image file consumes additional computing resources, so until the disk file size has stabilized, write operations may be slower than with fixed size disks. However, after a time the rate of growth will slow and the average penalty for write operations will be negligible.

5.3. The Virtual Media Manager

Oracle VM VirtualBox keeps track of all the hard disk, CD/DVD-ROM, and floppy disk images which are in use by virtual machines. These are often referred to as known media and come from two sources:

The known media can be viewed and changed using the Virtual Media Manager, which you can access from the File menu in the VirtualBox Manager window.

Figure 5.1. The Virtual Media Manager

The Virtual Media Manager

The known media are conveniently grouped in separate tabs for the supported formats. These formats are:

For each image, the Virtual Media Manager shows you the full path of the image file and other information, such as the virtual machine the image is currently attached to.

The Virtual Media Manager enables you to do the following:

  • Add an image to the registry.

  • Copy a virtual hard disk to create another one.

    You can specify one of the following target types: VDI, VHD, or VMDK.

  • Move an image that is currently in the registry to another location.

    A file dialog prompts you for the new image file location.

    When you use the Virtual Media Manager to move a disk image, Oracle VM VirtualBox updates all related configuration files automatically.

    Note

    Always use the Virtual Media Manager or the VBoxManage modifymedium command to move a disk image.

    If you use a file management feature of the host OS to move a disk image to a new location, run the VBoxManage modifymedium --setlocation command to configure the new path of the disk image on the host file system. This command updates the Oracle VM VirtualBox configuration automatically.

  • Remove an image from the registry. You can optionally delete the image file when removing the image.

  • Release an image to detach it from a VM. This action only applies if the image is currently attached to a VM as a virtual hard disk.

  • View and edit the Properties of a disk image.

    Available properties include the following:

    • Type: Specifies the snapshot behavior of the disk. See Section 5.4, “Special Image Write Modes”.

    • Location: Specifies the location of the disk image file on the host system. You can use a file dialog to browse for the disk image location.

    • Description: Specifies a short description of the disk image.

    • Size: Specifies the size of the disk image. You can use the slider to increase or decrease the disk image size.

    • Information: Specifies detailed information about the disk image.

  • Refresh the property values of the selected disk image.

To perform these actions, highlight the medium in the Virtual Media Manager and then do one of the following:

  • Click an icon in the Virtual Media Manager task bar.

  • Right-click the medium and select an option.

Use the Storage page in a VM's Settings dialog to create a new disk image. By default, disk images are stored in the VM's folder.

You can copy hard disk image files to other host systems and import them in to VMs from the host system. However, certain guest OSes, such as Windows 2000 and Windows XP, require that you configure the new VM in a similar way to the old one.

Note

Do not simply make copies of virtual disk images. If you import such a second copy into a VM, Oracle VM VirtualBox issues an error because Oracle VM VirtualBox assigns a universally unique identifier (UUID) to each disk image to ensure that it is only used one time. See Section 5.6, “Cloning Disk Images”. Also, if you want to copy a VM to another system, use the Oracle VM VirtualBox import and export features. See Section 1.15, “Importing and Exporting Virtual Machines”.

5.4. Special Image Write Modes

For each virtual disk image supported by Oracle VM VirtualBox, you can determine separately how it should be affected by write operations from a virtual machine and snapshot operations. This applies to all of the aforementioned image formats (VDI, VMDK, VHD, or HDD) and irrespective of whether an image is fixed-size or dynamically allocated.

By default, images are in normal mode. To mark an existing image with one of the non-standard modes listed below, use VBoxManage modifyhd. See Section 8.24, “VBoxManage modifymedium”. Alternatively, use VBoxManage to attach the image to a VM and use the --mtype argument. See Section 8.19, “VBoxManage storageattach”.

The available virtual disk image modes are as follows:

  • Normal images have no restrictions on how guests can read from and write to the disk. This is the default image mode.

    When you take a snapshot of your virtual machine as described in Section 1.11, “Snapshots”, the state of a normal hard disk is recorded together with the snapshot, and when reverting to the snapshot, its state will be fully reset.

    The image file itself is not reset. Instead, when a snapshot is taken, Oracle VM VirtualBox "freezes" the image file and no longer writes to it. For the write operations from the VM, a second, differencing image file is created which receives only the changes to the original image. See Section 5.5, “Differencing Images”.

    While you can attach the same normal image to more than one virtual machine, only one of these virtual machines attached to the same image file can be executed simultaneously, as otherwise there would be conflicts if several machines write to the same image file.

  • Write-through hard disks are completely unaffected by snapshots. Their state is not saved when a snapshot is taken, and not restored when a snapshot is restored.

  • Shareable hard disks are a variant of write-through hard disks. In principle they behave exactly the same. Their state is not saved when a snapshot is taken, and not restored when a snapshot is restored. The difference only shows if you attach such disks to several VMs. Shareable disks may be attached to several VMs which may run concurrently. This makes them suitable for use by cluster filesystems between VMs and similar applications which are explicitly prepared to access a disk concurrently. Only fixed size images can be used in this way, and dynamically allocated images are rejected.

    Warning

    This is an expert feature, and misuse can lead to data loss, as regular filesystems are not prepared to handle simultaneous changes by several parties.

  • Immutable images only remember write accesses temporarily while the virtual machine is running. All changes are lost when the virtual machine is powered on the next time. As a result, as opposed to Normal images, the same immutable image can be used with several virtual machines without restrictions.

    Creating an immutable image makes little sense since it would be initially empty and lose its contents with every machine restart. You would have a disk that is always unformatted when the machine starts up. Instead, you can first create a normal image and then later mark it as immutable when you decide that the contents are useful.

    If you take a snapshot of a machine with immutable images, then on every machine power-up, those images are reset to the state of the last (current) snapshot, instead of the state of the original immutable image.

    Note

    As a special exception, immutable images are not reset if they are attached to a machine in a saved state or whose last snapshot was taken while the machine was running. This is called an online snapshot. As a result, if the machine's current snapshot is an online snapshot, its immutable images behave exactly like the a normal image. To reenable the automatic resetting of such images, delete the current snapshot of the machine.

    Oracle VM VirtualBox never writes to an immutable image directly at all. All write operations from the machine are directed to a differencing image. The next time the VM is powered on, the differencing image is reset so that every time the VM starts, its immutable images have exactly the same content.

    The differencing image is only reset when the machine is powered on from within Oracle VM VirtualBox, not when you reboot by requesting a reboot from within the machine. This is also why immutable images behave as described above when snapshots are also present, which use differencing images as well.

    If the automatic discarding of the differencing image on VM startup does not fit your needs, you can turn it off using the autoreset parameter of VBoxManage modifyhd. See Section 8.24, “VBoxManage modifymedium”.

  • Multiattach mode images can be attached to more than one virtual machine at the same time, even if these machines are running simultaneously. For each virtual machine to which such an image is attached, a differencing image is created. As a result, data that is written to such a virtual disk by one machine is not seen by the other machines to which the image is attached. Each machine creates its own write history of the multiattach image.

    Technically, a multiattach image behaves identically to an immutable image except the differencing image is not reset every time the machine starts.

    This mode is useful for sharing files which are almost never written, for instance picture galleries, where every guest changes only a small amount of data and the majority of the disk content remains unchanged. The modified blocks are stored in differencing images which remain relatively small and the shared content is stored only once at the host.

  • Read-only images are used automatically for CD/DVD images, since CDs/DVDs can never be written to.

The following scenario illustrates the differences between the various image modes, with respect to snapshots.

Assume you have installed your guest OS in your VM, and you have taken a snapshot. Later, your VM is infected with a virus and you would like to go back to the snapshot. With a normal hard disk image, you simply restore the snapshot, and the earlier state of your hard disk image will be restored as well and your virus infection will be undone. With an immutable hard disk, all it takes is to shut down and power on your VM, and the virus infection will be discarded. With a write-through image however, you cannot easily undo the virus infection by means of virtualization, but will have to disinfect your virtual machine like a real computer.

You might find write-through images useful if you want to preserve critical data irrespective of snapshots. As you can attach more than one image to a VM, you may want to have one immutable image for the OS and one write-through image for your data files.

5.5. Differencing Images

The previous section mentioned differencing images and how they are used with snapshots, immutable images, and multiple disk attachments. This section describes in more detail how differencing images work.

A differencing image is a special disk image that only holds the differences to another image. A differencing image by itself is useless, it must always refer to another image. The differencing image is then typically referred to as a child, which holds the differences to its parent.

When a differencing image is active, it receives all write operations from the virtual machine instead of its parent. The differencing image only contains the sectors of the virtual hard disk that have changed since the differencing image was created. When the machine reads a sector from such a virtual hard disk, it looks into the differencing image first. If the sector is present, it is returned from there. If not, Oracle VM VirtualBox looks into the parent. In other words, the parent becomes read-only. It is never written to again, but it is read from if a sector has not changed.

Differencing images can be chained. If another differencing image is created for a virtual disk that already has a differencing image, then it becomes a grandchild of the original parent. The first differencing image then becomes read-only as well, and write operations only go to the second-level differencing image. When reading from the virtual disk, Oracle VM VirtualBox needs to look into the second differencing image first, then into the first if the sector was not found, and then into the original image.

There can be an unlimited number of differencing images, and each image can have more than one child. As a result, the differencing images can form a complex tree with parents, siblings, and children, depending on how complex your machine configuration is. Write operations always go to the one active differencing image that is attached to the machine, and for read operations, Oracle VM VirtualBox may need to look up all the parents in the chain until the sector in question is found. You can view such a tree in the Virtual Media Manager.

Figure 5.2. Differencing Images, Shown in Virtual Media Manager

Differencing Images, Shown in Virtual Media Manager

In all of these situations, from the point of view of the virtual machine, the virtual hard disk behaves like any other disk. While the virtual machine is running, there is a slight run-time I/O overhead because Oracle VM VirtualBox might need to look up sectors several times. This is not noticeable however since the tables with sector information are always kept in memory and can be looked up quickly.

Differencing images are used in the following situations:

  • Snapshots. When you create a snapshot, as explained in the previous section, Oracle VM VirtualBox "freezes" the images attached to the virtual machine and creates differencing images for each image that is not in "write-through" mode. From the point of view of the virtual machine, the virtual disks continue to operate before, but all write operations go into the differencing images. Each time you create another snapshot, for each hard disk attachment, another differencing image is created and attached, forming a chain or tree.

    In the above screenshot, you see that the original disk image is now attached to a snapshot, representing the state of the disk when the snapshot was taken.

    If you restore a snapshot, and want to go back to the exact machine state that was stored in the snapshot, the following happens:

    • Oracle VM VirtualBox copies the virtual machine settings that were copied into the snapshot back to the virtual machine. As a result, if you have made changes to the machine configuration since taking the snapshot, they are undone.

    • If the snapshot was taken while the machine was running, it contains a saved machine state, and that state is restored as well. After restoring the snapshot, the machine will then be in Saved state and resume execution from there when it is next started. Otherwise the machine will be in Powered Off state and do a full boot.

    • For each disk image attached to the machine, the differencing image holding all the write operations since the current snapshot was taken is thrown away, and the original parent image is made active again. If you restored the root snapshot, then this will be the root disk image for each attachment. Otherwise, some other differencing image descended from it. This effectively restores the old machine state.

    If you later delete a snapshot in order to free disk space, for each disk attachment, one of the differencing images becomes obsolete. In this case, the differencing image of the disk attachment cannot simply be deleted. Instead, Oracle VM VirtualBox needs to look at each sector of the differencing image and needs to copy it back into its parent. This is called "merging" images and can be a potentially lengthy process, depending on how large the differencing image is. It can also temporarily need a considerable amount of extra disk space, before the differencing image obsoleted by the merge operation is deleted.

  • Immutable images. When an image is switched to immutable mode, a differencing image is created as well. As with snapshots, the parent image then becomes read-only, and the differencing image receives all the write operations. Every time the virtual machine is started, all the immutable images which are attached to it have their respective differencing image thrown away, effectively resetting the virtual machine's virtual disk with every restart.

5.6. Cloning Disk Images

You can duplicate hard disk image files on the same host to quickly produce a second virtual machine with the same OS setup. However, you should only make copies of virtual disk images using the utility supplied with Oracle VM VirtualBox. See Section 8.25, “VBoxManage clonemedium”. This is because Oracle VM VirtualBox assigns a UUID to each disk image, which is also stored inside the image, and Oracle VM VirtualBox will refuse to work with two images that use the same number. If you do accidentally try to reimport a disk image which you copied normally, you can make a second copy using the VBoxManage clonevm command and import that instead.

Note that newer Linux distributions identify the boot hard disk from the ID of the drive. The ID Oracle VM VirtualBox reports for a drive is determined from the UUID of the virtual disk image. So if you clone a disk image and try to boot the copied image the guest might not be able to determine its own boot disk as the UUID changed. In this case you have to adapt the disk ID in your boot loader script, for example /boot/grub/menu.lst. The disk ID looks like the following:

scsi-SATA_VBOX_HARDDISK_VB5cfdb1e2-c251e503

The ID for the copied image can be determined as follows:

hdparm -i /dev/sda

5.7. Host Input/Output Caching

Oracle VM VirtualBox can optionally disable the I/O caching that the host OS would otherwise perform on disk image files.

Traditionally, Oracle VM VirtualBox has opened disk image files as normal files, which results in them being cached by the host OS like any other file. The main advantage of this is speed: when the guest OS writes to disk and the host OS cache uses delayed writing, the write operation can be reported as completed to the guest OS quickly while the host OS can perform the operation asynchronously. Also, when you start a VM a second time and have enough memory available for the OS to use for caching, large parts of the virtual disk may be in system memory, and the VM can access the data much faster.

Note that this applies only to image files. Buffering does not occur for virtual disks residing on remote iSCSI storage, which is the more common scenario in enterprise-class setups. See Section 5.10, “iSCSI Servers”.

While buffering is a useful default setting for virtualizing a few machines on a desktop computer, there are some disadvantages to this approach:

  • Delayed writing through the host OS cache is less secure. When the guest OS writes data, it considers the data written even though it has not yet arrived on a physical disk. If for some reason the write does not happen, such as power failure or host crash, the likelihood of data loss increases.

  • Disk image files tend to be very large. Caching them can therefore quickly use up the entire host OS cache. Depending on the efficiency of the host OS caching, this may slow down the host immensely, especially if several VMs run at the same time. For example, on Linux hosts, host caching may result in Linux delaying all writes until the host cache is nearly full and then writing out all these changes at once, possibly stalling VM execution for minutes. This can result in I/O errors in the guest as I/O requests time out there.

  • Physical memory is often wasted as guest OSes typically have their own I/O caches, which may result in the data being cached twice, in both the guest and the host caches, for little effect.

If you decide to disable host I/O caching for the above reasons, Oracle VM VirtualBox uses its own small cache to buffer writes, but no read caching since this is typically already performed by the guest OS. In addition, Oracle VM VirtualBox fully supports asynchronous I/O for its virtual SATA, SCSI, and SAS controllers through multiple I/O threads.

Since asynchronous I/O is not supported by IDE controllers, for performance reasons, you may want to leave host caching enabled for your VM's virtual IDE controllers.

For this reason, Oracle VM VirtualBox enables you to configure whether the host I/O cache is used for each I/O controller separately. Either select the Use Host I/O Cache check box in the Storage settings for a given virtual storage controller, or use the following VBoxManage command to disable the host I/O cache for a virtual storage controller:

VBoxManage storagectl "VM name" --name <controllername> --hostiocache off

See Section 8.20, “VBoxManage storagectl”.

For the above reasons, Oracle VM VirtualBox now uses SATA controllers by default for new virtual machines.

5.8. Limiting Bandwidth for Disk Images

Oracle VM VirtualBox supports limiting of the maximum bandwidth used for asynchronous I/O. Additionally it supports sharing limits through bandwidth groups for several images. It is possible to have more than one such limit.

Limits are configured using VBoxManage. The example below creates a bandwidth group named Limit, sets the limit to 20 MB per second, and assigns the group to the attached disks of the VM:

VBoxManage bandwidthctl "VM name" add Limit --type disk --limit 20M
VBoxManage storageattach "VM name" --storagectl "SATA" --port 0 --device 0 --type hdd
                                   --medium disk1.vdi --bandwidthgroup Limit
VBoxManage storageattach "VM name" --storagectl "SATA" --port 1 --device 0 --type hdd
                                   --medium disk2.vdi --bandwidthgroup Limit

All disks in a group share the bandwidth limit, meaning that in the example above the bandwidth of both images combined can never exceed 20 MBps. However, if one disk does not require bandwidth the other can use the remaining bandwidth of its group.

The limits for each group can be changed while the VM is running, with changes being picked up immediately. The example below changes the limit for the group created in the example above to 10 MBps:

VBoxManage bandwidthctl "VM name" set Limit --limit 10M

5.9. CD/DVD Support

Virtual CD/DVD drives by default support only reading. The medium configuration is changeable at runtime. You can select between the following options to provide the medium data:

  • Host Drive defines that the guest can read from the medium in the host drive.

  • Image file gives the guest read-only access to the data in the image. This is typically an ISO file.

  • Empty means a drive without an inserted medium.

Changing between the above, or changing a medium in the host drive that is accessed by a machine, or changing an image file will signal a medium change to the guest OS. The guest OS can then react to the change, for example by starting an installation program.

Medium changes can be prevented by the guest, and Oracle VM VirtualBox reflects that by locking the host drive if appropriate. You can force a medium removal in such situations by using the Oracle VM VirtualBox GUI or the VBoxManage command line tool. Effectively this is the equivalent of the emergency eject which many CD/DVD drives provide, with all associated side effects. The guest OS can issue error messages, just like on real hardware, and guest applications may misbehave. Use this with caution.

Note

The identification string of the drive provided to the guest, displayed by configuration tools such as the Windows Device Manager, is always VBOX CD-ROM, irrespective of the current configuration of the virtual drive. This is to prevent hardware detection from being triggered in the guest OS every time the configuration is changed.

The standard CD/DVD emulation enables reading of standard data CD and DVD formats only. As an experimental feature, for additional capabilities, it is possible to give the guest direct access to the CD/DVD host drive by enabling passthrough mode. Depending on the host hardware, this may potentially enable the following things to work:

  • CD/DVD writing from within the guest, if the host DVD drive is a CD/DVD writer

  • Playing audio CDs

  • Playing encrypted DVDs

There is a Passthrough check box in the GUI dialog for configuring the media attached to a storage controller, or you can use the --passthrough option with VBoxManage storageattach. See Section 8.19, “VBoxManage storageattach”.

Even if passthrough is enabled, unsafe commands, such as updating the drive firmware, will be blocked. Video CD formats are never supported, not even in passthrough mode, and cannot be played from a virtual machine.

On Oracle Solaris hosts, passthrough requires running Oracle VM VirtualBox with real root permissions due to security measures enforced by the host.

5.10. iSCSI Servers

iSCSI stands for "Internet SCSI" and is a standard that supports use of the SCSI protocol over Internet (TCP/IP) connections. Especially with the advent of Gigabit Ethernet, it has become affordable to attach iSCSI storage servers simply as remote hard disks to a computer network. In iSCSI terminology, the server providing storage resources is called an iSCSI target, while the client connecting to the server and accessing its resources is called an iSCSI initiator.

Oracle VM VirtualBox can transparently present iSCSI remote storage to a virtual machine as a virtual hard disk. The guest OS will not see any difference between a virtual disk image (VDI file) and an iSCSI target. To achieve this, Oracle VM VirtualBox has an integrated iSCSI initiator.

Oracle VM VirtualBox's iSCSI support has been developed according to the iSCSI standard and should work with all standard-conforming iSCSI targets. To use an iSCSI target with Oracle VM VirtualBox, you must use the command line. See Section 8.19, “VBoxManage storageattach”.

5.11. vboximg-mount: A Utility for FUSE Mounting a Virtual Disk Image

vboximg-mount is a command line utility for Mac OS X hosts that provides raw access to an Oracle VM VirtualBox virtual disk image on the host system. Use this utility to mount, view, and optionally modify the disk image contents.

The utility is based on Filesystem in Userspace (FUSE) technology and uses the VirtualBox runtime engine. Ensure that Oracle VM VirtualBox is running on the host system.

Note

When using vboximg-mount, ensure that the following conditions apply:

  • The disk image is not being used by any other systems, such as by guest VMs.

  • No VMs are running on the host system.

Raw access using FUSE is preferred over direct loopback mounting of virtual disk images, because it is snapshot aware. It can selectively merge disk differencing images in an exposed virtual hard disk, providing historical or up-to-date representations of the virtual disk contents.

vboximg-mount enables you to view information about registered VMs, their attached disk media, and any snapshots. Also, you can view partition information for a disk image.

Use the --help option to view information about the vboximg-mount command usage.

When vboximg-mount mounts an Oracle VM VirtualBox disk image, it creates a one level deep file system at a mount point that you specify. The file system includes a device node that represents the synthesized disk image as a readable or readable-writeable bytestream. This bytestream can be mounted either by using the host OS or by using other FUSE-based file systems.

5.11.1. Viewing Detailed Information About a Virtual Disk Image

The following examples show how to use the vboximg-mount command to view information about virtual disk images.

The following command outputs detailed information about all registered VMs and associated snapshots:

$ vboximg-mount --list --verbose

    ------------------------------------------------------
    VM Name:   "macOS High Sierra 10.13"
    UUID:      3887d96d-831c-4187-a55a-567c504ff0e1
    Location:  /Volumes/work/vm_guests/macOS High Sierra 10.13/macOS High Sierra 10.13.vbox
       -----------------------
       HDD base:   "macOS High Sierra 10.13.vdi"
       UUID:       f9ea7173-6869-4aa9-b487-68023a655980
       Location:   /Volumes/work/vm_guests/macOS High Sierra 10.13/macOS High Sierra 10.13.vdi

         Diff 1:
              UUID:       98c2bac9-cf37-443d-a935-4e879b70166d
              Location:   /Volumes/work/vm_guests/macOS High Sierra 10.13/
              Snapshots/{98c2bac9-cf37-443d-a935-4e879b70166d}.vdi
         Diff 2:
              UUID:       f401f381-7377-40b3-948e-3c61241b1a42
              Location:   /Volumes/work/vm_guests/macOS High Sierra 10.13/
              Snapshots/{f401f381-7377-40b3-948e-3c61241b1a42}.vdi
       -----------------------
       HDD base:   "simple_fixed_disk.vdi"
       UUID:       ffba4d7e-1277-489d-8173-22ca7660773d
       Location:   /Volumes/work/vm_guests/macOS High Sierra 10.13/simple_fixed_disk.vdi

         Diff 1:
              UUID:       aecab681-0d2d-468b-8682-93f79dc97a48
              Location:   /Volumes/work/vm_guests/macOS High Sierra 10.13/
              Snapshots/{aecab681-0d2d-468b-8682-93f79dc97a48}.vdi
         Diff 2:
              UUID:       70d6b34d-8422-47fa-8521-3b6929a1971c
              Location:   /Volumes/work/vm_guests/macOS High Sierra 10.13/
              Snapshots/{70d6b34d-8422-47fa-8521-3b6929a1971c}.vdi
      ------------------------------------------------------
      VM Name:   "debian"
      UUID:      5365ab5f-470d-44c0-9863-dad532ee5905
      Location:  /Volumes/work/vm_guests/debian/debian.vbox
         -----------------------
         HDD base:   "debian.vdi"
         UUID:       96d2e92e-0d4e-46ab-a0f1-008fdbf997e7
         Location:   /Volumes/work/vm_guests/debian/ol7.vdi

            Diff 1:
                UUID:       f9cc866a-9166-42e9-a503-bbfe9b7312e8
                Location:   /Volumes/work/vm_guests/debian/Snapshots/
                {f9cc866a-9166-42e9-a503-bbfe9b7312e8}.vdi

The following command outputs partition information about the specified disk image:

$ vboximg-mount --image=f9ea7173-6869-4aa9-b487-68023a655980 --list

    Virtual disk image:

       Path: /Volumes/work/vm_guests/macOS High Sierra 10.13/macOS High Sierra 10.13.vdi
       UUID: f9ea7173-6869-4aa9-b487-68023a655980

      #     Start  Sectors     Size       Offset  Type
      1        40  409599    199.9M        20480  EFI System
      2    409640  67453071   32.1G    209735680  Hierarchical File System Plus (HFS+)
      3  67862712  1269535   107.8M  34745708544  Apple Boot (Recovery HD)

5.11.2. Mounting a Virtual Disk Image

The following steps show how to use the vboximg-mount command to mount a partition of a virtual disk image on the host OS.

  1. Create a mount point on the host OS. For example:

    $ mkdir macos_sysdisk
  2. Show partition information about the virtual disk image.

    $ vboximg-mount --image=uuid --list

    where uuid is the UUID of the disk image.

  3. Use vboximg-mount to perform a FUSE mount of a partition on the virtual disk image. For example:

    $ vboximg-mount --image=uuid -p 2 macos_sysdisk

    where uuid is the UUID for the disk image.

    In this example, partition 2 is mounted on the macos_sysdisk mount point. The mount includes all snapshots for the disk image.

  4. Use the host OS to mount the vhdd device node. The FUSE-mounted device node represents the virtual disk image.

    $ ls macos_sysdisk
       macOS High Sierra 10.13.vdi  vhdd
    $ sudo mount macos_sysdisk/vhdd /mnt

Chapter 6. Virtual Networking

As mentioned in Section 3.9, “Network Settings”, Oracle VM VirtualBox provides up to eight virtual PCI Ethernet cards for each virtual machine. For each such card, you can individually select the following:

  • The hardware that will be virtualized.

  • The virtualization mode that the virtual card operates in, with respect to your physical networking hardware on the host.

Four of the network cards can be configured in the Network section of the Settings dialog in the graphical user interface of Oracle VM VirtualBox. You can configure all eight network cards on the command line using VBoxManage modifyvm. See Section 8.8, “VBoxManage modifyvm”.

This chapter explains the various networking settings in more detail.

6.1. Virtual Networking Hardware

For each card, you can individually select what kind of hardware will be presented to the virtual machine. Oracle VM VirtualBox can virtualize the following types of networking hardware:

  • AMD PCNet PCI II (Am79C970A)

  • AMD PCNet FAST III (Am79C973), the default setting

  • Intel PRO/1000 MT Desktop (82540EM)

  • Intel PRO/1000 T Server (82543GC)

  • Intel PRO/1000 MT Server (82545EM)

  • Paravirtualized network adapter (virtio-net)

The PCNet FAST III is the default because it is supported by nearly all operating systems, as well as by the GNU GRUB boot manager. As an exception, the Intel PRO/1000 family adapters are chosen for some guest operating system types that no longer ship with drivers for the PCNet card, such as Windows Vista.

The Intel PRO/1000 MT Desktop type works with Windows Vista and later versions. The T Server variant of the Intel PRO/1000 card is recognized by Windows XP guests without additional driver installation. The MT Server variant facilitates OVF imports from other platforms.

The Paravirtualized network adapter (virtio-net) is special. If you select this adapter, then Oracle VM VirtualBox does not virtualize common networking hardware that is supported by common guest operating systems. Instead, Oracle VM VirtualBox expects a special software interface for virtualized environments to be provided by the guest, thus avoiding the complexity of emulating networking hardware and improving network performance. Oracle VM VirtualBox provides support for the industry-standard virtio networking drivers, which are part of the open source KVM project.

The virtio networking drivers are available for the following guest operating systems:

  • Linux kernels version 2.6.25 or later can be configured to provide virtio support. Some distributions have also back-ported virtio to older kernels.

  • For Windows 2000, XP, and Vista, virtio drivers can be downloaded and installed from the KVM project web page:

    http://www.linux-kvm.org/page/WindowsGuestDrivers.

Oracle VM VirtualBox also has limited support for jumbo frames. These are networking packets with more than 1500 bytes of data, provided that you use the Intel card virtualization and bridged networking. Jumbo frames are not supported with the AMD networking devices. In those cases, jumbo packets will silently be dropped for both the transmit and the receive direction. Guest operating systems trying to use this feature will observe this as a packet loss, which may lead to unexpected application behavior in the guest. This does not cause problems with guest operating systems in their default configuration, as jumbo frames need to be explicitly enabled.

6.2. Introduction to Networking Modes

Each of the networking adapters can be separately configured to operate in one of the following modes:

  • Not attached. In this mode, Oracle VM VirtualBox reports to the guest that a network card is present, but that there is no connection. This is as if no Ethernet cable was plugged into the card. Using this mode, it is possible to "pull" the virtual Ethernet cable and disrupt the connection, which can be useful to inform a guest operating system that no network connection is available and enforce a reconfiguration.

  • Network Address Translation (NAT). If all you want is to browse the Web, download files, and view email inside the guest, then this default mode should be sufficient for you, and you can skip the rest of this section. Please note that there are certain limitations when using Windows file sharing. See Section 6.3.3, “NAT Limitations”.

  • NAT Network. A NAT network is a type of internal network that allows outbound connections. See Section 6.4, “Network Address Translation Service”.

  • Bridged networking. This is for more advanced networking needs, such as network simulations and running servers in a guest. When enabled, Oracle VM VirtualBox connects to one of your installed network cards and exchanges network packets directly, circumventing your host operating system's network stack.

  • Internal networking. This can be used to create a different kind of software-based network which is visible to selected virtual machines, but not to applications running on the host or to the outside world.

  • Host-only networking. This can be used to create a network containing the host and a set of virtual machines, without the need for the host's physical network interface. Instead, a virtual network interface, similar to a loopback interface, is created on the host, providing connectivity among virtual machines and the host.

  • Generic networking. Rarely used modes which share the same generic network interface, by allowing the user to select a driver which can be included with Oracle VM VirtualBox or be distributed in an extension pack.

    The following sub-modes are available:

    • UDP Tunnel: Used to interconnect virtual machines running on different hosts directly, easily, and transparently, over an existing network infrastructure.

    • VDE (Virtual Distributed Ethernet) networking: Used to connect to a Virtual Distributed Ethernet switch on a Linux or a FreeBSD host. At the moment this option requires compilation of Oracle VM VirtualBox from sources, as the Oracle packages do not include it.

The following table provides an overview of the most important networking modes.

Table 6.1. Overview of Networking Modes

Mode

VM→Host

VM←Host

VM1↔VM2

VM→Net/LAN

VM←Net/LAN

Host-only

+

+

+

Internal

+

Bridged

+

+

+

+

+

NAT

+

Port forward

+

Port forward

NATservice

+

Port forward

+

+

Port forward

The following sections describe the available network modes in more detail.

6.3. Network Address Translation (NAT)

Network Address Translation (NAT) is the simplest way of accessing an external network from a virtual machine. Usually, it does not require any configuration on the host network and guest system. For this reason, it is the default networking mode in Oracle VM VirtualBox.

A virtual machine with NAT enabled acts much like a real computer that connects to the Internet through a router. The router, in this case, is the Oracle VM VirtualBox networking engine, which maps traffic from and to the virtual machine transparently. In Oracle VM VirtualBox this router is placed between each virtual machine and the host. This separation maximizes security since by default virtual machines cannot talk to each other.

The disadvantage of NAT mode is that, much like a private network behind a router, the virtual machine is invisible and unreachable from the outside internet. You cannot run a server this way unless you set up port forwarding. See Section 6.3.1, “Configuring Port Forwarding with NAT”.

The network frames sent out by the guest operating system are received by Oracle VM VirtualBox's NAT engine, which extracts the TCP/IP data and resends it using the host operating system. To an application on the host, or to another computer on the same network as the host, it looks like the data was sent by the Oracle VM VirtualBox application on the host, using an IP address belonging to the host. Oracle VM VirtualBox listens for replies to the packages sent, and repacks and resends them to the guest machine on its private network.

The virtual machine receives its network address and configuration on the private network from a DHCP server integrated into Oracle VM VirtualBox. The IP address thus assigned to the virtual machine is usually on a completely different network than the host. As more than one card of a virtual machine can be set up to use NAT, the first card is connected to the private network 10.0.2.0, the second card to the network 10.0.3.0 and so on. If you need to change the guest-assigned IP range, see Section 9.10, “Fine Tuning the Oracle VM VirtualBox NAT Engine”.

6.3.1. Configuring Port Forwarding with NAT

As the virtual machine is connected to a private network internal to Oracle VM VirtualBox and invisible to the host, network services on the guest are not accessible to the host machine or to other computers on the same network. However, like a physical router, Oracle VM VirtualBox can make selected services available to the world outside the guest through port forwarding. This means that Oracle VM VirtualBox listens to certain ports on the host and resends all packets which arrive there to the guest, on the same or a different port.

To an application on the host or other physical or virtual machines on the network, it looks as though the service being proxied is actually running on the host. This also means that you cannot run the same service on the same ports on the host. However, you still gain the advantages of running the service in a virtual machine. For example, services on the host machine or on other virtual machines cannot be compromised or crashed by a vulnerability or a bug in the service, and the service can run in a different operating system than the host system.

To configure port forwarding you can use the graphical Port Forwarding editor which can be found in the Network Settings dialog for network adaptors configured to use NAT. Here, you can map host ports to guest ports to allow network traffic to be routed to a specific port in the guest.

Alternatively, the command line tool VBoxManage can be used. See Section 8.8, “VBoxManage modifyvm”.

You will need to know which ports on the guest the service uses and to decide which ports to use on the host. You may want to use the same ports on the guest and on the host. You can use any ports on the host which are not already in use by a service. For example, to set up incoming NAT connections to an ssh server in the guest, use the following command:

VBoxManage modifyvm "VM name" --natpf1 "guestssh,tcp,,2222,,22"

In the above example, all TCP traffic arriving on port 2222 on any host interface will be forwarded to port 22 in the guest. The protocol name tcp is a mandatory attribute defining which protocol should be used for forwarding, udp could also be used. The name guestssh is purely descriptive and will be auto-generated if omitted. The number after --natpf denotes the network card, as with other VBoxManage commands.

To remove this forwarding rule, use the following command:

VBoxManage modifyvm "VM name" --natpf1 delete "guestssh"

If for some reason the guest uses a static assigned IP address not leased from the built-in DHCP server, it is required to specify the guest IP when registering the forwarding rule, as follows:

VBoxManage modifyvm "VM name" --natpf1 "guestssh,tcp,,2222,10.0.2.19,22"

This example is identical to the previous one, except that the NAT engine is being told that the guest can be found at the 10.0.2.19 address.

To forward all incoming traffic from a specific host interface to the guest, specify the IP of that host interface as follows:

VBoxManage modifyvm "VM name" --natpf1 "guestssh,tcp,127.0.0.1,2222,,22"

This example forwards all TCP traffic arriving on the localhost interface at 127.0.0.1 through port 2222 to port 22 in the guest.

It is possible to configure incoming NAT connections while the VM is running, see Section 8.14, “VBoxManage controlvm”.

6.3.2. PXE Booting with NAT

PXE booting is now supported in NAT mode. The NAT DHCP server provides a boot file name of the form vmname.pxe if the directory TFTP exists in the directory where the user's VirtualBox.xml file is kept. It is the responsibility of the user to provide vmname.pxe.

6.3.3. NAT Limitations

There are some limitations of NAT mode which users should be aware of, as follows:

  • ICMP protocol limitations. Some frequently used network debugging tools, such as ping or tracerouting, rely on the ICMP protocol for sending and receiving messages. While ICMP support has been improved with Oracle VM VirtualBox 2.1, meaning ping should now work, some other tools may not work reliably.

  • Receiving of UDP broadcasts. The guest does not reliably receive UDP broadcasts. In order to save resources, it only listens for a certain amount of time after the guest has sent UDP data on a particular port. As a consequence, NetBios name resolution based on broadcasts does not always work, but WINS always works. As a workaround, you can use the numeric IP of the desired server in the \\server\share notation.

  • Some protocols are not supported. Protocols other than TCP and UDP are not supported. GRE is not supported. This means some VPN products, such as PPTP from Microsoft, cannot be used. There are other VPN products which use only TCP and UDP.

  • Forwarding host ports below 1024. On UNIX-based hosts, such as Linux, Oracle Solaris, and Mac OS X, it is not possible to bind to ports below 1024 from applications that are not run by root. As a result, if you try to configure such a port forwarding, the VM will refuse to start.

These limitations normally do not affect standard network use. But the presence of NAT has also subtle effects that may interfere with protocols that are normally working. One example is NFS, where the server is often configured to refuse connections from non-privileged ports, which are those ports not below 1024.

6.4. Network Address Translation Service

The Network Address Translation (NAT) service works in a similar way to a home router, grouping the systems using it into a network and preventing systems outside of this network from directly accessing systems inside it, but letting systems inside communicate with each other and with systems outside using TCP and UDP over IPv4 and IPv6.

A NAT service is attached to an internal network. Virtual machines which are to make use of it should be attached to that internal network. The name of internal network is chosen when the NAT service is created and the internal network will be created if it does not already exist. The following is an example command to create a NAT network:

VBoxManage natnetwork add --netname natnet1 --network "192.168.15.0/24" --enable

Here, natnet1 is the name of the internal network to be used and 192.168.15.0/24 is the network address and mask of the NAT service interface. By default in this static configuration the gateway will be assigned the address 192.168.15.1, the address following the interface address, though this is subject to change. To attach a DHCP server to the internal network, modify the example command as follows:

VBoxManage natnetwork add --netname natnet1 --network "192.168.15.0/24" --enable --dhcp on

To add a DHCP server to an existing network, use the following command:

VBoxManage natnetwork modify --netname natnet1 --dhcp on

To disable the DHCP server, use the following command:

VBoxManage natnetwork modify --netname natnet1 --dhcp off

A DHCP server provides a list of registered nameservers, but does not map servers from the 127/8 network.

To start the NAT service, use the following command:

VBoxManage natnetwork start --netname natnet1

If the network has a DHCP server attached then it will start together with the NAT network service.

To stop the NAT network service, together with any DHCP server:

VBoxManage natnetwork stop --netname natnet1

To delete the NAT network service:

VBoxManage natnetwork remove --netname natnet1

This command does not remove the DHCP server if one is enabled on the internal network.

Port-forwarding is supported, using the --port-forward-4 switch for IPv4 and --port-forward-6 for IPv6. For example:

VBoxManage natnetwork modify \
  --netname natnet1 --port-forward-4 "ssh:tcp:[]:1022:[192.168.15.5]:22"

This adds a port-forwarding rule from the host's TCP 1022 port to the port 22 on the guest with IP address 192.168.15.5. Host port, guest port and guest IP are mandatory. To delete the rule, use the following command:

VBoxManage natnetwork modify --netname natnet1 --port-forward-4 delete ssh

It is possible to bind a NAT service to specified interface. For example:

VBoxManage setextradata global "NAT/win-nat-test-0/SourceIp4" 192.168.1.185

To see the list of registered NAT networks, use the following command:

VBoxManage list natnetworks

6.5. Bridged Networking

With bridged networking, Oracle VM VirtualBox uses a device driver on your host system that filters data from your physical network adapter. This driver is therefore called a net filter driver. This enables Oracle VM VirtualBox to intercept data from the physical network and inject data into it, effectively creating a new network interface in software. When a guest is using such a new software interface, it looks to the host system as though the guest were physically connected to the interface using a network cable. The host can send data to the guest through that interface and receive data from it. This means that you can set up routing or bridging between the guest and the rest of your network.

Note

Even though TAP interfaces are no longer necessary on Linux for bridged networking, you can still use TAP interfaces for certain advanced setups, since you can connect a VM to any host interface.

To enable bridged networking, open the Settings dialog of a virtual machine, go to the Network page and select Bridged Network in the drop-down list for the Attached To field. Select a host interface from the list at the bottom of the page, which contains the physical network interfaces of your systems. On a typical MacBook, for example, this will allow you to select between en1: AirPort, which is the wireless interface, and en0: Ethernet, which represents the interface with a network cable.

Note

Bridging to a wireless interface is done differently from bridging to a wired interface, because most wireless adapters do not support promiscuous mode. All traffic has to use the MAC address of the host's wireless adapter, and therefore Oracle VM VirtualBox needs to replace the source MAC address in the Ethernet header of an outgoing packet to make sure the reply will be sent to the host interface. When Oracle VM VirtualBox sees an incoming packet with a destination IP address that belongs to one of the virtual machine adapters it replaces the destination MAC address in the Ethernet header with the VM adapter's MAC address and passes it on. Oracle VM VirtualBox examines ARP and DHCP packets in order to learn the IP addresses of virtual machines.

Depending on your host operating system, the following limitations apply:

  • Mac OS X hosts. Functionality is limited when using AirPort, the Mac's wireless networking system, for bridged networking. Currently, Oracle VM VirtualBox supports only IPv4 and IPv6 over AirPort. For other protocols, such as IPX, you must choose a wired interface.

  • Linux hosts. Functionality is limited when using wireless interfaces for bridged networking. Currently, Oracle VM VirtualBox supports only IPv4 and IPv6 over wireless. For other protocols, such as IPX, you must choose a wired interface.

    Also, setting the MTU to less than 1500 bytes on wired interfaces provided by the sky2 driver on the Marvell Yukon II EC Ultra Ethernet NIC is known to cause packet losses under certain conditions.

    Some adapters strip VLAN tags in hardware. This does not allow you to use VLAN trunking between VM and the external network with pre-2.6.27 Linux kernels, or with host operating systems other than Linux.

  • Oracle Solaris hosts. There is no support for using wireless interfaces. Filtering guest traffic using IPFilter is also not completely supported due to technical restrictions of the Oracle Solaris networking subsystem. These issues may be addressed in later releases of Oracle Solaris 11.

    On Oracle Solaris 11 hosts build 159 and above, it is possible to use Oracle Solaris Crossbow Virtual Network Interfaces (VNICs) directly with Oracle VM VirtualBox without any additional configuration other than each VNIC must be exclusive for every guest network interface.

    When using VLAN interfaces with Oracle VM VirtualBox, they must be named according to the PPA-hack naming scheme, such as e1000g513001. Otherwise, the guest may receive packets in an unexpected format.

6.6. Internal Networking

Internal Networking is similar to bridged networking in that the VM can directly communicate with the outside world. However, the outside world is limited to other VMs on the same host which connect to the same internal network.

Even though technically, everything that can be done using internal networking can also be done using bridged networking, there are security advantages with internal networking. In bridged networking mode, all traffic goes through a physical interface of the host system. It is therefore possible to attach a packet sniffer such as Wireshark to the host interface and log all traffic that goes over it. If, for any reason, you prefer two or more VMs on the same machine to communicate privately, hiding their data from both the host system and the user, bridged networking therefore is not an option.

Internal networks are created automatically as needed. There is no central configuration. Every internal network is identified simply by its name. Once there is more than one active virtual network card with the same internal network ID, the Oracle VM VirtualBox support driver will automatically wire the cards and act as a network switch. The Oracle VM VirtualBox support driver implements a complete Ethernet switch and supports both broadcast/multicast frames and promiscuous mode.

In order to attach a VM's network card to an internal network, set its networking mode to Internal Networking. There are two ways to accomplish this:

  • Use the VM's Settings dialog in the Oracle VM VirtualBox graphical user interface. In the Networking category of the settings dialog, select Internal Networking from the drop-down list of networking modes. Select the name of an existing internal network from the drop-down list below, or enter a new name into the Name field.

  • Use the command line, for example:

    VBoxManage modifyvm "VM name" --nic<x> intnet

    Optionally, you can specify a network name with the command:

    VBoxManage modifyvm "VM name" --intnet<x> "network name"

    If you do not specify a network name, the network card will be attached to the network intnet by default.

Unless you configure the virtual network cards in the guest operating systems that are participating in the internal network to use static IP addresses, you may want to use the DHCP server that is built into Oracle VM VirtualBox to manage IP addresses for the internal network. See Section 8.39, “VBoxManage dhcpserver”.

As a security measure, by default, the Linux implementation of internal networking only allows VMs running under the same user ID to establish an internal network. However, it is possible to create a shared internal networking interface, accessible by users with different user IDs.

6.7. Host-Only Networking

Host-only networking is another networking mode that was added with version 2.2 of Oracle VM VirtualBox. It can be thought of as a hybrid between the bridged and internal networking modes. As with bridged networking, the virtual machines can talk to each other and the host as if they were connected through a physical Ethernet switch. As with internal networking, a physical networking interface need not be present, and the virtual machines cannot talk to the world outside the host since they are not connected to a physical networking interface.

When host-only networking is used, Oracle VM VirtualBox creates a new software interface on the host which then appears next to your existing network interfaces. In other words, whereas with bridged networking an existing physical interface is used to attach virtual machines to, with host-only networking a new loopback interface is created on the host. And whereas with internal networking, the traffic between the virtual machines cannot be seen, the traffic on the loopback interface on the host can be intercepted.

Host-only networking is particularly useful for preconfigured virtual appliances, where multiple virtual machines are shipped together and designed to cooperate. For example, one virtual machine may contain a web server and a second one a database, and since they are intended to talk to each other, the appliance can instruct Oracle VM VirtualBox to set up a host-only network for the two. A second, bridged, network would then connect the web server to the outside world to serve data to, but the outside world cannot connect to the database.

To change a virtual machine's virtual network interface to Host Only mode, do either of the following:

  • Go to the Network page in the virtual machine's Settings dialog and select Host-Only Networking.

  • On the command line, enter VBoxManage modifyvm "VM name" --nic<x> hostonly. See Section 8.8, “VBoxManage modifyvm”.

Before you can attach a VM to a host-only network you have to create at least one host-only interface. You can use the GUI for this. Choose File, Preferences, Network, Host-Only Network, (+)Add Host-Only Network.

Alternatively, you can use the command line:

VBoxManage hostonlyif create

See Section 8.38, “VBoxManage hostonlyif”.

For host-only networking, as with internal networking, you may find the DHCP server useful that is built into Oracle VM VirtualBox. This can be enabled to then manage the IP addresses in the host-only network since otherwise you would need to configure all IP addresses statically.

  • In the Oracle VM VirtualBox graphical user interface, you can configure all these items in the global settings by choosing File, Preferences, Network. This lists all host-only networks which are presently in use. Click on the network name and then on Edit. You can then modify the adapter and DHCP settings.

  • Alternatively, you can use VBoxManage dhcpserver on the command line. See Section 8.39, “VBoxManage dhcpserver”.

Note

On Linux and Mac OS X hosts the number of host-only interfaces is limited to 128. There is no such limit for Oracle Solaris and Windows hosts.

6.8. UDP Tunnel Networking

This networking mode enables you to interconnect virtual machines running on different hosts.

Technically this is done by encapsulating Ethernet frames sent or received by the guest network card into UDP/IP datagrams, and sending them over any network available to the host.

UDP Tunnel mode has the following parameters:

  • Source UDP port: The port on which the host listens. Datagrams arriving on this port from any source address will be forwarded to the receiving part of the guest network card.

  • Destination address: IP address of the target host of the transmitted data.

  • Destination UDP port: Port number to which the transmitted data is sent.

When interconnecting two virtual machines on two different hosts, their IP addresses must be swapped. On a single host, source and destination UDP ports must be swapped.

In the following example, host 1 uses the IP address 10.0.0.1 and host 2 uses IP address 10.0.0.2. To configure using the command-line:

        VBoxManage modifyvm "VM 01 on host 1" --nic<x> generic
        VBoxManage modifyvm "VM 01 on host 1" --nicgenericdrv<x> UDPTunnel
        VBoxManage modifyvm "VM 01 on host 1" --nicproperty<x> dest=10.0.0.2
        VBoxManage modifyvm "VM 01 on host 1" --nicproperty<x> sport=10001
        VBoxManage modifyvm "VM 01 on host 1" --nicproperty<x> dport=10002
        VBoxManage modifyvm "VM 02 on host 2" --nic<y> generic
        VBoxManage modifyvm "VM 02 on host 2" --nicgenericdrv<y> UDPTunnel
        VBoxManage modifyvm "VM 02 on host 2" --nicproperty<y> dest=10.0.0.1
        VBoxManage modifyvm "VM 02 on host 2" --nicproperty<y> sport=10002
        VBoxManage modifyvm "VM 02 on host 2" --nicproperty<y> dport=10001

Of course, you can always interconnect two virtual machines on the same host, by setting the destination address parameter to 127.0.0.1 on both. It will act similarly to an internal network in this case. However, the host can see the network traffic which it could not in the normal internal network case.

Note

On UNIX-based hosts, such as Linux, Oracle Solaris, and Mac OS X, it is not possible to bind to ports below 1024 from applications that are not run by root. As a result, if you try to configure such a source UDP port, the VM will refuse to start.

6.9. VDE Networking

Virtual Distributed Ethernet (VDE) is a flexible, virtual network infrastructure system, spanning across multiple hosts in a secure way. It enables L2/L3 switching, including spanning-tree protocol, VLANs, and WAN emulation. It is an optional part of Oracle VM VirtualBox which is only included in the source code.

VDE is a project developed by Renzo Davoli, Associate Professor at the University of Bologna, Italy.

The basic building blocks of the infrastructure are VDE switches, VDE plugs, and VDE wires which interconnect the switches.

The Oracle VM VirtualBox VDE driver has a single parameter: VDE network. This is the name of the VDE network switch socket to which the VM will be connected.

The following basic example shows how to connect a virtual machine to a VDE switch.

  1. Create a VDE switch:

    vde_switch -s /tmp/switch1
  2. Configure VMs using the command-line:

    VBoxManage modifyvm "VM name" --nic<x> generic
    VBoxManage modifyvm "VM name" --nicgenericdrv<x> VDE

    To connect to an automatically allocated switch port:

    VBoxManage modifyvm "VM name" --nicproperty<x> network=/tmp/switch1

    To connect to a specific switch port n:

    VBoxManage modifyvm "VM name" --nicproperty<x> network=/tmp/switch1[<n>]

    This command can be useful for VLANs.

  3. (Optional) Map between a VDE switch port and a VLAN.

    Using the switch command line:

    vde$ vlan/create <VLAN>
    vde$ port/setvlan <port> <VLAN>

VDE is available on Linux and FreeBSD hosts only. It is only available if the VDE software and the VDE plugin library from the VirtualSquare project are installed on the host system.

Note

For Linux hosts, the shared library libvdeplug.so must be available in the search path for shared libraries.

For more information on setting up VDE networks, please see the documentation accompanying the software. See also http://wiki.virtualsquare.org/wiki/index.php/VDE_Basic_Networking.

6.10. Limiting Bandwidth for Network Input/Output

Oracle VM VirtualBox supports limiting of the maximum bandwidth used for network transmission. Several network adapters of one VM may share limits through bandwidth groups. It is possible to have more than one such limit.

Note

Oracle VM VirtualBox shapes VM traffic only in the transmit direction, delaying the packets being sent by virtual machines. It does not limit the traffic being received by virtual machines.

Limits are configured through VBoxManage. The following example creates a bandwidth group named Limit, sets the limit to 20 Mbps and assigns the group to the first and second adapters of the VM:

VBoxManage bandwidthctl "VM name" add Limit --type network --limit 20m
VBoxManage modifyvm "VM name" --nicbandwidthgroup1 Limit
VBoxManage modifyvm "VM name" --nicbandwidthgroup2 Limit

All adapters in a group share the bandwidth limit, meaning that in the example above the bandwidth of both adapters combined can never exceed 20 Mbps. However, if one adapter does not require bandwidth the other can use the remaining bandwidth of its group.

The limits for each group can be changed while the VM is running, with changes being picked up immediately. The following example changes the limit for the group created in the previous example to 100 Kbps:

VBoxManage bandwidthctl "VM name" set Limit --limit 100k

To completely disable shaping for the first adapter of VM use the following command:

VBoxManage modifyvm "VM name" --nicbandwidthgroup1 none

It is also possible to disable shaping for all adapters assigned to a bandwidth group while VM is running, by specifying the zero limit for the group. For example, for the bandwidth group named Limit:

VBoxManage bandwidthctl "VM name" set Limit --limit 0

6.11. Improving Network Performance

Oracle VM VirtualBox provides a variety of virtual network adapters that can be attached to the host's network in a number of ways. Depending on which types of adapters and attachments are used the network performance will be different. Performance-wise the virtio network adapter is preferable over Intel PRO/1000 emulated adapters, which are preferred over the PCNet family of adapters. Both virtio and Intel PRO/1000 adapters enjoy the benefit of segmentation and checksum offloading. Segmentation offloading is essential for high performance as it allows for less context switches, dramatically increasing the sizes of packets that cross the VM/host boundary.

Note

Neither virtio nor Intel PRO/1000 drivers for Windows XP support segmentation offloading. Therefore Windows XP guests never reach the same transmission rates as other guest types. Refer to MS Knowledge base article 842264 for additional information.

Three attachment types: Internal, Bridged, and Host-Only, have nearly identical performance. The Internal type is a little bit faster and uses less CPU cycles as the packets never reach the host's network stack. The NAT attachment type is the slowest and most secure of all attachment types, as it provides network address translation. The generic driver attachment is special and cannot be considered as an alternative to other attachment types.

The number of CPUs assigned to VM does not improve network performance and in some cases may hurt it due to increased concurrency in the guest.

Here is a short summary of things to check in order to improve network performance:

  • Whenever possible use the virtio network adapter. Otherwise, use one of the Intel PRO/1000 adapters.

  • Use a Bridged attachment instead of NAT.

  • Make sure segmentation offloading is enabled in the guest OS. Usually it will be enabled by default. You can check and modify offloading settings using the ethtool command on Linux guests.

  • Perform a full detailed analysis of network traffic on the VM's network adaptor using a third party tool such as Wireshark. To do this, a promiscuous mode policy needs to be used on the VM's network adaptor. Use of this mode is only possible on the following network types: NAT Network, Bridged Adapter, Internal Network, and Host-Only Adapter.

    To setup a promiscuous mode policy, either select from the drop down list located in the Network Settings dialog for the network adaptor or use the command line tool VBoxManage. See Section 8.8, “VBoxManage modifyvm”.

    Promiscuous mode policies are as follows:

    • deny, which hides any traffic not intended for the VM's network adaptor. This is the default setting.

    • allow-vms, which hides all host traffic from the VM's network adaptor, but allows it to see traffic from and to other VMs.

    • allow-all, which removes all restrictions. The VM's network adaptor sees all traffic.

Chapter 7. Remote Virtual Machines

7.1. Remote Display (VRDP Support)

Oracle VM VirtualBox can display virtual machines remotely, meaning that a virtual machine can execute on one computer even though the machine will be displayed on a second computer, and the machine will be controlled from there as well, as if the virtual machine was running on that second computer.

For maximum flexibility, Oracle VM VirtualBox implements remote machine display through a generic extension interface called the VirtualBox Remote Desktop Extension (VRDE). The base open source Oracle VM VirtualBox package only provides this interface, while implementations can be supplied by third parties with Oracle VM VirtualBox extension packages, which must be installed separately from the base package. See Section 1.6, “Installing Oracle VM VirtualBox and Extension Packs”.

Oracle provides support for the VirtualBox Remote Display Protocol (VRDP) in such an Oracle VM VirtualBox extension package. When this package is installed, Oracle VM VirtualBox versions 4.0 and later support VRDP the same way as binary, non-open source, versions of Oracle VM VirtualBox before 4.0 did.

VRDP is a backwards-compatible extension to Microsoft's Remote Desktop Protocol (RDP). As a result, you can use any standard RDP client to control the remote VM.

Even when the extension is installed, the VRDP server is disabled by default. It can easily be enabled on a per-VM basis either in the VirtualBox Manager in the Display settings, see Section 3.6, “Display Settings”, or with the VBoxManage command, as follows:

VBoxManage modifyvm "VM name" --vrde on

By default, the VRDP server uses TCP port 3389. You will need to change the default port if you run more than one VRDP server, since the port can only be used by one server at a time. You might also need to change it on Windows hosts since the default port might already be used by the RDP server that is built into Windows itself. Ports 5000 through 5050 are typically not used and might be a good choice.

The port can be changed either in the Display settings of the graphical user interface or with the --vrdeport option of the VBoxManage modifyvm command. You can specify a comma-separated list of ports or ranges of ports. Use a dash between two port numbers to specify a range. The VRDP server will bind to one of the available ports from the specified list. For example, VBoxManage modifyvm "VM name" --vrdeport 5000,5010-5012 will configure the server to bind to one of the ports 5000, 5010, 5011, or 5012. See Section 8.8.5, “Remote Machine Settings”.

The actual port used by a running VM can be either queried with the VBoxManage showvminfo command or seen in the GUI on the Runtime tab of the Session Information dialog, which is accessible from the Machine menu of the VM window.

Support for IPv6 has been implemented in Oracle VM VirtualBox 4.3. If the host OS supports IPv6 the VRDP server will automatically listen for IPv6 connections in addition to IPv4.

7.1.1. Common Third-Party RDP Viewers

Since VRDP is backwards-compatible to RDP, you can use any standard RDP viewer to connect to such a remote virtual machine. For this to work, you must specify the IP address of your host system, not of the virtual machine, as the server address to connect to. You must also specify the port number that the VRDP server is using.

The following examples are for the most common RDP viewers:

  • On Windows, you can use the Microsoft Terminal Services Connector, mstsc.exe, that is included with Windows. Press the Windows key + R, to display the Run dialog. Enter mstsc to start the program. You can also find the program in Start, All Programs, Accessories, Remote Desktop Connection. If you use the Run dialog, you can enter options directly. For example:

    mstsc 1.2.3.4:3389

    Replace 1.2.3.4 with the host IP address, and 3389 with a different port, if necessary.

    Note

    • IPv6 addresses must be enclosed in square brackets to specify a port. For example: mstsc [fe80::1:2:3:4]:3389

    • When connecting to localhost in order to test the connection, the addresses localhost and 127.0.0.1 might not work using mstsc.exe. Instead, the address 127.0.0.2[:3389] has to be used.

  • On other systems, you can use the standard open source rdesktop program. This ships with most Linux distributions, but Oracle VM VirtualBox also comes with a modified variant of rdesktop for remote USB support. See Section 7.1.4, “Remote USB”.

    With rdesktop, use a command line such as the following:

    rdesktop -a 16 -N 1.2.3.4:3389

    Replace 1.2.3.4 with the host IP address, and 3389 with a different port, if necessary. The -a 16 option requests a color depth of 16 bits per pixel, which we recommend. For best performance, after installation of the guest operating system, you should set its display color depth to the same value. The -N option enables use of the NumPad keys.

  • You can use the Remmina remote desktop client with VRDP. This application is included with some Linux distributions, such as Debian and Ubuntu.

  • If you run the KDE desktop, you can use krdc, the KDE RDP viewer. A typical command line is as follows:

    krdc rdp://1.2.3.4:3389

    Replace 1.2.3.4 with the host IP address, and 3389 with a different port, if necessary. The "rdp://" prefix is required with krdc to switch it into RDP mode.

  • With Sun Ray thin clients you can use uttsc, which is part of the Sun Ray Windows Connector package. See the Sun Ray documentation for details.

7.1.2. VBoxHeadless, the Remote Desktop Server

While any VM started from the VirtualBox Manager is capable of running virtual machines remotely, it is not convenient to have to run the full-fledged GUI if you never want to have VMs displayed locally in the first place. In particular, if you are running server hardware whose only purpose is to host VMs, and all your VMs are supposed to run remotely over VRDP, then it is pointless to have a graphical user interface on the server at all. This is especially true for Linux or Oracle Solaris hosts, as the VirtualBox Manager comes with dependencies on the Qt and SDL libraries. This is inconvenient if you would rather not have the X Window system on your server at all.

Oracle VM VirtualBox therefore comes with a front-end called VBoxHeadless, which produces no visible output on the host at all, but still can deliver VRDP data. This front-end has no dependencies on the X Window system on Linux and Oracle Solaris hosts.

Note

Before Oracle VM VirtualBox 1.6, the headless server was called VBoxVRDP. For the sake of backwards compatibility, the Oracle VM VirtualBox installation still installs an executable with that name as well.

To start a virtual machine with VBoxHeadless, you have the following options:

  • Use the VBoxManage command, as follows:

    VBoxManage startvm "VM name" --type headless

    The --type option causes Oracle VM VirtualBox to use VBoxHeadless as the front-end to the internal virtualization engine, instead of the Qt front-end.

  • Use the VBoxHeadless command, as follows:

    VBoxHeadless --startvm <uuid|name>

    This way of starting the VM helps troubleshooting problems reported by VBoxManage startvm, because you can sometimes see more detailed error messages, especially for early failures before the VM execution is started. In normal situations VBoxManage startvm is preferred, since it runs the VM directly as a background process which has to be done explicitly when directly starting with VBoxHeadless.

  • Start VBoxHeadless from the VirtualBox Manager GUI, by pressing the Shift key when starting a virtual machine or by selecting Headless Start from the Machine menu.

When you use the VBoxHeadless command to start a VM, the VRDP server will be enabled according to the VM configuration. You can override the VM's setting using --vrde command line parameter. To enable the VRDP server, start the VM as follows:

VBoxHeadless --startvm <uuid|name> --vrde on

To disable the VRDP server:

VBoxHeadless --startvm <uuid|name> --vrde off

To have the VRDP server enabled depending on the VM configuration, as for other front-ends:

VBoxHeadless --startvm <uuid|name> --vrde config

This command is the same as the following:

VBoxHeadless --startvm <uuid|name>

If you start the VM with VBoxManage startvm then the configuration settings of the VM are always used.

7.1.3. Step by Step: Creating a Virtual Machine on a Headless Server

The following instructions describe how to create a virtual machine on a headless server over a network connection. This example creates a virtual machine, establishes an RDP connection and installs a guest operating system. All of these tasks are done without having to touch the headless server. You need the following prerequisites:

  • Oracle VM VirtualBox on a server machine with a supported host operating system. The Oracle VM VirtualBox Extension Pack for the VRDP server must be installed, see Section 7.1, “Remote Display (VRDP Support)”. The procedures assume a Linux server is used.

  • An ISO file accessible from the server, containing the installation data for the guest operating system to install. Windows XP is used in the example.

  • A terminal connection to that host through which you can access a command line, such as ssh.

  • An RDP viewer on the remote client. See Section 7.1.1, “Common Third-Party RDP Viewers” for examples.

Note that on the server machine, since we will only use the headless server, Qt and the X Window system are not required.

  1. On the headless server, create a new virtual machine. For example:

    VBoxManage createvm --name "Windows XP" --ostype WindowsXP --register

    If you do not specify --register, you will have to manually use the registervm command later.

    You do not need to specify --ostype, but doing so selects some sensible default values for certain VM parameters. For example, the RAM size and the type of the virtual network device. To get a complete list of supported operating systems you can use the following command:

    VBoxManage list ostypes
  2. Make sure the settings for the VM are appropriate for the guest operating system that we will install. For example:

    VBoxManage modifyvm "Windows XP" --memory 256 --acpi on --boot1 dvd --nic1 nat
  3. Create a virtual hard disk for the VM. For example, to create a 10 GB virtual hard disk:

    VBoxManage createhd --filename "WinXP.vdi" --size 10000
  4. Add an IDE Controller to the new VM. For example:

    VBoxManage storagectl "Windows XP" --name "IDE Controller"
      --add ide --controller PIIX4
  5. Set the VDI file you created as the first virtual hard disk of the new VM. For example:

    VBoxManage storageattach "Windows XP" --storagectl "IDE Controller"
     --port 0 --device 0 --type hdd --medium "WinXP.vdi"
  6. Attach the ISO file that contains the operating system installation that you want to install later to the virtual machine. This is done so that the VM can boot from it.

    VBoxManage storageattach "Windows XP" --storagectl "IDE Controller"
     --port 0 --device 1 --type dvddrive --medium /full/path/to/iso.iso
  7. Enable the VirtualBox Remote Desktop Extension, the VRDP server, as follows:

    VBoxManage modifyvm "Windows XP" --vrde on
  8. Start the virtual machine using the VBoxHeadless command:

    VBoxHeadless --startvm "Windows XP"

    If the configuration steps worked, you should see a copyright notice. If you are returned to the command line, then something did not work correctly.

  9. On the client machine, start the RDP viewer and connect to the server. See Section 7.1.1, “Common Third-Party RDP Viewers” for details of how to use various common RDP viewers.

    The installation routine of your guest operating system should be displayed in the RDP viewer.

7.1.4. Remote USB

As a special feature additional to the VRDP support, Oracle VM VirtualBox also supports remote USB devices over the wire. That is, an Oracle VM VirtualBox guest that runs on one computer can access the USB devices of the remote computer on which the VRDP data is being displayed the same way as USB devices that are connected to the actual host. This enables running of virtual machines on an Oracle VM VirtualBox host that acts as a server, where a client can connect from elsewhere that needs only a network adapter and a display capable of running an RDP viewer. When USB devices are plugged into the client, the remote Oracle VM VirtualBox server can access them.

For these remote USB devices, the same filter rules apply as for other USB devices. See Section 3.11.1, “USB Settings”. All you have to do is specify Remote, or Any, when setting up these rules.

Accessing remote USB devices is only possible if the RDP client supports this extension. On Linux and Oracle Solaris hosts, the Oracle VM VirtualBox installation provides a suitable VRDP client called rdesktop-vrdp. Recent versions of uttsc, a client tailored for the use with Sun Ray thin clients, also support accessing remote USB devices. RDP clients for other platforms will be provided in future Oracle VM VirtualBox versions.

To make a remote USB device available to a VM, rdesktop-vrdp should be started as follows:

rdesktop-vrdp -r usb -a 16 -N my.host.address

See Section 12.8.7, “USB Not Working” for further details on how to properly set up the permissions for USB devices. Furthermore it is advisable to disable automatic loading of any host driver on the remote host which might work on USB devices to ensure that the devices are accessible by the RDP client. If the setup was properly done on the remote host, plug and unplug events are visible in the VBox.log file of the VM.

7.1.5. RDP Authentication

For each virtual machine that is remotely accessible using RDP, you can individually determine if and how client connections are authenticated. For this, use the VBoxManage modifyvm command with the --vrdeauthtype option. See Section 8.8, “VBoxManage modifyvm”. The following methods of authentication are available:

  • The null method means that there is no authentication at all. Any client can connect to the VRDP server and thus the virtual machine. This is very insecure and only to be recommended for private networks.

  • The external method provides external authentication through a special authentication library. Oracle VM VirtualBox ships with two special authentication libraries:

    1. The default authentication library, VBoxAuth, authenticates against user credentials of the hosts. Depending on the host platform, this means the following:

      • On Linux hosts, VBoxAuth.so authenticates users against the host's PAM system.

      • On Windows hosts, VBoxAuth.dll authenticates users against the host's WinLogon system.

      • On Mac OS X hosts, VBoxAuth.dylib authenticates users against the host's directory service.

      In other words, the external method by default performs authentication with the user accounts that exist on the host system. Any user with valid authentication credentials is accepted. For example, the username does not have to correspond to the user running the VM.

    2. An additional library called VBoxAuthSimple performs authentication against credentials configured in the "extradata" section of a virtual machine's XML settings file. This is probably the simplest way to get authentication that does not depend on a running and supported guest. The following steps are required:

      1. Enable VBoxAuthSimple with the following command:

        VBoxManage setproperty vrdeauthlibrary "VBoxAuthSimple"
      2. To enable the library for a particular VM, you must switch authentication to external, as follows:

        VBoxManage modifyvm "VM name" --vrdeauthtype external

        Replace <vm> with the VM name or UUID.

      3. You then need to configure users and passwords by writing items into the machine's extradata. Since the XML machine settings file, into whose extradata section the password needs to be written, is a plain text file, Oracle VM VirtualBox uses hashes to encrypt passwords. The following command must be used:

        VBoxManage setextradata "VM name" "VBoxAuthSimple/users/<user>" <hash>

        Replace <vm> with the VM name or UUID, <user> with the user name who should be allowed to log in and <hash> with the encrypted password. As an example, to obtain the hash value for the password secret, you can use the following command:

        VBoxManage internalcommands passwordhash "secret"

        This command will generate output similar to the following:

        2bb80d537b1da3e38bd30361aa855686bde0eacd7162fef6a25fe97bf527a25b

        You then use VBoxManage setextradata to store this value in the machine's extradata section.

        As a combined example, to set the password for the user john and the machine My VM to secret, use this command:

        VBoxManage setextradata "My VM" "VBoxAuthSimple/users/john"
            2bb80d537b1da3e38bd30361aa855686bde0eacd7162fef6a25fe97bf527a25b
  • The guest authentication method performs authentication with a special component that comes with the Guest Additions. As a result, authentication is not performed on the host, but with the guest user accounts.

    This method is currently still in testing and not yet supported.

In addition to the methods described above, you can replace the default external authentication module with any other module. For this, Oracle VM VirtualBox provides a well-defined interface that enables you to write your own authentication module. This is described in detail in the Oracle VM VirtualBox Software Development Kit (SDK) reference. See Chapter 11, Oracle VM VirtualBox Programming Interfaces.

7.1.6. RDP Encryption

RDP features data stream encryption, which is based on the RC4 symmetric cipher, with keys up to 128-bit. The RC4 keys are replaced at regular intervals, every 4096 packets.

RDP provides the following different authentication methods:

  • RDP4 authentication was used historically. With RDP4, the RDP client does not perform any checks in order to verify the identity of the server it connects to. Since user credentials can be obtained using a man in the middle (MITM) attack, RDP4 authentication is insecure and should generally not be used.

  • RDP5.1 authentication employs a server certificate for which the client possesses the public key. This way it is guaranteed that the server possess the corresponding private key. However, as this hard-coded private key became public some years ago, RDP5.1 authentication is also insecure.

  • RDP5.2 authentication uses Enhanced RDP Security, which means that an external security protocol is used to secure the connection. RDP4 and RDP5.1 use Standard RDP Security. The VRDP server supports Enhanced RDP Security with TLS protocol and, as a part of TLS handshake, sends the server certificate to the client.

    The Security/Method VRDE property sets the desired security method, which is used for a connection. Valid values are as follows:

    • Negotiate. Both Enhanced (TLS) and Standard RDP Security connections are allowed. The security method is negotiated with the client. This is the default setting.

    • RDP. Only Standard RDP Security is accepted.

    • TLS. Only Enhanced RDP Security is accepted. The client must support TLS.

      The OpenSSL library version determines which versions of TLS are supported. The Oracle VM VirtualBox clients include at least Version 1.1.0 of the OpenSSL library. This library supports TLS versions 1.0, 1.1, and 1.2. Some clients might include newer versions of the OpenSSL library and thus support additional TLS versions.

    For example, the following command enables a client to use either Standard or Enhanced RDP Security connection:

    vboxmanage modifyvm "VM name" --vrdeproperty "Security/Method=negotiate"

    If the Security/Method property is set to either Negotiate or TLS, the TLS protocol will be automatically used by the server, if the client supports TLS. However, in order to use TLS the server must possess the Server Certificate, the Server Private Key and the Certificate Authority (CA) Certificate. The following example shows how to generate a server certificate.

    1. Create a CA self signed certificate.

      openssl req -new -x509 -days 365 -extensions v3_ca \
        -keyout ca_key_private.pem -out ca_cert.pem
    2. Generate a server private key and a request for signing.

      openssl genrsa -out server_key_private.pem
      openssl req -new -key server_key_private.pem -out server_req.pem
    3. Generate the server certificate.

      openssl x509 -req -days 365 -in server_req.pem \
        -CA ca_cert.pem -CAkey ca_key_private.pem -set_serial 01 -out server_cert.pem

    The server must be configured to access the required files. For example:

    vboxmanage modifyvm "VM name" \
      --vrdeproperty "Security/CACertificate=path/ca_cert.pem"
    vboxmanage modifyvm "VM name" \
      --vrdeproperty "Security/ServerCertificate=path/server_cert.pem"
    vboxmanage modifyvm "VM name" \
      --vrdeproperty "Security/ServerPrivateKey=path/server_key_private.pem"

As the client that connects to the server determines what type of encryption will be used, with rdesktop, the Linux RDP viewer, use the -4 or -5 options.

7.1.7. Multiple Connections to the VRDP Server

The VRDP server of Oracle VM VirtualBox supports multiple simultaneous connections to the same running VM from different clients. All connected clients see the same screen output and share a mouse pointer and keyboard focus. This is similar to several people using the same computer at the same time, taking turns at the keyboard.

The following command enables multiple connection mode:

VBoxManage modifyvm "VM name" --vrdemulticon on

7.1.8. Multiple Remote Monitors

To access two or more remote VM displays you have to enable the VRDP multiconnection mode. See Section 7.1.7, “Multiple Connections to the VRDP Server”.

The RDP client can select the virtual monitor number to connect to using the domain login parameter (-d). If the parameter ends with @ followed by a number, Oracle VM VirtualBox interprets this number as the screen index. The primary guest screen is selected with @1, the first secondary screen is @2, and so on.

The Microsoft RDP6 client does not let you specify a separate domain name. Instead, enter domain\username in the Username field. For example, @2\name. name must be supplied, and must be the name used to log in if the VRDP server is set up to require credentials. If it is not, you may use any text as the username.

7.1.9. VRDP Video Redirection

The VRDP server can redirect video streams from the guest to the RDP client. Video frames are compressed using the JPEG algorithm allowing a higher compression ratio than standard RDP bitmap compression methods. It is possible to increase the compression ratio by lowering the video quality.

The VRDP server automatically detects video streams in a guest as frequently updated rectangular areas. As a result, this method works with any guest operating system without having to install additional software in the guest. In particular, the Guest Additions are not required.

On the client side, however, currently only the Windows 7 Remote Desktop Connection client supports this feature. If a client does not support video redirection, the VRDP server falls back to regular bitmap updates.

The following command enables video redirection:

VBoxManage modifyvm "VM name" --vrdevideochannel on

The quality of the video is defined as a value from 10 to 100 percent, representing a JPEG compression level, where lower numbers mean lower quality but higher compression. The quality can be changed using the following command:

VBoxManage modifyvm "VM name" --vrdevideochannelquality 75

7.1.10. VRDP Customization

With Oracle VM VirtualBox it is possible to disable display output, mouse and keyboard input, audio, remote USB, or clipboard individually in the VRDP server.

The following commands change the corresponding server settings:

VBoxManage modifyvm "VM name" --vrdeproperty Client/DisableDisplay=1
VBoxManage modifyvm "VM name" --vrdeproperty Client/DisableInput=1
VBoxManage modifyvm "VM name" --vrdeproperty Client/DisableUSB=1
VBoxManage modifyvm "VM name" --vrdeproperty Client/DisableAudio=1
VBoxManage modifyvm "VM name" --vrdeproperty Client/DisableClipboard=1
VBoxManage modifyvm "VM name" --vrdeproperty Client/DisableUpstreamAudio=1

To reenable a feature, use a similar command without the trailing 1. For example:

VBoxManage modifyvm "VM name" --vrdeproperty Client/DisableDisplay=

7.2. Teleporting

Oracle VM VirtualBox supports teleporting. Teleporting is moving a virtual machine over a network from one Oracle VM VirtualBox host to another, while the virtual machine is running. This works regardless of the host operating system that is running on the hosts. You can teleport virtual machines between Oracle Solaris and Mac OS X hosts, for example.

Teleporting requires that a machine be currently running on one host, which is called the source. The host to which the virtual machine will be teleported is called the target. The machine on the target is then configured to wait for the source to contact the target. The machine's running state will then be transferred from the source to the target with minimal downtime.

Teleporting happens over any TCP/IP network. The source and the target only need to agree on a TCP/IP port which is specified in the teleporting settings.

At this time, there are a few prerequisites for this to work, as follows:

  • On the target host, you must configure a virtual machine in Oracle VM VirtualBox with exactly the same hardware settings as the machine on the source that you want to teleport. This does not apply to settings which are merely descriptive, such as the VM name, but obviously for teleporting to work, the target machine must have the same amount of memory and other hardware settings. Otherwise teleporting will fail with an error message.

  • The two virtual machines on the source and the target must share the same storage, hard disks as well as floppy disks and CD/DVD images. This means that they either use the same iSCSI targets or that the storage resides somewhere on the network and both hosts have access to it using NFS or SMB/CIFS.

    This also means that neither the source nor the target machine can have any snapshots.

To configure teleporting, perform the following steps:

  1. On the target host, configure the virtual machine to wait for a teleport request to arrive when it is started, instead of actually attempting to start the machine. This is done with the following VBoxManage command:

    VBoxManage modifyvm <targetvmname> --teleporter on --teleporterport <port>

    where <targetvmname> is the name of the virtual machine on the target host and <port> is a TCP/IP port number to be used on both the source and the target hosts. For example, use 6000. See Section 8.8.6, “Teleporting Settings”.

  2. Start the VM on the target host. Instead of running, the VM shows a progress dialog, indicating that it is waiting for a teleport request to arrive.

  3. Start the VM on the source host as usual. When it is running and you want it to be teleported, issue the following command on the source host:

    VBoxManage controlvm <sourcevmname> teleport --host <targethost> --port <port>

    where <sourcevmname> is the name of the virtual machine on the source host, which is the machine that is currently running. <targethost> is the host or IP name of the target host on which the machine is waiting for the teleport request, and <port> must be the same number as specified in the command on the target host. See Section 8.14, “VBoxManage controlvm”.

For testing, you can also teleport machines on the same host. In that case, use localhost as the hostname on both the source and the target host.

Note

In rare cases, if the CPUs of the source and the target are very different, teleporting can fail with an error message, or the target may hang. This may happen especially if the VM is running application software that is highly optimized to run on a particular CPU without correctly checking that certain CPU features are actually present. Oracle VM VirtualBox filters what CPU capabilities are presented to the guest operating system. Advanced users can attempt to restrict these virtual CPU capabilities with the VBoxManage modifyvm --cpuid command. See Section 8.8.6, “Teleporting Settings”.

Chapter 8. VBoxManage

Table of Contents

8.1. Introduction
8.2. Commands Overview
8.3. General Options
8.4. VBoxManage list
8.5. VBoxManage showvminfo
8.6. VBoxManage registervm/unregistervm
8.7. VBoxManage createvm
8.8. VBoxManage modifyvm
8.8.1. General Settings
8.8.2. Networking Settings
8.8.3. Miscellaneous Settings
8.8.4. Recording Settings
8.8.5. Remote Machine Settings
8.8.6. Teleporting Settings
8.8.7. Debugging Settings
8.8.8. USB Card Reader Settings
8.8.9. Autostarting VMs During Host System Boot
8.9. VBoxManage clonevm
8.10. VBoxManage movevm
8.11. VBoxManage import
8.12. VBoxManage export
8.12.1. Export to OVF
8.12.2. Export to Oracle Cloud Infrastructure
8.13. VBoxManage startvm
8.14. VBoxManage controlvm
8.15. VBoxManage discardstate
8.16. VBoxManage adoptstate
8.17. VBoxManage snapshot
8.18. VBoxManage closemedium
8.19. VBoxManage storageattach
8.20. VBoxManage storagectl
8.21. VBoxManage bandwidthctl
8.22. VBoxManage showmediuminfo
8.23. VBoxManage createmedium
8.24. VBoxManage modifymedium
8.25. VBoxManage clonemedium
8.26. VBoxManage mediumproperty
8.27. VBoxManage encryptmedium
8.28. VBoxManage checkmediumpwd
8.29. VBoxManage convertfromraw
8.30. VBoxManage getextradata/setextradata
8.31. VBoxManage setproperty
8.32. VBoxManage usbfilter add/modify/remove
8.33. VBoxManage sharedfolder add/remove
8.34. VBoxManage guestproperty
8.35. VBoxManage guestcontrol
8.36. VBoxManage metrics
8.37. VBoxManage natnetwork
8.38. VBoxManage hostonlyif
8.39. VBoxManage dhcpserver
8.40. VBoxManage usbdevsource
8.41. VBoxManage mediumio
8.42. VBoxManage debugvm
8.43. VBoxManage extpack
8.44. VBoxManage unattended

8.1. Introduction

As briefly mentioned in Section 1.17, “Alternative Front-Ends”, VBoxManage is the command-line interface to Oracle VM VirtualBox. With it, you can completely control Oracle VM VirtualBox from the command line of your host operating system. VBoxManage supports all the features that the graphical user interface gives you access to, but it supports a lot more than that. It exposes all the features of the virtualization engine, even those that cannot be accessed from the GUI.

You will need to use the command line if you want to do the following:

  • Use a different user interface than the main GUI such as the VBoxHeadless server.

  • Control some of the more advanced and experimental configuration settings for a VM.

There are two main things to keep in mind when using VBoxManage. First, VBoxManage must always be used with a specific subcommand, such as list or createvm or startvm. All the subcommands that VBoxManage supports are described in detail in Chapter 8, VBoxManage.

Second, most of these subcommands require that you specify a particular virtual machine after the subcommand. There are two ways you can do this:

  • You can specify the VM name, as it is shown in the Oracle VM VirtualBox GUI. Note that if that name contains spaces, then you must enclose the entire name in double quotes. This is always required with command line arguments that contain spaces. For example:

    VBoxManage startvm "Windows XP"
  • You can specify the UUID, which is the internal unique identifier that Oracle VM VirtualBox uses to refer to the virtual machine. Assuming that the VM called "Windows XP" has the UUID shown below, the following command has the same effect as the previous example:

    VBoxManage startvm 670e746d-abea-4ba6-ad02-2a3b043810a5

You can enter VBoxManage list vms to have all currently registered VMs listed with all their settings, including their respective names and UUIDs.

Some typical examples of how to control Oracle VM VirtualBox from the command line are listed below:

  • To create a new virtual machine from the command line and immediately register it with Oracle VM VirtualBox, use VBoxManage createvm with the --register option, as follows:

    $ VBoxManage createvm --name "SUSE 10.2" --register
    VirtualBox Command Line Management Interface Version version-number
    (C) 2005-2018 Oracle Corporation
    All rights reserved.
    
    Virtual machine 'SUSE 10.2' is created.
    UUID: c89fc351-8ec6-4f02-a048-57f4d25288e5
    Settings file: '/home/username/.config/VirtualBox/Machines/SUSE 10.2/SUSE 10.2.xml'

    As can be seen from the above output, a new virtual machine has been created with a new UUID and a new XML settings file.

    For more details, see Section 8.7, “VBoxManage createvm”.

  • To show the configuration of a particular VM, use VBoxManage showvminfo. See Section 8.5, “VBoxManage showvminfo” for details and an example.

  • To change settings while a VM is powered off, use VBoxManage modifyvm. For example:

    VBoxManage modifyvm "Windows XP" --memory 512

    See also Section 8.8, “VBoxManage modifyvm”.

  • To change the storage configuration, such as to add a storage controller and then a virtual disk, use VBoxManage storagectl and VBoxManage storageattach. See Section 8.20, “VBoxManage storagectl” and Section 8.19, “VBoxManage storageattach”.

  • To control VM operation, use one of the following:

8.2. Commands Overview

When running VBoxManage without parameters or when supplying an invalid command line, the following command syntax list is shown. Note that the output will be slightly different depending on the host platform. If in doubt, check the output of VBoxManage for the commands available on your particular host.

Usage:

  VBoxManage [<general option>] <command>
 
 
General Options:
 
  [-v|--version]            print version number and exit
  [-q|--nologo]             suppress the logo
  [--settingspw <pw>]       provide the settings password
  [--settingspwfile <file>] provide a file containing the settings password
  [@<response-file>]        load arguments from the given response file (bourne style)
 
 
Commands:
 
  list [--long|-l] [--sorted|-s]          vms|runningvms|ostypes|hostdvds|hostfloppies|
                            intnets|bridgedifs|hostonlyifs|natnets|dhcpservers|
                            hostinfo|hostcpuids|hddbackends|hdds|dvds|floppies|
                            usbhost|usbfilters|systemproperties|extpacks|
                            groups|webcams|screenshotformats|cloudproviders|
                            cloudprofiles

  showvminfo                <uuid|vmname> [--details]
                            [--machinereadable]
  showvminfo                <uuid|vmname> --log <idx>

  registervm                <filename>

  unregistervm              <uuid|vmname> [--delete]

  createvm                  --name <name>
                            [--groups <group>, ...]
                            [--ostype <ostype>]
                            [--register]
                            [--basefolder <path>]
                            [--uuid <uuid>]
                            [--default]

  modifyvm                  <uuid|vmname>
                            [--name <name>]
                            [--groups <group>, ...]
                            [--description <desc>]
                            [--ostype <ostype>]
                            [--iconfile <filename>]
                            [--memory <memorysize in MB>]
                            [--pagefusion on|off]
                            [--vram <vramsize in MB>]
                            [--acpi on|off]
                            [--pciattach 03:04.0]
                            [--pciattach 03:04.0@02:01.0]
                            [--pcidetach 03:04.0]
                            [--ioapic on|off]
                            [--hpet on|off]
                            [--triplefaultreset on|off]
                            [--apic on|off]
                            [--x2apic on|off]
                            [--paravirtprovider none|default|legacy|minimal|
                                                hyperv|kvm]
                            [--paravirtdebug <key=value> [,<key=value> ...]]
                            [--hwvirtex on|off]
                            [--nestedpaging on|off]
                            [--largepages on|off]
                            [--vtxvpid on|off]
                            [--vtxux on|off]
                            [--pae on|off]
                            [--longmode on|off]
                            [--ibpb-on-vm-exit on|off]
                            [--ibpb-on-vm-entry on|off]
                            [--spec-ctrl on|off]
                            [--l1d-flush-on-sched on|off]
                            [--l1d-flush-on-vm-entry on|off]
                            [--nested-hw-virt on|off]
                            [--cpu-profile "host|Intel 80[86|286|386]"]
                            [--cpuid-portability-level <0..3>
                            [--cpuid-set <leaf[:subleaf]> <eax> <ebx> <ecx> <edx>]
                            [--cpuid-remove <leaf[:subleaf]>]
                            [--cpuidremoveall]
                            [--hardwareuuid <uuid>]
                            [--cpus <number>]
                            [--cpuhotplug on|off]
                            [--plugcpu <id>]
                            [--unplugcpu <id>]
                            [--cpuexecutioncap <1-100>]
                            [--rtcuseutc on|off]
                            [--graphicscontroller none|vboxvga|vmsvga|vboxsvga]
                            [--monitorcount <number>]
                            [--accelerate3d on|off]
                            [--accelerate2dvideo on|off]
                            [--firmware bios|efi|efi32|efi64]
                            [--chipset ich9|piix3]
                            [--bioslogofadein on|off]
                            [--bioslogofadeout on|off]
                            [--bioslogodisplaytime <msec>]
                            [--bioslogoimagepath <imagepath>]
                            [--biosbootmenu disabled|menuonly|messageandmenu]
                            [--biosapic disabled|apic|x2apic]
                            [--biossystemtimeoffset <msec>]
                            [--biospxedebug on|off]
                            [--boot<1-4> none|floppy|dvd|disk|net>]
                            [--nic<1-N> none|null|nat|bridged|intnet|hostonly|
                                        generic|natnetwork]
                            [--nictype<1-N> Am79C970A|Am79C973|
                                            82540EM|82543GC|82545EM|
                                            virtio]
                            [--cableconnected<1-N> on|off]
                            [--nictrace<1-N> on|off]
                            [--nictracefile<1-N> <filename>]
                            [--nicproperty<1-N> name=[value]]
                            [--nicspeed<1-N> <kbps>]
                            [--nicbootprio<1-N> <priority>]
                            [--nicpromisc<1-N> deny|allow-vms|allow-all]
                            [--nicbandwidthgroup<1-N> none|<name>]
                            [--bridgeadapter<1-N> none|<devicename>]
                            [--hostonlyadapter<1-N> none|<devicename>]
                            [--intnet<1-N> <network name>]
                            [--nat-network<1-N> <network name>]
                            [--nicgenericdrv<1-N> <driver>
                            [--natnet<1-N> <network>|default]
                            [--natsettings<1-N> [<mtu>],[<socksnd>],
                                                [<sockrcv>],[<tcpsnd>],
                                                [<tcprcv>]]
                            [--natpf<1-N> [<rulename>],tcp|udp,[<hostip>],
                                          <hostport>,[<guestip>],<guestport>]
                            [--natpf<1-N> delete <rulename>]
                            [--nattftpprefix<1-N> <prefix>]
                            [--nattftpfile<1-N> <file>]
                            [--nattftpserver<1-N> <ip>]
                            [--natbindip<1-N> <ip>
                            [--natdnspassdomain<1-N> on|off]
                            [--natdnsproxy<1-N> on|off]
                            [--natdnshostresolver<1-N> on|off]
                            [--nataliasmode<1-N> default|[log],[proxyonly],
                                                         [sameports]]
                            [--macaddress<1-N> auto|<mac>]
                            [--mouse ps2|usb|usbtablet|usbmultitouch]
                            [--keyboard ps2|usb
                            [--uart<1-N> off|<I/O base> <IRQ>]
                            [--uartmode<1-N> disconnected|
                                             server <pipe>|
                                             client <pipe>|
                                             tcpserver <port>|
                                             tcpclient <hostname:port>|
                                             file <file>|
                                             <devicename>]
                            [--uarttype<1-N> 16450|16550A|16750
                            [--lpt<1-N> off|<I/O base> <IRQ>]
                            [--lptmode<1-N> <devicename>]
                            [--guestmemoryballoon <balloonsize in MB>]
                            [--audio none|null|dsound|oss|alsa|pulse|
                                     oss|pulse|coreaudio]
                            [--audioin on|off]
                            [--audioout on|off]
                            [--audiocontroller ac97|hda|sb16]
                            [--audiocodec stac9700|ad1980|stac9221|sb16]
                            [--clipboard disabled|hosttoguest|guesttohost|
                                         bidirectional]
                            [--draganddrop disabled|hosttoguest|guesttohost|
                                         bidirectional]
                            [--vrde on|off]
                            [--vrdeextpack default|<name>
                            [--vrdeproperty <name=[value]>]
                            [--vrdeport <hostport>]
                            [--vrdeaddress <hostip>]
                            [--vrdeauthtype null|external|guest]
                            [--vrdeauthlibrary default|<name>
                            [--vrdemulticon on|off]
                            [--vrdereusecon on|off]
                            [--vrdevideochannel on|off]
                            [--vrdevideochannelquality <percent>]
                            [--usbohci on|off]
                            [--usbehci on|off]
                            [--usbxhci on|off]
                            [--usbrename <oldname> <newname>]
                            [--snapshotfolder default|<path>]
                            [--teleporter on|off]
                            [--teleporterport <port>]
                            [--teleporteraddress <address|empty>
                            [--teleporterpassword <password>]
                            [--teleporterpasswordfile <file>|stdin]
                            [--tracing-enabled on|off]
                            [--tracing-config <config-string>]
                            [--tracing-allow-vm-access on|off]
                            [--usbcardreader on|off]
                            [--autostart-enabled on|off]
                            [--autostart-delay <seconds>]
                            [--recording on|off]
                            [--recordingscreens all|<screen ID> [<screen ID> ...]]
                            [--recordingfile <filename>]
                            [--recordingvideores <width> <height>]
                            [--recordingvideorate <rate>]
                            [--recordingvideofps <fps>]
                            [--recordingmaxtime <s>]
                            [--recordingmaxsize <MB>]
                            [--recordingopts <key=value> [,<key=value> ...]]
                            [--defaultfrontend default|<name>]

  clonevm                   <uuid|vmname>
                            [--snapshot <uuid>|<name>]
                            [--mode machine|machineandchildren|all]
                            [--options link|keepallmacs|keepnatmacs|
                                       keepdisknames|keephwuuids]
                            [--name <name>]
                            [--groups <group>, ...]
                            [--basefolder <basefolder>]
                            [--uuid <uuid>]
                            [--register]

  movevm                    <uuid|vmname>
                            --type basic
                            [--folder <path>]

  import                    <ovfname/ovaname>
                            [--dry-run|-n]
                            [--options keepallmacs|keepnatmacs|importtovdi]
                            [more options]
                            (run with -n to have options displayed
                             for a particular OVF)

  export                    <machines> --output|-o <name>.<ovf/ova/tar.gz>
                            [--legacy09|--ovf09|--ovf10|--ovf20|--opc10]
                            [--manifest]
                            [--iso]
                            [--options manifest|iso|nomacs|nomacsbutnat]
                            [--vsys <number of virtual system>]
                                    [--vmname <name>]
                                    [--product <product name>]
                                    [--producturl <product url>]
                                    [--vendor <vendor name>]
                                    [--vendorurl <vendor url>]
                                    [--version <version info>]
                                    [--description <description info>]
                                    [--eula <license text>]
                                    [--eulafile <filename>]
                            [--cloud <number of virtual system>]
                                    [--vmname <name>]
                                    [--cloudprofile <cloud profile name>]
                                    [--cloudshape <shape>]
                                    [--clouddomain <domain>]
                                    [--clouddisksize <disk size in GB>]
                                    [--cloudbucket <bucket name>]
                                    [--cloudocivcn <OCI vcn id>]
                                    [--cloudocisubnet <OCI subnet id>]
                                    [--cloudkeepobject <true/false>]
                                    [--cloudlaunchinstance <true/false>]
                                    [--cloudpublicip <true/false>]

  startvm                   <uuid|vmname>...
                            [--type gui|sdl|headless|separate]
                            [-E|--putenv <NAME>[=<VALUE>]]

  controlvm                 <uuid|vmname>
                            pause|resume|reset|poweroff|savestate|
                            acpipowerbutton|acpisleepbutton|
                            keyboardputscancode <hex> [<hex> ...]|
                            keyboardputstring <string1> [<string2> ...]|
                            keyboardputfile <filename>|
                            setlinkstate<1-N> on|off |
                            nic<1-N> null|nat|bridged|intnet|hostonly|generic|
                                     natnetwork [<devicename>] |
                            nictrace<1-N> on|off |
                            nictracefile<1-N> <filename> |
                            nicproperty<1-N> name=[value] |
                            nicpromisc<1-N> deny|allow-vms|allow-all |
                            natpf<1-N> [<rulename>],tcp|udp,[<hostip>],
                                        <hostport>,[<guestip>],<guestport> |
                            natpf<1-N> delete <rulename> |
                            guestmemoryballoon <balloonsize in MB> |
                            usbattach <uuid>|<address>
                                      [--capturefile <filename>] |
                            usbdetach <uuid>|<address> |
                            audioin on|off |
                            audioout on|off |
                            clipboard disabled|hosttoguest|guesttohost|
                                      bidirectional |
                            draganddrop disabled|hosttoguest|guesttohost|
                                      bidirectional |
                            vrde on|off |
                            vrdeport <port> |
                            vrdeproperty <name=[value]> |
                            vrdevideochannelquality <percent> |
                            setvideomodehint <xres> <yres> <bpp>
                                            [[<display>] [<enabled:yes|no> |
                                              [<xorigin> <yorigin>]]] |
                            setscreenlayout <display> on|primary <xorigin> <yorigin> <xres> <yres> <bpp> | off
                            screenshotpng <file> [display] |
                            recording on|off |
                            recording screens all|none|<screen>,[<screen>...] |
                            recording filename <file> |
                            recording videores <width>x<height> |
                            recording videorate <rate> |
                            recording videofps <fps> |
                            recording maxtime <s> |
                            recording maxfilesize <MB> |
                            setcredentials <username>
                                           --passwordfile <file> | <password>
                                           <domain>
                                           [--allowlocallogon <yes|no>] |
                            teleport --host <name> --port <port>
                                     [--maxdowntime <msec>]
                                     [--passwordfile <file> |
                                      --password <password>] |
                            plugcpu <id> |
                            unplugcpu <id> |
                            cpuexecutioncap <1-100>
                            webcam <attach [path [settings]]> | <detach [path]> | <list>
                            addencpassword <id>
                                           <password file>|-
                                           [--removeonsuspend <yes|no>]
                            removeencpassword <id>
                            removeallencpasswords
                            changeuartmode<1-N> disconnected|
                                                server <pipe>|
                                                client <pipe>|
                                                tcpserver <port>|
                                                tcpclient <hostname:port>|
                                                file <file>|
                                                <devicename>]

  discardstate              <uuid|vmname>

  adoptstate                <uuid|vmname> <state_file>

  snapshot                  <uuid|vmname>
                            take <name> [--description <desc>] [--live]
                                 [--uniquename Number,Timestamp,Space,Force] |
                            delete <uuid|snapname> |
                            restore <uuid|snapname> |
                            restorecurrent |
                            edit <uuid|snapname>|--current
                                 [--name <name>]
                                 [--description <desc>] |
                            list [--details|--machinereadable] |
                            showvminfo <uuid|snapname>

  closemedium               [disk|dvd|floppy] <uuid|filename>
                            [--delete]

  storageattach             <uuid|vmname>
                            --storagectl <name>
                            [--port <number>]
                            [--device <number>]
                            [--type dvddrive|hdd|fdd]
                            [--medium none|emptydrive|additions|
                                      <uuid|filename>|host:<drive>|iscsi]
                            [--mtype normal|writethrough|immutable|shareable|
                                     readonly|multiattach]
                            [--comment <text>]
                            [--setuuid <uuid>]
                            [--setparentuuid <uuid>]
                            [--passthrough on|off]
                            [--tempeject on|off]
                            [--nonrotational on|off]
                            [--discard on|off]
                            [--hotpluggable on|off]
                            [--bandwidthgroup <name>]
                            [--forceunmount]
                            [--server <name>|<ip>]
                            [--target <target>]
                            [--tport <port>]
                            [--lun <lun>]
                            [--encodedlun <lun>]
                            [--username <username>]
                            [--password <password>]
                            [--passwordfile <file>]
                            [--initiator <initiator>]
                            [--intnet]

  storagectl                <uuid|vmname>
                            --name <name>
                            [--add ide|sata|scsi|floppy|sas|usb|pcie]
                            [--controller LSILogic|LSILogicSAS|BusLogic|
                                          IntelAHCI|PIIX3|PIIX4|ICH6|I82078|
                            [             USB|NVMe]
                            [--portcount <1-n>]
                            [--hostiocache on|off]
                            [--bootable on|off]
                            [--rename <name>]
                            [--remove]

  bandwidthctl              <uuid|vmname>
                            add <name> --type disk|network
                                --limit <megabytes per second>[k|m|g|K|M|G] |
                            set <name>
                                --limit <megabytes per second>[k|m|g|K|M|G] |
                            remove <name> |
                            list [--machinereadable]
                            (limit units: k=kilobit, m=megabit, g=gigabit,
                                          K=kilobyte, M=megabyte, G=gigabyte)

  showmediuminfo            [disk|dvd|floppy] <uuid|filename>

  createmedium              [disk|dvd|floppy] --filename <filename>
                            [--size <megabytes>|--sizebyte <bytes>]
                            [--diffparent <uuid>|<filename>
                            [--format VDI|VMDK|VHD] (default: VDI)
                            [--variant Standard,Fixed,Split2G,Stream,ESX,
                                       Formatted]

  modifymedium              [disk|dvd|floppy] <uuid|filename>
                            [--type normal|writethrough|immutable|shareable|
                                    readonly|multiattach]
                            [--autoreset on|off]
                            [--property <name=[value]>]
                            [--compact]
                            [--resize <megabytes>|--resizebyte <bytes>]
                            [--move <path>]
                            [--setlocation <path>]
                            [--description <description string>]
  clonemedium               [disk|dvd|floppy] <uuid|inputfile> <uuid|outputfile>
                            [--format VDI|VMDK|VHD|RAW|<other>]
                            [--variant Standard,Fixed,Split2G,Stream,ESX]
                            [--existing]

  mediumproperty            [disk|dvd|floppy] set <uuid|filename>
                            <property> <value>

                            [disk|dvd|floppy] get <uuid|filename>
                            <property>

                            [disk|dvd|floppy] delete <uuid|filename>
                            <property>

  encryptmedium             <uuid|filename>
                            [--newpassword <file>|-]
                            [--oldpassword <file>|-]
                            [--cipher <cipher identifier>]
                            [--newpasswordid <password identifier>]

  checkmediumpwd            <uuid|filename>
                            <pwd file>|-

  convertfromraw            <filename> <outputfile>
                            [--format VDI|VMDK|VHD]
                            [--variant Standard,Fixed,Split2G,Stream,ESX]
                            [--uuid <uuid>]
  convertfromraw            stdin <outputfile> <bytes>
                            [--format VDI|VMDK|VHD]
                            [--variant Standard,Fixed,Split2G,Stream,ESX]
                            [--uuid <uuid>]

  getextradata              global|<uuid|vmname>
                            <key>|[enumerate]

  setextradata              global|<uuid|vmname>
                            <key>
                            [<value>] (no value deletes key)

  setproperty               machinefolder default|<folder> |
                            hwvirtexclusive on|off |
                            vrdeauthlibrary default|<library> |
                            websrvauthlibrary default|null|<library> |
                            vrdeextpack null|<library> |
                            autostartdbpath null|<folder> |
                            loghistorycount <value>
                            defaultfrontend default|<name>
                            logginglevel <log setting>
                            proxymode system|noproxy|manual
                            proxyurl <url>

  usbfilter                 add <index,0-N>
                            --target <uuid|vmname>|global
                            --name <string>
                            --action ignore|hold (global filters only)
                            [--active yes|no] (yes)
                            [--vendorid <XXXX>] (null)
                            [--productid <XXXX>] (null)
                            [--revision <IIFF>] (null)
                            [--manufacturer <string>] (null)
                            [--product <string>] (null)
                            [--remote yes|no] (null, VM filters only)
                            [--serialnumber <string>] (null)
                            [--maskedinterfaces <XXXXXXXX>]

  usbfilter                 modify <index,0-N>
                            --target <uuid|vmname>|global
                            [--name <string>]
                            [--action ignore|hold] (global filters only)
                            [--active yes|no]
                            [--vendorid <XXXX>|""]
                            [--productid <XXXX>|""]
                            [--revision <IIFF>|""]
                            [--manufacturer <string>|""]
                            [--product <string>|""]
                            [--remote yes|no] (null, VM filters only)
                            [--serialnumber <string>|""]
                            [--maskedinterfaces <XXXXXXXX>]

  usbfilter                 remove <index,0-N>
                            --target <uuid|vmname>|global

  sharedfolder              add <uuid|vmname>
                            --name <name> --hostpath <hostpath>
                            [--transient] [--readonly] [--automount]

  sharedfolder              remove <uuid|vmname>
                            --name <name> [--transient]

  guestproperty             get <uuid|vmname>
                            <property> [--verbose]

  guestproperty             set <uuid|vmname>
                            <property> [<value> [--flags <flags>]]

  guestproperty             delete|unset <uuid|vmname>
                            <property>

  guestproperty             enumerate <uuid|vmname>
                            [--patterns <patterns>]

  guestproperty             wait <uuid|vmname> <patterns>
                            [--timeout <msec>] [--fail-on-timeout]

  guestcontrol              <uuid|vmname> [--verbose|-v] [--quiet|-q]
                              [--username <name>] [--domain <domain>]
                              [--passwordfile <file> | --password <password>]

                              run [common-options]
                              [--exe <path to executable>] [--timeout <msec>]
                              [-E|--putenv <NAME>[=<VALUE>]] [--unquoted-args]
                              [--ignore-operhaned-processes] [--profile]
                              [--no-wait-stdout|--wait-stdout]
                              [--no-wait-stderr|--wait-stderr]
                              [--dos2unix] [--unix2dos]
                              -- <program/arg0> [argument1] ... [argumentN]]

                              start [common-options]
                              [--exe <path to executable>] [--timeout <msec>]
                              [-E|--putenv <NAME>[=<VALUE>]] [--unquoted-args]
                              [--ignore-operhaned-processes] [--profile]
                              -- <program/arg0> [argument1] ... [argumentN]]

                              copyfrom [common-options]
                              [--follow] [-R|--recursive]
                              <guest-src0> [guest-src1 [...]] <host-dst>

                              copyfrom [common-options]
                              [--follow] [-R|--recursive]
                              [--target-directory <host-dst-dir>]
                              <guest-src0> [guest-src1 [...]]

                              copyto [common-options]
                              [--follow] [-R|--recursive]
                              <host-src0> [host-src1 [...]] <guest-dst>

                              copyto [common-options]
                              [--follow] [-R|--recursive]
                              [--target-directory <guest-dst>]
                              <host-src0> [host-src1 [...]]

                              mkdir|createdir[ectory] [common-options]
                              [--parents] [--mode <mode>]
                              <guest directory> [...]

                              rmdir|removedir[ectory] [common-options]
                              [-R|--recursive]
                              <guest directory> [...]

                              removefile|rm [common-options] [-f|--force]
                              <guest file> [...]

                              mv|move|ren[ame] [common-options]
                              <source> [source1 [...]] <dest>

                              mktemp|createtemp[orary] [common-options]
                              [--secure] [--mode <mode>] [--tmpdir <directory>]
                              <template>

                              stat [common-options]
                              <file> [...]

  guestcontrol              <uuid|vmname> [--verbose|-v] [--quiet|-q]

                              list <all|sessions|processes|files> [common-opts]

                              closeprocess [common-options]
                              <   --session-id <ID>
                                | --session-name <name or pattern>
                              <PID1> [PID1 [...]]

                              closesession [common-options]
                              <  --all | --session-id <ID>
                                | --session-name <name or pattern> >

                              updatega|updateguestadditions|updateadditions
                              [--source <guest additions .ISO>]
                              [--wait-start] [common-options]
                              [-- [<argument1>] ... [<argumentN>]]

                              watch [common-options]

  metrics                   list [*|host|<vmname> [<metric_list>]]
                                                 (comma-separated)

  metrics                   setup
                            [--period <seconds>] (default: 1)
                            [--samples <count>] (default: 1)
                            [--list]
                            [*|host|<vmname> [<metric_list>]]

  metrics                   query [*|host|<vmname> [<metric_list>]]

  metrics                   enable
                            [--list]
                            [*|host|<vmname> [<metric_list>]]

  metrics                   disable
                            [--list]
                            [*|host|<vmname> [<metric_list>]]

  metrics                   collect
                            [--period <seconds>] (default: 1)
                            [--samples <count>] (default: 1)
                            [--list]
                            [--detach]
                            [*|host|<vmname> [<metric_list>]]

  natnetwork                add --netname <name>
                            --network <network>
                            [--enable|--disable]
                            [--dhcp on|off]
                            [--port-forward-4 <rule>]
                            [--loopback-4 <rule>]
                            [--ipv6 on|off]
                            [--port-forward-6 <rule>]
                            [--loopback-6 <rule>]

  natnetwork                remove --netname <name>

  natnetwork                modify --netname <name>
                            [--network <network>]
                            [--enable|--disable]
                            [--dhcp on|off]
                            [--port-forward-4 <rule>]
                            [--loopback-4 <rule>]
                            [--ipv6 on|off]
                            [--port-forward-6 <rule>]
                            [--loopback-6 <rule>]

  natnetwork                start --netname <name>

  natnetwork                stop --netname <name>

  natnetwork                list [<pattern>]

  hostonlyif                ipconfig <name>
                            [--dhcp |
                            --ip<ipv4> [--netmask<ipv4> (def: 255.255.255.0)] |
                            --ipv6<ipv6> [--netmasklengthv6<length> (def: 64)]]
                            create |
                            remove <name>

  dhcpserver                add|modify --netname <network_name> |
                                       --ifname <hostonly_if_name>
                            [--ip <ip_address>
                            --netmask <network_mask>
                            --lowerip <lower_ip>
                            --upperip <upper_ip>]
                            [--enable | --disable]
                            [--options [--vm <name> --nic <1-N>]
                             --id <number> [--value <string> | --remove]]
                             (multiple options allowed after --options)

  dhcpserver                remove --netname <network_name> |
                                   --ifname <hostonly_if_name>

  usbdevsource              add <source name>
                            --backend <backend>
                            --address <address>
  usbdevsource              remove <source name>

VBoxManage mediumio <[--disk=uuid|filename] | [--dvd=uuid|filename] | [--floppy=uuid|filename]> [--password-file-|filename] formatfat [--quick]

VBoxManage mediumio <[--disk=uuid|filename] | [--dvd=uuid|filename] | [--floppy=uuid|filename]> [--password-file-|filename] cat [--hex] [--offset=byte-offset] [--size=bytes] [--output=-|filename]

VBoxManage mediumio <[--disk=uuid|filename] | [--dvd=uuid|filename] | [--floppy=uuid|filename]> [--password-file-|filename] stream [--format=image-format] [--variant=image-variant] [--output=-|filename]

VBoxManage debugvm <uuid|vmname> dumpvmcore [--filename=name]

VBoxManage debugvm <uuid|vmname> info <item> [args...]

VBoxManage debugvm <uuid|vmname> injectnmi

VBoxManage debugvm <uuid|vmname> log [[--release] | [--debug]] [group-settings...]

VBoxManage debugvm <uuid|vmname> logdest [[--release] | [--debug]] [destinations...]

VBoxManage debugvm <uuid|vmname> logflags [[--release] | [--debug]] [flags...]

VBoxManage debugvm <uuid|vmname> osdetect

VBoxManage debugvm <uuid|vmname> osinfo

VBoxManage debugvm <uuid|vmname> osdmesg [--lines=lines]

VBoxManage debugvm <uuid|vmname> getregisters [--cpu=id] [reg-set.reg-name...]

VBoxManage debugvm <uuid|vmname> setregisters [--cpu=id] [reg-set.reg-name=value...]

VBoxManage debugvm <uuid|vmname> show [[--human-readable] | [--sh-export] | [--sh-eval] | [--cmd-set]] [settings-item...]

VBoxManage debugvm <uuid|vmname> stack [--cpu=id]

VBoxManage debugvm <uuid|vmname> statistics [--reset] [--descriptions] [--pattern=pattern]

VBoxManage extpack install [--replace] <tarball>

VBoxManage extpack uninstall [--force] <name>

VBoxManage extpack cleanup

VBoxManage unattended detect <--iso=install-iso> [--machine-readable]

VBoxManage unattended install <uuid|vmname> <--iso=install-iso> [--user=login] [--password=password] [--password-file=file] [--full-user-name=name] [--key=product-key] [--install-additions] [--no-install-additions] [--additions-iso=add-iso] [--install-txs] [--no-install-txs] [--validation-kit-iso=testing-iso] [--locale=ll_CC] [--country=CC] [--time-zone=tz] [--hostname=fqdn] [--package-selection-adjustment=keyword] [--dry-run] [--auxiliary-base-path=path] [--image-index=number] [--script-template=file] [--post-install-template=file] [--post-install-command=command] [--extra-install-kernel-parameters=params] [--language=lang] [--start-vm=session-type]

Each time VBoxManage is invoked, only one command can be executed. However, a command might support several subcommands which then can be invoked in one single call. The following sections provide detailed reference information on the different commands.

8.3. General Options

  • -v|--version: Show the version of this tool and exit.

  • --nologo: Suppress the output of the logo information. This option is useful for scripts.

  • --settingspw: Specifiy a settings password.

  • --settingspwfile: Specify a file containing the settings password.

The settings password is used for certain settings which need to be stored in encrypted form for security reasons. At the moment, the only encrypted setting is the iSCSI initiator secret, see Section 8.19, “VBoxManage storageattach”. As long as no settings password is specified, this information is stored in plain text. After using the --settingspw|--settingspwfile option once, it must be always used. Otherwise, the encrypted setting cannot be unencrypted.

8.4. VBoxManage list

The list command gives relevant information about your system and information about Oracle VM VirtualBox's current settings.

The following subcommands are available with VBoxManage list:

  • vms: Lists all virtual machines currently registered with Oracle VM VirtualBox. By default this displays a compact list with each VM's name and UUID. If you also specify --long or -l, this will be a detailed list as with the showvminfo command, see Section 8.5, “VBoxManage showvminfo”.

  • runningvms: Lists all currently running virtual machines by their unique identifiers (UUIDs) in the same format as with vms.

  • ostypes: Lists all guest operating systems presently known to Oracle VM VirtualBox, along with the identifiers used to refer to them with the modifyvm command.

  • hostdvds, hostfloppies: Lists the DVD, floppy, bridged networking, and host-only networking interfaces on the host, along with the name used to access them from within Oracle VM VirtualBox.

  • intnets: Displays information about the internal networks.

  • bridgedifs, hostonlyifs, natnets, dhcpservers: Lists the bridged network interfaces, host-only network interfaces, NAT network interfaces, and DHCP servers currently available on the host. See Chapter 6, Virtual Networking.

  • hostinfo: Displays information about the host system, such as CPUs, memory size, and operating system version.

  • hostcpuids: Lists the CPUID parameters for the host CPUs. This can be used for a more fine grained analyis of the host's virtualization capabilities.

  • hddbackends: Lists all known virtual disk back-ends of Oracle VM VirtualBox. For each such format, such as VDI, VMDK, or RAW, this subcommand lists the back-end's capabilities and configuration.

  • hdds, dvds, floppies: Shows information about virtual disk images currently in use by Oracle VM VirtualBox, including all their settings, the unique identifiers (UUIDs) associated with them by Oracle VM VirtualBox and all files associated with them. This is the command-line equivalent of the Virtual Media Manager. See Section 5.3, “The Virtual Media Manager”.

  • usbhost: Shows information about USB devices attached to the host, including information useful for constructing USB filters and whether they are currently in use by the host.

  • usbfilters: Lists all global USB filters registered with Oracle VM VirtualBox and displays the filter parameters. Global USB filters are for devices which are accessible to all virtual machines.

  • systemproperties: Displays some global Oracle VM VirtualBox settings, such as minimum and maximum guest RAM and virtual hard disk size, folder settings and the current authentication library in use.

  • extpacks: Displays all Oracle VM VirtualBox extension packs that are currently installed. See Section 1.6, “Installing Oracle VM VirtualBox and Extension Packs” and Section 8.43, “VBoxManage extpack”.

  • groups: Displays details of the VM Groups. See Section 1.10, “Using VM Groups”.

  • webcams: Displays a list of webcams attached to the running VM. The output format is a list of absolute paths or aliases that were used for attaching the webcams to the VM using the webcam attach command.

  • screenshotformats: Displays a list of available screenshot formats.

  • cloudproviders: Displays a list of cloud providers that are supported by Oracle VM VirtualBox. Oracle Cloud Infrastructure is an example of a cloud provider.

  • cloudprofiles: Displays a list of cloud profiles that have been configured.

    Cloud profiles are used when exporting VMs to a cloud service. See Section 1.15.4, “Exporting an Appliance to Oracle Cloud Infrastructure”.

8.5. VBoxManage showvminfo

The showvminfo command shows information about a particular virtual machine. This is the same information as VBoxManage list vms --long would show for all virtual machines.

You will see information as shown in the following example.

$ VBoxManage showvminfo "Windows XP"
VirtualBox Command Line Management Interface Version version-number
(C) 2005-2018 Oracle Corporation
All rights reserved.

Name:            Windows XP
Guest OS:        Other/Unknown
UUID:            1bf3464d-57c6-4d49-92a9-a5cc3816b7e7
Config file:     /home/username/.config/VirtualBox/Machines/Windows XP/Windows XP.xml
Memory size:     512MB
VRAM size:       12MB
Number of CPUs:  2
Boot menu mode:  message and menu
Boot Device (1): DVD
Boot Device (2): HardDisk
Boot Device (3): Not Assigned
Boot Device (4): Not Assigned
ACPI:            on
IOAPIC:          on
...
    

Use the --machinereadable option to produce the same output, but in machine readable format with a property=value string on each line. For example:

...
groups="/"
ostype="Oracle (64-bit)"
UUID="457af700-bc0a-4258-aa3c-13b03da171f2"
...
 

8.6. VBoxManage registervm/unregistervm

The registervm command enables you to import a virtual machine definition in an XML file into Oracle VM VirtualBox. The machine must not conflict with one already registered in Oracle VM VirtualBox and it may not have any hard or removable disks attached. It is advisable to place the definition file in the machines folder before registering it.

Note

When creating a new virtual machine with VBoxManage createvm, as shown in Section 8.7, “VBoxManage createvm”, you can directly specify the --register option to avoid having to register it separately.

The unregistervm command unregisters a virtual machine. If --delete is also specified, the following files will also be deleted automatically:

  • All hard disk image files, including differencing files, which are used by the machine and not shared with other machines.

  • Saved state files that the machine created. One if the machine was in Saved state and one for each online snapshot.

  • The machine XML file and its backups.

  • The machine log files.

  • The machine directory, if it is empty after having deleted all of the above files.

8.7. VBoxManage createvm

The VBoxManage createvm command creates a new XML virtual machine definition file.

You must specify the name of the VM by using --name name. This name is used by default as the file name of the settings file that has the .xml extension and the machine folder, which is a subfolder of the .config/VirtualBox/Machines folder. Note that the machine folder path name varies based on the OS type and the Oracle VM VirtualBox version.

Ensure that the VM name conforms to the host OS's file name requirements. If you later rename the VM, the file and folder names will be updated to match the new name automatically.

The --basefolder path option specifies the machine folder path name. Note that the names of the file and the folder do not change if you rename the VM.

The --group group-ID, ... option assigns the VM to the specified groups. Note that group IDs always start with / so that they can be nested. By default, each VM is assigned membership to the / group.

The --ostype ostype option specifies the guest OS to run in the VM. Run the VBoxManage list ostypes command to see the available OS types.

The --uuid uuid option specifies the universal unique identifier (UUID) of the VM. The UUID must be unique within the namespace of the host or of its VM group memberships. By default, the VBoxManage command automatically generates the UUID.

The --default option applies a default hardware configuration for the specified guest OS. By default, the VM is created with minimal hardware.

The --register option registers the VM with your Oracle VM VirtualBox installation. By default, the VBoxManage createvm command creates only the XML configuration for the VM but does not registered the VM. If you do not register the VM at creation, you can run the VBoxManage registervm command after you create the VM.

8.8. VBoxManage modifyvm

This command changes the properties of a registered virtual machine which is not running. Most of the properties that this command makes available correspond to the VM settings that Oracle VM VirtualBox graphical user interface displays in each VM's Settings dialog. These are described in Chapter 3, Configuring Virtual Machines. However, some of the more advanced settings are only available through the VBoxManage interface.

These commands require that the machine is powered off, neither running nor in a Saved state. Some machine settings can also be changed while a machine is running. Those settings will then have a corresponding subcommand with the VBoxManage controlvm subcommand. See Section 8.14, “VBoxManage controlvm”.

8.8.1. General Settings

The following general settings are available through VBoxManage modifyvm:

  • --name <name>: Changes the VM's name and can be used to rename the internal virtual machine files, as described in Section 8.7, “VBoxManage createvm”.

  • --groups <group>, ...: Changes the group membership of a VM. Groups always start with a / and can be nested. By default VMs are in group /.

  • --description <desc>: Changes the VM's description, which is a way to record details about the VM in a way which is meaningful for the user. The GUI interprets HTML formatting, the command line allows arbitrary strings potentially containing multiple lines.

  • --ostype <ostype>: Specifies what guest operating system is supposed to run in the VM. To learn about the various identifiers that can be used here, use VBoxManage list ostypes.

  • --iconfile <filename>: Specifies the absolute path on the host file system for the Oracle VM VirtualBox icon to be displayed in the VM.

  • --memory <memorysize>: Sets the amount of RAM, in MB, that the virtual machine should allocate for itself from the host. See Section 1.8, “Creating Your First Virtual Machine”.

  • --pagefusion on|off: Enables and disables the Page Fusion feature. Page Fusion is disabled by default. The Page Fusion feature minimises memory duplication between VMs with similar configurations running on the same host. See Section 4.10.2, “Page Fusion”.

  • --vram <vramsize>: Sets the amount of RAM that the virtual graphics card should have. See Section 3.6, “Display Settings”.

  • --acpi on|off and --ioapic on|off: Determines whether the VM has ACPI and I/O APIC support. See Section 3.5.1, “Motherboard Tab”.

  • --pciattach <host PCI address [@ guest PCI bus address]>: Attaches a specified PCI network controller on the host to a specified PCI bus on the guest. See Section 9.5, “PCI Passthrough”.

  • --pcidetach <host PCI address>: Detaches a specified PCI network controller on the host from the attached PCI bus on the guest. See Section 9.5, “PCI Passthrough”.

  • --hardwareuuid <uuid>: The UUID presented to the guest through memory tables (DMI/SMBIOS), hardware, and guest properties. By default this is the same as the VM UUID. This setting is useful when cloning a VM. Teleporting takes care of this automatically.

  • --cpus <cpucount>: Sets the number of virtual CPUs for the virtual machine, see Section 3.5.2, “Processor Tab”. If CPU hot-plugging is enabled, this then sets the maximum number of virtual CPUs that can be plugged into the virtual machines.

  • --cpuhotplug on|off: Enables CPU hot-plugging. When enabled, virtual CPUs can be added to and removed from a virtual machine while it is running. See Section 9.4, “CPU Hot-Plugging”.

  • --plugcpu|unplugcpu <id>: If CPU hot-plugging is enabled, this setting adds or removes a virtual CPU on the virtual machine. <id> specifies the index of the virtual CPU to be added or removed and must be a number from 0 to the maximum number of CPUs configured with the --cpus option. CPU 0 can never be removed.

  • --cpuexecutioncap <1-100>: Controls how much CPU time a virtual CPU can use. A value of 50 implies a single virtual CPU can use up to 50% of a single host CPU.

  • --pae on|off: Enables and disables PAE. See Section 3.5.2, “Processor Tab”.

  • --longmode on|off: Enables and disables long mode. See Section 3.5.2, “Processor Tab”.

  • --spec-ctrl on|off: Enables and disables the exposure of speculation control interfaces to the guest, provided they are available on the host. Depending on the host CPU and workload, enabling speculation control may significantly reduce performance.

  • --cpu-profile <host|intel 80[86|286|386]>: Enables specification of a profile for guest CPU emulation. Specify either one based on the host system CPU (host), or one from a number of older Intel Micro-architectures: 8086, 80286, 80386.

  • --hpet on|off: Enables and disables a High Precision Event Timer (HPET) which can replace the legacy system timers. This is turned off by default. Note that Windows supports a HPET only from Vista onwards.

  • --hwvirtex on|off: Enables and disables the use of hardware virtualization extensions, such as Intel VT-x or AMD-V, in the processor of your host system. See Section 10.3, “Hardware vs. Software Virtualization”.

  • --triplefaultreset on|off: Enables resetting of the guest instead of triggering a Guru Meditation. Some guests raise a triple fault to reset the CPU so sometimes this is desired behavior. Works only for non-SMP guests.

  • --apic on|off: Enables and disables I/O APIC. With I/O APIC, operating systems can use more than 16 interrupt requests (IRQs) thus avoiding IRQ sharing for improved reliability. This setting is enabled by default. See Section 3.5.1, “Motherboard Tab”.

  • --x2apic on|off: Enables and disables CPU x2APIC support. CPU x2APIC support helps operating systems run more efficiently on high core count configurations, and optimizes interrupt distribution in virtualized environments. This setting is enabled by default. Disable this setting when using host or guest operating systems that are incompatible with x2APIC support.

  • --paravirtprovider none|default|legacy|minimal|hyperv|kvm: Specifies which paravirtualization interface to provide to the guest operating system. Specifying none explicitly turns off exposing any paravirtualization interface. The option default selects an appropriate interface when starting the VM, depending on the guest OS type. This is the default option chosen when creating new VMs. The legacy option is used for VMs which were created with older Oracle VM VirtualBox versions and will pick a paravirtualization interface when starting the VM with Oracle VM VirtualBox 5.0 and newer. The minimal provider is mandatory for Mac OS X guests. kvm and hyperv are recommended for Linux and Windows guests respectively. These options are explained in Section 10.4, “Paravirtualization Providers”.

  • --paravirtdebug <keyword=value> [,<keyword=value> ...]: Specifies debugging options specific to the paravirtualization provider configured for this VM. See the provider specific options in Section 9.31, “Paravirtualized Debugging” for a list of supported keyword-value pairs for each provider.

  • --nestedpaging on|off: If hardware virtualization is enabled, this additional setting enables or disables the use of the nested paging feature in the processor of your host system. See Section 10.3, “Hardware vs. Software Virtualization” and Section 13.4.1, “CVE-2018-3646”.

  • --largepages on|off: If hardware virtualization and nested paging are enabled, for Intel VT-x only, an additional performance improvement of up to 5% can be obtained by enabling this setting. This causes the hypervisor to use large pages to reduce TLB use and overhead.

  • --vtxvpid on|off: If hardware virtualization is enabled, for Intel VT-x only, this additional setting enables or disables the use of the tagged TLB (VPID) feature in the processor of your host system. See Section 10.3, “Hardware vs. Software Virtualization”.

  • --vtxux on|off: If hardware virtualization is enabled, for Intel VT-x only, this setting enables or disables the use of the unrestricted guest mode feature for executing your guest.

  • --accelerate3d on|off: If the Guest Additions are installed, this setting enables or disables hardware 3D acceleration. See Section 4.5.1, “Hardware 3D Acceleration (OpenGL and Direct3D 8/9)”.

  • --accelerate2dvideo on|off: If the Guest Additions are installed, this setting enables or disables 2D video acceleration. See Section 4.5.2, “Hardware 2D Video Acceleration for Windows Guests”.

  • --chipset piix3|ich9: By default, Oracle VM VirtualBox emulates an Intel PIIX3 chipset. Usually there is no reason to change the default setting unless this is required to relax some of its constraints. See Section 3.5.1, “Motherboard Tab”.

  • You can influence the BIOS logo that is displayed when a virtual machine starts up with a number of settings. By default, an Oracle VM VirtualBox logo is displayed.

    With --bioslogofadein on|off and --bioslogofadeout on|off, you can determine whether the logo should fade in and out, respectively.

    With --bioslogodisplaytime <msec> you can set how long the logo should be visible, in milliseconds.

    With --bioslogoimagepath <imagepath> you can replace the image that is shown with your own logo. The image must be an uncompressed 256 color BMP file without color space information (Windows 3.0 format). The image must not be bigger than 640 x 480.

  • --biosbootmenu disabled|menuonly|messageandmenu: Specifies whether the BIOS enables the user to select a temporary boot device. The menuonly option suppresses the message, but the user can still press F12 to select a temporary boot device.

  • --biosapic x2apic|apic|disabled: Specifies the firmware APIC level to be used. Options are: x2apic, apic or disabled (no apic or x2apic) respectively.

    Note that if x2apic is specified and x2APIC is unsupported by the VCPU, biosapic downgrades to apic, if supported. Otherwise biosapic downgrades to disabled. Similarly, if apic is specified, and APIC is unsupported, a downgrade to disabled results.

  • --biossystemtimeoffset <ms>: Specifies a fixed time offset, in milliseconds, of the guest relative to the host time. If the offset is positive, the guest time runs ahead of the host time.

  • --biospxedebug on|off: Enables additional debugging output when using the Intel PXE boot ROM. The output is written to the release log file. See Section 12.1.2, “Collecting Debugging Information”.

  • --boot<1-4> none|floppy|dvd|disk|net: Specifies the boot order for the virtual machine. There are four slots, which the VM will try to access from 1 to 4, and for each of which you can set a device that the VM should attempt to boot from.

  • --rtcuseutc on|off: Sets the real-time clock (RTC) to operate in UTC time. See Section 3.5.1, “Motherboard Tab”.

  • --graphicscontroller none|vboxvga|vmsvga|vboxsvga: Specifies the use of a graphics controller, with an option to choose a specific type. See Section 3.6.1, “Screen Tab”.

  • --snapshotfolder default|<path>: Specifies the folder where snapshots are kept for a virtual machine.

  • --firmware bios|efi|efi32|efi64: Specifies the firmware to be used to boot the VM: Available options are: BIOS, or one of the EFI options: efi, efi32, or efi64. Use EFI options with care.

  • --guestmemoryballoon <size> Sets the default size of the guest memory balloon. This is the memory allocated by the Oracle VM VirtualBox Guest Additions from the guest operating system and returned to the hypervisor for reuse by other virtual machines. <size> must be specified in megabytes. The default size is 0 megabytes. See Section 4.10.1, “Memory Ballooning”.

  • --defaultfrontend default|<name>: Specifies the default frontend to be used when starting this VM. See Section 8.13, “VBoxManage startvm”.

8.8.2. Networking Settings

The following networking settings are available through VBoxManage modifyvm. With all these settings, the decimal number directly following the option name, 1-N in the list below, specifies the virtual network adapter whose settings should be changed.

  • --nic<1-N> none|null|nat|natnetwork|bridged|intnet|hostonly|generic: Configures the type of networking for each of the VM's virtual network cards. Options are: not present (none), not connected to the host (null), use network address translation (nat), use the new network address translation engine (natnetwork), bridged networking (bridged), or use internal networking (intnet), host-only networking (hostonly), or access rarely used sub-modes (generic). These options correspond to the modes described in Section 6.2, “Introduction to Networking Modes”.

  • --nictype<1-N> Am79C970A|Am79C973|82540EM|82543GC|82545EM|virtio: Enables you to specify the networking hardware that Oracle VM VirtualBox presents to the guest for a specified VM virtual network card. See Section 6.1, “Virtual Networking Hardware”.

  • --cableconnected<1-N> on|off: Enables you to temporarily disconnect a virtual network interface, as if a network cable had been pulled from a real network card. This might be useful, for example for resetting certain software components in the VM.

  • With the nictrace options, you can optionally trace network traffic by dumping it to a file, for debugging purposes.

    With --nictrace<1-N> on|off, you can enable network tracing for a particular virtual network card.

    If enabled, you must specify with --nictracefile<1-N> <filename> the absolute path of the file the trace should be logged to.

  • --nicproperty<1-N> <paramname>="paramvalue": This option, in combination with nicgenericdrv enables you to pass parameters to rarely-used network backends.

    These parameters are backend engine-specific, and are different between UDP Tunnel and the VDE backend drivers. For examples, see Section 6.8, “UDP Tunnel Networking”.

  • --nicspeed<1-N> <kbps>: Only has an effect if generic networking has been enabled for a particular virtual network card. See the --nic option. This mode enables access to rarely used networking sub-modes, such as VDE network or UDP Tunnel. This option specifies the throughput rate in KBps.

  • --nicbootprio<1-N> <priority>: Specifies the order in which NICs are tried for booting over the network, using PXE. The priority is an integer in the 0 to 4 range. Priority 1 is the highest, priority 4 is low. Priority 0, which is the default unless otherwise specified, is the lowest.

    Note that this option only has an effect when the Intel PXE boot ROM is used.

  • --nicpromisc<1-N> deny|allow-vms|allow-all: Enables you to specify how promiscuous mode is handled for the specified VM virtual network card. This setting is only relevant for bridged networking. deny, the default setting, hides any traffic not intended for the VM. allow-vms hides all host traffic from the VM, but allows the VM to see traffic to and from other VMs. allow-all removes this restriction completely.

  • --nicbandwidthgroup<1-N> none|<name>: Adds and removes an assignment of a bandwidth group for the specified virtual network interface. Specifying none removes any current bandwidth group assignment from the specified virtual network interface. Specifying <name> adds an assignment of a bandwidth group to the specified virtual network interface.

    See Section 6.10, “Limiting Bandwidth for Network Input/Output”.

  • --bridgeadapter<1-N> none|<devicename>: Only has an effect if bridged networking has been enabled for a virtual network card. See the --nic option. Use this option to specify which host interface the given virtual network interface will use. See Section 6.5, “Bridged Networking”.

  • --hostonlyadapter<1-N> none|<devicename>: Only has an effect if host-only networking has been enabled for a virtual network card. See the --nic option. Use this option to specify which host-only networking interface the given virtual network interface will use. See Section 6.7, “Host-Only Networking”.

  • --intnet<1-N> network: Only has an effect if internal networking has been enabled for a virtual network card. See the --nic option. Use this option to specify the name of the internal network. See Section 6.6, “Internal Networking”.

  • --nat-network<1-N> <network name>: If the networking type is set to natnetwork, not nat, then this setting specifies the name of the NAT network this adapter is connected to. Optional.

  • --nicgenericdrv<1-N> <backend driver>: Only has an effect if generic networking has been enabled for a virtual network card. See the --nic option. This mode enables you to access rarely used networking sub-modes, such as VDE network or UDP Tunnel.

  • --macaddress<1-N> auto|<mac>: With this option you can set the MAC address of a particular network adapter on the VM. Normally, each network adapter is assigned a random address by Oracle VM VirtualBox at VM creation.

8.8.2.1. NAT Networking Settings

The following NAT networking settings are available through VBoxManage modifyvm. With all these settings, the decimal number directly following the option name, 1-N in the list below, specifies the virtual network adapter whose settings should be changed.

8.8.3. Miscellaneous Settings

The following hardware settings, such as serial port, audio, clipboard, drag and drop, monitor, and USB settings are available through VBoxManage modifyvm:

  • --mouse <ps2|usb|usbtablet|usbmultitouch>: Specifies the mode of the mouse to be used in the VM. Available options are: ps2, usb, usbtablet, usbmultitouch.

  • --keyboard <ps2|usb>: Specifies the mode of the keyboard to be used in the VM. Available options are: ps2, usb.

  • --uart<1-N> off|<I/O base> <IRQ>: Configures virtual serial ports for the VM. See Section 3.10, “Serial Ports”.

  • --uartmode<1-N> <arg>: Controls how Oracle VM VirtualBox connects a given virtual serial port, configured with the --uartX setting, to the host on which the virtual machine is running. As described in Section 3.10, “Serial Ports”, for each such port, you can specify <arg> as one of the following options:

    • disconnected: Even though the serial port is shown to the guest, it has no "other end". This is like a real COM port without a cable.

    • server <pipename>: On a Windows host, this tells Oracle VM VirtualBox to create a named pipe on the host named <pipename> and connect the virtual serial device to it. Note that Windows requires that the name of a named pipe begins with \\.\pipe\.

      On a Linux host, instead of a named pipe, a local domain socket is used.

    • client <pipename>: Operates as for server, except that the pipe, or local domain socket, is not created by Oracle VM VirtualBox but is assumed to exist already.

    • tcpserver <port>: Configures Oracle VM VirtualBox to create a TCP socket on the host with TCP <port> and connect the virtual serial device to it. Note that UNIX-like systems require ports over 1024 for normal users.

    • tcpclient <hostname:port>: Operates as for tcpserver, except that the TCP socket is not created by Oracle VM VirtualBox, but is assumed to exist already.

    • uarttype <1-N> 16450|16550A|16750: Confgures the UART type for a virtual serial port. The default UART type is 16550A.

    • file <file>: Redirects the serial port output to a raw file <file> specified by its absolute path on the host file system.

    • <devicename>: If, instead of the above options, the device name of a physical hardware serial port of the host is specified, the virtual serial port is connected to that hardware port. On a Windows host, the device name will be a COM port such as COM1. On a Linux host, the device name will be /dev/ttyS0 or similar. This enables you to wire up a real serial port to a virtual machine.

  • --lptmode<1-N> <Device>: Specifies the Device Name of the parallel port that the Parallel Port feature will be using. Use this before --lpt. This feature depends on the host operating system. For Windows hosts, use a device name such as lpt1. On Linux hosts, use a device name such as /dev/lp0.

  • --lpt<1-N> <I/O base> <IRQ>: Specifies the I/O address of the parallel port and the IRQ number that the Parallel Port feature will be using. Optional. Use this after --lptmod. I/O base address and IRQ are the values that guest sees. For example, the values avalable under guest Device Manager.

  • --audio none|null|dsound|oss|alsa|pulse|coreaudio: Specifies whether the VM should have audio support, and if so, which type. The list of supported audio types depends on the host and can be determined with VBoxManage modifyvm.

  • --audiocontroller ac97|hda|sb16: Specifies the audio controller to be used with the VM.

  • --audiocodec stac9700|ad1980|stac9221|sb16: Specifies the audio codec to be used with the VM.

  • --audioin on: Specifies whether capturing audio from the host is enabled or disabled.

  • --audioout on: Specifies whether audio playback from the guest is enabled or disabled.

  • --clipboard disabled|hosttoguest|guesttohost|bidirectional: Configues how the guest or host operating system's clipboard should be shared with the host or guest. See Section 3.4, “General Settings”. This setting requires that the Guest Additions be installed in the virtual machine.

  • --draganddrop disabled|hosttoguest|guesttohost|bidirectional: Specifies the drag and drop mode to use between the host and the virtual machine. See Section 4.4, “Drag and Drop”. This requires that the Guest Additions be installed in the virtual machine.

  • --monitorcount <count>: Enables multi-monitor support. See Section 3.6, “Display Settings”.

  • --usb on|off: Enables and disables the VM's virtual USB controller. See Section 3.11.1, “USB Settings”.

  • --usbehci on|off: Enables and disables the VM's virtual USB 2.0 controller. See Section 3.11.1, “USB Settings”.

  • --usbxhci on|off: Enables and disables the VM's virtual USB 3.0 controller. See Section 3.11.1, “USB Settings”.

  • --usbrename <oldname> <newname>: Enables renaming of the VM's virtual USB controller from <oldname> to <newname>.

8.8.4. Recording Settings

The VBoxManage modifyvm command enables you to modify recording settings for video recording, audio recording, or both.

Use the following options to update the recording settings:

  • --recording on|off enables or disables the recording of a VM session into a WebM/VP8 file. When this option value is on, recording begins when the VM session starts.

  • --recordingscreens all|screen-ID [screen-ID ...] enables you to specify which VM screens to record. The recording for each screen that you specify is saved to its own file.

  • --recordingfile filename specifies the file in which to save the recording.

  • --recordingmaxsize MB specifies the maximum size of the recorded video file in megabytes. The recording stops when the file reaches the specified size. If this value is zero, the recording continues until you stop the recording.

  • --recordingmaxtime seconds specifies the maximum amount time to record in seconds. The recording stops after the specified number of seconds elapses. If this value is zero, the recording continues until you stop the recording.

  • --recordingopts keyword=value[,keyword=value ...] specifies additional video-recording options in a comma-separated keyword-value format. For example, foo=bar,a=b.

    Only use this option only if you are an advanced user. For information about keywords, see Oracle VM VirtualBox Programming Guide and Reference.

  • --recordingvideofps fps specifies the maximum number of video frames per second (FPS) to record. Frames that have a higher frequency are skipped. Increasing this value reduces the number of skipped frames and increases the file size.

  • --recordingvideorate bit-rate specifies the bit rate of the video in kilobits per second. Increasing this value improves the appearance of the video at the cost of an increased file size.

  • --recordingvideores widthxheight specifies the video resolution of the recorded video in pixels.

8.8.5. Remote Machine Settings

The following settings that affect remote machine behavior are available through VBoxManage modifyvm:

  • --vrde on|off: Enables and disables the VirtualBox Remote Desktop Extension (VRDE) server.

  • --vrdeproperty "TCP/Ports|Address=<value>": Sets the port numbers and IP address on the VM that the VRDE server can bind to.

    • For TCP/Ports, <value> should be a port or a range of ports that the VRDE server can bind to. default or 0 means port 3389, the standard port for RDP. See the description for the --vrdeport option in Section 8.8.5, “Remote Machine Settings”.

    • For TCP/Address, <value> should be the IP address of the host network interface that the VRDE server will bind to. If specified, the server will accept connections only on the specified host network interface. See the description for the --vrdeaddress option in Section 8.8.5, “Remote Machine Settings”.

  • --vrdeproperty "VideoChannel/Enabled|Quality|DownscaleProtection=<value>": Sets the VRDP video redirection properties.

    • For VideoChannel/Enabled, <value> can be set to "1", switching the VRDP video channel on. See Section 7.1.9, “VRDP Video Redirection”.

    • For VideoChannel/Quality, <value> should be set between 10 and 100% inclusive, representing a JPEG compression level on the VRDE server video channel. Lower values mean lower quality but higher compression. See Section 7.1.9, “VRDP Video Redirection”.

    • For VideoChannel/DownscaleProtection, <value> can be set to "1" to enable the videochannel downscale protection feature. When enabled, if a video's size equals the shadow buffer size, then it is regarded as a full screen video, and is displayed. But if its size is between fullscreen and the downscale threshold then it is not displayed, as it could be an application window, which would be unreadable when downscaled. When the downscale protection feature is disabled, an attempt is always made to display videos.

  • --vrdeproperty "Client/DisableDisplay|DisableInput|DisableAudio|DisableUSB=1": Disables one of the VRDE server features: Display, Input, Audio or USB respectively. To reenable a feature, use "Client/DisableDisplay=" for example. See Section 7.1.10, “VRDP Customization”.

  • --vrdeproperty "Client/DisableClipboard|DisableUpstreamAudio=1": Disables one of the VRDE server features: Clipboard or UpstreamAudio respectively. To reenable a feature, use "Client/DisableClipboard=" for example. See Section 7.1.10, “VRDP Customization”.

  • --vrdeproperty "Client/DisableRDPDR=1": Disables the VRDE server feature: RDP device redirection for smart cards. To reenable this feature, use "Client/DisableRDPR=".

  • --vrdeproperty "H3DRedirect/Enabled=1": Enables the VRDE server feature: 3D redirection. To disable this feature, use "H3DRedirect/Enabled=".

  • --vrdeproperty "Security/Method|ServerCertificate|ServerPrivateKey|CACertificate=<value>": Sets the desired security method and path of server certificate, path of server private key, path of CA certificate, that are used for a connection.

    • --vrdeproperty "Security/Method=<value>" sets the desired security method, which is used for a connection. Valid values are:

      • Negotiate: Both Enhanced (TLS) and Standard RDP Security connections are allowed. The security method is negotiated with the client. This is the default setting.

      • RDP: Only Standard RDP Security is accepted.

      • TLS: Only Enhanced RDP Security is accepted. The client must support TLS.

      See Section 7.1.6, “RDP Encryption”.

    • --vrdeproperty "Security/ServerCertificate=<value>" where <value> is the absolute path of the server certificate. See Section 7.1.6, “RDP Encryption”.

    • --vrdeproperty "Security/ServerPrivateKey=<value>" where <value> is the absolute path of the server private key. See Section 7.1.6, “RDP Encryption”.

    • --vrdeproperty "Security/CACertificate=<value>" where <value> is the absolute path of the CA self signed certificate. See Section 7.1.6, “RDP Encryption”.

  • --vrdeproperty "Audio/RateCorrectionMode|LogPath=<value>" sets the audio connection mode, or path of the audio logfile.

    • --vrdeproperty "Audio/RateCorrectionMode=<value>" where <value> is the desired rate correction mode. Allowed values are:

      • VRDP_AUDIO_MODE_VOID: No mode specified, use to unset any Audio mode already set.

      • VRDP_AUDIO_MODE_RC: Rate correction mode.

      • VRDP_AUDIO_MODE_LPF: Low pass filter mode.

      • VRDP_AUDIO_MODE_CS: Client sync mode to prevent underflow or overflow of the client queue.

    • --vrdeproperty "Audio/LogPath=<value>" where <value> is the absolute path of the Audio log file.

  • --vrdeextpack default|<name>: Specifies the library to use for accessing the VM remotely. The default is to use the RDP code which is part of the Oracle VM VirtualBox Extension Pack.

  • --vrdeport default|<ports>: A port or a range of ports the VRDE server can bind to. default or 0 means port 3389, the standard port for RDP. You can specify a comma-separated list of ports or ranges of ports. Use a dash between two port numbers to specify a range. The VRDE server will bind to one of the available ports from the specified list. Only one machine can use a given port at a time. For example, the option --vrdeport 5000,5010-5012 will tell the server to bind to one of following ports: 5000, 5010, 5011, or 5012.

  • --vrdeaddress <IP address>: The IP address of the host network interface the VRDE server will bind to. If specified, the server will accept connections only on the specified host network interface.

    The setting can be used to specify whether the VRDP server should accept either IPv4, IPv6, or both connections:

    • Only IPv4: --vrdeaddress "0.0.0.0"

    • Only IPv6: --vrdeaddress "::"

    • Both IPv6 and IPv4: --vrdeaddress ""

      This is the default setting.

  • --vrdeauthtype null|external|guest: Enables you to indicate use of authorization, and specify how authorization will be performed. See Section 7.1.5, “RDP Authentication”.

  • --vrdeauthlibrary default|<name>: Specifies the library used for RDP authentication. See Section 7.1.5, “RDP Authentication”.

  • --vrdemulticon on|off: Enables multiple connections to be made to the same VRDE server, if the server supports this feature. See Section 7.1.7, “Multiple Connections to the VRDP Server”.

  • --vrdereusecon on|off: This specifies the VRDE server behavior when multiple connections are disabled. When this option is enabled, the server will allow a new client to connect and will drop the existing connection. When this option is disabled, the default setting, a new connection will not be accepted if there is already a client connected to the server.

  • --vrdevideochannel on|off: Enables video redirection, if it is supported by the VRDE server. See Section 7.1.9, “VRDP Video Redirection”.

  • --vrdevideochannelquality <percent>: Specifies the image quality for video redirection. See Section 7.1.9, “VRDP Video Redirection”.

8.8.6. Teleporting Settings

With the following commands for VBoxManage modifyvm you can configure a machine to be a target for teleporting. See Section 7.2, “Teleporting”.

  • --teleporter on|off: Enables and disables the teleporter feature whereby when the machine is started, it waits to receive a teleporting request from the network instead of booting normally. Teleporting requests are received on the port and address specified using the following parameters.

  • --teleporterport <port>, --teleporteraddress <address>: These settings must be used with --teleporter. They specify the port and address the virtual machine should listen to in order to receive a teleporting request sent from another virtual machine. <port> can be any free TCP/IP port number, such as 6000. <address> can be any IP address or hostname and specifies the TCP/IP socket to bind to. The default is 0.0.0.0, which means any address.

  • --teleporterpassword <password>: If this optional setting is used, then the teleporting request will only succeed if the source machine specifies the same password as the one given with this command.

  • --teleporterpasswordfile <password>: If this optional setting is used, then the teleporting request will only succeed if the source machine specifies the same password as the one specified in the file give with this command. Use stdin to read the password from stdin.

  • --cpuid <leaf> <eax> <ebx> <ecx> <edx>: Advanced users can use this setting before a teleporting operation, to restrict the virtual CPU capabilities that Oracle VM VirtualBox presents to the guest operating system. This must be run on both the source and the target machines involved in the teleporting and will then modify what the guest sees when it executes the CPUID machine instruction. This might help with misbehaving applications that wrongly assume that certain CPU capabilities are present. The meaning of the parameters is hardware dependent, refer to the AMD or Intel processor documentation.

8.8.7. Debugging Settings

The following settings are only relevant for low-level VM debugging. Regular users will never need these settings.

  • --tracing-enabled on|off: Enables the tracebuffer. This consumes some memory for the tracebuffer and adds extra overhead.

  • --tracing-config <config-string>: Enables tracing configuration. In particular, this defines which group of tracepoints are enabled.

  • --tracing-allow-vm-access on|off: Enables and disables VM access to the tracebuffer. By default, this setting is disabled.

8.8.8. USB Card Reader Settings

The following setting defines access to a USB Card Reader by the guest environment. USB card readers are typically used for accessing data on memory cards such as CompactFlash (CF), Secure Digital (SD), or MultiMediaCard (MMC).

  • --usbcardreader on|off: Enables and disables the USB card reader interface.

8.8.9. Autostarting VMs During Host System Boot

These settings configure the VM autostart feature, which automatically starts the VM at host system boot-up. Note that there are prerequisites that need to be addressed before using this feature. See Section 9.23, “Starting Virtual Machines During System Boot”.

  • --autostart-enabled on|off: Enables and disables VM autostart at host system boot-up, using the specified user name.

  • --autostart-delay <seconds>: Specifies a delay, in seconds, following host system boot-up, before the VM autostarts.

8.9. VBoxManage clonevm

The VBoxManage clonevm command creates a clone of an existing virtual machine (VM). The clone can be a full copy of the VM or a linked copy of a VM.

VBoxManage clonevm vm [ --basefolder basefolder ]
[ --group group, ... ] [ --mode machine | machinechildren | all ]
[ --name name ] [ --options link | keepallmacs | keepnatmacs | keepdisknames | keephwuuids ]
[ --register ] [ --snapshot vm ] [ --uuid uuid ]

In addition to specifying the name of the VM to clone, which is required, you can specify any of the following options:

  • --basefolder basefolder specifies the name of the folder in which to save the configuration for the new VM.

  • --groups group, ... assigns the clone to the specified group or groups. If you specify more than one group, separate each group name with a comma.

    Note that each group is identified by a group ID that starts with a slash character (/) so that groups can be nested. By default, a clone is always assigned membership to the / group.

  • --mode machine|machineandchildren|all specifies which of the following cloning modes to use:

    • machine mode clones the current state of the existing VM without any snapshots. This is the default mode.

    • machineandchildren mode clones the snapshot specified by by the --snapshot option and all child snapshots.

    • all mode clones all snapshots and the current state of the existing VM.

  • --name name specifies a new name for the new VM. The default value is "name Clone", where name is the original name of the VM.

  • --options specifies how to create a new clone.

    • --options link creates a linked clone, which can be cloned only from a snapshot.

    • --options keepallmacs specifies that the new clone reuses the MAC addresses of each virtual network card from the existing VM.

      If you do not specify this option or the --options keepnatmacs option, the default behavior is to reinitialize the MAC addresses of each virtual network card.

    • --options keepnatmacs specifies that the new clone reuses the MAC addresses of each virtual network card from the existing VM when the network type is NAT.

      If you do not specify this option or the --options keepallmacs option, the default behavior is to reinitialize the MAC addresses of each virtual network card.

    • --option keepdisknames specifies that the new clone reuses the disk image names from the existing VM. By default, disk images are renamed. You can preserve source hardware IDs by adding keephwuuids.

    • --option keephwuuids specifies that the new clone reuses the hardware IDs from the existing VM. By default, new UUIDs are used.

  • --register automatically registers the new clone in this Oracle VM VirtualBox installation. You can manually register the new VM later by using the VBoxManage registervm command. See Section 8.6, “VBoxManage registervm/unregistervm”.

  • --snapshot vm specifies the snapshot on which to base the new VM. By default, the clone is created from the current state of the specified VM.

  • --uuid uuid specifies the UUID for the new VM. Ensure that this ID is unique for the Oracle VM VirtualBox instance if you decide to register this new VM. By default, Oracle VM VirtualBox provides a new UUID.

8.10. VBoxManage movevm

This command moves a virtual machine to a new location on the host.

Associated files of the virtual machine, such as settings files and disk image files, are moved to the new location. The Oracle VM VirtualBox configuration is updated automatically.

The movevm subcommand requires the name of the virtual machine which should be moved.

Also required is the type of move operation, specified by --type basic. Other types of move operation may be supported in future releases.

The --folder setting configures the new location on the host file system. Enter a relative pathname or a full pathname.

8.11. VBoxManage import

This command imports a virtual appliance in OVF format by copying the virtual disk images and creating virtual machines in Oracle VM VirtualBox. See Section 1.15, “Importing and Exporting Virtual Machines” for an introduction to appliances.

The import subcommand takes at least the path name of an OVF file as input and expects the disk images, if needed, in the same directory as the OVF file. A lot of additional command-line options are supported to control in detail what is being imported and modify the import parameters, but the details depend on the content of the OVF file.

It is therefore recommended to first run the import subcommand with the --dry-run or -n option. This will then print a description of the appliance's contents to the screen how it would be imported into Oracle VM VirtualBox, together with the optional command-line options to influence the import behavior.

Use of the --options keepallmacs|keepnatmacs|keepdisknames option enables additional fine tuning of the clone operation. The first two options enable specification of how the MAC addresses of every virtual network card should be handled. They can either be reinitialized, which is the default setting, left unchanged (keepallmacs) or left unchanged when the network type is NAT (keepnatmacs). If you add keepdisknames all new disk images are assigned the same names as the originals, otherwise they are renamed.

As an example, the following is a screen output for a sample appliance containing a Windows XP guest:

VBoxManage import WindowsXp.ovf --dry-run
Interpreting WindowsXp.ovf...
OK.
Virtual system 0:
 0: Suggested OS type: "WindowsXP"
    (change with "--vsys 0 --ostype <type>"; use "list ostypes" to list all)
 1: Suggested VM name "Windows XP Professional_1"
    (change with "--vsys 0 --vmname <name>")
 2: Suggested VM group "/"
    (change with "--vsys 0 --group <group>")
 3: Suggested VM settings file name "/home/klaus/VirtualBox VMs/dummy2 2/dummy2 2.vbox"
    (change with "--vsys 0 --settingsfile <filename>")
 4: Suggested VM base folder "/home/klaus/VirtualBox VMs"
    (change with "--vsys 0 --basefolder <path>")
 5: End-user license agreement
    (display with "--vsys 0 --eula show";
    accept with "--vsys 0 --eula accept")
 6: Number of CPUs: 1
    (change with "--vsys 0 --cpus <n>")
 7: Guest memory: 956 MB (change with "--vsys 0 --memory <MB>")
 8: Sound card (appliance expects "ensoniq1371", can change on import)
    (disable with "--vsys 0 --unit 5 --ignore")
 9: USB controller
    (disable with "--vsys 0 --unit 6 --ignore")
10: Network adapter: orig bridged, config 2, extra type=bridged
11: Floppy
    (disable with "--vsys 0 --unit 8 --ignore")
12: SCSI controller, type BusLogic
    (change with "--vsys 0 --unit 9 --scsitype {BusLogic|LsiLogic}";
    disable with "--vsys 0 --unit 9 --ignore")
13: IDE controller, type PIIX4
    (disable with "--vsys 0 --unit 10 --ignore")
14: Hard disk image: source image=WindowsXp.vmdk,
      target path=/home/user/disks/WindowsXp.vmdk, controller=9;channel=0
    (change controller with "--vsys 0 --unit 11 --controller <id>";
    disable with "--vsys 0 --unit 11 --ignore")

The individual configuration items are numbered, and depending on their type support different command-line options. The import subcommand can be directed to ignore many such items with a --vsys X --unit Y --ignore option, where X is the number of the virtual system and Y the item number, as printed on the screen. X is zero, unless there are several virtual system descriptions in the appliance.

In the above example, Item #1 specifies the name of the target machine in Oracle VM VirtualBox. Items #9 and #10 specify hard disk controllers, respectively. Item #11 describes a hard disk image. In this case, the additional --controller option indicates which item the disk image should be connected to, with the default coming from the OVF file.

You can combine several items for the same virtual system behind the same --vsys option. For example, to import a machine as described in the OVF, but without the sound card and without the USB controller, and with the disk image connected to the IDE controller instead of the SCSI controller, use the following command:

VBoxManage import WindowsXp.ovf
      --vsys 0 --unit 5 --ignore --unit 6 --ignore --unit 11 --controller 10

8.12. VBoxManage export

This command exports one or more virtual machines from Oracle VM VirtualBox. You can export to either of the following:

  • A virtual appliance in OVF format, including copying their virtual disk images to compressed VMDK.

  • A cloud service, such as Oracle Cloud Infrastructure. A single VM can be exported in VMDK format.

See Section 1.15, “Importing and Exporting Virtual Machines” for more details on exporting VMs from Oracle VM VirtualBox.

8.12.1. Export to OVF

List the machine, or the machines, that you would like to export to the same OVF file and specify the target OVF file after an additional --output or -o option. Note that the directory of the target OVF file will also receive the exported disk images in the compressed VMDK format, regardless of the original format, and should have enough disk space left for them.

Beside a simple export of a given virtual machine, you can append several product information to the appliance file. Use --product, --producturl, --vendor, --vendorurl, --version and --description to specify this additional information. For legal reasons you may add a license text or the content of a license file by using the --eula and --eulafile option respectively.

As with OVF import, you use the --vsys X option to apply these options to the correct virtual machine.

For virtualization products which are not fully compatible with the OVF standard 1.0 you can enable an OVF 0.9 legacy mode with the --legacy09 option. Other options are --ovf09, --ovf10, --ovf20.

To specify options controlling the exact content of the appliance file, you can use --options to request the creation of a manifest file, which enables detection of corrupted appliances on import, the additional export of DVD images, and the exclusion of MAC addresses. You can specify a list of options, such as --options manifest,nomacs. For details, check the help output of VBoxManage export.

8.12.2. Export to Oracle Cloud Infrastructure

By default, an exported disk image is converted into stream VMDK format. This ensures compatibility with Oracle Cloud Infrastructure.

List the machine that you want to export to Oracle Cloud Infrastructure and specify the target cloud service provider by using the --output or -o option.

To export a VM to a cloud service such as Oracle Cloud Infrastructure, use the --cloud option to specify the VM to export. This option works in the same way as the --vsys option for OVF export.

Some of the following options are settings for the VM instance. As a result, you must enter an Oracle Cloud Identifier (OCID) for a resource. Use the Oracle Cloud Infrastructure Console to view OCIDs.

  • --output/-o: Specifies the short name of the cloud service provider to which you export. For Oracle Cloud Infrastructure, enter OCI://.

  • --cloud number-of-virtual-system: Specifies a number that identifies the VM that you are exporting. Numbering starts at 0 for the first VM.

  • --vmname name: Specifies the name of the exported VM. This name is used as the VM instance name in Oracle Cloud Infrastructure.

  • --cloudprofile cloud-profile-name: Specifies the cloud profile that is used to connect to the cloud service provider. The cloud profile contains your Oracle Cloud Infrastructure account details, such as your user OCID and the fingerprint for your public key. See Section 1.15.4, “Exporting an Appliance to Oracle Cloud Infrastructure”.

    To use a cloud profile, you must have the required permissions on Oracle Cloud Infrastructure.

    Add xref to information about the required permissions.

  • --cloudshape shape: Specifies the shape used for the VM instance. The shape defines the number of CPUs and the amount of memory allocated to the VM instance. The shape must be compatible with the exported image.

  • --clouddomain domain: Specifies the availability domain to use for the VM instance. Enter the OCID for the availability domain.

  • --clouddisksize disk-size-in-GB: Specifies the disk size used for the exported disk image in gigabytes. The minimum value is 50 GB and the maximum value is 300 GB.

  • --cloudbucket bucket-name: Specifies the bucket in which to store the uploaded files. In Oracle Cloud Infrastructure, a bucket is a logical container for storing objects.

  • --cloudocivcn OCI-vcn-ID: Specifies the virtual cloud network (VCN) to use for the VM instance. Enter the OCID for the VCN.

  • --cloudocisubnet OCI-subnet-ID: Specifies the subnet of the VCN to use for the VM instance. Enter the OCID for the subnet.

  • --cloudkeepobject true | false: Specifies whether to store the exported disk image in Oracle Object Storage.

  • --cloudlaunchinstance true | false: Specifies whether to start the VM instance after the export to Oracle Cloud Infrastructure completes.

  • --cloudpublicip true | false: Specifies whether to enable a public IP address for the VM instance.

The following example shows a typical command line for exporting a VM to Oracle Cloud Infrastructure.

For the next release, describe exactly what this command does in terms of the command line options.

# VBoxManage export myVM --output OCI:// --cloud 0 --vmname myVM_Cloud \
--cloudprofile "standard user" --cloudbucket myBucket \
--cloudshape VM.Standard2.1 --clouddomain aaaa:US-ASHBURN-AD-1 --clouddisksize 50  \
--cloudocivcn ocid1.vcn.oc1.iad.aaaa... --cloudocisubnet ocid1.subnet.oc1.iad.aaaa... \
--cloudkeepobject true --cloudlaunchinstance true --cloudpublicip true

8.13. VBoxManage startvm

This command starts a virtual machine that is currently in the Powered Off or Saved states.

The optional --type specifier determines whether the machine will be started in a window or whether the output should go through VBoxHeadless, with VRDE enabled or not. See Section 7.1.2, “VBoxHeadless, the Remote Desktop Server”. The list of types is subject to change, and it is not guaranteed that all types are accepted by any product variant.

The global or per-VM default value for the VM frontend type will be taken if the type is not explicitly specified. If none of these are set, the GUI variant will be started.

The following values are allowed:

gui

Starts a VM showing a GUI window. This is the default.

headless

Starts a VM without a window for remote display only.

separate

Starts a VM with a detachable UI. Technically, it is a headless VM with user interface in a separate process. This is an experimental feature as it lacks certain functionality, such as 3D acceleration.

Note

If you experience problems with starting virtual machines with particular frontends and there is no conclusive error information, consider starting virtual machines directly by running the respective front-end, as this can give additional error information.

8.14. VBoxManage controlvm

The controlvm subcommand enables you to change the state of a virtual machine that is currently running. The following can be specified:

  • VBoxManage controlvm <vm> pause: Temporarily puts a virtual machine on hold, without permanently changing its state. The VM window is gray, to indicate that the VM is currently paused. This is equivalent to selecting the Pause item in the Machine menu of the GUI.

  • Use VBoxManage controlvm <vm> resume: Undoes a previous pause command. This is equivalent to selecting the Resume item in the Machine menu of the GUI.

  • VBoxManage controlvm <vm> reset: Has the same effect on a virtual machine as pressing the Reset button on a real computer. A cold reboot of the virtual machine is done, which immediately restarts and reboots the guest operating system. The state of the VM is not saved beforehand, and data may be lost. This is equivalent to selecting the Reset item in the Machine menu of the GUI.

  • VBoxManage controlvm <vm> poweroff: Has the same effect on a virtual machine as pulling the power cable on a real computer. The state of the VM is not saved beforehand, and data may be lost. This is equivalent to selecting the Close item in the Machine menu of the GUI, or clicking the VM window's close button, and then selecting Power Off the Machine in the displayed dialog.

    After this, the VM's state will be Powered Off. From that state, it can be started again. See Section 8.13, “VBoxManage startvm”.

  • VBoxManage controlvm <vm> savestate: Saves the current state of the VM to disk and then stops the VM. This is equivalent to selecting the Close item in the Machine menu of the GUI or clicking the VM window's close button, and then selecting Save the Machine State in the displayed dialog.

    After this, the VM's state will be Saved. From this state, it can be started again. See Section 8.13, “VBoxManage startvm”.

  • VBoxManage controlvm <vm> acpipowerbutton: Sends an ACPI shutdown signal to the VM, as if the power button on a real computer had been pressed. So long as the VM is running a fairly modern guest operating system providing ACPI support, this should trigger a proper shutdown mechanism from within the VM.

  • VBoxManage controlvm <vm> keyboardputscancode <hex> [<hex>...]: Sends commands using keycodes to the VM. Keycodes are documented in the public domain. For example: http://www.win.tue.nl/~aeb/linux/kbd/scancodes-1.html.

  • VBoxManage controlvm "VM name" teleport --hostname <name> --port <port> [--passwordfile <file> | --password <password>]: Makes the machine the source of a teleporting operation and initiates a teleport to the given target. See Section 7.2, “Teleporting”. If the optional password is specified, it must match the password that was given to the modifyvm command for the target machine. See Section 8.8.6, “Teleporting Settings”.

The following extra options are available with controlvm that do not directly affect the VM's running state:

  • setlinkstate<1-N>: Connects or disconnects virtual network cables from their network interfaces.

  • nic<1-N> null|nat|bridged|intnet|hostonly|generic|natnetwork[<devicename>]: Specifies the type of networking that should be made available on the specified VM virtual network card. They available types are: not connected to the host (null), use network address translation (nat), bridged networking (bridged), communicate with other virtual machines using internal networking (intnet), host-only networking (hostonly), natnetwork networking (natnetwork), or access to rarely used submodes (generic). These options correspond to the modes which are described in detail in Section 6.2, “Introduction to Networking Modes”.

  • With the nictrace options, you can optionally trace network traffic by dumping it to a file, for debugging purposes.

    nictrace<1-N> on|off: Enables network tracing for a particular virtual network card.

    If enabled, you must specify with --nictracefile<1-N> <filename> the pathname of the file to which the trace should be logged.

  • nicpromisc<1-N> deny|allow-vms|allow-all: Specifies how the promiscious mode is handled for the specified VM virtual network card. This setting is only relevant for bridged networking. The default setting of deny hides any traffic not intended for this VM. allow-vms hides all host traffic from this VM but enables the VM to see traffic to and from other VMs. allow-all removes this restriction completely.

  • nicproperty<1-N> <paramname>="paramvalue": This option, in combination with nicgenericdrv enables you to pass parameters to rarely-used network backends.

    Those parameters are backend engine-specific, and are different between UDP Tunnel and the VDE backend drivers. See Section 6.8, “UDP Tunnel Networking”.

  • natpf<1-N> [<name>],tcp|udp,[<hostip>],<hostport>,[<guestip>], <guestport>: Specifies a NAT port-forwarding rule. See Section 6.3.1, “Configuring Port Forwarding with NAT”.

  • natpf<1-N> delete <name>: Deletes a NAT port-forwarding rule. See Section 6.3.1, “Configuring Port Forwarding with NAT”.

  • The guestmemoryballoon<balloon size in MB>: Changes the size of the guest memory balloon. This is the memory allocated by the Oracle VM VirtualBox Guest Additions from the guest operating system and returned to the hypervisor for reuse by other virtual machines. This must be specified in megabytes. See Section 4.10.1, “Memory Ballooning”.

  • usbattach<uuid|address> [--capturefile <filename>]

    and usbdetach <uuid|address> [--capturefile <filename>]: Makes host USB devices visible or invisible to the virtual machine on the fly, without the need for creating filters first. The USB devices can be specified by UUID (unique identifier) or by address on the host system. Use the --capturefile option to specify the absolute path of a file for writing activity logging data.

    You can use VBoxManage list usbhost to locate this information.

  • audioin on: Selects whether capturing audio from the host is enabled or disabled.

  • audioout on: Selects whether audio playback from the guest is enabled or disabled.

  • clipboard disabled|hosttoguest|guesttohost|bidirectional: Selects how the guest or host operating system's clipboard should be shared with the host or guest. See Section 3.4, “General Settings”. This requires that the Guest Additions be installed in the virtual machine.

  • draganddrop disabled|hosttoguest|guesttohost|bidirectional: Selects the current drag and drop mode being used between the host and the virtual machine. See Section 4.4, “Drag and Drop”. This requires that the Guest Additions be installed in the virtual machine.

  • vrde on|off: Enables and disables the VRDE server, if it is installed.

  • vrdeport default|<ports>: Changes the port or a range of ports that the VRDE server can bind to. default or 0 means port 3389, the standard port for RDP. See the description for the --vrdeport option in Section 8.8.5, “Remote Machine Settings”.

  • vrdeproperty "TCP/Ports|Address=<value>": Sets the port numbers and IP address on the VM to which the VRDE server can bind.

    • For TCP/Ports, <value> should be a port or a range of ports to which the VRDE server can bind. default or 0 means port 3389, the standard port for RDP. See the description for the --vrdeport option in Section 8.8.5, “Remote Machine Settings”.

    • For TCP/Address, <value>: The IP address of the host network interface that the VRDE server will bind to. If specified, the server will accept connections only on the specified host network interface. See the description for the --vrdeaddress option in Section 8.8.5, “Remote Machine Settings”.

  • vrdeproperty "VideoChannel/Enabled|Quality|DownscaleProtection=<value>": Sets the VRDP video redirection properties.

    • For VideoChannel/Enabled, <value> can be set to "1" switching the VRDP video channel on. See Section 7.1.9, “VRDP Video Redirection”.

    • For VideoChannel/Quality, <value> should be set between 10 and 100% inclusive, representing a JPEG compression level on the VRDE server video channel. Lower values mean lower quality but higher compression. See Section 7.1.9, “VRDP Video Redirection”.

    • For VideoChannel/DownscaleProtection, <value> can be set to "1" to enable the videochannel downscale protection feature. When enabled, if a video's size equals the shadow buffer size, then it is regarded as a full screen video, and is displayed. If its size is between fullscreen and the downscale threshold it is not displayed, as it could be an application window, which would be unreadable when downscaled. When the downscale protection feature is disabled, an attempt is always made to display videos.

  • vrdeproperty "Client/DisableDisplay|DisableInput|DisableAudio|DisableUSB=1": Disables one of the VRDE server features: Display, Input, Audio, or USB. To reenable a feature, use "Client/DisableDisplay=" for example. See Section 7.1.10, “VRDP Customization”.

  • vrdeproperty "Client/DisableClipboard|DisableUpstreamAudio=1". Disables one of the VRDE server features: Clipboard or UpstreamAudio. To reenable a feature, use "Client/DisableClipboard=" for example. See Section 7.1.10, “VRDP Customization”.

  • vrdeproperty "Client/DisableRDPDR=1": Disables the VRDE server feature: RDP device redirection for smart cards. To reenable this feature, use "Client/DisableRDPR=".

  • vrdeproperty "H3DRedirect/Enabled=1": Enables the VRDE server feature: 3D redirection. To disable this feature, use "H3DRedirect/Enabled=".

  • vrdeproperty "Security/Method|ServerCertificate|ServerPrivateKey|CACertificate=<value>": Sets the desired security method, path of the server certificate, path of the server private key, and path of CA certificate, used for a connection.

    • vrdeproperty "Security/Method=<value>": Sets the desired security method, which is used for a connection. Valid values are as follows:

      • Negotiate: Both Enhanced (TLS) and Standard RDP Security connections are allowed. The security method is negotiated with the client. This is the default setting.

      • RDP: Only Standard RDP Security is accepted.

      • TLS: Only Enhanced RDP Security is accepted. The client must support TLS.

      See Section 7.1.6, “RDP Encryption”.

    • vrdeproperty "Security/ServerCertificate=<value>" where <value> is the absolute path of the server certificate. See Section 7.1.6, “RDP Encryption”.

    • vrdeproperty "Security/ServerPrivateKey=<value>" where <value> is the absolute path of the server private key. See Section 7.1.6, “RDP Encryption”.

    • vrdeproperty "Security/CACertificate=<value>" where <value> is the absolute path of the CA self signed certificate. See Section 7.1.6, “RDP Encryption”.

  • vrdeproperty "Audio/RateCorrectionMode|LogPath=<value>": Sets the audio connection mode, or path of the audio logfile.

    • vrdeproperty "Audio/RateCorrectionMode=<value>" where <value> is the desired rate correction mode, allowed values are:

      • VRDP_AUDIO_MODE_VOID: No mode specified, use to unset any Audio mode already set.

      • VRDP_AUDIO_MODE_RC: Rate correction mode.

      • VRDP_AUDIO_MODE_LPF: Low pass filter mode.

      • VRDP_AUDIO_MODE_CS: Client sync mode to prevent underflow or overflow of the client queue.

    • vrdeproperty "Audio/LogPath=<value>" where <value> is the absolute path of the audio log file.

  • vrdevideochannelquality <percent>: Sets the image quality for video redirection. See Section 7.1.9, “VRDP Video Redirection”.

  • setvideomodehint: Requests that the guest system change to a particular video mode. This requires that the Guest Additions be installed, and will not work for all guest systems.

  • screenshotpng: Takes a screenshot of the guest display and saves it in PNG format.

  • recording on|off enables or disables the recording of a VM session into a WebM/VP8 file. When this option value is on, recording begins when the VM session starts.

  • recordingscreens all|screen-ID [screen-ID ...] enables you to specify which VM screens to record. The recording for each screen that you specify is saved to its own file. You cannot modify this setting while recording is enabled.

  • recordingfile filename specifies the file in which to save the recording. You cannot modify this setting while recording is enabled.

  • recordingvideores widthxheight specifies the resolution of the recorded video in pixels. You cannot modify this setting while recording is enabled.

  • recordingvideorate bit-rate specifies the bit rate of the video in kilobits per second. Increasing this value improves the appearance of the video at the cost of an increased file size. You cannot modify this setting while recording is enabled.

  • recordingvideofps fps specifies the maximum number of video frames per second (FPS) to record. Frames that have a higher frequency are skipped. Increasing this value reduces the number of skipped frames and increases the file size. You cannot modify this setting while recording is enabled.

  • recordingmaxtime seconds specifies the maximum amount time to record in seconds. The recording stops after the specified number of seconds elapses. If this value is zero, the recording continues until you stop the recording.

  • recordingmaxsize MB specifies the maximum size of the recorded video file in megabytes. The recording stops when the file reaches the specified size. If this value is zero, the recording continues until you stop the recording. You cannot modify this setting while recording is enabled.

  • recordingopts keyword=value[,keyword=value ...] specifies additional recording options in a comma-separated keyword-value format. For example, foo=bar,a=b. You cannot modify this setting while recording is enabled.

    Only use this option only if you are an advanced user. For information about keywords, see Oracle VM VirtualBox Programming Guide and Reference.

  • setcredentials: Used for remote logins on Windows guests. See Section 9.1, “Automated Guest Logins”.

  • teleport --host <name> --port <port>: Configures a VM as a target for teleporting. <name> specifies the virtual machine name. <port> specifies the port on the virtual machine which should listen for teleporting requests from other virtual machines. It can be any free TCP/IP port number, such as 6000. See Section 7.2, “Teleporting”.

    • --maxdowntime <msec>: Specifies the maximum downtime, in milliseconds, for the teleporting target VM. Optional.

    • --password <password>: The teleporting request will only succeed if the source machine specifies the same password as the one given with this command. Optional.

    • --passwordfile <password file>: The teleporting request will only succeed if the source machine specifies the same password as the one specified in the password file with the path specified with this command. Use stdin to read the password from stdin. Optional.

  • plugcpu|unplugcpu <id>: If CPU hot-plugging is enabled, this setting adds and removes a virtual CPU to the virtual machine. <id> specifies the index of the virtual CPU to be added or removed and must be a number from 0 to the maximum number of CPUs configured. CPU 0 can never be removed.

  • The cpuexecutioncap <1-100>: Controls how much CPU time a virtual CPU can use. A value of 50 implies a single virtual CPU can use up to 50% of a single host CPU.

  • webcam attach <path|alias> [<keyword=value>[;<keyword=value>...]]: Attaches a webcam to a running VM. Specify the absolute path of the webcam on the host operating system, or use its alias, obtained by using the command: VBoxManage list webcams.

    Note that alias '.0' means the default video input device on the host operating system, '.1', '.2', etc. mean first, second, etc. video input device. The device order is host-specific.

    The optional settings parameter is a ; delimited list of name-value pairs, enabling configuration of the emulated webcam device.

    The following settings are supported:

    MaxFramerate: Specifies the highest rate in frames per second, at which video frames are sent to the guest. Higher frame rates increase CPU load, so this setting can be useful when there is a need to reduce CPU load. The default setting is no maximum limit, thus enabling the guest to use all frame rates supported by the host webcam.

    MaxPayloadTransferSize: Specifies the maximum number of bytes the emulated webcam can send to the guest in one buffer. The default setting is 3060 bytes, which is used by some webcams. Higher values can slightly reduce CPU load, if the guest is able to use larger buffers. Note that higher MaxPayloadTransferSize values may be not supported by some guest operating systems.

  • webcam detach <path|alias>: Detaches a webcam from a running VM. Specify the absolute path of the webcam on the host, or use its alias obtained from the webcam list command.

    Please note the following points, relating to specific host operating systems:

    • Windows hosts: When the webcam device is detached from the host, the emulated webcam device is automatically detached from the guest.

    • Mac OS X hosts: OS X version 10.7 or newer is required.

      When the webcam device is detached from the host, the emulated webcam device remains attached to the guest and must be manually detached using the VBoxManage controlvm webcam detach command.

    • Linux hosts: When the webcam is detached from the host, the emulated webcam device is automatically detached from the guest only if the webcam is streaming video. If the emulated webcam is inactive, it should be manually detached using the VBoxManage controlvm webcam detach command.

  • webcam list: Lists webcams attached to the running VM. The output is a list of absolute paths or aliases that were used for attaching the webcams to the VM using the webcam attach command.

  • addencpassword <id> <password file>|- [--removeonsuspend <yes|no>]: Supplies an encrypted VM specified by <id> with the encryption password to enable a headless start. Either specify the absolute path of a password file on the host file system: <password file>, or use - to instruct VBoxManage to prompt the user for the encryption password.

    --removeonsuspend <yes|no>: Specifies whether to remove the passsword or keep the password in VM memory when the VM is suspended. If the VM has been suspended and the password has been removed, the user needs to resupply the password before the VM can be resumed. This feature is useful in cases where the user does not want the password to be stored in VM memory, and the VM is suspended by a host suspend event.

    Note

    On Oracle VM VirtualBox versions 5.0 and later, data stored on hard disk images can be transparently encrypted for the guest. Oracle VM VirtualBox uses the AES algorithm in XTS mode and supports 128 or 256 bit data encryption keys (DEK). The DEK is stored encrypted in the medium properties, and is decrypted during VM startup by supplying the encryption password.

    The VBoxManage encryptmedium command is used to create a DEK encrypted medium. See Section 9.30.2, “Encrypting Disk Images”. When starting an encrypted VM from the Oracle VM VirtualBox GUI, the user will be prompted for the encryption password.

    For a headless encrypted VM start, use the following command:

              VBoxManage startvm "vmname" --type headless
            

    Then supply the required encryption password as follows:

              VBoxManage "vmname" controlvm "vmname" addencpassword ...
            

  • removeencpassword <id>: Removes encryption password authorization for password <id> for all encrypted media attached to the VM.

  • removeallencpasswords: Removes encryption password authorization for all passwords for all encrypted media attached to the VM.

  • changeuartmode <1-N>: Changes the connection mode for a given virtual serial port.

8.15. VBoxManage discardstate

This command discards the saved state of a virtual machine which is not currently running. This will cause the VM's operating system to restart next time you start it. This is the equivalent of pulling out the power cable on a physical machine, and should be avoided if possible.

8.16. VBoxManage adoptstate

If you have a Saved state file (.sav) that is separate from the VM configuration, you can use this command to adopt the file. This will change the VM to saved state and when you start it, Oracle VM VirtualBox will attempt to restore it from the saved state file you indicated. This command should only be used in special setups.

8.17. VBoxManage snapshot

This command is used to control snapshots from the command line. A snapshot consists of a complete copy of the virtual machine settings, copied at the time when the snapshot was taken, and optionally a virtual machine saved state file if the snapshot was taken while the machine was running. After a snapshot has been taken, Oracle VM VirtualBox creates a differencing hard disk for each normal hard disk associated with the machine so that when a snapshot is restored, the contents of the virtual machine's virtual hard disks can be quickly reset by simply dropping the preexisting differencing files.

VBoxManage snapshot         <uuid|vmname>
                            take <name> [--description <desc>] [--live]
                                 [--uniquename Number,Timestamp,Space,Force] |
                            delete <uuid|snapname> |
                            restore <uuid|snapname> |
                            restorecurrent |
                            edit <uuid|snapname>|--current
                                 [--name <name>]
                                 [--description <desc>] |
                            list [--details|--machinereadable]
                            showvminfo <uuid|snapname>

The take operation takes a snapshot of the current state of the virtual machine. You must supply a name for the snapshot and can optionally supply a description. The new snapshot is inserted into the snapshots tree as a child of the current snapshot and then becomes the new current snapshot. The --description parameter enables you to describe the snapshot. If --live is specified, the VM will not be stopped during the snapshot creation. This is called live snapshotting.

The delete operation deletes a snapshot, specified by name or by UUID. This can take a while to finish since the differencing images associated with the snapshot might need to be merged with their child differencing images.

The restore operation will restore the given snapshot, specified by name or by UUID, by resetting the virtual machine's settings and current state to that of the snapshot. The previous current state of the machine will be lost. After this, the given snapshot becomes the new current snapshot so that subsequent snapshots are inserted under the snapshot from which was restored.

The restorecurrent operation is a shortcut to restore the current snapshot, which is the snapshot from which the current state is derived. This subcommand is equivalent to using the restore subcommand with the name or UUID of the current snapshot, except that it avoids the extra step of determining that name or UUID.

With the edit operation, you can change the name or description of an existing snapshot.

The list operation shows all snapshots of a virtual machine.

With the showvminfo operation, you can view the virtual machine settings that were stored with an existing snapshot.

8.18. VBoxManage closemedium

This command removes a hard disk, DVD, or floppy image from a Oracle VM VirtualBox media registry.

VBoxManage closemedium      [disk|dvd|floppy] <uuid|filename>
                            [--delete]

Optionally, you can request that the image be deleted. You will get appropriate diagnostics that the deletion failed, however the image will become unregistered in any case.

8.19. VBoxManage storageattach

This command attaches, modifies, and removes a storage medium connected to a storage controller that was previously added with the storagectl command. The syntax is as follows:

VBoxManage storageattach    <uuid|vmname>
                            --storagectl <name>
                            [--port <number>]
                            [--device <number>]
                            [--type dvddrive|hdd|fdd]
                            [--medium none|emptydrive|additions|
                                      <uuid>|<filename>|host:<drive>|iscsi]
                            [--mtype normal|writethrough|immutable|shareable
                                     readonly|multiattach]
                            [--comment <text>]
                            [--setuuid <uuid>]
                            [--setparentuuid <uuid>]
                            [--passthrough on|off]
                            [--tempeject on|off]
                            [--nonrotational on|off]
                            [--discard on|off]
                            [--hotpluggable on|off]
                            [--bandwidthgroup name|none]
                            [--forceunmount]
                            [--server <name>|<ip>]
                            [--target <target>]
                            [--tport <port>]
                            [--lun <lun>]
                            [--encodedlun <lun>]
                            [--username <username>]
                            [--password <password>]
                            [--passwordfile <file>]
                            [--initiator <initiator>]
                            [--intnet]

A number of parameters are commonly required. Some parameters are required only for iSCSI targets.

The common parameters are as follows:

uuid|vmname

The VM UUID or VM Name. Mandatory.

--storagectl

Name of the storage controller. Mandatory. The list of the storage controllers currently attached to a VM can be obtained with VBoxManage showvminfo. See Section 8.5, “VBoxManage showvminfo”.

--port

The number of the storage controller's port which is to be modified. Mandatory, unless the storage controller has only a single port.

--device

The number of the port's device which is to be modified. Mandatory, unless the storage controller has only a single device per port.

--type

Define the type of the drive to which the medium is being attached, detached, or modified. This argument can only be omitted if the type of medium can be determined from either the medium given with the --medium argument or from a previous medium attachment.

--medium

Specifies what is to be attached. The following values are supported:

  • none: Any existing device should be removed from the given slot.

  • emptydrive: For a virtual DVD or floppy drive only, this makes the device slot behave like a removeable drive into which no media has been inserted.

  • additions: For a virtual DVD drive only, this attaches the VirtualBox Guest Additions image to the given device slot.

  • If a UUID is specified, it must be the UUID of a storage medium that is already known to Oracle VM VirtualBox. For example, because it has been attached to another virtual machine. See Section 8.4, “VBoxManage list” for details of how to list known media. This medium is then attached to the given device slot.

  • If a filename is specified, it must be the full path of an existing disk image in ISO, RAW, VDI, VMDK, or other format. The disk image is then attached to the given device slot.

  • host:<drive>: For a virtual DVD or floppy drive only, this connects the given device slot to the specified DVD or floppy drive on the host computer.

  • iscsi: For virtual hard disks only, this is used for specifying an iSCSI target. In this case, additional parameters must be given. These are described below.

Some of the above changes, in particular for removeable media such as floppies and CDs/DVDs, can be effected while a VM is running. Others, such as device changes or changes in hard disk device slots, require the VM to be powered off.

--mtype

Defines how this medium behaves with respect to snapshots and write operations. See Section 5.4, “Special Image Write Modes”.

--comment

An optional description that you want to have stored with this medium. For example, for an iSCSI target, "Big storage server downstairs". This is purely descriptive and not needed for the medium to function correctly.

--setuuid, --setparentuuid

Modifies the UUID or parent UUID of a medium before attaching it to a VM. This is an expert option. Inappropriate use can make the medium unusable or lead to broken VM configurations if any other VM is referring to the same media already. The most frequently used variant is --setuuid "", which assigns a new random UUID to an image. This option is useful for resolving duplicate UUID errors if you duplicated an image using a file copy utility.

--passthrough

For a virtual DVD drive only, you can enable DVD writing support. This feature is currently experimental, see Section 5.9, “CD/DVD Support”.

--tempeject

For a virtual DVD drive only, you can configure the behavior for guest-triggered medium eject. If this is set to on, the eject has only a temporary effect. If the VM is powered off and restarted the originally configured medium will be still in the drive.

--nonrotational

Enables you to enable the non-rotational flag for virtual hard disks. Some guests, such as Windows 7 or later, treat such disks like SSDs and do not perform disk fragmentation on such media.

--discard

Enables the auto-discard feature for a virtual hard disks. This specifies that a VDI image will be shrunk in response to the trim command from the guest OS. The following requirements must be met:

  • The disk format must be VDI.

  • The size of the cleared area must be at least 1 MB.

  • Oracle VM VirtualBox will only trim whole 1 MB blocks. The VDIs themselves are organized into 1 MB blocks, so this will only work if the space being trimmed is at least a 1 MB contiguous block at a 1 MB boundary. On Windows, occasional defragmentation with defrag.exe /D, or on Linux running btrfs filesystem defrag as a background cron job may be beneficial.

Note

The Guest OS must be configured to issue the trim command, and typically this means that the guest OS is made to see the disk as an SSD. Ext4 supports the -o discard mount flag. Mac OS X probably requires additional settings. Windows should automatically detect and support SSDs, at least in versions 7, 8, and 10. The Linux exFAT driver from Samsung supports the trim command.

It is unclear whether Microsoft's implementation of exFAT supports this feature, even though that file system was originally designed for flash.

Alternatively, there are other methods to issue trim. For example, the Linux fstrim command, part of the util-linux package. Earlier solutions required a user to zero out unused areas, using zerofree or similar, and to compact the disk. This is only possible when the VM is offline.

--bandwidthgroup

Sets the bandwidth group to use for the given device. See Section 5.8, “Limiting Bandwidth for Disk Images”.

--forceunmount

For a virtual DVD or floppy drive only, this forcibly unmounts the DVD/CD/Floppy or mounts a new DVD/CD/Floppy even if the previous one is locked down by the guest for reading. See Section 5.9, “CD/DVD Support”.

When iscsi is used with the --medium parameter for iSCSI support, additional parameters must or can be used. See also Section 5.10, “iSCSI Servers”.

--server

The host name or IP address of the iSCSI target. Required.

--target

Target name string. This is determined by the iSCSI target and used to identify the storage resource. Required.

--tport

TCP/IP port number of the iSCSI service on the target. Optional.

--lun

Logical Unit Number of the target resource. Optional. Often, this value is zero.

--encodedlun

Hex-encoded Logical Unit Number of the target resource. Optional. Often, this value is zero.

--username, --password, --passwordfile

Username and password, called the initiator secret, for target authentication, if required. Optional.

Note

Username and password are stored without encryption, in clear text, in the XML machine configuration file if no settings password is provided. When a settings password is specified for the first time, the password is stored in encrypted form. As an alternative to providing the password on the command line, a reference to a file containing the text can be provided using the passwordfile option.

--initiator

iSCSI Initiator. Optional.

Microsoft iSCSI Initiator is a system, such as a server that attaches to an IP network and initiates requests and receives responses from an iSCSI target. The SAN components in Microsoft iSCSI Initiator are largely analogous to Fibre Channel SAN components, and they include the following:

  • To transport blocks of iSCSI commands over the IP network, an iSCSI driver must be installed on the iSCSI host. An iSCSI driver is included with Microsoft iSCSI Initiator.

  • A gigabit Ethernet adapter that transmits 1000 megabits per second (Mbps) is recommended for the connection to an iSCSI target. Like standard 10/100 adapters, most gigabit adapters use a preexisting Category 5 or Category 6E cable. Each port on the adapter is identified by a unique IP address.

  • An iSCSI target is any device that receives iSCSI commands. The device can be an end node, such as a storage device, or it can be an intermediate device, such as a network bridge between IP and Fibre Channel devices. Each port on the storage array controller or network bridge is identified by one or more IP addresses

--intnet

If specified, connect to the iSCSI target using Internal Networking. This needs further configuration, see Section 9.8.3, “Access iSCSI Targets Using Internal Networking”.

8.20. VBoxManage storagectl

This command attaches, modifies, and removes a storage controller. After this, virtual media can be attached to the controller with the storageattach command.

The syntax for this command is as follows:

VBoxManage storagectl       <uuid|vmname>
                            --name <name>
                            [--add ide|sata|scsi|floppy|sas|usb|pcie]
                            [--controller LSILogic|LSILogicSAS|BusLogic|
                                          IntelAhci|PIIX3|PIIX4|ICH6|I82078|
                                          USB|NVMe]
                            [--portcount <1-30>]
                            [--hostiocache on|off]
                            [--bootable on|off]
                            [--rename <name>]
                            [--remove]

The parameters are as follows:

uuid|vmname

The VM UUID or VM Name. Mandatory.

--name

Specifies the name of the storage controller. Mandatory.

--add

Specifies the type of the system bus to which the storage controller must be connected.

--controller

Enables a choice of chipset type being emulated for the given storage controller.

--portcount

This specifies the number of ports the storage controller should support.

--hostiocache

Configures the use of the host I/O cache for all disk images attached to this storage controller. See Section 5.7, “Host Input/Output Caching”.

--bootable

Specifies whether this controller is bootable.

--rename

Specifies a new name for the storage controller.

--remove

Removes the storage controller from the VM configuration.

8.21. VBoxManage bandwidthctl

This command creates, deletes, modifies, and shows bandwidth groups of the given virtual machine.

VBoxManage bandwidthctl    <uuid|vmname>
                           add <name> --type disk|network --limit <MBps>[k|m|g|K|M|G] |
                           set <name> --limit <MBps>[k|m|g|K|M|G] |
                           remove <name> |
                           list [--machinereadable]

The following subcommands are available:

  • add: Creates a new bandwidth group of a given type.

  • set: Modifies the limit for an existing bandwidth group.

  • remove: Deletes a bandwidth group.

  • list: Shows all bandwidth groups defined for the given VM. Use the --machinereadable option to produce the same output, but in machine readable format. This is of the form: name="value" on a line by line basis.

The parameters are as follows:

uuid|vmname

The VM UUID or VM Name. Mandatory.

--name

Name of the bandwidth group. Mandatory.

--type

Type of the bandwidth group. Mandatory. Two types are supported: disk and network. See Section 5.8, “Limiting Bandwidth for Disk Images” or Section 6.10, “Limiting Bandwidth for Network Input/Output” for the description of a particular type.

--limit

Specifies the limit for the given bandwidth group. This can be changed while the VM is running. The default unit is megabytes per second. The unit can be changed by specifying one of the following suffixes: k for kilobits per second, m for megabits per second, g for gigabits per second, K for kilobytes per second, M for megabytes per second, G for gigabytes per second.

Note

The network bandwidth limits apply only to the traffic being sent by virtual machines. The traffic being received by VMs is unlimited.

Note

To remove a bandwidth group it must not be referenced by any disks or adapters in the running VM.

8.22. VBoxManage showmediuminfo

This command shows information about a medium, notably its size, its size on disk, its type, and the virtual machines which use it.

Note

For compatibility with earlier versions of Oracle VM VirtualBox, the showvdiinfo command is also supported and mapped internally to the showmediuminfo command.

VBoxManage showmediuminfo     [disk|dvd|floppy] <uuid|filename>

The medium must be specified either by its UUID, if the medium is registered, or by its filename. Registered images can be listed using VBoxManage list hdds, VBoxManage list dvds, or VBoxManage list floppies, as appropriate. See Section 8.4, “VBoxManage list”.

8.23. VBoxManage createmedium

This command creates a new medium. The syntax is as follows:

VBoxManage createmedium     [disk|dvd|floppy]    --filename <filename>
                            [--size <megabytes>|--sizebyte <bytes>]
                            [--diffparent <uuid>|<filename>
                            [--format VDI|VMDK|VHD] (default: VDI)
                            [--variant Standard,Fixed,Split2G,Stream,ESX]

The parameters are as follows:

--filename <filename>

Specifies a file name <filename> as an absolute path on the host file system. Mandatory.

--size <megabytes>

Specifies the image capacity, in 1 MB units. Optional.

--diffparent <uuid>|<filename>

Specifies the differencing image parent, either as a UUID or by the absolute pathname of the file on the host file system. Useful for sharing a base box disk image among several VMs.

--format VDI|VMDK|VHD

Specifies the file format for the output file. Available options are VDI, VMDK, VHD. The default format is VDI. Optional.

--variant

Specifies any required file format variants for the output file. This is a comma-separated list of variant flags. Options are Standard,Fixed,Split2G,Stream,ESX. Not all combinations are supported, and specifying mutually incompatible flags results in an error message. Optional.

Note

For compatibility with earlier versions of Oracle VM VirtualBox, the createvdi and createhd commands are also supported and mapped internally to the createmedium command.

8.24. VBoxManage modifymedium

With the modifymedium command, you can change the characteristics of a disk image after it has been created.

VBoxManage modifymedium  [disk|dvd|floppy]    <uuid|filename>
                         [--type normal|writethrough|immutable|shareable|
                                 readonly|multiattach]
                         [--autoreset on|off]
                         [--property <name=[value]>]
                         [--compact]
                         [--resize <megabytes>|--resizebyte <bytes>]
                         [--move <path>]
                         [--setlocation <path>]

Note

For compatibility with earlier versions of Oracle VM VirtualBox, the modifyvdi and modifyhd commands are also supported and mapped internally to the modifymedium command.

The disk image to modify must be specified either by its UUID, if the medium is registered, or by its filename. Registered images can be listed using VBoxManage list hdds, see Section 8.4, “VBoxManage list”. A filename must be specified as a valid path, either as an absolute path or as a relative path starting from the current directory.

The following options are available:

  • With the --type argument, you can change the type of an existing image between the normal, immutable, write-through and other modes. See Section 5.4, “Special Image Write Modes”.

  • For immutable hard disks only, the --autoreset on|off option determines whether the disk is automatically reset on every VM startup. See Section 5.4, “Special Image Write Modes”. By default, autoreset is on.

  • The --compact option can be used to compact disk images. Compacting removes blocks that only contains zeroes. Using this option will shrink a dynamically allocated image. It will reduce the physical size of the image without affecting the logical size of the virtual disk. Compaction works both for base images and for differencing images created as part of a snapshot.

    For this operation to be effective, it is required that free space in the guest system first be zeroed out using a suitable software tool. For Windows guests, you can use the sdelete tool provided by Microsoft. Run sdelete -z in the guest to zero the free disk space, before compressing the virtual disk image. For Linux, use the zerofree utility which supports ext2/ext3 filesystems. For Mac OS X guests, use the diskutil secureErase freespace 0 / command from an elevated Terminal.

    Please note that compacting is currently only available for VDI images. A similar effect can be achieved by zeroing out free blocks and then cloning the disk to any other dynamically allocated format. You can use this workaround until compacting is also supported for disk formats other than VDI.

  • The --resize x option, where x is the desired new total space in megabytes enables you to change the capacity of an existing image. This adjusts the logical size of a virtual disk without affecting the physical size much.

    This option currently works only for VDI and VHD formats, and only for the dynamically allocated variants. It can only be used to expand, but not shrink, the capacity. For example, if you originally created a 10 GB disk which is now full, you can use the --resize 15360 command to change the capacity to 15 GB (15,360 MB) without having to create a new image and copy all data from within a virtual machine. Note however that this only changes the drive capacity. You will typically next need to use a partition management tool inside the guest to adjust the main partition to fill the drive.

    The --resizebyte x option does almost the same thing, except that x is expressed in bytes instead of megabytes.

  • The --move <path> option can be used to relocate a medium to a different location <path> on the host file system. The path can be either relative to the current directory or absolute.

  • The --setlocation <path> option can be used to set the new location <path> of the medium on the host file system if the medium has been moved for any reasons. The path can be either relative to the current directory or absolute.

    Note

    The new location is used as is, without any sanity checks. The user is responsible for setting the correct path.

8.25. VBoxManage clonemedium

This command duplicates a virtual disk, DVD, or floppy medium to a new medium, usually an image file, with a new unique identifier (UUID). The new image can be transferred to another host system or reimported into Oracle VM VirtualBox using the Virtual Media Manager. See Section 5.3, “The Virtual Media Manager” and Section 5.6, “Cloning Disk Images”. The syntax is as follows:

VBoxManage clonemedium      [disk|dvd|floppy] <uuid|inputfile> <uuid|outputfile>

                            [--format VDI|VMDK|VHD|RAW|<other>]
                            [--variant Standard,Fixed,Split2G,Stream,ESX]
                            [--existing]

The medium to clone as well as the target image must be described either by its UUIDs, if the mediums are registered, or by its filename. Registered images can be listed by VBoxManage list hdds. See Section 8.4, “VBoxManage list”. A filename must be specified as valid path, either as an absolute path or as a relative path starting from the current directory.

The following options are available:

--format

Set a file format for the output file different from the file format of the input file.

--variant

Set a file format variant for the output file. This is a comma-separated list of variant flags. Not all combinations are supported, and specifying inconsistent flags will result in an error message.

--existing

Perform the clone operation to an already existing destination medium. Only the portion of the source medium which fits into the destination medium is copied. This means if the destination medium is smaller than the source only a part of it is copied, and if the destination medium is larger than the source the remaining part of the destination medium is unchanged.

Note

For compatibility with earlier versions of Oracle VM VirtualBox, the clonevdi and clonehd commands are still supported and mapped internally to the clonehd disk command.

8.26. VBoxManage mediumproperty

This command sets, gets, or deletes a medium property. The syntax is as follows:

VBoxManage mediumproperty [disk|dvd|floppy] set <uuid|filename>
                                                <property> <value>
  • Use <disk|dvd|floppy> to optionally specify the type of medium: disk (hard drive), dvd, or floppy.

  • Use <uuid|filename> to supply either the UUID or absolute path of the medium or image.

  • Use <property> to supply the name of the property.

  • Use <value> to supply the property value.

VBoxManage mediumproperty [disk|dvd|floppy] get <uuid|filename>
                                                <property>
  • Use <disk|dvd|floppy> to optionally specify the type of medium: disk (hard drive), dvd, or floppy.

  • Use <uuid|filename> to supply either the UUID or absolute path of the medium or image.

  • Use <property> to supply the name of the property.

VBoxManage mediumproperty [disk|dvd|floppy] delete <uuid|filename>
                                                   <property>
  • Use <disk|dvd|floppy> to optionally specify the type of medium: disk (hard drive), dvd, or floppy.

  • Use <uuid|filename> to supply either the UUID or absolute path of the medium or image.

  • Use <property> to supply the name of the property.

8.27. VBoxManage encryptmedium

This command is used to create a DEK encrypted medium or image. See Section 9.30.2, “Encrypting Disk Images”.

The syntax is as follows:

VBoxManage encryptmedium <uuid|filename>
                         [--newpassword <file|->]
                         [--oldpassword <file|->]
                         [--cipher <cipher id>]
                         [--newpasswordid <password id>]
  • Use <uuid|filename> to supply the UUID or absolute path of the medium or image to be encrypted.

  • Use --newpassword <file|-> to supply a new encryption password. Either specify the absolute pathname of a password file on the host operating system, or - to prompt you for the password on the command line. Always use the --newpasswordid option with this option.

  • Use --oldpassword <file|-> to supply any old encryption password. Either specify the absolute pathname of a password file on the host operating system, or - to prompt you for the old password on the command line.

    Use this option to gain access to an encrypted medium or image to either change its password using --newpassword or change its encryption using --cipher.

  • Use --cipher <cipher> to specify the cipher to use for encryption. This can be either AES-XTS128-PLAIN64 or AES-XTS256-PLAIN64.

    Use this option to change any existing encryption on the medium or image, or to set up new encryption on it for the first time.

  • Use --newpasswordid <password id> to supply the new password identifier. This can be chosen by the user, and is used for correct identification when supplying multiple passwords during VM startup.

    If the user uses the same password when encrypting multiple images and also the same password identifier, the user needs to supply the password only once during VM startup.

8.28. VBoxManage checkmediumpwd

This command is used to check the current encryption password on a DEK encrypted medium or image. See Section 9.30.2, “Encrypting Disk Images”.

The syntax is as follows:

VBoxManage checkmediumpwd <uuid|filename>
                                      <pwd file|->
  • Use <uuid|filename> to supply the UUID or absolute path of the medium or image to be checked.

  • Use <pwd file|-> to supply the password identifier to be checked. Either specify the absolute pathname of a password file on the host operating system, or - to prompt you for the password on the command line.

8.29. VBoxManage convertfromraw

This command converts a raw disk image to a Oracle VM VirtualBox Disk Image (VDI) file. The syntax is as follows:

VBoxManage convertfromraw   <filename> <outputfile>
                            [--format VDI|VMDK|VHD]
                            [--variant Standard,Fixed,Split2G,Stream,ESX]
                            [--uuid <uuid>]
VBoxManage convertfromraw   stdin <outputfile> <bytes>
                            [--format VDI|VMDK|VHD]
                            [--variant Standard,Fixed,Split2G,Stream,ESX]
                            [--uuid <uuid>]

The parameters are as follows:

--bytes

The size of the image file, in bytes, provided through stdin.

--format

Select the disk image format to create. The default format is VDI. Other options are VMDK and VHD.

--variant

Choose a file format variant for the output file. This is a comma-separated list of variant flags. Not all combinations are supported, and specifying inconsistent flags will result in an error message.

--uuid

Specify the UUID of the output file.

The stdin form of the command forces VBoxManage to read the content of the disk image from standard input. This useful when using the command in a pipe.

Note

For compatibility with earlier versions of Oracle VM VirtualBox, the convertdd command is also supported and mapped internally to the convertfromraw command.

8.30. VBoxManage getextradata/setextradata

These commands enable you to attach and retrieve string data for a virtual machine or for a Oracle VM VirtualBox configuration, by specifying global instead of a virtual machine name. You must specify a keyword as a text string to associate the data with, which you can later use to retrieve it. For example:

VBoxManage setextradata Fedora5 installdate 2006.01.01
VBoxManage setextradata SUSE10 installdate 2006.02.02

This example would associate the string "2006.01.01" with the keyword installdate for the virtual machine Fedora5, and "2006.02.02" on the machine SUSE10. You could then retrieve the information as follows:

VBoxManage getextradata Fedora5 installdate

This would return the following:

VirtualBox Command Line Management Interface Version version-number
(C) 2005-2018 Oracle Corporation
All rights reserved.

Value: 2006.01.01

You could retrieve the information for all keywords as follows:

VBoxManage getextradata Fedora5 enumerate

To remove a keyword, the setextradata command must be run without specifying data, only the keyword. For example:

VBoxManage setextradata Fedora5 installdate

8.31. VBoxManage setproperty

This command is used to change global settings which affect the entire Oracle VM VirtualBox installation. Some of these correspond to the settings in the Global Settings dialog in the graphical user interface. The following properties are available:

machinefolder

Specifies the default folder in which virtual machine definitions are kept. See Section 10.1, “Where Oracle VM VirtualBox Stores its Files”.

hwvirtexclusive

Specifies whether Oracle VM VirtualBox will make exclusive use of the hardware virtualization extensions (Intel VT-x or AMD-V) of the host system's processor. See Section 10.3, “Hardware vs. Software Virtualization”. If you wish to share these extensions with other hypervisors running at the same time, you must disable this setting. Doing so has negative performance implications.

vrdeauthlibrary

Specifies which library to use when external authentication has been selected for a particular virtual machine. See Section 7.1.5, “RDP Authentication”.

websrvauthlibrary

Specifies which library the web service uses to authenticate users. For details about the Oracle VM VirtualBox web service, see the Oracle VM VirtualBox SDK reference, Chapter 11, Oracle VM VirtualBox Programming Interfaces.

vrdeextpack

Specifies which library implements the VirtualBox Remote Desktop Extension.

loghistorycount

Selects how many rotated VM logs are retained.

autostartdbpath

Selects the path to the autostart database. See Section 9.23, “Starting Virtual Machines During System Boot”.

defaultfrontend

Selects the global default VM frontend setting. See Section 8.13, “VBoxManage startvm”.

logginglevel

Configures the VBoxSVC release logging details. See http://www.virtualbox.org/wiki/VBoxLogging.

proxymode

Configures the mode for an HTTP proxy server.

proxyurl

Configures the URL for an HTTP proxy server. Used when a manual proxy is configured using the manual setting of the proxymode property.

8.32. VBoxManage usbfilter add/modify/remove

VBoxManage usbfilter        add <index,0-N>
                          --target <uuid|vmname>global
                          --name <string>
                          --action ignore|hold (global filters only)
                         [--active yes|no (yes)]
                         [--vendorid <XXXX> (null)]
                         [--productid <XXXX> (null)]
                         [--revision <IIFF> (null)]
                         [--manufacturer <string> (null)]
                         [--product <string> (null)]
                         [--remote yes|no (null, VM filters only)]
                         [--serialnumber <string> (null)]
                         [--maskedinterfaces <XXXXXXXX>]
    
VBoxManage usbfilter        modify <index,0-N>
                          --target <uuid|vmname>global
                         [--name <string>]
                         [--action ignore|hold (global filters only)]
                         [--active yes|no]
                         [--vendorid <XXXX>]
                         [--productid <XXXX>]
                         [--revision <IIFF>]
                         [--manufacturer <string>]
                         [--product <string>]
                         [--remote yes|no (null, VM filters only)]
                         [--serialnumber <string>]
                         [--maskedinterfaces <XXXXXXXX>]
    
VBoxManage usbfilter        remove <index,0-N>
                          --target <uuid|vmname>global
    

The usbfilter commands are used for working with USB filters in virtual machines, or global filters which affect the whole Oracle VM VirtualBox setup. Global filters are applied before machine-specific filters, and may be used to prevent devices from being captured by any virtual machine. Global filters are always applied in a particular order, and only the first filter which fits a device is applied. For example, if the first global filter says to hold, or make available, a particular Kingston memory stick device and the second filter says to ignore all Kingston devices. That particular Kingston memory stick will be available to any machine with the appropriate filter, but no other Kingston device will.

When creating a USB filter using usbfilter add, you must supply three or four mandatory parameters. The index specifies the position in the list at which the filter should be placed. If there is already a filter at that position, then it and the following ones will be shifted back one place. Otherwise, the new filter will be added onto the end of the list. The target parameter selects the virtual machine that the filter should be attached to or use global to apply it to all virtual machines. name is a name for the new filter. For global filters, action says whether to allow VMs access to devices that fit the filter description (hold) or not to give them access (ignore). In addition, you should specify parameters to filter by. You can find the parameters for devices attached to your system using VBoxManage list usbhost. Finally, you can specify whether the filter should be active. For local filters, whether they are for local devices, remote devices over an RDP connection, or either.

When you modify a USB filter using usbfilter modify, you must specify the filter by index and by target, which is either a virtual machine or global. See the output of VBoxManage list usbfilters to find global filter indexes and VBoxManage showvminfo to find indexes for individual machines. The properties which can be changed are the same as for usbfilter add. To remove a filter, use usbfilter remove and specify the index and the target.

The following is a list of the additional usbfilter add and usbfilter modify options, with details of how to use them.

  • --action ignore|hold: Specifies whether devices that fit the filter description are allowed access by machines (hold), or have access denied (ignore). Applies to global filters only.

  • --active yes|no: Specifies whether the USB Filter is active or temporarily disabled. For usbfilter create the default is active.

  • --vendorid <XXXX>|"": Specifies a vendor ID filter. The string representation for an exact match has the form XXXX, where X is the hexadecimal digit, including leading zeroes.

  • --productid <XXXX>|"": Specifies a product ID filter. The string representation for an exact match has the form XXXX, where X is the hexadecimal digit, including leading zeroes.

  • --revision <IIFF>|"": Specifies a revision ID filter. The string representation for an exact match has the form IIFF, where I is the decimal digit of the integer part of the revision, and F is the decimal digit of its fractional part, including leading and trailing zeros. Note that for interval filters, it is best to use the hexadecimal form, because the revision is stored as a 16-bit packed BCD value. Therefore, the expression int:0x0100-0x0199 will match any revision from 1.0 to 1.99 inclusive.

  • --manufacturer <string>|"": Specifies a manufacturer ID filter, as a string.

  • --product <string>|"": Specifies a product ID filter, as a string.

  • --remote yes|no"": Specifies a remote filter, indicating whether the device is physically connected to a remote VRDE client or to a local host machine. Applies to VM filters only.

  • --serialnumber <string>|"": Specifies a serial number filter, as a string.

  • --maskedinterfaces <XXXXXXXX>: Specifies a masked interface filter, for hiding one or more USB interfaces from the guest. The value is a bit mask where the set bits correspond to the USB interfaces that should be hidden, or masked off. This feature only works on Linux hosts.

8.33. VBoxManage sharedfolder add/remove

VBoxManage sharedfolder     add <uuid|vmname>
                                --name <name> --hostpath <hostpath>
                                [--transient] [--readonly] [--automount]

This command enables you to share folders on the host computer with guest operating systems. For this, the guest systems must have a version of the Oracle VM VirtualBox Guest Additions installed which supports this functionality.

Parameters are as follows:

  • <uuid|vmname>: Specifies the UUID or name of the VM whose guest operating system will be sharing folders with the host computer. Mandatory.

  • --name <name>: Specifies the name of the share. Each share has a unique name within the namespace of the host operating system. Mandatory.

  • -hostpath <hostpath>: Specifies the absolute path on the host operating system of the directory to be shared with the guest operating system. Mandatory.

  • -transient: Specifies that the share is transient, meaning that it can be added and removed at runtime and does not persist after the VM has stopped. Optional.

  • -readonly: Specifies that the share has only read-only access to files at the host path.

    By default, shared folders have read/write access to the files on the host path. On Linux distributions, shared folders are mounted with 770 file permissions with root user and vboxsf as the group. Using this option the file permissions change to 700. Optional.

  • -automount: Specifies that the share will be automatically mounted. On Linux distributions, this will be to either /media/USER/sf_<name> or /media/sf_<name>, where <name> is the share named. The actual location depends on the guest OS. Optional.

VBoxManage sharedfolder     remove <uuid|vmname>
                            --name <name> [--transient]

This command enables you to delete shared folders on the host computer shares with the guest operating systems. For this, the guest systems must have a version of the Oracle VM VirtualBox Guest Additions installed which supports this functionality.

Parameters are as follows:

  • <uuid|vmname>: Specifies the UUID or name of the VM whose guest operating system is sharing folders with the host computer. Mandatory.

  • --name <name>: Specifies the name of the share to be removed. Each share has a unique name within the namespace of the host operating system. Mandatory.

  • -transient: Specifies that the share is transient, meaning that it can be added and removed at runtime and does not persist after the VM has stopped. Optional.

Shared folders are described in Section 4.3, “Shared Folders”.

8.34. VBoxManage guestproperty

The guestproperty commands enable you to get or set properties of a running virtual machine. See Section 4.7, “Guest Properties”. Guest properties are arbitrary keyword-value string pairs which can be written to and read from by either the guest or the host, so they can be used as a low-volume communication channel for strings, provided that a guest is running and has the Guest Additions installed. In addition, a number of values whose keywords begin with /VirtualBox/are automatically set and maintained by the Guest Additions.

The following subcommands are available, where <vm> can either be a VM name or a VM UUID, as with the other VBoxManage commands:

  • enumerate <vm> [--patterns <pattern>]: Lists all the guest properties that are available for the given VM, including the value. This list will be very limited if the guest's service process cannot be contacted, for example because the VM is not running or the Guest Additions are not installed.

    If --patterns <pattern> is specified, it acts as a filter to only list properties that match the given pattern. The pattern can contain the following wildcard characters:

    • * (asterisk): Represents any number of characters. For example, "/VirtualBox*" would match all properties beginning with "/VirtualBox".

    • ? (question mark): Represents a single arbitrary character. For example, "fo?" would match both "foo" and "for".

    • | (pipe symbol): Can be used to specify multiple alternative patterns. For example, "s*|t*" would match anything starting with either "s" or "t".

  • get <vm> <property>: Retrieves the value of a single property only. If the property cannot be found, for example because the guest is not running, the following message is shown:

    No value set!
  • set <vm> <property> [<value> [--flags <flags>]]: Enables you to set a guest property by specifying the keyword and value. If <value> is omitted, the property is deleted. With --flags, you can specify additional behavior. You can combine several flags by separating them with commas.

    • TRANSIENT: The value will not be stored with the VM data when the VM exits.

    • TRANSRESET: The value will be deleted as soon as the VM restarts or exits.

    • RDONLYGUEST: The value can only be changed by the host, but the guest can only read it.

    • RDONLYHOST: The value can only be changed by the guest, but the host can only read it.

    • READONLY: The value cannot be changed at all.

  • wait <vm> <pattern> --timeout <timeout>: Waits for a particular value described by the pattern string to change or to be deleted or created. The pattern rules are the same as for the enumerate subcommand.

  • delete <vm> <property>: Deletes a guest property which has been set previously.

8.35. VBoxManage guestcontrol

The guestcontrol commands enable control of the guest from the host. See Section 4.9, “Guest Control of Applications” for an introduction.

The guestcontrol command has two sets of subcommands. The first set requires guest credentials to be specified, the second does not.

The first set of subcommands is of the following form:

VBoxManage guestcontrol <uuid|vmname> <sub-command>
            [--username <name> ]
            [--passwordfile <file> | --password <password>]
            [--domain <domain> ]
            [-v|--verbose] [-q|quiet] ...
    

The common options are as follows:

           [--username <name> ]
           [--passwordfile <file> | --password <password>]
           [--domain <domain> ]
           [-v|--verbose] [-q|quiet]
    

The common options for the first set of subcommands are explained in the following list.

<uuid|vmname>

Specifies the VM UUID or VM name. Mandatory.

--username <name>

Specifies the user name on guest OS under which the process should run. This user name must already exist on the guest OS. If unspecified, the host user name is used. Optional

--passwordfile <file>|--password

Specifies the absolute path on guest file system of password file containing the password for the specified user account or password for the specified user account. Optional. If both are omitted, empty password is assumed.

--domain <domain>

User domain for Windows guests. Optional.

-v|--verbose

Makes the subcommand execution more verbose. Optional

-q|--quiet

Makes the subcommand execution quieter. Optional.

The first set of subcommands are as follows:

  • run: Executes a guest program, forwarding stdout, stderr, and stdin to and from the host until it completes.

    VBoxManage guestcontrol <uuid|vmname> run [common-options]
                --exe <path to executable> [--timeout <msec>]
               [-E|--putenv <NAME>[=<VALUE>]] [--unquoted-args]
               [--ignore-operhaned-processes] [--profile]
               [--no-wait-stdout|--wait-stdout]
               [--no-wait-stderr|--wait-stderr]
               [--dos2unix] [--unix2dos]
                -- <program/arg0> [argument1] ... [argumentN]]
              
    <uuid|vmname>

    Specifies the VM UUID or VM name. Mandatory.

    --exe <path to executable>

    Specifies the absolute path of the executable on the guest OS file system. Mandatory. For example: C:\Windows\System32\calc.exe.

    --timeout <msec>

    Specifies the maximum time, in microseconds, that the executable can run, during which VBoxManage receives its output. Optional. If unspecified, VBoxManage waits indefinitely for the process to end, or an error occurs.

    -E|--putenv <NAME>=<VALUE>

    Sets, modifies, and unsets environment variables in the environment in which the program will run. Optional.

    The guest process is created with the standard default guest OS environment. Use this option to modify that default environment. To set or modify a variable use: <NAME>=<VALUE>. To unset a variable use: <NAME>=

    Any spaces in names and values should be enclosed by quotes.

    To set, modify, and unset multiple variables, use multiple instances of the --E|--putenv option.

    --unquoted-args

    Disables escaped double quoting, such as \"fred\", on arguments passed to the executed program. Optional.

    --ignore-operhaned-processes

    Ignore orphaned processes. Not yet implemented. Optional.

    --profile

    Use Profile. Not yet implemented. Optional.

    --no-wait-stdout|--wait-stdout

    Does not wait or waits until the guest process ends and receives its exit code and reason/flags. In the case of --wait-stdout, VBoxManage receives its stdout while the process runs. Optional.

    --no-wait-stderr|--wait-stderr

    Does not wait or waits until the guest process ends and receives its exit code, error messages, and flags. In the case of --wait-stderr, VBoxManage receives its stderr while the process runs. Optional.

    --dos2unix

    Converts output from DOS/Windows guests to UNIX/Linux-compatible line endings, CR + LF to LF. Not yet implemented. Optional.

    --unix2dos

    Converts output from a UNIX/Linux guests to DOS/Windows-compatible line endings, LF to CR + LF. Not yet implemented. Optional.

    [-- <program/arg0> [<argument1>] ... [<argumentN>]]

    Specifies the program name, followed by one or more arguments to pass to the program. Optional.

    Any spaces in arguments should be enclosed by quotes.

    Note

    On Windows there are certain limitations for graphical applications. See Chapter 14, Known Limitations.

    Examples of using the guestcontrol run command are as follows:

    VBoxManage --nologo guestcontrol "My VM" run --exe "/bin/ls"
              --username foo --passwordfile bar.txt --wait-exit --wait-stdout -- -l /usr
    VBoxManage --nologo guestcontrol "My VM" run --exe "c:\\windows\\system32\\ipconfig.exe"
              --username foo --passwordfile bar.txt --wait-exit --wait-stdout

    Note that the double backslashes in the second example are only required on UNIX hosts.

    Note

    For certain commands a user name of an existing user account on the guest must be specified. Anonymous executions are not supported for security reasons. A user account password, however, is optional and depends on the guest's OS security policy or rules. If no password is specified for a given user name, an empty password will be used. On certain OSes like Windows the security policy may needs to be adjusted in order to allow user accounts with an empty password set. Also, global domain rules might apply and therefore cannot be changed.

    Starting at Oracle VM VirtualBox 4.1.2 guest process execution by default is limited to serve up to five guest processes at a time. If a new guest process gets started which would exceed this limit, the oldest not running guest process will be discarded in order to be able to run that new process. Also, retrieving output from this old guest process will not be possible anymore then. If all five guest processes are still active and running, starting a new guest process will result in an appropriate error message.

    To raise or lower the guest process execution limit, either use the guest property /VirtualBox/GuestAdd/VBoxService/--control-procs-max-kept or VBoxService command line by specifying --control-procs-max-kept needs to be modified. A restart of the guest OS is required afterwards. To serve unlimited guest processes, a value of 0 needs to be set, but this is not recommended.

  • start: Executes a guest program until it completes.

    VBoxManage guestcontrol <uuid|vmname> start [common-options]
               [--exe <path to executable>] [--timeout <msec>]
               [-E|--putenv <NAME>[=<VALUE>]] [--unquoted-args]
               [--ignore-operhaned-processes] [--profile]
                -- <program/arg0> [argument1] ... [argumentN]]
              

    Where the options are as follows:

    <uuid|vmname>

    Specifies the VM UUID or VM name. Mandatory.

    --exe <path to executable>

    Specifies the absolute path of the executable on the guest OS file system. Mandatory. For example: C:\Windows\System32\calc.exe

    --timeout <msec>

    Specifies the maximum time, in microseconds, that the executable can run. Optional. If unspecified, VBoxManage waits indefinitely for the process to end, or an error occurs.

    -E|--putenv <NAME>=<VALUE>

    Sets, modifies, and unsets environment variables in the environment in which the program will run. Optional.

    The guest process is created with the standard default guest OS environment. Use this option to modify that default environment. To set or modify a variable use: <NAME>=<VALUE>. To unset a variable use: <NAME>=

    Any spaces in names and values should be enclosed by quotes.

    To set, modify, or unset multiple variables, use multiple instances of the --E|--putenv option.

    --unquoted-args

    Disables escaped double quoting, such as \"fred\", on arguments passed to the executed program. Optional.

    --ignore-operhaned-processes

    Ignores orphaned processes. Not yet implemented. Optional.

    --profile

    Use a profile. Not yet implemented. Optional.

    [-- <program/arg0> [<argument1>] ... [<argumentN>]]

    Specifies the program name, followed by one or more arguments to pass to the program. Optional.

    Any spaces in arguments should be enclosed by quotes.

    Note

    On Windows there are certain limitations for graphical applications. See Chapter 14, Known Limitations.

    Examples of using the guestcontrol start command are as follows:

    VBoxManage --nologo guestcontrol "My VM" start --exe "/bin/ls"
              --username foo --passwordfile bar.txt --wait-exit --wait-stdout -- -l /usr
    VBoxManage --nologo guestcontrol "My VM" start --exe "c:\\windows\\system32\\ipconfig.exe"
              --username foo --passwordfile bar.txt --wait-exit --wait-stdout

    Note that the double backslashes in the second example are only required on UNIX hosts.

    Note

    For certain commands a user name of an existing user account on the guest must be specified. Anonymous executions are not supported for security reasons. A user account password, however, is optional and depends on the guest's OS security policy or rules. If no password is specified for a given user name, an empty password will be used. On certain OSes like Windows the security policy may needs to be adjusted in order to allow user accounts with an empty password set. Also, global domain rules might apply and therefore cannot be changed.

    Starting at Oracle VM VirtualBox 4.1.2 guest process execution by default is limited to serve up to five guest processes at a time. If a new guest process gets started which would exceed this limit, the oldest not running guest process will be discarded in order to be able to run that new process. Also, retrieving output from this old guest process will not be possible anymore then. If all five guest processes are still active and running, starting a new guest process will result in an appropriate error message.

    To raise or lower the guest process execution limit, either use the guest property /VirtualBox/GuestAdd/VBoxService/--control-procs-max-kept or VBoxService command line by specifying --control-procs-max-kept needs to be modified. A restart of the guest OS is required afterwards. To serve unlimited guest processes, a value of 0 needs to be set, but this is not recommended.

  • copyfrom: Copies files from the guest to the host file system. Only available with Guest Additions 4.0 or later installed.

    VBoxManage guestcontrol <uuid|vmname> copyfrom [common-options]
               [--follow] [--R|recursive]
                --target-directory <host-dst-dir>
                <guest-src0> [<guest-src1> [...]] 

    Where the parameters are as follows:

    <uid|vmname>

    Specifies the VM UUID or VM name. Mandatory.

    --follow

    Enables symlink following on the guest file system. Optional.

    -R|--recursive

    Enables recursive copying of files and directories from the specified guest file system directory. Optional.

    --target-directory <host-dst-dir>

    Specifies the absolute path of the host file system destination directory. Mandatory. For example: C:\Temp.

    <guest-src0> [<guest-src1> [...]]

    Specifies the absolute paths of guest file system files to be copied. Mandatory. For example: C:\Windows\System32\calc.exe. Wildcards can be used in the expressions. For example: C:\Windows\System*\*.dll.

  • copyto: Copies files from the host to the guest file system. Only available with Guest Additions 4.0 or later installed.

    VBoxManage guestcontrol <uuid|vmname> copyto [common-options]
               [--follow] [--R|recursive]
                --target-directory <guest-dst>
                <host-src0> [<host-src1> [...]] 

    Where the parameters are as follows:

    <uuid|vmname>

    Specifies the VM UUID or VM name. Mandatory.

    --follow

    Enables symlink following on the host file system. Optional.

    -R|--recursive

    Enables recursive copying of files and directories from the specified host file system directory. Optional.

    --target-directory <guest-dst>

    Specifies the absolute path of the guest file system destination directory. Mandatory. For example: C:\Temp.

    <host-src0> [<host-src1> [...]]

    Specifies the absolute paths of host file system files to be copied. Mandatory. For example: C:\Windows\System32\calc.exe. Wildcards can be used in the expressions. For example: C:\Windows\System*\*.dll.

  • md|mkdir|createdir|createdirectory: Creates one or more directories on the guest file system. Only available with Guest Additions 4.0 or later installed.

    VBoxManage guestcontrol <uuid|vmname>  md|mkdir|createdir|createdirectory [common-options]
                [--parents] [--mode <mode>]
                <guest-dir0> [<guest-dir1> [...]] 

    Where the parameters are as follows:

    <uuid|vmname>

    Specifies the VM UUID or VM name. Mandatory.

    --parents

    Creates any absent parent directories of the specified directory. Optional.

    For example: If specified directory is D:\Foo\Bar and D:\Foo is absent, it will be created. In such a case, had the --parents option not been used, this command would have failed.

    --mode <mode>

    Specifies the permission mode on the specified directories, and any parents, if the --parents option is used. Currently octal modes only, such as. 0755, are supported.

    <guest-dir0> [<guest-dir1> [...]]

    Specifies a list of absolute paths of directories to be created on guest file system. Mandatory. For example: D:\Foo\Bar.

    All parent directories must already exist unless the switch --parents is used. For example, in the above example D:\Foo. The specified user must have sufficient rights to create the specified directories, and any parents that need to be created.

  • rmdir|removedir|removedirectory: Deletes specified guest file system directories. Only available with installed Guest Additions 4.3.2 and later.

    VBoxManage guestcontrol <uuid|vmname> rmdir|removedir|removedirectory [common-options]
               [--recursive|-R]
                <guest-dir0> [<guest-dir1> [...]]
              

    Where the parameters are as follows:

    <uuid|vmname>

    Specifies the VM UUID or VM name. Mandatory.

    --recursive

    Recursively removes directories and contents. Optional.

    <guest-dir0> [<guest-dir1> [...]]

    Specifies a list of the absolute paths of directories to be deleted on guest file system. Mandatory. Wildcards are allowed. For example: D:\Foo\*Bar. The specified user must have sufficient rights to delete the specified directories.

  • rm|removefile: Deletes specified files on the guest file system. Only available with installed Guest Additions 4.3.2 and later.

    VBoxManage guestcontrol <uuid|vmname> rm|removefile [common-options]
               [-f|--force]
                <guest-file0> [<guest-file1> [...]] 

    Where the parameters are as follows:

    <uuid|vmname>

    Specifies the VM UUID or VM name. Mandatory.

    -f|--force

    Enforce operation and override any requests for confirmations. Optional.

    <guest-file0> [<guest-file1> [...]]

    Specifies a list of absolute paths of files to be deleted on guest file system. Mandatory. Wildcards are allowed. For example: D:\Foo\Bar\text*.txt. The specified user should have sufficient rights to delete the specified files.

  • mv|move|ren|rename: Renames files and/or directories on the guest file system. Only available with installed Guest Additions 4.3.2 and later.

    VBoxManage guestcontrol <uuid|vmname> mv|move|ren|rename [common-options]
               <guest-source0> [<guest-source1> [...]] <guest-dest>

    Where the parameters are as follows:

    <uuid|vmname>

    Specifies the VM UUID or VM name. Mandatory.

    <guest-source0> [<guest-source1> [...]]

    Specifies absolute paths of files or a single directory to be moved and renamed on guest file system. Mandatory. Wildcards are allowed in file names. The specified user should have sufficient rights to access the specified files.

    <dest>

    Specifies the absolute path of the destination file or directory to which the files are to be moved. Mandatory. If only one file to be moved, <dest> can be file or directory, else it must be a directory. The specified user must have sufficient rights to access the destination file or directory.

  • mktemp|createtemp|createtemporary: Creates a temporary file or directory on the guest file system, to assist subsequent copying of files from the host to the guest file systems. By default, the file or directory is created in the guest's platform specific temp directory. Not currently supported. Only available with installed Guest Additions 4.2 and later.

    VBoxManage guestcontrol <uuid|vmname> mktemp|createtemp|createtemporary [common-options]
               [--directory] [--secure] [--mode <mode>] [--tmpdir <directory>]
                <template>
                

    The parameters are as follows:

    <uuid|vmname>

    Specifies the VM UUID or VM name. Mandatory.

    --directory

    Creates a temporary directory instead of a file, specified by the <template> parameter. Optional.

    --secure

    Enforces secure file and directory creation. Optional. The permission mode is set to 0755. Operation fails if it cannot be performed securely.

    --mode <mode>

    Specifies the permission mode of the specified directory. Optional. Currently only octal modes, such as 0755, are supported.

    --tmpdir <directory>

    Specifies the absolute path of the directory on the guest file system where the file or directory specified will be created. Optional. If unspecified, the platform-specific temp directory is used.

    <template>

    Specifies a file name without a directory path, containing at least one sequence of three consecutive X characters, or ending in X. Mandatory.

  • stat: Displays file or file system statuses on the guest.

    VBoxManage guestcontrol <uuid|vmname> stat [common-options]
               <file0> [<file1> [...]]

    Where the parameters are as follows:

    <uuid|vmname>

    Specifies the VM UUID or VM name. Mandatory.

    <file0> [<file1> [...]]

    Specifies absolute paths of files or file systems on the guest file system. Mandatory. For example: /home/foo/a.out. The specified user should have sufficient rights to access the specified files or file systems.

The second set of subcommands is of the form:

VBoxManage guestcontrol <uuid|vmname> <sub-command>
           [-v|--verbose] [-q|quiet] ...
    

The common options are as follows:

            [-v|--verbose] [-q|--quiet]
    

Details of the common options for the second set of subcommands are as follows:

-v|--verbose

Makes the subcommand execution more verbose. Optional.

-q|--quiet

Makes the subcommand execution quieter. Optional.

The second set of subcommands are as follows:

  • list: Lists guest control configuration and status data. For example: open guest sessions, guest processes, and files.

    VBoxManage guestcontrol <uuid|vmname> list [common-opts]
               <all|sessions|processes|files> 

    Where the parameters are as follows:

    <uuid|vmname>

    Specifies the VM UUID or VM name. Mandatory.

    all|sessions|processes|files

    Indicates whether to list all available data or guest sessions, processes or files. Mandatory.

  • closeprocess: Terminates guest processes specified by PIDs running in a guest session, specified by the session ID or name.

    VBoxManage guestcontrol <uuid|vmname> closeprocess [common-options]
               --session-id <ID> | --session-name <name or pattern>
               <PID0> [<PID1> [...]] 

    Where the parameters are as follows:

    <uuid|vmname>

    Specifies the VM UUID or VM name. Mandatory.

    --session-id <ID>

    Specifies the guest session by its ID. Optional.

    --session-name <name or pattern>

    Specifies the guest session by its name, or multiple sessions using a pattern containing wildcards. Optional.

    <PID0> [<PID1> [...]]

    Specifies a list of process identifiers (PIDs) of guest processes to be terminated. Mandatory.

  • closesession: Closes specified guest sessions, specified either by session ID or name.

    VBoxManage guestcontrol <uuid|vmname> closesession [common-options]
               --session-id <ID> | --session-name <name or pattern> | --all 

    Where the parameters are as follows:

    <uuid|vmname>

    Specifies the VM UUID or VM name. Mandatory.

    --session-id <ID>

    Specifies the guest session to be closed by ID. Optional.

    --session-name <name or pattern>

    Specifies the guest session to be closed by name. Optional. Multiple sessions can be specified by using a pattern containing wildcards.

    --all

    Close all guest sessions. Optional.

  • updatega|updateadditions|updateguestadditions: Ugrades Guest Additions already installed on the guest. Only available for already installed Guest Additions 4.0 and later.

    VBoxManage guestcontrol <uuid|vmname> updatega|updateadditions|updateguestadditions
               [common-options]
               [--source <New .ISO path>]
               [--wait-start]
               [-- <argument0> [<argument1> [...]]]

    Where the parameters are as follows:

    <uuid|vmname>

    Specifies the VM UUID or VM name. Mandatory.

    --source <New .ISO path>

    Specifies the absolute path on the guest file system of the .ISO file for the Guest Additions update. Mandatory.

    --wait-start

    Indicates that VBoxManage starts the usual updating process on the guest and then waits until the actual Guest Additions updating begins, at which point VBoxManage self-terminates. Optional.

    Default behavior is that VBoxManage waits for completion of the Guest Additions update before terminating. Use of this option is sometimes necessary, as a running VBoxManage can affect the interaction between the installer and the guest OS.

    [-- <argument0> [<argument1> [...]]]

    Specifies optional command line arguments to be supplied to the Guest Additions updater. Useful for retrofitting features which are not currently installed.

    Arguments containing spaces should be enclosed by quotes.

  • watch: Prints current guest control activity.

    VBoxManage guestcontrol <uuid|vmname> watch [common-options]
              

    Where the parameters are as follows:

    <uuid|vmname>

    Specifies the VM UUID or VM name. Mandatory.

8.36. VBoxManage metrics

This command supports monitoring the usage of system resources. Resources are represented by various metrics associated with the host system or a particular VM. For example, the host system has a CPU/Load/User metric that shows the percentage of time CPUs spend executing in user mode over a specific sampling period.

Metric data is collected and retained internally. It may be retrieved at any time with the VBoxManage metrics query subcommand. The data is available as long as the background VBoxSVC process is alive. That process terminates shortly after all VMs and frontends have been closed.

By default no metrics are collected at all. Metrics collection does not start until VBoxManage metrics setup is invoked with a proper sampling interval and the number of metrics to be retained. The interval is measured in seconds. For example, to enable collecting the host processor and memory usage metrics every second and keeping the five most current samples, the following command can be used:

VBoxManage metrics setup --period 1 --samples 5 host CPU/Load,RAM/Usage

Metric collection can only be enabled for started VMs. Collected data and collection settings for a particular VM will disappear as soon as it shuts down. Use the VBoxManage metrics list subcommand to see which metrics are currently available. You can also use the --list option with any subcommand that modifies metric settings to find out which metrics were affected.

Note that the VBoxManage metrics setup subcommand discards all samples that may have been previously collected for the specified set of objects and metrics.

To enable or disable metrics collection without discarding the data, VBoxManage metrics enable and VBoxManage metrics disable subcommands can be used. Note that these subcommands expect metrics as parameters, not submetrics such as CPU/Load or RAM/Usage. In other words enabling CPU/Load/User while disabling CPU/Load/Kernel is not supported.

The host and VMs have different sets of associated metrics. Available metrics can be listed with VBoxManage metrics list subcommand.

A complete metric name may include an aggregate function. The name has the following form: Category/Metric[/SubMetric][:aggregate]. For example, RAM/Usage/Free:min stands for the minimum amount of available memory over all retained data if applied to the host object.

Subcommands may apply to all objects and metrics or can be limited to one object and a list of metrics. If no objects or metrics are given in the parameters, the subcommands will apply to all available metrics of all objects. You may use an asterisk "*" to explicitly specify that the command should be applied to all objects or metrics. Use host as the object name to limit the scope of the command to host-related metrics. To limit the scope to a subset of metrics, use a metric list with names separated by commas.

For example, to query metric data on the CPU time spent in user and kernel modes by the virtual machine named test, use the following command:

VBoxManage metrics query test CPU/Load/User,CPU/Load/Kernel

The following list summarizes the available subcommands:

list

Shows the parameters of the currently existing metrics. Note that VM-specific metrics are only available when a particular VM is running.

setup

Sets the interval between taking two samples of metric data and the number of samples retained internally. The retained data is available for displaying with the query subcommand. The --list option shows which metrics have been modified as the result of the command execution.

enable

Resumes data collection after it has been stopped with the disable subcommand. Note that specifying submetrics as parameters will not enable underlying metrics. Use --list to find out if the command worked as expected.

disable

Suspends data collection without affecting collection parameters or collected data. Note that specifying submetrics as parameters will not disable underlying metrics. Use --list to find out if the command worked as expected.

query

Retrieves and displays the currently retained metric data.

Note

The query subcommand does not remove or flush retained data. If you query often enough you will see how old samples are gradually being phased out by new samples.

collect

Sets the interval between taking two samples of metric data and the number of samples retained internally. The collected data is displayed periodically until Ctrl+C is pressed, unless the --detach option is specified. With the --detach option, this subcommand operates the same way as setup does. The --list option shows which metrics match the specified filter.

8.37. VBoxManage natnetwork

NAT networks use the Network Address Translation (NAT) service, which works in a similar way to a home router. It groups systems using it into a network and prevents outside systems from directly accessing those inside, while letting systems inside communicate with each other and outside systems using TCP and UDP over IPv4 and IPv6.

A NAT service is attached to an internal network. Virtual machines to make use of one should be attached to it. The name of an internal network is chosen when the NAT service is created, and the internal network will be created if it does not already exist. The following is an example command to create a NAT network:

VBoxManage natnetwork add --netname natnet1 --network "192.168.15.0/24" --enable

Here, natnet1 is the name of the internal network to be used and 192.168.15.0/24 is the network address and mask of the NAT service interface. By default, in this static configuration the gateway will be assigned the address 192.168.15.1, the address after the interface address, though this is subject to change.

To add a DHCP server to the NAT network after creation, run the following command:

VBoxManage natnetwork modify --netname natnet1 --dhcp on

The subcommands for VBoxManage natnetwork are as follows:

VBoxManage natnetwork add --netname <name>
                         [--network <network>]
                         [--enable|--disable]
                         [--dhcp on|off]
                         [--port-forward-4 <rule>]
                         [--loopback-4 <rule>]
                         [--ipv6 on|off]
                         [--port-forward-6 <rule>]
                         [--loopback-6 <rule>]
    

VBoxManage natnetwork add: Creates a new internal network interface, and adds a NAT network service. This command is a prerequisite for enabling attachment of VMs to the NAT network. Parameters are as follows:

--netname <name>

Where <name> is the name of the new internal network interface on the host OS.

--network <network>

Where <network> specifies the static or DHCP network address and mask of the NAT service interface. The default is a static network address.

--enable|--disable

Enables and disables the NAT network service.

--dhcp on|off

Enables and disables a DHCP server specified by --netname. Use of this option also indicates that it is a DHCP server.

--port-forward-4 <rule>

Enables IPv4 port forwarding, with a rule specified by <rule>.

--loopback-4 <rule>

Enables the IPv4 loopback interface, with a rule specified by <rule>.

--ipv6 on|off

Enables and disables IPv6. The default setting is IPv4, disabling IPv6 enables IPv4.

--port-forward-6 <rule>

Enables IPv6 port forwarding, with a rule specified by <rule>.

--loopback-6 <rule>

Enables the IPv6 loopback interface, with a rule specified by <rule>.

VBoxManage natnetwork remove --netname <name> 

VBoxManage natnetwork remove: Removes a NAT network service. Parameters are as follows:

--netname <name>

Where <name> specifies an existing NAT network service. Does not remove any DHCP server enabled on the network.

VBoxManage natnetwork modify --netname <name>
                            [--network <network>]
                            [--enable|--disable]
                            [--dhcp on|off]
                            [--port-forward-4 <rule>]
                            [--loopback-4 <rule>]
                            [--ipv6 on|off]
                            [--port-forward-6 <rule>]
                            [--loopback-6 <rule>]
    

VBoxManage natnetwork modify: Modifies an existing NAT network service. Parameters are as follows:

--netname <name>

Where <name> specifies an existing NAT network service.

--network <network>

Where <network> specifies the new static or DHCP network address and mask of the NAT service interface. The default is a static network address.

--enable|--disable

Enables and disables the NAT network service.

--dhcp on|off

Enables and disables a DHCP server. If a DHCP server is not present, using enable adds a new DHCP server.

--port-forward-4 <rule>

Enables IPv4 port forwarding, with a rule specified by <rule>.

--loopback-4 <rule>

Enables the IPv4 loopback interface, with a rule specified by <rule>.

--ipv6 on|off

Enables and disables IPv6. The default setting is IPv4, disabling IPv6 enables IPv4.

--port-forward-6 <rule>

Enables IPv6 port forwarding, with a rule specified by <rule>.

--loopback-6 <rule>

Enables IPv6 loopback interface, with a rule specified by <rule>.

VBoxManage natnetwork start --netname <name>
    

VBoxManage natnetwork start: Starts the specified NAT network service and any associated DHCP server. Parameters are as follows:

--netname <name>

Where <name> specifies an existing NAT network service.

VBoxManage natnetwork stop --netname <name>
    

VBoxManage natnetwork stop: Stops the specified NAT network service and any DHCP server. Parameters are as follows:

--netname <name>

Where <name> specifies an existing NAT network service.

VBoxManage natnetwork list [<pattern>] 

VBoxManage natnetwork list: Lists all NAT network services, with optional filtering. Parameters are as follows:

[<pattern>]

Where <pattern> is an optional filtering pattern.

8.38. VBoxManage hostonlyif

The hostonlyif command enables you to change the IP configuration of a host-only network interface. For a description of host-only networking, see Section 6.7, “Host-Only Networking”. Each host-only interface is identified by a name and can either use the internal DHCP server or a manual IP configuration, both IP4 and IP6.

The following list summarizes the available subcommands:

ipconfig "<name>"

Configures a host-only interface.

create

Creates a new vboxnet<N> interface on the host OS. This command is essential before you can attach VMs to a host-only network.

remove vboxnet<N>

Removes a vboxnet<N> interface from the host OS.

8.39. VBoxManage dhcpserver

The dhcpserver commands enable you to control the DHCP server that is built into Oracle VM VirtualBox. You may find this useful when using internal or host-only networking. Theoretically, you can also enable it for a bridged network, but that may cause conflicts with other DHCP servers in your physical network.

Use the following command line options:

  • If you use internal networking for a virtual network adapter of a virtual machine, use VBoxManage dhcpserver add --netname <network_name>, where <network_name> is the same network name you used with VBoxManage modifyvm <vmname> --intnet<X> <network_name>.

  • If you use host-only networking for a virtual network adapter of a virtual machine, use VBoxManage dhcpserver add --ifname <hostonly_if_name> instead, where <hostonly_if_name> is the same host-only interface name you used with VBoxManage modifyvm <vmname> --hostonlyadapter<X> <hostonly_if_name>.

    Alternatively, you can also use the --netname option as with internal networks if you know the host-only network's name. You can see the names with VBoxManage list hostonlyifs. See Section 8.4, “VBoxManage list”.

The following additional parameters are required when first adding a DHCP server:

  • With --ip, specify the IP address of the DHCP server.

  • With --netmask, specify the netmask of the network.

  • With --lowerip and --upperip, you can specify the lowest and highest IP address that the DHCP server will assign to clients.

You can specify additional DHCP options with the --options command option. Use --id and --value to configure a number and string pair corresponding to the DHCP option. Use --remove to remove a DHCP option.

The --vm and --nic settings enable you to configure DHCP options for a specific network adapter used by the named VM.

Finally, you must specify --enable or the DHCP server will be created in the disabled state and will not be running.

After this, Oracle VM VirtualBox will automatically start the DHCP server for the specified internal network or host-only network as soon as the first virtual machine which uses that network is started.

Use VBoxManage dhcpserver remove with the given --netname <network_name> or --ifname <hostonly_if_name> to remove the DHCP server for the specified internal network or host-only network.

To modify the settings of a DHCP server created using VBoxManage dhcpserver add, you can use VBoxManage dhcpserver modify for a given network or host-only interface name. This has the same parameters as VBoxManage dhcpserver add.

8.40. VBoxManage usbdevsource

The usbdevsource commands enable you to add and remove USB devices globally.

The following command adds a USB device.

VBoxManage usbdevsource add <source name>
                            --backend <backend>
                            --address <address>
    

Where the command line options are as follows:

  • <source name>: Specifies the ID of the source USB device to be added. Mandatory.

  • --backend <backend>: Specifies the USB proxy service backend to use. Mandatory.

  • --address <address>: Specifies the backend specific address. Mandatory.

The following command removes a USB device.

VBoxManage usbdevsource remove <source name>
    

Where the command line options are as follows:

  • <source name>: Specifies the ID of the source USB device to be removed. Mandatory.

8.41. VBoxManage mediumio

Medium content access.

Synopsis

VBoxManage mediumio <[--disk=uuid|filename] | [--dvd=uuid|filename] | [--floppy=uuid|filename]> [--password-file-|filename] formatfat [--quick]

VBoxManage mediumio <[--disk=uuid|filename] | [--dvd=uuid|filename] | [--floppy=uuid|filename]> [--password-file-|filename] cat [--hex] [--offset=byte-offset] [--size=bytes] [--output=-|filename]

VBoxManage mediumio <[--disk=uuid|filename] | [--dvd=uuid|filename] | [--floppy=uuid|filename]> [--password-file-|filename] stream [--format=image-format] [--variant=image-variant] [--output=-|filename]

Description

Common options

The subcommands of mediumio all operate on a medium which need to be specified, optionally with an encryption password. The following common options can be placed before or after the sub-command:

--disk=uuid|filename

Either the UUID or filename of a harddisk image, e.g. VDI, VMDK, VHD, ++.

--dvd=uuid|filename

Either the UUID or filename of a DVD image, e.g. ISO, DMG, CUE.

--floppy=uuid|filename

Either the UUID or filename of a floppy image, e.g. IMG.

--password-file=-|filename

The name of a file containing the medium encryption password. If - is specified, the password will be read from stdin.

mediumio formatfat

VBoxManage mediumio <[--disk=uuid|filename] | [--dvd=uuid|filename] | [--floppy=uuid|filename]> [--password-file-|filename] formatfat [--quick]

Formats a floppy medium with the FAT file system. This will erase the content of the medium.

--quick

Quickformat the medium.

mediumio cat

VBoxManage mediumio <[--disk=uuid|filename] | [--dvd=uuid|filename] | [--floppy=uuid|filename]> [--password-file-|filename] cat [--hex] [--offset=byte-offset] [--size=bytes] [--output=-|filename]

Dumps the medium content to stdout or the specified file.

--hex

Dump as hex bytes.

--offset

The byte offset in the medium to start.

--size

The number of bytes to dump.

--output

The output filename. As usual - is take to mean stdout.

mediumio stream

VBoxManage mediumio <[--disk=uuid|filename] | [--dvd=uuid|filename] | [--floppy=uuid|filename]> [--password-file-|filename] stream [--format=image-format] [--variant=image-variant] [--output=-|filename]

Converts the medium to a streamable format and dumps it to the given output.

--format

The format of the destination image.

--variant

The medium variant for the destination.

--output

The output filename. As usual - is take to mean stdout.

8.42. VBoxManage debugvm

Introspection and guest debugging.

Synopsis

VBoxManage debugvm <uuid|vmname> dumpvmcore [--filename=name]

VBoxManage debugvm <uuid|vmname> info <item> [args...]

VBoxManage debugvm <uuid|vmname> injectnmi

VBoxManage debugvm <uuid|vmname> log [[--release] | [--debug]] [group-settings...]

VBoxManage debugvm <uuid|vmname> logdest [[--release] | [--debug]] [destinations...]

VBoxManage debugvm <uuid|vmname> logflags [[--release] | [--debug]] [flags...]

VBoxManage debugvm <uuid|vmname> osdetect

VBoxManage debugvm <uuid|vmname> osinfo

VBoxManage debugvm <uuid|vmname> osdmesg [--lines=lines]

VBoxManage debugvm <uuid|vmname> getregisters [--cpu=id] [reg-set.reg-name...]

VBoxManage debugvm <uuid|vmname> setregisters [--cpu=id] [reg-set.reg-name=value...]

VBoxManage debugvm <uuid|vmname> show [[--human-readable] | [--sh-export] | [--sh-eval] | [--cmd-set]] [settings-item...]

VBoxManage debugvm <uuid|vmname> stack [--cpu=id]

VBoxManage debugvm <uuid|vmname> statistics [--reset] [--descriptions] [--pattern=pattern]

Description

The "debugvm" commands are for experts who want to tinker with the exact details of virtual machine execution. Like the VM debugger described in Section 12.1.3, “The Built-In VM Debugger”, these commands are only useful if you are very familiar with the details of the PC architecture and how to debug software.

Common options

The subcommands of debugvm all operate on a running virtual machine:

uuid|vmname

Either the UUID or the name (case sensitive) of a VM.

debugvm dumpvmcore

VBoxManage debugvm <uuid|vmname> dumpvmcore [--filename=name]

Creates a system dump file of the specified VM. This file will have the standard ELF core format (with custom sections); see Section 12.1.4, “VM Core Format”.

This corresponds to the writecore command in the debugger.

--filename=filename

The name of the output file.

debugvm info

VBoxManage debugvm <uuid|vmname> info <item> [args...]

Displays info items relating to the VMM, device emulations and associated drivers.

This corresponds to the info command in the debugger.

info

Name of the info item to display. The special name help will list all the available info items and hints about optional arguments.

args

Optional argument string for the info item handler. Most info items does not take any extra arguments. Arguments not recognized are generally ignored.

debugvm injectnmi

VBoxManage debugvm <uuid|vmname> injectnmi

Causes a non-maskable interrupt (NMI) to be injected into the guest. This might be useful for certain debugging scenarios. What happens exactly is dependent on the guest operating system, but an NMI can crash the whole guest operating system. Do not use unless you know what you're doing.

debugvm log

VBoxManage debugvm <uuid|vmname> log [[--release] | [--debug]] [group-settings...]

Changes the group settings for either debug (--debug) or release (--release) logger of the VM process.

The group-settings are typically strings on the form em.e.f.l, hm=~0 and -em.f. Basic wildcards are supported for group matching. The all group is an alias for all the groups.

Please do keep in mind that the group settings are applied as modifications to the current ones.

This corresponds to the log command in the debugger.

debugvm logdest

VBoxManage debugvm <uuid|vmname> logdest [[--release] | [--debug]] [destinations...]

Changes the destination settings for either debug (--debug) or release (--release) logger of the VM process. For details on the destination format, the best source is src/VBox/Runtime/common/log/log.cpp.

The destinations is one or more mnemonics, optionally prefixed by "no" to disable them. Some of them take values after a ":" or "=" separator. Multiple mnemonics can be separated by space or given as separate arguments on the command line.

List of available destination:

file[=file], nofile

Specifies a log file. It no filname is given, one will be generated based on the current UTC time and VM process name and placed in the current directory of the VM process. Note that this will currently not have any effect if the log file has already been opened.

dir=directory, nodir

Specifies the output directory for log files. Note that this will currently not have any effect if the log file has already been opened.

history=count, nohistory

A non-zero value enables log historization, with the value specifying how many old log files to keep.

histsize=bytes

The max size of a log file before it is historized. Default is infinite.

histtime=seconds

The max age (in seconds) of a log file before it is historized. Default is infinite.

ringbuffer, noringbuffer

Only log to the log buffer until an explicit flush (e.g. via an assertion) occurs. This is fast and saves diskspace.

stdout, nostdout

Write the log content to standard output.

stdout, nostdout

Write the log content to standard error.

debugger, nodebugger

Write the log content to the debugger, if supported by the host OS.

com, nocom

Writes logging to the COM port. This is only applicable for raw-mode and ring-0 logging.

user, nouser

Custom destination which has no meaning to VM processes..

This corresponds to the logdest command in the debugger.

debugvm logflags

VBoxManage debugvm <uuid|vmname> logflags [[--release] | [--debug]] [flags...]

Changes the flags on either debug (--debug) or release (--release) logger of the VM process. Please note that the modifications are applied onto the existing changes, they are not replacing them.

The flags are a list of flag mnemonics, optionally prefixed by a "no", "!", "~" or "-" to negate their meaning. The "+" prefix can be used to undo previous negation or use as a separator, though better use whitespace or separate arguments for that.

List of log flag mnemonics, with their counter form where applicable (asterisk indicates defaults):

enabled*, disabled

Enables or disables logging.

buffered, unbuffered*

Enabling buffering of log output before it hits the destinations.

writethrough(/writethru)

Whether to open the destination file with writethru buffering settings or not.

flush

Enables flushing of the output file (to disk) after each log statement.

lockcnts

Prefix each log line with lock counts for the current thread.

cpuid

Prefix each log line with the ID of the current CPU.

pid

Prefix each log line with the current process ID.

flagno

Prefix each log line with the numberic flags corresponding to the log statement.

flag

Prefix each log line with the flag mnemonics corresponding to the log statement.

groupno

Prefix each log line with the log group number for the log statement producing it.

group

Prefix each log line with the log group name for the log statement producing it.

tid

Prefix each log line with the current thread identifier.

thread

Prefix each log line with the current thread name.

time

Prefix each log line with the current UTC wall time.

timeprog

Prefix each log line with the current monotonic time since the start of the program.

msprog

Prefix each log line with the current monotonic timestamp value in milliseconds since the start of the program.

ts

Prefix each log line with the current monotonic timestamp value in nanoseconds.

tsc

Prefix each log line with the current CPU timestamp counter (TSC) value.

rel, abs*

Selects the whether ts and tsc prefixes should be displayed as relative to the previous log line or as absolute time.

hex*, dec

Selects the whether the ts and tsc prefixes should be formatted as hexadecimal or decimal.

custom

Custom log prefix, has by default no meaning for VM processes.

usecrlf, uself*

Output with DOS style (CRLF) or just UNIX style (LF) line endings.

overwrite*, append

Overwrite the destination file or append to it.

This corresponds to the logflags command in the debugger.

debugvm osdetect

VBoxManage debugvm <uuid|vmname> osdetect

Make the VMM's debugger facility (re)-detect the guest operating system (OS). This will first load all debugger plug-ins.

This corresponds to the detect command in the debugger.

debugvm osinfo

VBoxManage debugvm <uuid|vmname> osinfo

Displays information about the guest operating system (OS) previously detected by the VMM's debugger facility.

debugvm osdmesg

VBoxManage debugvm <uuid|vmname> osdmesg [--lines=lines]

Displays the guest OS kernel log, if detected and supported.

--lines=lines

Number of lines of the log to display, counting from the end. The default is infinite.

debugvm getregisters

VBoxManage debugvm <uuid|vmname> getregisters [--cpu=id] [reg-set.reg-name...]

Retrieves register values for guest CPUs and emulated devices.

reg-set.reg-name

One of more registers, each having one of the following forms:

  1. register-set.register-name.sub-field

  2. register-set.register-name

  3. cpu-register-name.sub-field

  4. cpu-register-name

  5. all

The all form will cause all registers to be shown (no sub-fields). The registers names are case-insensitive.

--cpu=id

Selects the CPU register set when specifying just a CPU register (3rd and 4th form). The default is 0.

debugvm setregisters

VBoxManage debugvm <uuid|vmname> setregisters [--cpu=id] [reg-set.reg-name=value...]

Changes register values for guest CPUs and emulated devices.

reg-set.reg-name=value

One of more register assignment, each having one of the following forms:

  1. register-set.register-name.sub-field=value

  2. register-set.register-name=value

  3. cpu-register-name.sub-field=value

  4. cpu-register-name=value

The value format should be in the same style as what getregisters displays, with the exception that both octal and decimal can be used instead of hexadecimal.

--cpu=id

Selects the CPU register set when specifying just a CPU register (3rd and 4th form). The default is 0.

debugvm show

VBoxManage debugvm <uuid|vmname> show [[--human-readable] | [--sh-export] | [--sh-eval] | [--cmd-set]] [settings-item...]

Shows logging settings for the VM.

--human-readable

Selects human readable output.

--sh-export

Selects output format as bourne shell style export commands.

--sh-eval

Selects output format as bourne shell style eval command input.

--cmd-set

Selects output format as DOS style SET commands.

settings-item

What to display. One or more of the following:

  • logdbg-settings - debug log settings.

  • logrel-settings - release log settings.

  • log-settings - alias for both debug and release log settings.

debugvm stack

VBoxManage debugvm <uuid|vmname> stack [--cpu=id]

Unwinds the guest CPU stacks to the best of our ability. It is recommended to first run the osdetect command, as this gives both symbols and perhaps unwind information.

--cpu=id

Selects a single guest CPU to display the stack for. The default is all CPUs.

debugvm statistics

VBoxManage debugvm <uuid|vmname> statistics [--reset] [--descriptions] [--pattern=pattern]

Displays or resets VMM statistics.

Retrieves register values for guest CPUs and emulated devices.

--pattern=pattern

DOS/NT-style wildcards patterns for selecting statistics. Multiple patterns can be specified by using the '|' (pipe) character as separator.

--reset

Select reset instead of display mode.

8.43. VBoxManage extpack

Extension package management.

Synopsis

VBoxManage extpack install [--replace] <tarball>

VBoxManage extpack uninstall [--force] <name>

VBoxManage extpack cleanup

Description

extpack install

VBoxManage extpack install [--replace] <tarball>

Installs a new extension pack on the system. This command will fail if an older version of the same extension pack is already installed. The --replace option can be used to uninstall any old package before the new one is installed.

--replace

Uninstall existing extension pack version.

tarball

The file containing the extension pack to be installed.

extpack uninstall

VBoxManage extpack uninstall [--force] <name>

Uninstalls an extension pack from the system. The subcommand will also succeed in the case where the specified extension pack is not present on the system. You can use VBoxManage list extpacks to show the names of the extension packs which are currently installed.

--force

Overrides most refusals to uninstall an extension pack

name

The name of the extension pack to be uninstalled.

extpack cleanup

VBoxManage extpack cleanup

Used to remove temporary files and directories that may have been left behind if a previous install or uninstall command failed.

Examples

How to list extension packs:

$ VBoxManage list extpacks
Extension Packs: 1
Pack no. 0:   Oracle VM VirtualBox Extension Pack
Version:      4.1.12
Revision:     77218
Edition:
Description:  USB 2.0 Host Controller, VirtualBox RDP, PXE ROM with E1000 support.
VRDE Module:  VBoxVRDP
Usable:       true
Why unusable:

How to remove an extension pack:

$ VBoxManage extpack uninstall "Oracle VM VirtualBox Extension Pack"
0%...10%...20%...30%...40%...50%...60%...70%...80%...90%...100%
Successfully uninstalled "Oracle VM VirtualBox Extension Pack".

8.44. VBoxManage unattended

Unattended guest OS installation.

Synopsis

VBoxManage unattended detect <--iso=install-iso> [--machine-readable]

VBoxManage unattended install <uuid|vmname> <--iso=install-iso> [--user=login] [--password=password] [--password-file=file] [--full-user-name=name] [--key=product-key] [--install-additions] [--no-install-additions] [--additions-iso=add-iso] [--install-txs] [--no-install-txs] [--validation-kit-iso=testing-iso] [--locale=ll_CC] [--country=CC] [--time-zone=tz] [--hostname=fqdn] [--package-selection-adjustment=keyword] [--dry-run] [--auxiliary-base-path=path] [--image-index=number] [--script-template=file] [--post-install-template=file] [--post-install-command=command] [--extra-install-kernel-parameters=params] [--language=lang] [--start-vm=session-type]

Description

unattended detect

VBoxManage unattended detect <--iso=install-iso> [--machine-readable]

Detects the guest operating system (OS) on the specified installation ISO and displays the result. This can be used as input when creating a VM for the ISO to be installed in.

--iso=install-iso

The installation ISO to run the detection on.

--machine-readable

Produce output that is simpler to parse from a script.

unattended install

VBoxManage unattended install <uuid|vmname> <--iso=install-iso> [--user=login] [--password=password] [--password-file=file] [--full-user-name=name] [--key=product-key] [--install-additions] [--no-install-additions] [--additions-iso=add-iso] [--install-txs] [--no-install-txs] [--validation-kit-iso=testing-iso] [--locale=ll_CC] [--country=CC] [--time-zone=tz] [--hostname=fqdn] [--package-selection-adjustment=keyword] [--dry-run] [--auxiliary-base-path=path] [--image-index=number] [--script-template=file] [--post-install-template=file] [--post-install-command=command] [--extra-install-kernel-parameters=params] [--language=lang] [--start-vm=session-type]

Reconfigures the specified VM for installation and optionally starts it up.

uuid|vmname

Either the UUID or the name (case sensitive) of a VM.

--iso=install-iso

The installation ISO to run the detection on.

--user=login

The login name. (default: vboxuser)

--password=password

The login password. This is used for the user given by --user as well as the root/administrator user. (default: changeme)

--password-file=file

Alternative to --password for providing the password. Special filename stdin can be used to read the password from standard input.

--full-user-name=name

The full user name. (default: --user)

--key=product-key

The guest OS product key. Not all guest OSes requires this.

--install-additions, --no-install-additions

Whether to install the VirtualBox guest additions. (default: --no-install-addations)

--additions-iso=add-iso

Path to the VirtualBox guest additions ISO. (default: installed/downloaded GAs)

--install-txs, --no-install-txs

Whether to install the test execution service (TXS) from the VirtualBox ValidationKit. This is useful when preparing VMs for testing or similar. (default: --no-install-txs)

--validation-kit-iso=testing-iso

Path to the VirtualBox ValidationKit ISO. This is required if --install-txs is specified.

--locale=ll_CC

The base locale specification for the guest, like en_US, de_CH, or nn_NO. (default: host or en_US)

--country=CC

The two letter country code if it differs from the specified by --location.

--time-zone=tz

The time zone to set up the guest OS with. (default: host time zone or UTC)

--hostname=fqdn

The fully qualified domain name of the guest machine. (default: vmname.myguest.virtualbox.org)

--package-selection-adjustment=keyword

Adjustments to the guest OS packages/components selection. This can be specfied more than once. Currently the only recognized keyword is minimal which triggers a minimal installation for some of the guest OSes.

--dry-run

Do not create any files or make any changes to the VM configuration.

--start-vm=session-type

Start the VM using the front end given by session-type. This is the same as the --type option for the startvm command, but we have add none for indicating that the VM should not be started. (default: none)

Advanced options:

--auxiliary-base-path=path

The path prefix to the media related files generated for the installation. (default: vm-config-dir/Unattended-vm-uuid-)

--image-index=number

Windows installation image index. (default: 1)

--script-template=file

The unattended installation script template. (default: IMachine::OSTypeId dependent)

--post-install-template=file

The post installation script template. (default: IMachine::OSTypeId dependent)

--post-install-command=command

A single command to run after the installation is completed. The exact format and exactly when this is run is guest OS installer dependent.

--extra-install-kernel-parameters=params

List of extra linux kernel parameters to use during the installation. (default: IMachine::OSTypeId dependent)

--language=lang

Specifies the UI language for a Windows installation. The lang is generally on the form {ll}-{CC}. See detectedOSLanguages results from VBoxManage unattended detect. (default: detectedOSLanguages[0])

Chapter 9. Advanced Topics

Table of Contents

9.1. Automated Guest Logins
9.1.1. Automated Windows Guest Logins
9.1.2. Automated Linux and UNIX Guest Logins
9.2. Advanced Configuration for Windows Guests
9.2.1. Automated Windows System Preparation
9.3. Advanced Configuration for Linux and Oracle Solaris Guests
9.3.1. Manual Setup of Selected Guest Services on Linux
9.3.2. Guest Graphics and Mouse Driver Setup in Depth
9.4. CPU Hot-Plugging
9.5. PCI Passthrough
9.6. Webcam Passthrough
9.6.1. Using a Host Webcam in the Guest
9.6.2. Windows Hosts
9.6.3. Mac OS X Hosts
9.6.4. Linux and Oracle Solaris Hosts
9.7. Advanced Display Configuration
9.7.1. Custom VESA Resolutions
9.7.2. Configuring the Maximum Resolution of Guests When Using the Graphical Frontend
9.8. Advanced Storage Configuration
9.8.1. Using a Raw Host Hard Disk From a Guest
9.8.2. Configuring the Hard Disk Vendor Product Data (VPD)
9.8.3. Access iSCSI Targets Using Internal Networking
9.9. Legacy Commands for Using Serial Ports
9.10. Fine Tuning the Oracle VM VirtualBox NAT Engine
9.10.1. Configuring the Address of a NAT Network Interface
9.10.2. Configuring the Boot Server (Next Server) of a NAT Network Interface
9.10.3. Tuning TCP/IP Buffers for NAT
9.10.4. Binding NAT Sockets to a Specific Interface
9.10.5. Enabling DNS Proxy in NAT Mode
9.10.6. Using the Host's Resolver as a DNS Proxy in NAT Mode
9.10.7. Configuring Aliasing of the NAT Engine
9.11. Configuring the BIOS DMI Information
9.12. Configuring Custom ACPI Tables
9.13. Fine Tuning Timers and Time Synchronization
9.13.1. Configuring the Guest Time Stamp Counter (TSC) to Reflect Guest Execution
9.13.2. Accelerate or Slow Down the Guest Clock
9.13.3. Tuning the Guest Additions Time Synchronization Parameters
9.13.4. Disabling the Guest Additions Time Synchronization
9.14. Installing the Alternate Bridged Networking Driver on Oracle Solaris 11 hosts
9.15. Oracle VM VirtualBox VNIC Templates for VLANs on Oracle Solaris 11 Hosts
9.16. Configuring Multiple Host-Only Network Interfaces on Oracle Solaris Hosts
9.17. Configuring the Oracle VM VirtualBox CoreDumper on Oracle Solaris Hosts
9.18. Oracle VM VirtualBox and Oracle Solaris Kernel Zones
9.19. Locking Down the Oracle VM VirtualBox GUI
9.19.1. Customizing the VirtualBox Manager
9.19.2. VM Selector Customization
9.19.3. Configure VM Selector Menu Entries
9.19.4. Configure VM Window Menu Entries
9.19.5. Configure VM Window Status Bar Entries
9.19.6. Configure VM Window Visual Modes
9.19.7. Host Key Customization
9.19.8. Action when Terminating the VM
9.19.9. Default Action when Terminating the VM
9.19.10. Action for Handling a Guru Meditation
9.19.11. Configuring Automatic Mouse Capturing
9.19.12. Requesting Legacy Full-Screen Mode
9.20. Starting the Oracle VM VirtualBox Web Service Automatically
9.20.1. Linux: Starting the Web Service With init
9.20.2. Oracle Solaris: Starting the Web Service With SMF
9.20.3. Mac OS X: Starting the Web Service With launchd
9.21. Oracle VM VirtualBox Watchdog
9.21.1. Memory Ballooning Control
9.21.2. Host Isolation Detection
9.21.3. More Information
9.21.4. Linux: Starting the Watchdog Service With init
9.21.5. Oracle Solaris: Starting the Watchdog Service With SMF
9.22. Other Extension Packs
9.23. Starting Virtual Machines During System Boot
9.23.1. Linux: Starting the Autostart Service With init
9.23.2. Oracle Solaris: Starting the Autostart Service With SMF
9.23.3. Mac OS X: Starting the Autostart Service With launchd
9.24. Oracle VM VirtualBox Expert Storage Management
9.25. Handling of Host Power Management Events
9.26. Passing Through SSE4.1/SSE4.2 Instructions
9.27. Support for Keyboard Indicator Synchronization
9.28. Capturing USB Traffic for Selected Devices
9.29. Configuring the Heartbeat Service
9.30. Encryption of Disk Images
9.30.1. Limitations of Disk Encryption
9.30.2. Encrypting Disk Images
9.30.3. Starting a VM with Encrypted Images
9.30.4. Decrypting Encrypted Images
9.31. Paravirtualized Debugging
9.31.1. Hyper-V Debug Options
9.32. PC Speaker Passthrough
9.33. Accessing USB devices Exposed Over the Network with USB/IP
9.33.1. Setting up USB/IP Support on a Linux System
9.33.2. Security Considerations
9.34. Using Hyper-V with Oracle VM VirtualBox
9.35. Nested Virtualization
9.36. VISO file format / RTIsoMaker

9.1. Automated Guest Logins

Oracle VM VirtualBox provides Guest Addition modules for Windows, Linux, and Oracle Solaris to enable automated logins on the guest.

When a guest operating system is running in a virtual machine, it might be desirable to perform coordinated and automated logins using credentials from a master login system. Credentials are user name, password, and domain name, where each value might be empty.

9.1.1. Automated Windows Guest Logins

Since Windows NT, Windows has provided a modular system login subsystem, called Winlogon, which can be customized and extended by means of so-called GINA (Graphical Identification and Authentication) modules. With Windows Vista and Windows 7, the GINA modules were replaced with a new mechanism called credential providers. The Oracle VM VirtualBox Guest Additions for Windows come with both, a GINA and a credential provider module, and therefore enable any Windows guest to perform automated logins.

To activate the Oracle VM VirtualBox GINA or credential provider module, install the Guest Additions using the command line switch /with_autologon. All the following manual steps required for installing these modules will be then done by the installer.

To manually install the Oracle VM VirtualBox GINA module, extract the Guest Additions as shown in Section 4.2.1.4, “Manual File Extraction” and copy the file VBoxGINA.dll to the Windows SYSTEM32 directory. Then, in the registry, create the following key with a value of VBoxGINA.dll:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GinaDLL

Note

The Oracle VM VirtualBox GINA module is implemented as a wrapper around the standard Windows GINA module, MSGINA.DLL. As a result, it may not work correctly with third party GINA modules.

To manually install the Oracle VM VirtualBox credential provider module, extract the Guest Additions as shown in Section 4.2.1.4, “Manual File Extraction” and copy the file VBoxCredProv.dll to the Windows SYSTEM32 directory. In the registry, create the following keys:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\
Authentication\Credential Providers\{275D3BCC-22BB-4948-A7F6-3A3054EBA92B}

HKEY_CLASSES_ROOT\CLSID\{275D3BCC-22BB-4948-A7F6-3A3054EBA92B}

HKEY_CLASSES_ROOT\CLSID\{275D3BCC-22BB-4948-A7F6-3A3054EBA92B}\InprocServer32

All default values, the key named Default, must be set to VBoxCredProv.

Create a new string named as follows, with a value of Apartment.

HKEY_CLASSES_ROOT\CLSID\{275D3BCC-22BB-4948-A7F6-3A3054EBA92B}\InprocServer32\ThreadingModel

To set credentials, use the following command on a running VM:

VBoxManage controlvm "Windows XP" setcredentials "John Doe" "secretpassword" "DOMTEST"

While the VM is running, the credentials can be queried by the Oracle VM VirtualBox login modules, GINA or credential provider, using the Oracle VM VirtualBox Guest Additions device driver. When Windows is in logged out mode, the login modules will constantly poll for credentials and if they are present, a login will be attempted. After retrieving the credentials, the login modules will erase them so that the above command will have to be repeated for subsequent logins.

For security reasons, credentials are not stored in any persistent manner and will be lost when the VM is reset. Also, the credentials are write-only. There is no way to retrieve the credentials from the host side. Credentials can be reset from the host side by setting empty values.

Depending on the particular variant of the Windows guest, the following restrictions apply:

  • For Windows XP guests. The login subsystem needs to be configured to use the classic login dialog, as the Oracle VM VirtualBox GINA module does not support the XP-style welcome dialog.

  • Windows Vista, Windows 7, Windows 8, and Windows 10 guests. The login subsystem does not support the so-called Secure Attention Sequence, Ctrl+Alt+Del. As a result, the guest's group policy settings need to be changed to not use the Secure Attention Sequence. Also, the user name given is only compared to the true user name, not the user friendly name. This means that when you rename a user, you still have to supply the original user name as Windows never renames user accounts internally.

  • Automatic login handling of the built-in Windows Remote Desktop Service, formerly known as Terminal Services, is disabled by default. To enable it, create the following registry key with a DWORD value of 1.

    HKEY_LOCAL_MACHINE\SOFTWARE\Oracle\VirtualBox Guest Additions\AutoLogon

The following command forces Oracle VM VirtualBox to keep the credentials after they were read by the guest and on VM reset:

VBoxManage setextradata "Windows XP" VBoxInternal/Devices/VMMDev/0/Config/KeepCredentials 1

Note that this is a potential security risk, as a malicious application running on the guest could request this information using the proper interface.

9.1.2. Automated Linux and UNIX Guest Logins

Oracle VM VirtualBox provides a custom PAM module (Pluggable Authentication Module) which can be used to perform automated guest logins on platforms which support this framework. Virtually all modern Linux and UNIX distributions rely on PAM.

For automated logins on Ubuntu, or Ubuntu-derived, distributions using LightDM as the display manager. See Section 9.1.2.1, “Oracle VM VirtualBox Greeter for Ubuntu/LightDM”.

The pam_vbox.so module itself does not do an actual verification of the credentials passed to the guest OS. Instead it relies on other modules such as pam_unix.so or pam_unix2.so down in the PAM stack to do the actual validation using the credentials retrieved by pam_vbox.so. Therefore pam_vbox.so has to be on top of the authentication PAM service list.

Note

The pam_vbox.so module only supports the auth primitive. Other primitives such as account, session, or password are not supported.

The pam_vbox.so module is shipped as part of the Guest Additions but it is not installed and/or activated on the guest OS by default. In order to install it, it has to be copied from /opt/VBoxGuestAdditions-<version>/other/ to the security modules directory. This is usually /lib/security/ on 32-bit Linux guests or /lib64/security/ on 64-bit Linux guests. Please refer to your guest OS documentation for the correct PAM module directory.

For example, to use pam_vbox.so with a Ubuntu Linux guest OS and the GNOME Desktop Manager (GDM) to log in users automatically with the credentials passed by the host, configure the guest OS as follows:

  1. Copy the pam_vbox.so module to the security modules directory. In this case, /lib/security.

  2. Edit the PAM configuration file for GDM, found at /etc/pam.d/gdm. Add the line auth requisite pam_vbox.so at the top. Additionally, in most Linux distributions there is a file called /etc/pam.d/common-auth. This file is included in many other services, like the GDM file mentioned above. There you also have to add the line auth requisite pam_vbox.so.

  3. If authentication against the shadow database using pam_unix.so or pam_unix2.so is desired, the argument try_first_pass for pam_unix.so or use_first_pass for pam_unix2.so is needed in order to pass the credentials from the Oracle VM VirtualBox module to the shadow database authentication module. For Ubuntu, this needs to be added to /etc/pam.d/common-auth, to the end of the line referencing pam_unix.so. This argument tells the PAM module to use credentials already present in the stack, such as the ones provided by the Oracle VM VirtualBox PAM module.

Warning

An incorrectly configured PAM stack can effectively prevent you from logging into your guest system.

To make deployment easier, you can pass the argument debug right after the pam_vbox.so statement. Debug log output will then be recorded using syslog.

Note

By default, pam_vbox will not wait for credentials to arrive from the host. When a login prompt is shown, for example by GDM/KDM or the text console, and pam_vbox does not yet have credentials it does not wait until they arrive. Instead the next module in the PAM stack, depending on the PAM configuration, will have the chance for authentication.

pam_vbox supports various guest property parameters that are located in /VirtualBox/GuestAdd/PAM/. These parameters allow pam_vbox to wait for credentials to be provided by the host and optionally can show a message while waiting for those. The following guest properties can be set:

  • CredsWait: Set to 1 if pam_vbox should start waiting until credentials arrive from the host. Until then no other authentication methods such as manually logging in will be available. If this property is empty or gets deleted no waiting for credentials will be performed and pam_vbox will act like before. This property must be set read-only for the guest (RDONLYGUEST).

  • CredsWaitAbort: Aborts waiting for credentials when set to any value. Can be set from host and the guest.

  • CredsWaitTimeout: Timeout, in seconds, to let pam_vbox wait for credentials to arrive. When no credentials arrive within this timeout, authentication of pam_vbox will be set to failed and the next PAM module in chain will be asked. If this property is not specified, set to 0 or an invalid value, an infinite timeout will be used. This property must be set read-only for the guest (RDONLYGUEST).

To customize pam_vbox further there are the following guest properties:

  • CredsMsgWaiting: Custom message showed while pam_vbox is waiting for credentials from the host. This property must be set read-only for the guest (RDONLYGUEST).

  • CredsMsgWaitTimeout: Custom message showed when waiting for credentials by pam_vbox has timed out. For example, they did not arrive within time. This property must be set read-only for the guest (RDONLYGUEST).

Note

If a pam_vbox guest property does not have the correct flag set (RDONLYGUEST) the property is ignored and, depending on the property, a default value will be used. This can result in pam_vbox not waiting for credentials. Consult the appropriate syslog file for more information and use the debug option.

9.1.2.1. Oracle VM VirtualBox Greeter for Ubuntu/LightDM

Oracle VM VirtualBox comes with an own greeter module, named vbox-greeter. The module can be used with LightDM 1.0.1 or later. LightDM is the default display manager since Ubuntu 10.11 and therefore also can be used for automated guest logins.

vbox-greeter does not need the pam_vbox module described above in order to function. It comes with its own authentication mechanism provided by LightDM. However, to provide maximum of flexibility both modules can be used together on the same guest.

As with the pam_vbox module, vbox-greeter is shipped as part of the Guest Additions but it is not installed or activated on the guest OS by default. To install vbox-greeter automatically upon Guest Additions installation, use the --with-autologon switch when starting the VBoxLinuxAdditions.run file:

# ./VBoxLinuxAdditions.run -- --with-autologon

For manual or postponed installation, the vbox-greeter.desktop file has to be copied from /opt/VBoxGuestAdditions-<version>/other/ to the xgreeters directory This is usually /usr/share/xgreeters/. Please refer to your guest OS documentation for the correct LightDM greeter directory.

The vbox-greeter module itself already was installed by the Oracle VM VirtualBox Guest Additions installer and resides in /usr/sbin/. To enable vbox-greeter as the standard greeter module, the file /etc/lightdm/lightdm.conf needs to be edited:

[SeatDefaults]
greeter-session=vbox-greeter

Note

  • The LightDM server needs to be fully restarted in order for vbox-greeter to be used as the default greeter. As root, run service lightdm --full-restart on Ubuntu, or simply restart the guest.

  • vbox-greeter is independent of the graphical session chosen by the user, such as Gnome, KDE, or Unity. However, it requires FLTK 1.3 for representing its own user interface.

There are numerous guest properties which can be used to further customize the login experience. For automatically logging in users, the same guest properties apply as for pam_vbox. See Section 9.1.2, “Automated Linux and UNIX Guest Logins”.

In addition to the above mentioned guest properties, vbox-greeter allows further customization of its user interface. These special guest properties all reside in /VirtualBox/GuestAdd/Greeter/:

  • HideRestart: Set to 1 if vbox-greeter should hide the button to restart the guest. This property must be set read-only for the guest (RDONLYGUEST).

  • HideShutdown: Set to 1 if vbox-greeter should hide the button to shutdown the guest. This property must be set read-only for the guest (RDONLYGUEST).

  • BannerPath: Path to a .PNG file for using it as a banner on the top. The image size must be 460 x 90 pixels, any bit depth. This property must be set read-only for the guest (RDONLYGUEST).

  • UseTheming: Set to 1 for turning on the following theming options. This property must be set read-only for the guest (RDONLYGUEST).

  • Theme/BackgroundColor: Hexadecimal RRGGBB color for the background. This property must be set read-only for the guest (RDONLYGUEST).

  • Theme/LogonDialog/HeaderColor: Hexadecimal RRGGBB foreground color for the header text. This property must be set read-only for the guest (RDONLYGUEST).

  • Theme/LogonDialog/BackgroundColor: Hexadecimal RRGGBB color for the login dialog background. This property must be set read-only for the guest (RDONLYGUEST).

  • Theme/LogonDialog/ButtonColor: Hexadecimal RRGGBB background color for the login dialog button. This property must be set read-only for the guest (RDONLYGUEST).

Note

The same restrictions for the guest properties above apply as for the ones specified in the pam_vbox section.

9.2. Advanced Configuration for Windows Guests

9.2.1. Automated Windows System Preparation

Beginning with Windows NT 4.0, Microsoft offers a system preparation tool called Sysprep, to prepare a Windows system for deployment or redistribution. Whereas Windows 2000 and XP ship with Sysprep on the installation medium, the tool also is available for download on the Microsoft web site. In a standard installation of Windows Vista and 7, Sysprep is already included. Sysprep mainly consists of an executable called sysprep.exe which is invoked by the user to put the Windows installation into preparation mode.

The Guest Additions offer a way to launch a system preparation on the guest operating system in an automated way, controlled from the host system. See Section 4.9, “Guest Control of Applications” for details of how to use this feature with the special identifier sysprep as the program to execute, along with the user name sysprep and password sysprep for the credentials. Sysprep then gets launched with the required system rights.

Note

Specifying the location of "sysprep.exe" is not possible. Instead the following paths are used, based on the operating system:

  • C:\sysprep\sysprep.exe for Windows NT 4.0, 2000 and XP

  • %WINDIR%\System32\Sysprep\sysprep.exe for Windows Vista, 2008 Server and 7

The Guest Additions will automatically use the appropriate path to execute the system preparation tool.

9.3. Advanced Configuration for Linux and Oracle Solaris Guests

9.3.1. Manual Setup of Selected Guest Services on Linux

The Oracle VM VirtualBox Guest Additions contain several different drivers. If for any reason you do not wish to set them all up, you can install the Guest Additions using the following command:

  sh ./VBoxLinuxAdditions.run no_setup

After this, you will need to at least compile the kernel modules by running the command as root:

  rcvboxadd setup

You will need to replace lib by lib64 on some 64bit guests, and on older guests without the udev service you will need to add the vboxadd service to the default runlevel to ensure that the modules get loaded.

To setup the time synchronization service, add the service vboxadd-service to the default runlevel. To set up the X11 and OpenGL part of the Guest Additions, run the following command:

  rcvboxadd-x11 setup

You do not need to enable any services for this.

To recompile the guest kernel modules, use this command:

  rcvboxadd setup

After compilation you should reboot your guest to ensure that the new modules are actually used.

9.3.2. Guest Graphics and Mouse Driver Setup in Depth

This section assumes that you are familiar with configuring the X.Org server using xorg.conf and optionally the newer mechanisms using hal or udev and xorg.conf.d. If not you can learn about them by studying the documentation which comes with X.Org.

The Oracle VM VirtualBox Guest Additions include the following drivers for X.Org versions:

  • X11R6.8/X11R6.9 and XFree86 version 4.3 (vboxvideo_drv_68.o and vboxmouse_drv_68.o)

  • X11R7.0 (vboxvideo_drv_70.so and vboxmouse_drv_70.so)

  • X11R7.1 (vboxvideo_drv_71.so and vboxmouse_drv_71.so)

  • X.Org Server versions 1.3 and later (vboxvideo_drv_13.so vboxmouse_drv_13.so, and later versions).

By default these drivers can be found in the folowing directory:

/opt/VBoxGuestAdditions-<version>/other/

The correct versions for the X server are symbolically linked into the X.Org driver directories.

For graphics integration to work correctly, the X server must load the vboxvideo driver. Many recent X server versions look for it automatically if they see that they are running in Oracle VM VirtualBox. For an optimal user experience the guest kernel drivers must be loaded and the Guest Additions tool VBoxClient must be running as a client in the X session. For mouse integration to work correctly, the guest kernel drivers must be loaded and in addition, in X servers from X.Org X11R6.8 to X11R7.1 and in XFree86 version 4.3 the right vboxmouse driver must be loaded and associated with /dev/mouse or /dev/psaux. In X.Org server 1.3 or later a driver for a PS/2 mouse must be loaded and the right vboxmouse driver must be associated with /dev/vboxguest.

The Oracle VM VirtualBox guest graphics driver can use any graphics configuration for which the virtual resolution fits into the virtual video memory allocated to the virtual machine, minus a small amount used by the guest driver, as described in Section 3.6, “Display Settings”. The driver will offer a range of standard modes at least up to the default guest resolution for all active guest monitors. In X.Org Server 1.3 and later the default mode can be changed by setting the output property VBOX_MODE to "<width>x<height>" for any guest monitor. When VBoxClient and the kernel drivers are active this is done automatically when the host requests a mode change. The driver for older versions can only receive new modes by querying the host for requests at regular intervals.

With X Servers before version 1.3, you can also add your own modes to the X server configuration file. You simply need to add them to the "Modes" list in the "Display" subsection of the "Screen" section. For example, the following section has a custom 2048x800 resolution mode added:

Section "Screen"
        Identifier    "Default Screen"
        Device        "VirtualBox graphics card"
        Monitor       "Generic Monitor"
        DefaultDepth  24
        SubSection "Display"
                Depth         24
                Modes         "2048x800" "800x600" "640x480"
        EndSubSection
EndSection

9.4. CPU Hot-Plugging

With virtual machines running modern server operating systems, Oracle VM VirtualBox supports CPU hot-plugging.

On a physical computer CPU hot-plugging would mean that a CPU can be added or removed while the machine is running. Oracle VM VirtualBox supports adding and removing of virtual CPUs while a virtual machine is running.

CPU hot-plugging works only with guest operating systems that support the feature. So far this applies only to Linux and Windows Server. Windows supports only hot-add, while Linux supports hot-add and hot-remove. To use this feature with more than 8 CPUs, a 64-bit Linux guest is required.

CPU hot-plugging is done using the VBoxManage command-line interface. First, hot-plugging needs to be enabled for a virtual machine:

VBoxManage modifyvm "VM name" --cpuhotplug on

The --cpus option is used to specify the maximum number of CPUs that the virtual machine can have:

VBoxManage modifyvm "VM name" --cpus 8

When the VM is off, you can then add and remove virtual CPUs with the modifyvm --plugcpu and --unplugcpu subcommands, which take the number of the virtual CPU as a parameter, as follows:

VBoxManage modifyvm "VM name" --plugcpu 3
VBoxManage modifyvm "VM name" --unplugcpu 3

Note that CPU 0 can never be removed.

While the VM is running, CPUs can be added and removed with the controlvm plugcpu and unplugcpu commands instead, as follows:

VBoxManage controlvm "VM name" plugcpu 3
VBoxManage controlvm