Chapter 9. Advanced topics

Table of Contents

9.1. VBoxSDL, the simplified VM displayer
9.1.1. Introduction
9.1.2. Secure labeling with VBoxSDL
9.1.3. Releasing modifiers with VBoxSDL on Linux
9.2. Automated guest logons
9.2.1. Automated Windows guest logons
9.2.2. Automated Linux/Unix guest logons
9.3. Advanced configuration for Windows guests
9.3.1. Automated Windows system preparation
9.4. Advanced configuration for Linux and Solaris guests
9.4.1. Manual setup of selected guest services on Linux
9.4.2. Guest graphics and mouse driver setup in depth
9.5. CPU hot-plugging
9.6. Advanced display configuration
9.6.1. Custom VESA resolutions
9.6.2. Configuring the maximum resolution of guests when using the graphical frontend
9.7. Advanced storage configuration
9.7.1. Using a raw host hard disk from a guest
9.7.2. Configuring the hard disk vendor product data (VPD)
9.7.3. Access iSCSI targets via Internal Networking
9.8. Launching more than 120 VMs on Solaris hosts
9.9. Legacy commands for using serial ports
9.10. Fine-tuning the VirtualBox NAT engine
9.10.1. Configuring the address of a NAT network interface
9.10.2. Configuring the boot server (next server) of a NAT network interface
9.10.3. Tuning TCP/IP buffers for NAT
9.10.4. Binding NAT sockets to a specific interface
9.10.5. Enabling DNS proxy in NAT mode
9.10.6. Using the host's resolver as a DNS proxy in NAT mode
9.10.7. Configuring aliasing of the NAT engine
9.11. Configuring the BIOS DMI information
9.12. Fine-tuning timers and time synchronization
9.12.1. Configuring the guest time stamp counter (TSC) to reflect guest execution
9.12.2. Accelerate or slow down the guest clock
9.12.3. Tuning the Guest Additions time synchronization parameters
9.13. Configuring multiple host-only network interfaces on Solaris hosts
9.14. Configuring the VirtualBox CoreDumper on Solaris hosts
9.15. Locking down the VirtualBox manager GUI
9.16. Starting the VirtualBox web service automatically

9.1. VBoxSDL, the simplified VM displayer

9.1.1. Introduction

VBoxSDL is a simple graphical user interface (GUI) that lacks the nice point-and-click support which VirtualBox, our main GUI, provides. VBoxSDL is currently primarily used internally for debugging VirtualBox and therefore not officially supported. Still, you may find it useful for environments where the virtual machines are not necessarily controlled by the same person that uses the virtual machine.

Note

VBoxSDL is not available on the Mac OS X host platform.

As you can see in the following screenshot, VBoxSDL does indeed only provide a simple window that contains only the "pure" virtual machine, without menus or other controls to click upon and no additional indicators of virtual machine activity:

To start a virtual machine with VBoxSDL instead of the VirtualBox GUI, enter the following on a command line:

VBoxSDL --startvm <vm>

where <vm> is, as usual with VirtualBox command line parameters, the name or UUID of an existing virtual machine.

9.1.2. Secure labeling with VBoxSDL

When running guest operating systems in fullscreen mode, the guest operating system usually has control over the whole screen. This could present a security risk as the guest operating system might fool the user into thinking that it is either a different system (which might have a higher security level) or it might present messages on the screen that appear to stem from the host operating system.

In order to protect the user against the above mentioned security risks, the secure labeling feature has been developed. Secure labeling is currently available only for VBoxSDL. When enabled, a portion of the display area is reserved for a label in which a user defined message is displayed. The label height in set to 20 pixels in VBoxSDL. The label font color and background color can be optionally set as hexadecimal RGB color values. The following syntax is used to enable secure labeling:

VBoxSDL --startvm "VM name"
      --securelabel --seclabelfnt ~/fonts/arial.ttf
      --seclabelsiz 14 --seclabelfgcol 00FF00 --seclabelbgcol 00FFFF

In addition to enabling secure labeling, a TrueType font has to be supplied. To use another font size than 12 point use the parameter --seclabelsiz.

The label text can be set with

VBoxManage setextradata "VM name" "VBoxSDL/SecureLabel" "The Label"

Changing this label will take effect immediately.

Typically, full screen resolutions are limited to certain "standard" geometries such as 1024 x 768. Increasing this by twenty lines is not usually feasible, so in most cases, VBoxSDL will chose the next higher resolution, e.g. 1280 x 1024 and the guest's screen will not cover the whole display surface. If VBoxSDL is unable to choose a higher resolution, the secure label will be painted on top of the guest's screen surface. In order to address the problem of the bottom part of the guest screen being hidden, VBoxSDL can provide custom video modes to the guest that are reduced by the height of the label. For Windows guests and recent Solaris and Linux guests, the VirtualBox Guest Additions automatically provide the reduced video modes. Additionally, the VESA BIOS has been adjusted to duplicate its standard mode table with adjusted resolutions. The adjusted mode IDs can be calculated using the following formula:

reduced_modeid = modeid + 0x30

For example, in order to start Linux with 1024 x 748 x 16, the standard mode 0x117 (1024 x 768 x 16) is used as a base. The Linux video mode kernel parameter can then be calculated using:

vga = 0x200 | 0x117 + 0x30
vga = 839

The reason for duplicating the standard modes instead of only supplying the adjusted modes is that most guest operating systems require the standard VESA modes to be fixed and refuse to start with different modes.

When using the X.org VESA driver, custom modelines have to be calculated and added to the configuration (usually in /etc/X11/xorg.conf. A handy tool to determine modeline entries can be found at http://www.tkk.fi/Misc/Electronics/faq/vga2rgb/calc.html.)

9.1.3. Releasing modifiers with VBoxSDL on Linux

When switching from a X virtual terminal (VT) to another VT using Ctrl-Alt-Fx while the VBoxSDL window has the input focus, the guest will receive Ctrl and Alt keypress events without receiving the corresponding key release events. This is an architectural limitation of Linux. In order to reset the modifier keys, it is possible to send SIGUSR1 to the VBoxSDL main thread (first entry in the ps list). For example, when switching away to another VT and saving the virtual machine from this terminal, the following sequence can be used to make sure the VM is not saved with stuck modifiers:

kill -usr1 <pid>
VBoxManage controlvm "Windows 2000" savestate