Last active
December 24, 2016 03:09
-
-
Save kou/6baea90d8acc714745fb to your computer and use it in GitHub Desktop.
Groongaで学ぶ全文検索2016-03-25
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # 「terms」以外はテンプレ | |
| table_create terms \ | |
| TABLE_PAT_KEY \ | |
| ShortText \ | |
| --default_tokenizer TokenBigram \ | |
| --normalizer NormalizerAuto | |
| # 「terms」と「body_index」と | |
| # 「pdfs」と「body」以外はテンプレ | |
| column_create terms body_index \ | |
| COLUMN_INDEX|WITH_POSITION \ | |
| pdfs \ | |
| body |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| table_create pdfs \ | |
| TABLE_HASH_KEY \ | |
| ShortText | |
| column_create pdfs body \ | |
| COLUMN_SCALAR \ | |
| Text |
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # License is GPLv2. Source: "virtualbox" deb package in Debian. | |
| load --table pdfs | |
| [ | |
| { | |
| "_key": "/usr/share/doc/virtualbox/UserManual.pdf", | |
| "body": "Oracle VM\nR\nVirtualBox\r\nUser Manual\nVersion 5.0.16_Debian\nc 2004-2016 Oracle Corporation\n\r\nhttp://www.virtualbox.org\n\n\fContents\n1 First steps\n1.1\nWhy is virtualization useful? . . . . . . . . . . . . . . .\n1.2\nSome terminology . . . . . . . . . . . . . . . . . . . . .\n1.3\nFeatures overview . . . . . . . . . . . . . . . . . . . . .\n1.4\nSupported host operating systems . . . . . . . . . . . .\n1.5\nInstalling VirtualBox and extension packs . . . . . . . .\n1.6\nStarting VirtualBox . . . . . . . . . . . . . . . . . . . .\n1.7\nCreating your first virtual machine . . . . . . . . . . .\n1.8\nRunning your virtual machine . . . . . . . . . . . . . .\n1.8.1\nStarting a new VM for the first time . . . . . .\n1.8.2\nCapturing and releasing keyboard and mouse\n1.8.3\nTyping special characters . . . . . . . . . . . .\n1.8.4\nChanging removable media . . . . . . . . . . .\n1.8.5\nResizing the machine’s window . . . . . . . .\n1.8.6\nSaving the state of the machine . . . . . . . .\n1.9\nUsing VM groups . . . . . . . . . . . . . . . . . . . . .\n1.10 Snapshots . . . . . . . . . . . . . . . . . . . . . . . . .\n1.10.1 Taking, restoring and deleting snapshots . . .\n1.10.2 Snapshot contents . . . . . . . . . . . . . . . .\n1.11 Virtual machine configuration . . . . . . . . . . . . . .\n1.12 Removing virtual machines . . . . . . . . . . . . . . . .\n1.13 Cloning virtual machines . . . . . . . . . . . . . . . . .\n1.14 Importing and exporting virtual machines . . . . . . .\n1.15 Global Settings . . . . . . . . . . . . . . . . . . . . . .\n1.16 Alternative front-ends . . . . . . . . . . . . . . . . . . .\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n11\n12\n12\n13\n15\n16\n17\n18\n21\n21\n22\n23\n24\n24\n25\n26\n26\n27\n28\n29\n30\n30\n31\n32\n32\n\n2 Installation details\n2.1\nInstalling on Windows hosts . . . . . .\n2.1.1\nPrerequisites . . . . . . . . . .\n2.1.2\nPerforming the installation . .\n2.1.3\nUninstallation . . . . . . . . .\n2.1.4\nUnattended installation . . . .\n2.1.5\nPublic properties . . . . . . . .\n2.2\nInstalling on Mac OS X hosts . . . . . .\n2.2.1\nPerforming the installation . .\n2.2.2\nUninstallation . . . . . . . . .\n2.2.3\nUnattended installation . . . .\n2.3\nInstalling on Linux hosts . . . . . . . .\n2.3.1\nPrerequisites . . . . . . . . . .\n2.3.2\nThe VirtualBox kernel module\n2.3.3\nPerforming the installation . .\n2.3.4\nThe vboxusers group . . . . .\n2.3.5\nStarting VirtualBox on Linux .\n2.4\nInstalling on Solaris hosts . . . . . . .\n2.4.1\nPerforming the installation . .\n2.4.2\nThe vboxuser group . . . . . .\n2.4.3\nStarting VirtualBox on Solaris\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n34\n34\n34\n34\n36\n36\n36\n36\n36\n37\n37\n37\n37\n37\n38\n42\n42\n42\n42\n43\n43\n\n2\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n\fContents\n2.4.4\n2.4.5\n2.4.6\n\nUninstallation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .\nUnattended installation . . . . . . . . . . . . . . . . . . . . . . . . . . .\nConfiguring a zone for running VirtualBox . . . . . . . . . . . . . . . .\n\n3 Configuring virtual machines\n3.1\nSupported guest operating systems . . . . . . . . . . . . . .\n3.1.1\nMac OS X guests . . . . . . . . . . . . . . . . . . . .\n3.1.2\n64-bit guests . . . . . . . . . . . . . . . . . . . . . .\n3.2\nEmulated hardware . . . . . . . . . . . . . . . . . . . . . . .\n3.3\nGeneral settings . . . . . . . . . . . . . . . . . . . . . . . . .\n3.3.1\n“Basic” tab . . . . . . . . . . . . . . . . . . . . . . .\n3.3.2\n“Advanced” tab . . . . . . . . . . . . . . . . . . . .\n3.3.3\n“Description” tab . . . . . . . . . . . . . . . . . . .\n3.4\nSystem settings . . . . . . . . . . . . . . . . . . . . . . . . .\n3.4.1\n“Motherboard” tab . . . . . . . . . . . . . . . . . .\n3.4.2\n“Processor” tab . . . . . . . . . . . . . . . . . . . .\n3.4.3\n“Acceleration” tab . . . . . . . . . . . . . . . . . . .\n3.5\nDisplay settings . . . . . . . . . . . . . . . . . . . . . . . . .\n3.6\nStorage settings . . . . . . . . . . . . . . . . . . . . . . . . .\n3.7\nAudio settings . . . . . . . . . . . . . . . . . . . . . . . . . .\n3.8\nNetwork settings . . . . . . . . . . . . . . . . . . . . . . . .\n3.9\nSerial ports . . . . . . . . . . . . . . . . . . . . . . . . . . .\n3.10 USB support . . . . . . . . . . . . . . . . . . . . . . . . . . .\n3.10.1 USB settings . . . . . . . . . . . . . . . . . . . . . .\n3.10.2 Implementation notes for Windows and Linux hosts\n3.11 Shared folders . . . . . . . . . . . . . . . . . . . . . . . . . .\n3.12 Alternative firmware (EFI) . . . . . . . . . . . . . . . . . . .\n3.12.1 Video modes in EFI . . . . . . . . . . . . . . . . . .\n3.12.2 Specifying boot arguments . . . . . . . . . . . . . .\n\n43\n43\n44\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n45\n45\n46\n46\n47\n48\n48\n48\n49\n49\n49\n51\n51\n52\n53\n55\n55\n55\n57\n57\n58\n59\n59\n59\n60\n\n4 Guest Additions\n4.1\nIntroduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . .\n4.2\nInstalling and Maintaining Guest Additions . . . . . . . . . . . .\n4.2.1\nGuest Additions for Windows . . . . . . . . . . . . . . .\n4.2.2\nGuest Additions for Linux . . . . . . . . . . . . . . . . .\n4.2.3\nGuest Additions for Solaris . . . . . . . . . . . . . . . .\n4.2.4\nGuest Additions for OS/2 . . . . . . . . . . . . . . . . .\n4.3\nShared folders . . . . . . . . . . . . . . . . . . . . . . . . . . . .\n4.3.1\nManual mounting . . . . . . . . . . . . . . . . . . . . .\n4.3.2\nAutomatic mounting . . . . . . . . . . . . . . . . . . .\n4.4\nDrag and Drop . . . . . . . . . . . . . . . . . . . . . . . . . . . .\n4.4.1\nSupported formats . . . . . . . . . . . . . . . . . . . .\n4.4.2\nKnown limitations . . . . . . . . . . . . . . . . . . . . .\n4.5\nHardware-accelerated graphics . . . . . . . . . . . . . . . . . .\n4.5.1\nHardware 3D acceleration (OpenGL and Direct3D 8/9)\n4.5.2\nHardware 2D video acceleration for Windows guests . .\n4.6\nSeamless windows . . . . . . . . . . . . . . . . . . . . . . . . .\n4.7\nGuest properties . . . . . . . . . . . . . . . . . . . . . . . . . . .\n4.8\nGuest control . . . . . . . . . . . . . . . . . . . . . . . . . . . .\n4.9\nMemory overcommitment . . . . . . . . . . . . . . . . . . . . .\n4.9.1\nMemory ballooning . . . . . . . . . . . . . . . . . . . .\n4.9.2\nPage Fusion . . . . . . . . . . . . . . . . . . . . . . . .\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n61\n61\n62\n62\n66\n70\n71\n71\n72\n73\n74\n75\n75\n75\n75\n77\n77\n78\n80\n80\n80\n81\n\n3\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n\fContents\n5 Virtual storage\n5.1\nHard disk controllers: IDE, SATA (AHCI), SCSI, SAS, USB MSC\n5.2\nDisk image files (VDI, VMDK, VHD, HDD) . . . . . . . . . . .\n5.3\nThe Virtual Media Manager . . . . . . . . . . . . . . . . . . .\n5.4\nSpecial image write modes . . . . . . . . . . . . . . . . . . . .\n5.5\nDifferencing images . . . . . . . . . . . . . . . . . . . . . . . .\n5.6\nCloning disk images . . . . . . . . . . . . . . . . . . . . . . . .\n5.7\nHost I/O caching . . . . . . . . . . . . . . . . . . . . . . . . .\n5.8\nLimiting bandwidth for disk images . . . . . . . . . . . . . . .\n5.9\nCD/DVD support . . . . . . . . . . . . . . . . . . . . . . . . .\n5.10 iSCSI servers . . . . . . . . . . . . . . . . . . . . . . . . . . . .\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n83\n83\n86\n87\n88\n90\n92\n92\n93\n94\n94\n\n6 Virtual networking\n6.1\nVirtual networking hardware . . . . . . . . . . . . . .\n6.2\nIntroduction to networking modes . . . . . . . . . . .\n6.3\nNetwork Address Translation (NAT) . . . . . . . . . .\n6.3.1\nConfiguring port forwarding with NAT . . .\n6.3.2\nPXE booting with NAT . . . . . . . . . . . . .\n6.3.3\nNAT limitations . . . . . . . . . . . . . . . .\n6.4\nNetwork Address Translation Service (experimental)\n6.5\nBridged networking . . . . . . . . . . . . . . . . . . .\n6.6\nInternal networking . . . . . . . . . . . . . . . . . . .\n6.7\nHost-only networking . . . . . . . . . . . . . . . . . .\n6.8\nUDP Tunnel networking . . . . . . . . . . . . . . . .\n6.9\nVDE networking . . . . . . . . . . . . . . . . . . . . .\n6.10 Limiting bandwidth for network I/O . . . . . . . . . .\n6.11 Improving network performance . . . . . . . . . . . .\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n96\n96\n97\n98\n98\n99\n99\n100\n101\n102\n103\n104\n104\n105\n106\n\n7 Remote virtual machines\n7.1\nRemote display (VRDP support) . . . . . . . . . . . . . . . . . . . . .\n7.1.1\nCommon third-party RDP viewers . . . . . . . . . . . . . . .\n7.1.2\nVBoxHeadless, the remote desktop server . . . . . . . . . . .\n7.1.3\nStep by step: creating a virtual machine on a headless server\n7.1.4\nRemote USB . . . . . . . . . . . . . . . . . . . . . . . . . . .\n7.1.5\nRDP authentication . . . . . . . . . . . . . . . . . . . . . . .\n7.1.6\nRDP encryption . . . . . . . . . . . . . . . . . . . . . . . . .\n7.1.7\nMultiple connections to the VRDP server . . . . . . . . . . .\n7.1.8\nMultiple remote monitors . . . . . . . . . . . . . . . . . . . .\n7.1.9\nVRDP video redirection . . . . . . . . . . . . . . . . . . . . .\n7.1.10 VRDP customization . . . . . . . . . . . . . . . . . . . . . . .\n7.2\nTeleporting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n107\n107\n107\n108\n109\n111\n111\n112\n113\n114\n114\n114\n115\n\n8 VBoxManage\n8.1\nIntroduction . . . . . . . . . . . . . . . .\n8.2\nCommands overview . . . . . . . . . . .\n8.3\nGeneral options . . . . . . . . . . . . . .\n8.4\nVBoxManage list . . . . . . . . . . . . .\n8.5\nVBoxManage showvminfo . . . . . . . .\n8.6\nVBoxManage registervm / unregistervm\n8.7\nVBoxManage createvm . . . . . . . . . .\n8.8\nVBoxManage modifyvm . . . . . . . . .\n8.8.1\nGeneral settings . . . . . . . . .\n8.8.2\nNetworking settings . . . . . . .\n8.8.3\nMiscellaneous settings . . . . .\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n117\n117\n118\n128\n128\n129\n130\n131\n131\n131\n134\n136\n\n4\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n\fContents\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n137\n138\n139\n139\n139\n140\n141\n142\n142\n145\n145\n145\n146\n146\n148\n149\n150\n150\n150\n151\n152\n153\n153\n154\n154\n154\n155\n163\n164\n164\n165\n171\n\n9 Advanced topics\n9.1\nVBoxSDL, the simplified VM displayer . . . . . . . . . . .\n9.1.1\nIntroduction . . . . . . . . . . . . . . . . . . . .\n9.1.2\nSecure labeling with VBoxSDL . . . . . . . . . .\n9.1.3\nReleasing modifiers with VBoxSDL on Linux . .\n9.2\nAutomated guest logons . . . . . . . . . . . . . . . . . .\n9.2.1\nAutomated Windows guest logons . . . . . . . .\n9.2.2\nAutomated Linux/Unix guest logons . . . . . . .\n9.3\nAdvanced configuration for Windows guests . . . . . . .\n9.3.1\nAutomated Windows system preparation . . . .\n9.4\nAdvanced configuration for Linux and Solaris guests . . .\n9.4.1\nManual setup of selected guest services on Linux\n9.4.2\nGuest graphics and mouse driver setup in depth\n9.5\nCPU hot-plugging . . . . . . . . . . . . . . . . . . . . . .\n9.6\nPCI passthrough . . . . . . . . . . . . . . . . . . . . . . .\n9.7\nWebcam passthrough . . . . . . . . . . . . . . . . . . . .\n9.7.1\nUsing a host webcam in the guest . . . . . . . .\n9.7.2\nWindows hosts . . . . . . . . . . . . . . . . . . .\n9.7.3\nMac OS X hosts . . . . . . . . . . . . . . . . . .\n9.7.4\nLinux and Solaris hosts . . . . . . . . . . . . . .\n9.8\nAdvanced display configuration . . . . . . . . . . . . . .\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n173\n173\n173\n173\n174\n175\n175\n176\n179\n179\n180\n180\n180\n181\n182\n183\n183\n184\n184\n185\n185\n\n8.9\n8.10\n8.11\n8.12\n8.13\n8.14\n8.15\n8.16\n8.17\n8.18\n8.19\n8.20\n8.21\n8.22\n8.23\n8.24\n8.25\n8.26\n8.27\n8.28\n8.29\n8.30\n8.31\n8.32\n8.33\n8.34\n8.35\n8.36\n\n8.8.4\nVideo Capture settings . . . . . .\n8.8.5\nRemote machine settings . . . . .\n8.8.6\nTeleporting settings . . . . . . . .\n8.8.7\nDebugging settings . . . . . . . .\nVBoxManage clonevm . . . . . . . . . . .\nVBoxManage import . . . . . . . . . . . .\nVBoxManage export . . . . . . . . . . . . .\nVBoxManage startvm . . . . . . . . . . . .\nVBoxManage controlvm . . . . . . . . . .\nVBoxManage discardstate . . . . . . . . .\nVBoxManage adoptstate . . . . . . . . . .\nVBoxManage snapshot . . . . . . . . . . .\nVBoxManage closemedium . . . . . . . . .\nVBoxManage storageattach . . . . . . . . .\nVBoxManage storagectl . . . . . . . . . . .\nVBoxManage bandwidthctl . . . . . . . . .\nVBoxManage showhdinfo . . . . . . . . . .\nVBoxManage createhd . . . . . . . . . . .\nVBoxManage modifyhd . . . . . . . . . . .\nVBoxManage clonehd . . . . . . . . . . . .\nVBoxManage convertfromraw . . . . . . .\nVBoxManage getextradata/setextradata . .\nVBoxManage setproperty . . . . . . . . . .\nVBoxManage usbfilter add/modify/remove\nVBoxManage sharedfolder add/remove . .\nVBoxManage guestproperty . . . . . . . .\nVBoxManage guestcontrol . . . . . . . . .\nVBoxManage metrics . . . . . . . . . . . .\nVBoxManage hostonlyif . . . . . . . . . . .\nVBoxManage dhcpserver . . . . . . . . . .\nVBoxManage debugvm . . . . . . . . . . .\nVBoxManage extpack . . . . . . . . . . . .\n\n5\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n\fContents\n9.8.1\n9.8.2\n\n9.9\n\n9.10\n9.11\n\n9.12\n9.13\n9.14\n\n9.15\n9.16\n9.17\n9.18\n9.19\n9.20\n\n9.21\n\n9.22\n\n9.23\n\nCustom VESA resolutions . . . . . . . . . . . . . . . . . . . . . . . . .\nConfiguring the maximum resolution of guests when using the\ngraphical frontend . . . . . . . . . . . . . . . . . . . . . . . . . . . . .\nAdvanced storage configuration . . . . . . . . . . . . . . . . . . . . . . . . . .\n9.9.1\nUsing a raw host hard disk from a guest . . . . . . . . . . . . . . . . .\n9.9.2\nConfiguring the hard disk vendor product data (VPD) . . . . . . . . .\n9.9.3\nAccess iSCSI targets via Internal Networking . . . . . . . . . . . . . .\nLegacy commands for using serial ports . . . . . . . . . . . . . . . . . . . . . .\nFine-tuning the VirtualBox NAT engine . . . . . . . . . . . . . . . . . . . . . .\n9.11.1 Configuring the address of a NAT network interface . . . . . . . . . .\n9.11.2 Configuring the boot server (next server) of a NAT network interface .\n9.11.3 Tuning TCP/IP buffers for NAT . . . . . . . . . . . . . . . . . . . . . .\n9.11.4 Binding NAT sockets to a specific interface . . . . . . . . . . . . . . .\n9.11.5 Enabling DNS proxy in NAT mode . . . . . . . . . . . . . . . . . . . .\n9.11.6 Using the host’s resolver as a DNS proxy in NAT mode . . . . . . . . .\n9.11.7 Configuring aliasing of the NAT engine . . . . . . . . . . . . . . . . .\nConfiguring the BIOS DMI information . . . . . . . . . . . . . . . . . . . . . .\nConfiguring the custom ACPI table . . . . . . . . . . . . . . . . . . . . . . . .\nFine-tuning timers and time synchronization . . . . . . . . . . . . . . . . . . .\n9.14.1 Configuring the guest time stamp counter (TSC) to reflect guest\nexecution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .\n9.14.2 Accelerate or slow down the guest clock . . . . . . . . . . . . . . . . .\n9.14.3 Tuning the Guest Additions time synchronization parameters . . . . .\n9.14.4 Disabling the Guest Additions time synchronization . . . . . . . . . .\nInstalling the alternate bridged networking driver on Solaris 11 hosts . . . . .\nVirtualBox VNIC templates for VLANs on Solaris 11 hosts . . . . . . . . . . . .\nConfiguring multiple host-only network interfaces on Solaris hosts . . . . . . .\nConfiguring the VirtualBox CoreDumper on Solaris hosts . . . . . . . . . . . .\nVirtualBox and Solaris kernel zones . . . . . . . . . . . . . . . . . . . . . . . .\nLocking down the VirtualBox manager GUI . . . . . . . . . . . . . . . . . . . .\n9.20.1 Customizing the VM manager . . . . . . . . . . . . . . . . . . . . . .\n9.20.2 VM selector customization . . . . . . . . . . . . . . . . . . . . . . . .\n9.20.3 Configure VM selector menu entries . . . . . . . . . . . . . . . . . . .\n9.20.4 Configure VM window menu entries . . . . . . . . . . . . . . . . . . .\n9.20.5 Configure VM window status bar entries . . . . . . . . . . . . . . . .\n9.20.6 Configure VM window visual modes . . . . . . . . . . . . . . . . . . .\n9.20.7 Host Key customization . . . . . . . . . . . . . . . . . . . . . . . . . .\n9.20.8 Action when terminating the VM . . . . . . . . . . . . . . . . . . . . .\n9.20.9 Action for handling a Guru Meditation . . . . . . . . . . . . . . . . .\n9.20.10 Configuring automatic mouse capturing . . . . . . . . . . . . . . . . .\n9.20.11 Configuring automatic mouse capturing . . . . . . . . . . . . . . . . .\n9.20.12 Requesting legacy full-screen mode . . . . . . . . . . . . . . . . . . .\nStarting the VirtualBox web service automatically . . . . . . . . . . . . . . . .\n9.21.1 Linux: starting the webservice via init . . . . . . . . . . . . . . . . .\n9.21.2 Solaris: starting the web service via SMF . . . . . . . . . . . . . . . .\n9.21.3 Mac OS X: starting the webservice via launchd . . . . . . . . . . . . .\nVirtualBox Watchdog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .\n9.22.1 Memory ballooning control . . . . . . . . . . . . . . . . . . . . . . . .\n9.22.2 Host isolation detection . . . . . . . . . . . . . . . . . . . . . . . . . .\n9.22.3 More information . . . . . . . . . . . . . . . . . . . . . . . . . . . . .\n9.22.4 Linux: starting the watchdog service via init . . . . . . . . . . . . .\n9.22.5 Solaris: starting the watchdog service via SMF . . . . . . . . . . . . .\nOther extension packs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .\n\n6\n\n. 185\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n185\n186\n186\n188\n188\n189\n189\n189\n190\n190\n190\n190\n191\n191\n192\n193\n194\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n194\n194\n194\n195\n195\n196\n196\n197\n198\n198\n198\n199\n199\n200\n203\n203\n204\n204\n205\n205\n205\n206\n206\n206\n207\n207\n207\n208\n209\n209\n210\n210\n210\n\n\fContents\n9.24 Starting virtual machines during system boot . . . . . . . . . . . . . . .\n9.24.1 Linux: starting the autostart service via init . . . . . . . . . .\n9.24.2 Solaris: starting the autostart service via SMF . . . . . . . . .\n9.24.3 Mac OS X: starting the autostart service via launchd . . . . . .\n9.25 VirtualBox expert storage management . . . . . . . . . . . . . . . . . .\n9.26 Handling of host power management events . . . . . . . . . . . . . . .\n9.27 Experimental support for passing through SSE4.1 / SSE4.2 instructions\n9.28 Support for keyboard indicators synchronization . . . . . . . . . . . . .\n9.29 Capturing USB traffic for selected devices . . . . . . . . . . . . . . . . .\n9.30 Configuring the heartbeat service . . . . . . . . . . . . . . . . . . . . .\n9.31 Encryption of disk images . . . . . . . . . . . . . . . . . . . . . . . . .\n9.31.1 Limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . .\n9.31.2 Encrypting disk images . . . . . . . . . . . . . . . . . . . . . .\n9.31.3 Starting a VM with encrypted images . . . . . . . . . . . . . .\n9.31.4 Decrypting encrypted images . . . . . . . . . . . . . . . . . . .\n9.32 PC speaker passthrough . . . . . . . . . . . . . . . . . . . . . . . . . .\n10 Technical background\n10.1 Where VirtualBox stores its files . . . . . . . . . . . . . . . .\n10.1.1 Machines created by VirtualBox version 4.0 or later\n10.1.2 Machines created by VirtualBox versions before 4.0\n10.1.3 Global configuration data . . . . . . . . . . . . . . .\n10.1.4 Summary of 4.0 configuration changes . . . . . . .\n10.1.5 VirtualBox XML files . . . . . . . . . . . . . . . . . .\n10.2 VirtualBox executables and components . . . . . . . . . . .\n10.3 Hardware vs. software virtualization . . . . . . . . . . . . .\n10.4 Paravirtualization providers . . . . . . . . . . . . . . . . . .\n10.5 Details about software virtualization . . . . . . . . . . . . .\n10.6 Details about hardware virtualization . . . . . . . . . . . . .\n10.7 Nested paging and VPIDs . . . . . . . . . . . . . . . . . . . .\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n211\n211\n212\n212\n212\n213\n213\n213\n214\n214\n214\n215\n215\n215\n216\n216\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n218\n218\n218\n219\n219\n220\n220\n220\n222\n223\n224\n226\n227\n\n11 VirtualBox programming interfaces\n\n228\n\n12 Troubleshooting\n12.1 Procedures and tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .\n12.1.1 Categorizing and isolating problems . . . . . . . . . . . . . . . . .\n12.1.2 Collecting debugging information . . . . . . . . . . . . . . . . . .\n12.1.3 The built-in VM debugger . . . . . . . . . . . . . . . . . . . . . . .\n12.1.4 VM core format . . . . . . . . . . . . . . . . . . . . . . . . . . . .\n12.2 General . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .\n12.2.1 Guest shows IDE/SATA errors for file-based images on slow host\nfile system . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .\n12.2.2 Responding to guest IDE/SATA flush requests . . . . . . . . . . . .\n12.2.3 Performance variation with frequency boosting . . . . . . . . . . .\n12.2.4 Frequency scaling effect on CPU usage . . . . . . . . . . . . . . .\n12.2.5 Inaccurate Windows CPU usage reporting . . . . . . . . . . . . . .\n12.2.6 Poor performance caused by host power management . . . . . . .\n12.2.7 GUI: 2D Video Acceleration option is grayed out . . . . . . . . . .\n12.3 Windows guests . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .\n12.3.1 Windows bluescreens after changing VM configuration . . . . . .\n12.3.2 Windows 0x101 bluescreens with SMP enabled (IPI timeout) . . .\n12.3.3 Windows 2000 installation failures . . . . . . . . . . . . . . . . .\n12.3.4 How to record bluescreen information from Windows guests . . .\n12.3.5 PCnet driver failure in 32-bit Windows Server 2003 guests . . . .\n\n7\n\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n\n229\n229\n229\n230\n230\n232\n233\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n233\n234\n234\n234\n235\n235\n235\n235\n235\n236\n236\n236\n236\n\n\fContents\n12.3.6\n12.3.7\n12.3.8\n12.3.9\n12.3.10\n\n12.4\n\n12.5\n\n12.6\n12.7\n\n12.8\n\n12.9\n\nNo networking in Windows Vista guests . . . . . . . . . . . . . . . .\nWindows guests may cause a high CPU load . . . . . . . . . . . . .\nLong delays when accessing shared folders . . . . . . . . . . . . . .\nUSB tablet coordinates wrong in Windows 98 guests . . . . . . . . .\nWindows guests are removed from an Active Directory domain\nafter restoring a snapshot . . . . . . . . . . . . . . . . . . . . . . . .\n12.3.11 Restoring d3d8.dll and d3d9.dll . . . . . . . . . . . . . . . . . . . .\n12.3.12 Windows 3.x limited to 64 MB RAM . . . . . . . . . . . . . . . . . .\nLinux and X11 guests . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .\n12.4.1 Linux guests may cause a high CPU load . . . . . . . . . . . . . . .\n12.4.2 AMD Barcelona CPUs . . . . . . . . . . . . . . . . . . . . . . . . . .\n12.4.3 Buggy Linux 2.6 kernel versions . . . . . . . . . . . . . . . . . . . .\n12.4.4 Shared clipboard, auto-resizing and seamless desktop in X11 guests\nSolaris guests . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .\n12.5.1 Older Solaris 10 releases crash in 64-bit mode . . . . . . . . . . . .\n12.5.2 Solaris 8 5/01 and earlier may crash on startup . . . . . . . . . . .\nFreeBSD guests . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .\n12.6.1 FreeBSD 10.0 may hang with xHCI . . . . . . . . . . . . . . . . . .\nWindows hosts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .\n12.7.1 VBoxSVC out-of-process COM server issues . . . . . . . . . . . . . .\n12.7.2 CD/DVD changes not recognized . . . . . . . . . . . . . . . . . . . .\n12.7.3 Sluggish response when using Microsoft RDP client . . . . . . . . .\n12.7.4 Running an iSCSI initiator and target on a single system . . . . . . .\n12.7.5 Bridged networking adapters missing . . . . . . . . . . . . . . . . .\n12.7.6 Host-only networking adapters cannot be created . . . . . . . . . .\nLinux hosts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .\n12.8.1 Linux kernel module refuses to load . . . . . . . . . . . . . . . . . .\n12.8.2 Linux host CD/DVD drive not found . . . . . . . . . . . . . . . . . .\n12.8.3 Linux host CD/DVD drive not found (older distributions) . . . . . .\n12.8.4 Linux host floppy not found . . . . . . . . . . . . . . . . . . . . . .\n12.8.5 Strange guest IDE error messages when writing to CD/DVD . . . . .\n12.8.6 VBoxSVC IPC issues . . . . . . . . . . . . . . . . . . . . . . . . . . .\n12.8.7 USB not working . . . . . . . . . . . . . . . . . . . . . . . . . . . .\n12.8.8 PAX/grsec kernels . . . . . . . . . . . . . . . . . . . . . . . . . . . .\n12.8.9 Linux kernel vmalloc pool exhausted . . . . . . . . . . . . . . . . .\nSolaris hosts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .\n12.9.1 Cannot start VM, not enough contiguous memory . . . . . . . . . .\n12.9.2 VM aborts with out of memory errors on Solaris 10 hosts . . . . . .\n\n13 Security guide\n13.1 General Security Principles . . . . . . . . . . . . .\n13.2 Secure Installation and Configuration . . . . . . .\n13.2.1 Installation Overview . . . . . . . . . . .\n13.2.2 Post Installation Configuration . . . . . .\n13.3 Security Features . . . . . . . . . . . . . . . . . .\n13.3.1 The Security Model . . . . . . . . . . . .\n13.3.2 Secure Configuration of Virtual Machines\n13.3.3 Configuring and Using Authentication . .\n13.3.4 Potentially insecure operations . . . . . .\n13.3.5 Encryption . . . . . . . . . . . . . . . . .\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n\n.\n.\n.\n.\n\n237\n237\n237\n237\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n237\n237\n239\n239\n239\n239\n239\n240\n240\n240\n240\n240\n240\n241\n241\n241\n241\n242\n242\n242\n242\n242\n243\n243\n243\n243\n244\n244\n245\n245\n245\n245\n245\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n247\n247\n247\n247\n248\n248\n248\n248\n249\n250\n250\n\n14 Known limitations\n252\n14.1 Experimental Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 252\n14.2 Known Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 252\n\n8\n\n\fContents\n15 Change log\n15.1 Version 5.0.16 (2016-03-04)\n15.2 Version 5.0.14 (2016-01-19)\n15.3 Version 5.0.12 (2015-12-18)\n15.4 Version 5.0.10 (2015-11-10)\n15.5 Version 5.0.8 (2015-10-20) .\n15.6 Version 5.0.6 (2015-10-02) .\n15.7 Version 5.0.4 (2015-09-08) .\n15.8 Version 5.0.2 (2015-08-13) .\n15.9 Version 5.0.0 (2015-07-09) .\n15.10 Version 4.3.28 (2015-05-13)\n15.11 Version 4.3.26 (2015-03-16)\n15.12 Version 4.3.24 (2015-03-02)\n15.13 Version 4.3.22 (2015-02-12)\n15.14 Version 4.3.20 (2014-11-21)\n15.15 Version 4.3.18 (2014-10-10)\n15.16 Version 4.3.16 (2014-09-09)\n15.17 Version 4.3.14 (2014-07-15)\n15.18 Version 4.3.12 (2014-05-16)\n15.19 Version 4.3.10 (2014-03-26)\n15.20 Version 4.3.8 (2014-02-25) .\n15.21 Version 4.3.6 (2013-12-18) .\n15.22 Version 4.3.4 (2013-11-29) .\n15.23 Version 4.3.2 (2013-11-01) .\n15.24 Version 4.3.0 (2013-10-15) .\n15.25 Older Change log details . .\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n256\n256\n257\n258\n259\n260\n261\n262\n263\n265\n268\n269\n270\n270\n272\n273\n274\n276\n277\n278\n279\n281\n282\n284\n285\n288\n\n16 Third-party materials and licenses\n16.1 Materials . . . . . . . . . . . . . . . . . . . . . . . . . . .\n16.2 Licenses . . . . . . . . . . . . . . . . . . . . . . . . . . .\n16.2.1 GNU General Public License (GPL) . . . . . . . .\n16.2.2 GNU Lesser General Public License (LGPL) . . .\n16.2.3 Mozilla Public License (MPL) . . . . . . . . . . .\n16.2.4 MIT License . . . . . . . . . . . . . . . . . . . .\n16.2.5 X Consortium License (X11) . . . . . . . . . . .\n16.2.6 zlib license . . . . . . . . . . . . . . . . . . . . .\n16.2.7 OpenSSL license . . . . . . . . . . . . . . . . . .\n16.2.8 Slirp license . . . . . . . . . . . . . . . . . . . .\n16.2.9 liblzf license . . . . . . . . . . . . . . . . . . . .\n16.2.10 libpng license . . . . . . . . . . . . . . . . . . .\n16.2.11 lwIP license . . . . . . . . . . . . . . . . . . . .\n16.2.12 libxml license . . . . . . . . . . . . . . . . . . .\n16.2.13 libxslt licenses . . . . . . . . . . . . . . . . . . .\n16.2.14 gSOAP Public License Version 1.3a . . . . . . . .\n16.2.15 Chromium licenses . . . . . . . . . . . . . . . .\n16.2.16 curl license . . . . . . . . . . . . . . . . . . . . .\n16.2.17 libgd license . . . . . . . . . . . . . . . . . . . .\n16.2.18 BSD license from Intel . . . . . . . . . . . . . .\n16.2.19 libjpeg License . . . . . . . . . . . . . . . . . . .\n16.2.20 x86 SIMD extension for IJG JPEG library license\n16.2.21 FreeBSD license . . . . . . . . . . . . . . . . . .\n16.2.22 NetBSD license . . . . . . . . . . . . . . . . . .\n16.2.23 PCRE license . . . . . . . . . . . . . . . . . . . .\n16.2.24 libffi license . . . . . . . . . . . . . . . . . . . .\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n289\n289\n292\n292\n296\n301\n307\n307\n307\n307\n308\n309\n309\n309\n310\n310\n311\n316\n318\n318\n319\n319\n320\n320\n321\n321\n322\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n9\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n.\n\n\fContents\n16.2.25\n16.2.26\n16.2.27\n16.2.28\n16.2.29\n\nFLTK license . . .\nExpat license . . .\nFontconfig license\nFreetype license .\nVPX License . . .\n\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n\n.\n.\n.\n.\n.\n\n323\n323\n323\n324\n326\n\n17 VirtualBox privacy information\n\n327\n\nGlossary\n\n328\n\n10\n\n\f1 First steps\nWelcome to Oracle VM VirtualBox!\nVirtualBox is a cross-platform virtualization application. What does that mean? For one thing,\nit installs on your existing Intel or AMD-based computers, whether they are running Windows,\nMac, Linux or Solaris operating systems. Secondly, it extends the capabilities of your existing\ncomputer so that it can run multiple operating systems (inside multiple virtual machines) at the\nsame time. So, for example, you can run Windows and Linux on your Mac, run Windows Server\n2008 on your Linux server, run Linux on your Windows PC, and so on, all alongside your existing\napplications. You can install and run as many virtual machines as you like – the only practical\nlimits are disk space and memory.\nVirtualBox is deceptively simple yet also very powerful. It can run everywhere from small\nembedded systems or desktop class machines all the way up to datacenter deployments and\neven Cloud environments.\nThe following screenshot shows you how VirtualBox, installed on a Mac computer, is running\nWindows 8 in a virtual machine window:\n\nIn this User Manual, we’ll begin simply with a quick introduction to virtualization and how to\nget your first virtual machine running with the easy-to-use VirtualBox graphical user interface.\nSubsequent chapters will go into much more detail covering more powerful tools and features,\nbut fortunately, it is not necessary to read the entire User Manual before you can use VirtualBox.\nYou can find a summary of VirtualBox’s capabilities in chapter 1.3, Features overview, page 13.\nFor existing VirtualBox users who just want to see what’s new in this release, there is a detailed\nlist in chapter 15, Change log, page 256.\n\n11\n\n\f1 First steps\n\n1.1 Why is virtualization useful?\nThe techniques and features that VirtualBox provides are useful for several scenarios:\n• Running multiple operating systems simultaneously. VirtualBox allows you to run more\nthan one operating system at a time. This way, you can run software written for one\noperating system on another (for example, Windows software on Linux or a Mac) without\nhaving to reboot to use it. Since you can configure what kinds of “virtual” hardware should\nbe presented to each such operating system, you can install an old operating system such\nas DOS or OS/2 even if your real computer’s hardware is no longer supported by that\noperating system.\n• Easier software installations. Software vendors can use virtual machines to ship entire\nsoftware configurations. For example, installing a complete mail server solution on a real\nmachine can be a tedious task. With VirtualBox, such a complex setup (then often called\nan “appliance”) can be packed into a virtual machine. Installing and running a mail server\nbecomes as easy as importing such an appliance into VirtualBox.\n• Testing and disaster recovery. Once installed, a virtual machine and its virtual hard disks\ncan be considered a “container” that can be arbitrarily frozen, woken up, copied, backed\nup, and transported between hosts.\nOn top of that, with the use of another VirtualBox feature called “snapshots”, one can save\na particular state of a virtual machine and revert back to that state, if necessary. This way,\none can freely experiment with a computing environment. If something goes wrong (e.g.\nafter installing misbehaving software or infecting the guest with a virus), one can easily\nswitch back to a previous snapshot and avoid the need of frequent backups and restores.\nAny number of snapshots can be created, allowing you to travel back and forward in virtual\nmachine time. You can delete snapshots while a VM is running to reclaim disk space.\n• Infrastructure consolidation. Virtualization can significantly reduce hardware and electricity costs. Most of the time, computers today only use a fraction of their potential power\nand run with low average system loads. A lot of hardware resources as well as electricity\nis thereby wasted. So, instead of running many such physical computers that are only partially used, one can pack many virtual machines onto a few powerful hosts and balance the\nloads between them.\n\n1.2 Some terminology\nWhen dealing with virtualization (and also for understanding the following chapters of this\ndocumentation), it helps to acquaint oneself with a bit of crucial terminology, especially the\nfollowing terms:\nHost operating system (host OS). This is the operating system of the physical computer on\nwhich VirtualBox was installed. There are versions of VirtualBox for Windows, Mac OS\nX, Linux and Solaris hosts; for details, please see chapter 1.4, Supported host operating\nsystems, page 15.\nMost of the time, this User Manual discusses all VirtualBox versions together. There may\nbe platform-specific differences which we will point out where appropriate.\nGuest operating system (guest OS). This is the operating system that is running inside the\nvirtual machine. Theoretically, VirtualBox can run any x86 operating system (DOS, Windows, OS/2, FreeBSD, OpenBSD), but to achieve near-native performance of the guest\ncode on your machine, we had to go through a lot of optimizations that are specific to\ncertain operating systems. So while your favorite operating system may run as a guest, we\n\n12\n\n\f1 First steps\nofficially support and optimize for a select few (which, however, include the most common\nones).\nSee chapter 3.1, Supported guest operating systems, page 45 for details.\nVirtual machine (VM). This is the special environment that VirtualBox creates for your guest\noperating system while it is running. In other words, you run your guest operating system\n“in” a VM. Normally, a VM will be shown as a window on your computer’s desktop, but\ndepending on which of the various frontends of VirtualBox you use, it can be displayed in\nfull screen mode or remotely on another computer.\nIn a more abstract way, internally, VirtualBox thinks of a VM as a set of parameters that\ndetermine its behavior. They include hardware settings (how much memory the VM should\nhave, what hard disks VirtualBox should virtualize through which container files, what CDs\nare mounted etc.) as well as state information (whether the VM is currently running, saved,\nits snapshots etc.). These settings are mirrored in the VirtualBox Manager window as well\nas the VBoxManage command line program; see chapter 8, VBoxManage, page 117. In other\nwords, a VM is also what you can see in its settings dialog.\nGuest Additions. This refers to special software packages which are shipped with VirtualBox\nbut designed to be installed inside a VM to improve performance of the guest OS and to\nadd extra features. This is described in detail in chapter 4, Guest Additions, page 61.\n\n1.3 Features overview\nHere’s a brief outline of VirtualBox’s main features:\n• Portability. VirtualBox runs on a large number of 32-bit and 64-bit host operating systems\n(again, see chapter 1.4, Supported host operating systems, page 15 for details).\nVirtualBox is a so-called “hosted” hypervisor (sometimes referred to as a “type 2” hypervisor). Whereas a “bare-metal” or “type 1” hypervisor would run directly on the hardware,\nVirtualBox requires an existing operating system to be installed. It can thus run alongside\nexisting applications on that host.\nTo a very large degree, VirtualBox is functionally identical on all of the host platforms, and\nthe same file and image formats are used. This allows you to run virtual machines created\non one host on another host with a different host operating system; for example, you can\ncreate a virtual machine on Windows and then run it under Linux.\nIn addition, virtual machines can easily be imported and exported using the Open Virtualization Format (OVF, see chapter 1.14, Importing and exporting virtual machines, page 31),\nan industry standard created for this purpose. You can even import OVFs that were created\nwith a different virtualization software.\n• No hardware virtualization required. For many scenarios, VirtualBox does not require\nthe processor features built into newer hardware like Intel VT-x or AMD-V. As opposed\nto many other virtualization solutions, you can therefore use VirtualBox even on older\nhardware where these features are not present. The technical details are explained in\nchapter 10.3, Hardware vs. software virtualization, page 222.\n• Guest Additions: shared folders, seamless windows, 3D virtualization. The VirtualBox\nGuest Additions are software packages which can be installed inside of supported guest\nsystems to improve their performance and to provide additional integration and communication with the host system. After installing the Guest Additions, a virtual machine will support automatic adjustment of video resolutions, seamless windows, accelerated 3D graphics\nand more. The Guest Additions are described in detail in chapter 4, Guest Additions, page\n61.\n\n13\n\n\f1 First steps\nIn particular, Guest Additions provide for “shared folders”, which let you access files from\nthe host system from within a guest machine. Shared folders are described in chapter 4.3,\nShared folders, page 71.\n• Great hardware support. Among others, VirtualBox supports:\n– Guest multiprocessing (SMP). VirtualBox can present up to 32 virtual CPUs to each\nvirtual machine, irrespective of how many CPU cores are physically present on your\nhost.\n– USB device support. VirtualBox implements a virtual USB controller and allows you\nto connect arbitrary USB devices to your virtual machines without having to install\ndevice-specific drivers on the host. USB support is not limited to certain device categories. For details, see chapter 3.10.1, USB settings, page 57.\n– Hardware compatibility. VirtualBox virtualizes a vast array of virtual devices, among\nthem many devices that are typically provided by other virtualization platforms. That\nincludes IDE, SCSI and SATA hard disk controllers, several virtual network cards and\nsound cards, virtual serial and parallel ports and an Input/Output Advanced Programmable Interrupt Controller (I/O APIC), which is found in many modern PC systems. This eases cloning of PC images from real machines and importing of third-party\nvirtual machines into VirtualBox.\n– Full ACPI support. The Advanced Configuration and Power Interface (ACPI) is fully\nsupported by VirtualBox. This eases cloning of PC images from real machines or thirdparty virtual machines into VirtualBox. With its unique ACPI power status support,\nVirtualBox can even report to ACPI-aware guest operating systems the power status\nof the host. For mobile systems running on battery, the guest can thus enable energy\nsaving and notify the user of the remaining power (e.g. in full screen modes).\n– Multiscreen resolutions. VirtualBox virtual machines support screen resolutions\nmany times that of a physical screen, allowing them to be spread over a large number\nof screens attached to the host system.\n– Built-in iSCSI support. This unique feature allows you to connect a virtual machine\ndirectly to an iSCSI storage server without going through the host system. The VM\naccesses the iSCSI target directly without the extra overhead that is required for virtualizing hard disks in container files. For details, see chapter 5.10, iSCSI servers, page\n94.\n– PXE Network boot. The integrated virtual network cards of VirtualBox fully support\nremote booting via the Preboot Execution Environment (PXE).\n• Multigeneration branched snapshots. VirtualBox can save arbitrary snapshots of the\nstate of the virtual machine. You can go back in time and revert the virtual machine to any\nsuch snapshot and start an alternative VM configuration from there, effectively creating a\nwhole snapshot tree. For details, see chapter 1.10, Snapshots, page 26. You can create and\ndelete snapshots while the virtual machine is running.\n• VM groups. VirtualBox provides a groups feature that enables the user to organize and\ncontrol virtual machines collectively, as well as individually. In addition to basic groups, it\nis also possible for any VM to be in more than one group, and for groups to be nested in\na hierarchy – i.e. groups of groups. In general, the operations that can be performed on\ngroups are the same as those that can be applied to individual VMs i.e. Start, Pause, Reset,\nClose (Save state, Send Shutdown, Poweroff), Discard Saved State, Show in fileSystem,\nSort.\n• Clean architecture; unprecedented modularity. VirtualBox has an extremely modular\ndesign with well-defined internal programming interfaces and a clean separation of client\nand server code. This makes it easy to control it from several interfaces at once: for\n\n14\n\n\f1 First steps\nexample, you can start a VM simply by clicking on a button in the VirtualBox graphical\nuser interface and then control that machine from the command line, or even remotely.\nSee chapter 1.16, Alternative front-ends, page 32 for details.\nDue to its modular architecture, VirtualBox can also expose its full functionality and configurability through a comprehensive software development kit (SDK), which allows for\nintegrating every aspect of VirtualBox with other software systems. Please see chapter 11,\nVirtualBox programming interfaces, page 228 for details.\n• Remote machine display. The VirtualBox Remote Desktop Extension (VRDE) allows for\nhigh-performance remote access to any running virtual machine. This extension supports\nthe Remote Desktop Protocol (RDP) originally built into Microsoft Windows, with special\nadditions for full client USB support.\nThe VRDE does not rely on the RDP server that is built into Microsoft Windows; instead, it\nis plugged directly into the virtualization layer. As a result, it works with guest operating\nsystems other than Windows (even in text mode) and does not require application support\nin the virtual machine either. The VRDE is described in detail in chapter 7.1, Remote display\n(VRDP support), page 107.\nOn top of this special capacity, VirtualBox offers you more unique features:\n– Extensible RDP authentication. VirtualBox already supports Winlogon on Windows\nand PAM on Linux for RDP authentication. In addition, it includes an easy-to-use SDK\nwhich allows you to create arbitrary interfaces for other methods of authentication;\nsee chapter 7.1.5, RDP authentication, page 111 for details.\n– USB over RDP. Via RDP virtual channel support, VirtualBox also allows you to connect\narbitrary USB devices locally to a virtual machine which is running remotely on a\nVirtualBox RDP server; see chapter 7.1.4, Remote USB, page 111 for details.\n\n1.4 Supported host operating systems\nCurrently, VirtualBox runs on the following host operating systems:\n• Windows hosts:\n– Windows Vista SP1 and later (32-bit and 64-bit1 ).\n– Windows Server 2008 (64-bit)\n– Windows Server 2008 R2 (64-bit)\n– Windows 7 (32-bit and 64-bit)\n– Windows 8 (32-bit and 64-bit)\n– Windows 8.1 (32-bit and 64-bit)\n– Windows 10 RTM build 10240 (32-bit and 64-bit)\n– Windows Server 2012 (64-bit)\n– Windows Server 2012 R2 (64-bit)\n• Mac OS X hosts (64-bit):2\n– 10.8 (Mountain Lion)\n– 10.9 (Mavericks)\n1 Support\n\nfor 64-bit Windows was added with VirtualBox 1.5.\nMac OS X support (beta stage) was added with VirtualBox 1.4, full support with 1.6. Mac OS X 10.4\n(Tiger) support was removed with VirtualBox 3.1. Mac OS X 10.7 (Lion) and earlier was removed with VirtualBox\n5.0.\n\n2 Preliminary\n\n15\n\n\f1 First steps\n– 10.10 (Yosemite)\n– 10.11 (El Capitan)\nIntel hardware is required; please see chapter 14, Known limitations, page 252 also.\n• Linux hosts (32-bit and 64-bit3 ). Among others, this includes:\n– Ubuntu 10.04 to 15.04\n– Debian GNU/Linux 6.0 (“Squeeze”) and 8.0 (“Jessie”)\n– Oracle Enterprise Linux 5, Oracle Linux 6 and 7\n– Redhat Enterprise Linux 5, 6 and 7\n– Fedora Core / Fedora 6 to 22\n– Gentoo Linux\n– openSUSE 11.4, 12.1, 12.2, 13.1\n– Mandriva 2011\nIt should be possible to use VirtualBox on most systems based on Linux kernel 2.6 or\n3.x using either the VirtualBox installer or by doing a manual installation; see chapter\n2.3, Installing on Linux hosts, page 37. However, the formally tested and supported Linux\ndistributions are those for which we offer a dedicated package.\nNote that starting with VirtualBox 2.1, Linux 2.4-based host operating systems are no\nlonger supported.\n• Solaris hosts (64-bit only) are supported with the restrictions listed in chapter 14, Known\nlimitations, page 252:\n– Solaris 11\n– Solaris 10 (U10 and higher)\nNote that the above list is informal. Oracle support for customers who have a support contract\nis limited to a subset of the listed host operating systems. Also, any feature which is marked as\nexperimental is not supported. Feedback and suggestions about such features are welcome.\n\n1.5 Installing VirtualBox and extension packs\nVirtualBox comes in many different packages, and installation depends on your host operating\nsystem. If you have installed software before, installation should be straightforward: on each\nhost platform, VirtualBox uses the installation method that is most common and easy to use. If\nyou run into trouble or have special requirements, please refer to chapter 2, Installation details,\npage 34 for details about the various installation methods.\nStarting with version 4.0, VirtualBox is split into several components.\n1. The base package consists of all open-source components and is licensed under the GNU\nGeneral Public License V2.\n2. Additional extension packs can be downloaded which extend the functionality of the\nVirtualBox base package. Currently, Oracle provides the one extension pack, which can\nbe found at http://www.virtualbox.org and provides the following added functionality:\na) The virtual USB 2.0 (EHCI) device; see chapter 3.10.1, USB settings, page 57.\nb) The virtual USB 3.0 (xHCI) device; see chapter 3.10.1, USB settings, page 57.\n3 Support\n\nfor 64-bit Linux was added with VirtualBox 1.4.\n\n16\n\n\f1 First steps\nc) VirtualBox Remote Desktop Protocol (VRDP) support; see chapter 7.1, Remote display\n(VRDP support), page 107.\nd) Host webcam passthrough; see chapter chapter 9.7.1, Using a host webcam in the\nguest, page 183.\ne) Intel PXE boot ROM.\nf) Experimental support for PCI passthrough on Linux hosts; see chapter 9.6, PCI\npassthrough, page 182.\ng) Disk image encryption with AES algorithm; see chapter 9.31, Encryption of disk images, page 214.\nVirtualBox extension packages have a .vbox-extpack file name extension. To install an\nextension, simply double-click on the package file and a Network Operations Manager\nwindow will appear, guiding you through the required steps.\nTo view the extension packs that are currently installed, please start the VirtualBox Manager (see the next section). From the “File” menu, please select “Preferences”. In the\nwindow that shows up, go to the “Extensions” category which shows you the extensions\nwhich are currently installed and allows you to remove a package or add a new one.\nAlternatively you can use VBoxManage on the command line: see chapter 8.36, VBoxManage extpack, page 171 for details.\n\n1.6 Starting VirtualBox\nAfter installation, you can start VirtualBox as follows:\n• On a Windows host, in the standard “Programs” menu, click on the item in the “VirtualBox”\ngroup. On Vista or Windows 7, you can also type “VirtualBox” in the search box of the\n“Start” menu.\n• On a Mac OS X host, in the Finder, double-click on the “VirtualBox” item in the “Applications” folder. (You may want to drag this item onto your Dock.)\n• On a Linux or Solaris host, depending on your desktop environment, a “VirtualBox” item\nmay have been placed in either the “System” or “System Tools” group of your “Applications”\nmenu. Alternatively, you can type VirtualBox in a terminal.\nWhen you start VirtualBox for the first time, a window like the following should come up:\n\n17\n\n\f1 First steps\nThis window is called the “VirtualBox Manager”. On the left, you can see a pane that will later\nlist all your virtual machines. Since you have not created any, the list is empty. A row of buttons\nabove it allows you to create new VMs and work on existing VMs, once you have some. The pane\non the right displays the properties of the virtual machine currently selected, if any. Again, since\nyou don’t have any machines yet, the pane displays a welcome message.\nTo give you an idea what VirtualBox might look like later, after you have created many machines, here’s another example:\n\n1.7 Creating your first virtual machine\nClick on the “New” button at the top of the VirtualBox Manager window. A wizard will pop up\nto guide you through setting up a new virtual machine (VM):\n\nOn the following pages, the wizard will ask you for the bare minimum of information that is\nneeded to create a VM, in particular:\n1. The VM name will later be shown in the VM list of the VirtualBox Manager window, and\nit will be used for the VM’s files on disk. Even though any name could be used, keep in\n\n18\n\n\f1 First steps\nmind that once you have created a few VMs, you will appreciate if you have given your\nVMs rather informative names; “My VM” would thus be less useful than “Windows XP SP2\nwith OpenOffice”.\n2. For “Operating System Type”, select the operating system that you want to install later.\nThe supported operating systems are grouped; if you want to install something very unusual that is not listed, select “Other”. Depending on your selection, VirtualBox will enable\nor disable certain VM settings that your guest operating system may require. This is particularly important for 64-bit guests (see chapter 3.1.2, 64-bit guests, page 46). It is therefore\nrecommended to always set it to the correct value.\n3. On the next page, select the memory (RAM) that VirtualBox should allocate every time\nthe virtual machine is started. The amount of memory given here will be taken away from\nyour host machine and presented to the guest operating system, which will report this size\nas the (virtual) computer’s installed RAM.\nNote: Choose this setting carefully! The memory you give to the VM will not be\navailable to your host OS while the VM is running, so do not specify more than you can\nspare. For example, if your host machine has 1 GB of RAM and you enter 512 MB as\nthe amount of RAM for a particular virtual machine, while that VM is running, you will\nonly have 512 MB left for all the other software on your host. If you run two VMs at\nthe same time, even more memory will be allocated for the second VM (which may not\neven be able to start if that memory is not available). On the other hand, you should\nspecify as much as your guest OS (and your applications) will require to run properly.\nA Windows XP guest will require at least a few hundred MB RAM to run properly, and\nWindows Vista will even refuse to install with less than 512 MB. Of course, if you want to\nrun graphics-intensive applications in your VM, you may require even more RAM.\nSo, as a rule of thumb, if you have 1 GB of RAM or more in your host computer, it is usually\nsafe to allocate 512 MB to each VM. But, in any case, make sure you always have at least\n256 to 512 MB of RAM left on your host operating system. Otherwise you may cause your\nhost OS to excessively swap out memory to your hard disk, effectively bringing your host\nsystem to a standstill.\nAs with the other settings, you can change this setting later, after you have created the VM.\n4. Next, you must specify a virtual hard disk for your VM.\nThere are many and potentially complicated ways in which VirtualBox can provide hard\ndisk space to a VM (see chapter 5, Virtual storage, page 83 for details), but the most\ncommon way is to use a large image file on your “real” hard disk, whose contents VirtualBox\npresents to your VM as if it were a complete hard disk. This file represents an entire hard\ndisk then, so you can even copy it to another host and use it with another VirtualBox\ninstallation.\nThe wizard shows you the following window:\n\n19\n\n\f1 First steps\n\nHere you have the following options:\n• To create a new, empty virtual hard disk, press the “New” button.\n• You can pick an existing disk image file.\nThe drop-down list presented in the window contains all disk images which are currently remembered by VirtualBox, probably because they are currently attached to a\nvirtual machine (or have been in the past).\nAlternatively, you can click on the small folder button next to the drop-down list to\nbring up a standard file dialog, which allows you to pick any disk image file on your\nhost disk.\nMost probably, if you are using VirtualBox for the first time, you will want to create a new\ndisk image. Hence, press the “New” button.\nThis brings up another window, the “Create New Virtual Disk Wizard”, which helps you\ncreate a new disk image file in the new virtual machine’s folder.\nVirtualBox supports two types of image files:\n• A dynamically allocated file will only grow in size when the guest actually stores\ndata on its virtual hard disk. It will therefore initially be small on the host hard drive\nand only later grow to the size specified as it is filled with data.\n• A fixed-size file will immediately occupy the file specified, even if only a fraction of\nthe virtual hard disk space is actually in use. While occupying much more space, a\nfixed-size file incurs less overhead and is therefore slightly faster than a dynamically\nallocated file.\nFor details about the differences, please refer to chapter 5.2, Disk image files (VDI, VMDK,\nVHD, HDD), page 86.\nTo prevent your physical hard disk from running full, VirtualBox limits the size of the image\nfile. Still, it needs to be large enough to hold the contents of your operating system and the\napplications you want to install – for a modern Windows or Linux guest, you will probably\nneed several gigabytes for any serious use. The limit of the image file size can be changed\nlater (see chapter 8.23, VBoxManage modifyhd, page 150 for details).\n\n20\n\n\f1 First steps\n\nAfter having selected or created your image file, again press “Next” to go to the next page.\n5. After clicking on “Finish”, your new virtual machine will be created. You will then see it\nin the list on the left side of the Manager window, with the name you entered initially.\n\nNote: After becoming familiar with the use of wizards, consider using the Expert Mode\navailable in some wizards. Where available, this is selectable using a button, and\nspeeds up user processes using wizards.\n\n1.8 Running your virtual machine\nTo start a virtual machine, you have several options:\n• Double-click on its entry in the list within the Manager window or\n• select its entry in the list in the Manager window it and press the “Start” button at the top\nor\n• for virtual machines created with VirtualBox 4.0 or later, navigate to the “VirtualBox VMs”\nfolder in your system user’s home directory, find the subdirectory of the machine you want\nto start and double-click on the machine settings file (with a .vbox file extension).\nThis opens up a new window, and the virtual machine which you selected will boot up. Everything which would normally be seen on the virtual system’s monitor is shown in the window, as\ncan be seen with the image in chapter 1.2, Some terminology, page 12.\nIn general, you can use the virtual machine much like you would use a real computer. There\nare couple of points worth mentioning however.\n\n1.8.1 Starting a new VM for the first time\nWhen a VM gets started for the first time, another wizard – the “First Start Wizard” – will\npop up to help you select an installation medium. Since the VM is created empty, it would\notherwise behave just like a real computer with no operating system installed: it will do nothing\nand display an error message that no bootable operating system was found.\nFor this reason, the wizard helps you select a medium to install an operating system from.\n\n21\n\n\f1 First steps\n• If you have physical CD or DVD media from which you want to install your guest operating\nsystem (e.g. in the case of a Windows installation CD or DVD), put the media into your\nhost’s CD or DVD drive.\nThen, in the wizard’s drop-down list of installation media, select “Host drive” with the\ncorrect drive letter (or, in the case of a Linux host, device file). This will allow your VM to\naccess the media in your host drive, and you can proceed to install from there.\n• If you have downloaded installation media from the Internet in the form of an ISO image\nfile (most probably in the case of a Linux distribution), you would normally burn this file\nto an empty CD or DVD and proceed as just described. With VirtualBox however, you can\nskip this step and mount the ISO file directly. VirtualBox will then present this file as a CD\nor DVD-ROM drive to the virtual machine, much like it does with virtual hard disk images.\nFor this case, the wizard’s drop-down list contains a list of installation media that were\npreviously used with VirtualBox.\nIf your medium is not in the list (especially if you are using VirtualBox for the first time),\nselect the small folder icon next to the drop-down list to bring up a standard file dialog,\nwith which you can pick the image file on your host disks.\nIn both cases, after making the choices in the wizard, you will be able to install your operating\nsystem.\n\n1.8.2 Capturing and releasing keyboard and mouse\nAs of version 3.2, VirtualBox provides a virtual USB tablet device to new virtual machines through\nwhich mouse events are communicated to the guest operating system. As a result, if you are\nrunning a modern guest operating system that can handle such devices, mouse support may\nwork out of the box without the mouse being “captured” as described below; see chapter 3.4.1,\n“Motherboard” tab, page 49 for more information.\nOtherwise, if the virtual machine only sees standard PS/2 mouse and keyboard devices, since\nthe operating system in the virtual machine does not “know” that it is not running on a real\ncomputer, it expects to have exclusive control over your keyboard and mouse. This is, however,\nnot the case since, unless you are running the VM in full screen mode, your VM needs to share\nkeyboard and mouse with other applications and possibly other VMs on your host.\nAs a result, initially after installing a guest operating system and before you install the Guest\nAdditions (we will explain this in a minute), only one of the two – your VM or the rest of your\ncomputer – can “own” the keyboard and the mouse. You will see a second mouse pointer which\nwill always be confined to the limits of the VM window. Basically, you activate the VM by clicking\ninside it.\nTo return ownership of keyboard and mouse to your host operating system, VirtualBox reserves\na special key on your keyboard for itself: the “host key”. By default, this is the right Control\nkey on your keyboard; on a Mac host, the default host key is the left Command key. You can\nchange this default in the VirtualBox Global Settings, see chapter 1.15, Global Settings, page 32.\nIn any case, the current setting for the host key is always displayed at the bottom right of your\nVM window, should you have forgotten about it:\n\nIn detail, all this translates into the following:\n\n22\n\n\f1 First steps\n• Your keyboard is owned by the VM if the VM window on your host desktop has the keyboard focus (and then, if you have many windows open in your guest operating system\nas well, the window that has the focus in your VM). This means that if you want to type\nwithin your VM, click on the title bar of your VM window first.\nTo release keyboard ownership, press the Host key (as explained above, typically the right\nControl key).\nNote that while the VM owns the keyboard, some key sequences (like Alt-Tab for example)\nwill no longer be seen by the host, but will go to the guest instead. After you press the\nhost key to re-enable the host keyboard, all key presses will go through the host again, so\nthat sequences like Alt-Tab will no longer reach the guest. For technical reasons it may\nnot be possible for the VM to get all keyboard input even when it does own the keyboard.\nExamples of this are the Ctrl-Alt-Del sequence on Windows hosts or single keys grabbed by\nother applications on X11 hosts like the GNOME desktop’s “Control key highlights mouse\npointer” functionality.\n• Your mouse is owned by the VM only after you have clicked in the VM window. The host\nmouse pointer will disappear, and your mouse will drive the guest’s pointer instead of your\nnormal mouse pointer.\nNote that mouse ownership is independent of that of the keyboard: even after you have\nclicked on a titlebar to be able to type into the VM window, your mouse is not necessarily\nowned by the VM yet.\nTo release ownership of your mouse by the VM, also press the Host key.\nAs this behavior can be inconvenient, VirtualBox provides a set of tools and device drivers\nfor guest systems called the “VirtualBox Guest Additions” which make VM keyboard and mouse\noperation a lot more seamless. Most importantly, the Additions will get rid of the second “guest”\nmouse pointer and make your host mouse pointer work directly in the guest.\nThis will be described later in chapter 4, Guest Additions, page 61.\n\n1.8.3 Typing special characters\nOperating systems expect certain key combinations to initiate certain procedures. Some of these\nkey combinations may be difficult to enter into a virtual machine, as there are three candidates\nas to who receives keyboard input: the host operating system, VirtualBox, or the guest operating\nsystem. Who of these three receives keypresses depends on a number of factors, including the\nkey itself.\n• Host operating systems reserve certain key combinations for themselves. For example, it\nis impossible to enter the Ctrl+Alt+Delete combination if you want to reboot the guest\noperating system in your virtual machine, because this key combination is usually hardwired into the host OS (both Windows and Linux intercept this), and pressing this key\ncombination will therefore reboot your host.\nAlso, on Linux and Solaris hosts, which use the X Window System, the key combination\nCtrl+Alt+Backspace normally resets the X server (to restart the entire graphical user\ninterface in case it got stuck). As the X server intercepts this combination, pressing it will\nusually restart your host graphical user interface (and kill all running programs, including\nVirtualBox, in the process).\nThird, on Linux hosts supporting virtual terminals, the key combination Ctrl+Alt+Fx\n(where Fx is one of the function keys from F1 to F12) normally allows to switch between\nvirtual terminals. As with Ctrl+Alt+Delete, these combinations are intercepted by the host\noperating system and therefore always switch terminals on the host.\nIf, instead, you want to send these key combinations to the guest operating system in the\nvirtual machine, you will need to use one of the following methods:\n\n23\n\n\f1 First steps\n– Use the items in the “Machine” menu of the virtual machine window. There you will\nfind “Insert Ctrl+Alt+Delete” and “Ctrl+Alt+Backspace”; the latter will only have an\neffect with Linux or Solaris guests, however.\n– Press special key combinations with the Host key (normally the right Control key),\nwhich VirtualBox will then translate for the virtual machine:\n∗ Host key + Del to send Ctrl+Alt+Del (to reboot the guest);\n∗ Host key + Backspace to send Ctrl+Alt+Backspace (to restart the graphical user\ninterface of a Linux or Solaris guest);\n∗ Host key + F1 (or other function keys) to simulate Ctrl+Alt+F1 (or other function keys, i.e. to switch between virtual terminals in a Linux guest).\n• For some other keyboard combinations such as Alt-Tab (to switch between open windows),\nVirtualBox allows you to configure whether these combinations will affect the host or the\nguest, if a virtual machine currently has the focus. This is a global setting for all virtual\nmachines and can be found under “File” -> “Preferences” -> “Input” -> “Auto-capture\nkeyboard”.\n\n1.8.4 Changing removable media\nWhile a virtual machine is running, you can change removable media in the “Devices” menu of\nthe VM’s window. Here you can select in detail what VirtualBox presents to your VM as a CD,\nDVD, or floppy.\nThe settings are the same as would be available for the VM in the “Settings” dialog of the\nVirtualBox main window, but since that dialog is disabled while the VM is in the “running” or\n“saved” state, this extra menu saves you from having to shut down and restart the VM every time\nyou want to change media.\nHence, in the “Devices” menu, VirtualBox allows you to attach the host drive to the guest or\nselect a floppy or DVD image using the Disk Image Manager, all as described in chapter 1.11,\nVirtual machine configuration, page 29.\n\n1.8.5 Resizing the machine’s window\nYou can resize the virtual machine’s window when it is running. In that case, one of three things\nwill happen:\n1. If you have “scale mode” enabled, then the virtual machine’s screen will be scaled to the\nsize of the window. This can be useful if you have many machines running and want to\nhave a look at one of them while it is running in the background. Alternatively, it might\nbe useful to enlarge a window if the VM’s output screen is very small, for example because\nyou are running an old operating system in it.\nTo enable scale mode, press the host key + C, or select “Scale mode” from the “Machine”\nmenu in the VM window. To leave scale mode, press the host key + C again.\nThe aspect ratio of the guest screen is preserved when resizing the window. To ignore the\naspect ratio, press Shift during the resize operation.\nPlease see chapter 14, Known limitations, page 252 for additional remarks.\n2. If you have the Guest Additions installed and they support automatic resizing, the Guest\nAdditions will automatically adjust the screen resolution of the guest operating system. For\nexample, if you are running a Windows guest with a resolution of 1024x768 pixels and you\nthen resize the VM window to make it 100 pixels wider, the Guest Additions will change\nthe Windows display resolution to 1124x768.\nPlease see chapter 4, Guest Additions, page 61 for more information about the Guest Additions.\n\n24\n\n\f1 First steps\n3. Otherwise, if the window is bigger than the VM’s screen, the screen will be centered. If it\nis smaller, then scroll bars will be added to the machine window.\n\n1.8.6 Saving the state of the machine\nWhen you click on the “Close” button of your virtual machine window (at the top right of the window, just like you would close any other window on your system), VirtualBox asks you whether\nyou want to “save” or “power off” the VM. (As a shortcut, you can also press the Host key together\nwith “Q”.)\n\nThe difference between these three options is crucial. They mean:\n• Save the machine state: With this option, VirtualBox “freezes” the virtual machine by\ncompletely saving its state to your local disk.\nWhen you start the VM again later, you will find that the VM continues exactly where it\nwas left off. All your programs will still be open, and your computer resumes operation.\nSaving the state of a virtual machine is thus in some ways similar to suspending a laptop\ncomputer (e.g. by closing its lid).\n• Send the shutdown signal. This will send an ACPI shutdown signal to the virtual machine,\nwhich has the same effect as if you had pressed the power button on a real computer. So\nlong as the VM is running a fairly modern operating system, this should trigger a proper\nshutdown mechanism from within the VM.\n• Power off the machine: With this option, VirtualBox also stops running the virtual machine, but without saving its state.\nWarning: This is equivalent to pulling the power plug on a real computer without\nshutting it down properly. If you start the machine again after powering it off, your\noperating system will have to reboot completely and may begin a lengthy check of\nits (virtual) system disks. As a result, this should not normally be done, since it can\npotentially cause data loss or an inconsistent state of the guest system on disk.\nAs an exception, if your virtual machine has any snapshots (see the next chapter), you can\nuse this option to quickly restore the current snapshot of the virtual machine. In that\ncase, powering off the machine will not disrupt its state, but any changes made since that\nsnapshot was taken will be lost.\nThe “Discard” button in the VirtualBox Manager window discards a virtual machine’s saved\nstate. This has the same effect as powering it off, and the same warnings apply.\n\n25\n\n\f1 First steps\n\n1.9 Using VM groups\nVM groups enable the user to create ad hoc groups of VMs, and to manage and perform functions\non them collectively, as well as individually. There are a number of features relating to groups:\n1. Create a group using GUI option 1) Drag one VM on top of another VM.\nCreate a group using GUI option 2) Select multiple VMs and select “Group” on the right\nclick menu, as follows:\n\n2. Command line option 1) Create a group and assign a VM:\nVBoxManage modifyvm \"Fred\" --groups \"/TestGroup\"\n\ncreates a group “TestGroup” and attaches the VM “Fred” to that group.\nCommand line option 2) Detach a VM from the group, and delete the group if empty:\nVBoxManage modifyvm \"Fred\" --groups \"\"\n\nIt detaches all groups from the VM “Fred” and deletes the empty group.\n3. Multiple groups e.g.:\nVBoxManage modifyvm \"Fred\" --groups \"/TestGroup,/TestGroup2\"\n\nIt creates the groups “TestGroup” and “TestGroup2” (if they don’t exist yet) and attaches\nthe VM “Fred” to both of them.\n4. Nested groups – hierarchy of groups e.g.:\nVBoxManage modifyvm \"Fred\" --groups \"/TestGroup/TestGroup2\"\n\nIt attaches the VM “Fred” to the subgroup “TestGroup2” of the “TestGroup” group.\n5. Summary of group commands: Start, Pause, Reset, Close (save state, send shutdown signal,\npoweroff), Discard Saved State, Show in File System, Sort.\n\n1.10 Snapshots\nWith snapshots, you can save a particular state of a virtual machine for later use. At any later\ntime, you can revert to that state, even though you may have changed the VM considerably since\nthen. A snapshot of a virtual machine is thus similar to a machine in “saved” state, as described\nabove, but there can be many of them, and these saved states are preserved.\n\n26\n\n\f1 First steps\nYou can see the snapshots of a virtual machine by first selecting a machine in the VirtualBox\nManager and then clicking on the “Snapshots” button at the top right. Until you take a snapshot\nof the machine, the list of snapshots will be empty except for the “Current state” item, which\nrepresents the “Now” point in the lifetime of the virtual machine.\n\n1.10.1 Taking, restoring and deleting snapshots\nThere are three operations related to snapshots:\n1. You can take a snapshot. This makes a copy of the machine’s current state, to which you\ncan go back at any given time later.\n• If your VM is currently running, select “Take snapshot” from the “Machine” pull-down\nmenu of the VM window.\n• If your VM is currently in either the “saved” or the “powered off” state (as displayed\nnext to the VM in the VirtualBox main window), click on the “Snapshots” tab on the\ntop right of the main window, and then\n– either on the small camera icon (for “Take snapshot”) or\n– right-click on the “Current State” item in the list and select “Take snapshot” from\nthe menu.\nIn any case, a window will pop up and ask you for a snapshot name. This name is purely\nfor reference purposes to help you remember the state of the snapshot. For example, a\nuseful name would be “Fresh installation from scratch, no Guest Additions”, or “Service\nPack 3 just installed”. You can also add a longer text in the “Description” field if you want.\nYour new snapshot will then appear in the snapshots list. Underneath your new snapshot,\nyou will see an item called “Current state”, signifying that the current state of your VM is\na variation based on the snapshot you took earlier. If you later take another snapshot, you\nwill see that they will be displayed in sequence, and each subsequent snapshot is derived\nfrom an earlier one:\n\n27\n\n\f1 First steps\nVirtualBox imposes no limits on the number of snapshots you can take. The only practical\nlimitation is disk space on your host: each snapshot stores the state of the virtual machine\nand thus occupies some disk space. (See the next section for details on what exactly is\nstored in a snapshot.)\n2. You can restore a snapshot by right-clicking on any snapshot you have taken in the list\nof snapshots. By restoring a snapshot, you go back (or forward) in time: the current state\nof the machine is lost, and the machine is restored to the exact state it was in when the\nsnapshot was taken.4\nNote: Restoring a snapshot will affect the virtual hard drives that are connected to your\nVM, as the entire state of the virtual hard drive will be reverted as well. This means also\nthat all files that have been created since the snapshot and all other file changes will be\nlost. In order to prevent such data loss while still making use of the snapshot feature, it\nis possible to add a second hard drive in “write-through” mode using the VBoxManage\ninterface and use it to store your data. As write-through hard drives are not included in\nsnapshots, they remain unaltered when a machine is reverted. See chapter 5.4, Special\nimage write modes, page 88 for details.\nTo avoid losing the current state when restoring a snapshot, you can create a new snapshot\nbefore the restore.\nBy restoring an earlier snapshot and taking more snapshots from there, it is even possible\nto create a kind of alternate reality and to switch between these different histories of the\nvirtual machine. This can result in a whole tree of virtual machine snapshots, as shown in\nthe screenshot above.\n3. You can also delete a snapshot, which will not affect the state of the virtual machine, but\nonly release the files on disk that VirtualBox used to store the snapshot data, thus freeing\ndisk space. To delete a snapshot, right-click on it in the snapshots tree and select “Delete”.\nAs of VirtualBox 3.2, snapshots can be deleted even while a machine is running.\nNote: Whereas taking and restoring snapshots are fairly quick operations, deleting a\nsnapshot can take a considerable amount of time since large amounts of data may need\nto be copied between several disk image files. Temporary disk files may also need large\namounts of disk space while the operation is in progress.\nThere are some situations which cannot be handled while a VM is running, and you will\nget an appropriate message that you need to perform this snapshot deletion when the VM\nis shut down.\n\n1.10.2 Snapshot contents\nThink of a snapshot as a point in time that you have preserved. More formally, a snapshot consists\nof three things:\n• It contains a complete copy of the VM settings, including the hardware configuration, so\nthat when you restore a snapshot, the VM settings are restored as well. (For example, if\n4 Both the terminology and the functionality of restoring snapshots has changed with VirtualBox 3.1.\n\nBefore that version,\nit was only possible to go back to the very last snapshot taken – not earlier ones, and the operation was called “Discard\ncurrent state” instead of “Restore last snapshot”. The limitation has been lifted with version 3.1. It is now possible to\nrestore any snapshot, going backward and forward in time.\n\n28\n\n\f1 First steps\nyou changed the hard disk configuration or the VM’s system settings, that change is undone\nwhen you restore the snapshot.)\nThe copy of the settings is stored in the machine configuration, an XML text file, and thus\noccupies very little space.\n• The complete state of all the virtual disks attached to the machine is preserved. Going back\nto a snapshot means that all changes that had been made to the machine’s disks – file by\nfile, bit by bit – will be undone as well. Files that were since created will disappear, files\nthat were deleted will be restored, changes to files will be reverted.\n(Strictly speaking, this is only true for virtual hard disks in “normal” mode. As mentioned\nabove, you can configure disks to behave differently with snapshots; see chapter 5.4, Special\nimage write modes, page 88. Even more formally and technically correct, it is not the virtual\ndisk itself that is restored when a snapshot is restored. Instead, when a snapshot is taken,\nVirtualBox creates differencing images which contain only the changes since the snapshot\nwere taken, and when the snapshot is restored, VirtualBox throws away that differencing\nimage, thus going back to the previous state. This is both faster and uses less disk space.\nFor the details, which can be complex, please see chapter 5.5, Differencing images, page\n90.)\nCreating the differencing image as such does not occupy much space on the host disk\ninitially, since the differencing image will initially be empty (and grow dynamically later\nwith each write operation to the disk). The longer you use the machine after having created\nthe snapshot, however, the more the differencing image will grow in size.\n• Finally, if you took a snapshot while the machine was running, the memory state of the\nmachine is also saved in the snapshot (the same way the memory can be saved when you\nclose the VM window). When you restore such a snapshot, execution resumes at exactly\nthe point when the snapshot was taken.\nThe memory state file can be as large as the memory size of the virtual machine and will\ntherefore occupy quite some disk space as well.\n\n1.11 Virtual machine configuration\nWhen you select a virtual machine from the list in the Manager window, you will see a summary\nof that machine’s settings on the right.\nClicking on the “Settings” button in the toolbar at the top brings up a detailed window where\nyou can configure many of the properties of the selected VM. But be careful: even though it\nis possible to change all VM settings after installing a guest operating system, certain changes\nmight prevent a guest operating system from functioning correctly if done after installation.\nNote: The “Settings” button is disabled while a VM is either in the “running” or “saved”\nstate. This is simply because the settings dialog allows you to change fundamental\ncharacteristics of the virtual computer that is created for your guest operating system,\nand this operating system may not take it well when, for example, half of its memory\nis taken away from under its feet. As a result, if the “Settings” button is disabled, shut\ndown the current VM first.\nVirtualBox provides a plethora of parameters that can be changed for a virtual machine. The\nvarious settings that can be changed in the “Settings” window are described in detail in chapter\n3, Configuring virtual machines, page 45. Even more parameters are available with the VirtualBox\ncommand line interface; see chapter 8, VBoxManage, page 117.\n\n29\n\n\f1 First steps\n\n1.12 Removing virtual machines\nTo remove a virtual machine which you no longer need, right-click on it in the Manager’s VM list\nselect “Remove” from the context menu that comes up.\nA confirmation window will come up that allows you to select whether the machine should\nonly be removed from the list of machines or whether the files associated with it should also be\ndeleted.\nThe “Remove” menu item is disabled while a machine is running.\n\n1.13 Cloning virtual machines\nTo experiment with a VM configuration, test different guest OS levels or to simply backup a VM,\nVirtualBox can create a full or a linked copy of an existing VM.5\nA wizard will guide you through the clone process:\n\nThis wizard can be invoked from the context menu of the Manager’s VM list (select “Clone”) or\nthe “Snapshots” view of the selected VM. First choose a new name for the clone. When you select\nReinitialize the MAC address of all network cards every network card get a new MAC address\nassigned. This is useful when both, the source VM and the cloned VM, have to operate on the\nsame network. If you leave this unchanged, all network cards have the same MAC address like\nthe one in the source VM. Depending on how you invoke the wizard you have different choices\nfor the cloning operation. First you need to decide if the clone should be linked to the source VM\nor a fully independent clone should be created:\n• Full clone: In this mode all depending disk images are copied to the new VM folder. The\nclone can fully operate without the source VM.\n• Linked clone: In this mode new differencing disk images are created where the parent\ndisk images are the source disk images. If you selected the current state of the source VM\nas clone point, a new snapshot will be created implicitly.\nAfter selecting the clone mode, you need to decide about what exactly should be cloned. You\ncan always create a clone of the current state only or all. When you select all, the current state\nand in addition all snapshots are cloned. Have you started from a snapshot which has additional\nchildren, you can also clone the current state and all children. This creates a clone starting with\nthis snapshot and includes all child snaphots.\nThe clone operation itself can be a lengthy operation depending on the size and count of\nthe attached disk images. Also keep in mind that every snapshot has differencing disk images\nattached, which need to be cloned as well.\nThe “Clone” menu item is disabled while a machine is running.\nFor how to clone a VM at the command line, please see chapter 8.9, VBoxManage clonevm,\npage 139.\n5 Cloning\n\nsupport was introduced with VirtualBox 4.1.\n\n30\n\n\f1 First steps\n\n1.14 Importing and exporting virtual machines\nVirtualBox can import and export virtual machines in the industry-standard Open Virtualization\nFormat (OVF).6\nOVF is a cross-platform standard supported by many virtualization products which allows\nfor creating ready-made virtual machines that can then be imported into a virtualizer such as\nVirtualBox. VirtualBox makes OVF import and export easy to access and supports it from the\nManager window as well as its command-line interface. This allows for packaging so-called\nvirtual appliances: disk images together with configuration settings that can be distributed\neasily. This way one can offer complete ready-to-use software packages (operating systems with\napplications) that need no configuration or installation except for importing into VirtualBox.\nNote: The OVF standard is complex, and support in VirtualBox is an ongoing process.\nIn particular, no guarantee is made that VirtualBox supports all appliances created by\nother virtualization software. For a list of known limitations, please see chapter 14,\nKnown limitations, page 252.\nAppliances in OVF format can appear in two variants:\n1. They can come in several files, as one or several disk images, typically in the widely-used\nVMDK format (see chapter 5.2, Disk image files (VDI, VMDK, VHD, HDD), page 86) and a\ntextual description file in an XML dialect with an .ovf extension. These files must then\nreside in the same directory for VirtualBox to be able to import them.\n2. Alternatively, the above files can be packed together into a single archive file, typically\nwith an .ova extension. (Such archive files use a variant of the TAR archive format and\ncan therefore be unpacked outside of VirtualBox with any utility that can unpack standard\nTAR files.)\nTo import an appliance in one of the above formats, simply double-click on the OVF/OVA file.7\nAlternatively, select “File” -> “Import appliance” from the Manager window. In the file dialog\nthat comes up, navigate to the file with either the .ovf or the .ova file extension.\nIf VirtualBox can handle the file, a dialog similar to the following will appear:\n\n6 OVF\n\nsupport was originally introduced with VirtualBox 2.2 and has seen major improvements with every version since.\nwith version 4.0, VirtualBox creates file type associations for OVF and OVA files on your host operating system.\n\n7 Starting\n\n31\n\n\f1 First steps\nThis presents the virtual machines described in the OVF file and allows you to change the virtual machine settings by double-clicking on the description items. Once you click on “Import”,\nVirtualBox will copy the disk images and create local virtual machines with the settings described\nin the dialog. These will then show up in the Manager’s list of virtual machines.\nNote that since disk images tend to be big, and VMDK images that come with virtual appliances\nare typically shipped in a special compressed format that is unsuitable for being used by virtual\nmachines directly, the images will need to be unpacked and copied first, which can take a few\nminutes.\nFor how to import an image at the command line, please see chapter 8.10, VBoxManage import,\npage 140.\nConversely, to export virtual machines that you already have in VirtualBox, select “File” ->\n“Export appliance”. A different dialog window shows up that allows you to combine several\nvirtual machines into an OVF appliance. Then, select the target location where the target files\nshould be stored, and the conversion process begins. This can again take a while.\nFor how to export an image at the command line, please see chapter 8.11, VBoxManage export,\npage 141.\nNote: OVF cannot describe snapshots that were taken for a virtual machine. As a\nresult, when you export a virtual machine that has snapshots, only the current state of\nthe machine will be exported, and the disk images in the export will have a “flattened”\nstate identical to the current state of the virtual machine.\n\n1.15 Global Settings\nThe global settings dialog can be reached through the File menu, selecting the Preferences...\nitem. It offers a selection of settings which apply to all virtual machines of the current user or in\nthe case of Extensions to the entire system:\n1. General Enables the user to specify the default folder/directory for VM files, and the VRDP\nAuthentication Library.\n2. Input Enables the user to specify the Host Key. It identifies the key that toggles whether the\ncursor is in the focus of the VM or the Host operating system windows (see chapter 1.8.2,\nCapturing and releasing keyboard and mouse, page 22) and which is also used to trigger\ncertain VM actions (see chapter 1.8.3, Typing special characters, page 23)\n3. Update Enables the user to specify various settings for Automatic Updates.\n4. Language Enables the user to specify the GUI language.\n5. Display Enables the user to specify the screen resolution, and its width and height.\n6. Network Enables the user to configure the details of Host Only Networks.\n7. Extensions Enables the user to list and manage the installed extension packages.\n8. Proxy Enables the user to configure a HTTP Proxy Server.\n\n1.16 Alternative front-ends\nAs briefly mentioned in chapter 1.3, Features overview, page 13, VirtualBox has a very flexible\ninternal design that allows for using multiple interfaces to control the same virtual machines. To\nillustrate, you can, for example, start a virtual machine with the VirtualBox Manager window\n\n32\n\n\f1 First steps\nand then stop it from the command line. With VirtualBox’s support for the Remote Desktop\nProtocol (RDP), you can even run virtual machines remotely on a headless server and have all\nthe graphical output redirected over the network.\nIn detail, the following front-ends are shipped in the standard VirtualBox package:\n1. VirtualBox is the VirtualBox Manager. This graphical user interface uses the Qt toolkit;\nmost of this User Manual is dedicated to describing it. While this is the easiest to use, some\nof the more advanced VirtualBox features are kept away from it to keep it simple.\n2. VBoxManage is our command-line interface for automated and very detailed control of\nevery aspect of VirtualBox. It is described in chapter 8, VBoxManage, page 117.\n3. VBoxSDL is an alternative, simple graphical front-end with an intentionally limited feature set, designed to only display virtual machines that are controlled in detail with\nVBoxManage. This is interesting for business environments where displaying all the bells\nand whistles of the full GUI is not feasible. VBoxSDL is described in chapter 9.1, VBoxSDL,\nthe simplified VM displayer, page 173.\n4. Finally, VBoxHeadless is yet another front-end that produces no visible output on the host\nat all, but can act as a RDP server if the VirtualBox Remote Desktop Extension (VRDE) is\ninstalled and enabled for the VM. As opposed to the other graphical interfaces, the headless\nfront-end requires no graphics support. This is useful, for example, if you want to host your\nvirtual machines on a headless Linux server that has no X Window system installed. For\ndetails, see chapter 7.1.2, VBoxHeadless, the remote desktop server, page 108.\nIf the above front-ends still do not satisfy your particular needs, it is possible to create yet another\nfront-end to the complex virtualization engine that is the core of VirtualBox, as the VirtualBox\ncore neatly exposes all of its features in a clean API; please refer to chapter 11, VirtualBox\nprogramming interfaces, page 228.\n\n33\n\n\f2 Installation details\nAs installation of VirtualBox varies depending on your host operating system, we provide installation instructions in four separate chapters for Windows, Mac OS X, Linux and Solaris, respectively.\n\n2.1 Installing on Windows hosts\n2.1.1 Prerequisites\nFor the various versions of Windows that we support as host operating systems, please refer to\nchapter 1.4, Supported host operating systems, page 15.\nIn addition, Windows Installer 1.1 or higher must be present on your system. This should be\nthe case if you have all recent Windows updates installed.\n\n2.1.2 Performing the installation\nThe VirtualBox installation can be started\n• either by double-clicking on its executable file (contains both 32- and 64-bit architectures)\n• or by entering\nVirtualBox.exe -extract\n\non the command line. This will extract both installers into a temporary directory in which\nyou’ll then find the usual .MSI files. Then you can do a\nmsiexec /i VirtualBox-<version>-MultiArch_<x86|amd64>.msi\n\nto perform the installation.\nIn either case, this will display the installation welcome dialog and allow you to choose where\nto install VirtualBox to and which components to install. In addition to the VirtualBox application, the following components are available:\nUSB support This package contains special drivers for your Windows host that VirtualBox requires to fully support USB devices inside your virtual machines.\nNetworking This package contains extra networking drivers for your Windows host that\nVirtualBox needs to support Bridged Networking (to make your VM’s virtual network cards\naccessible from other machines on your physical network).\nPython Support This package contains Python scripting support for the VirtualBox API (see\nchapter 11, VirtualBox programming interfaces, page 228). For this to work, an already\nworking Windows Python installation on the system is required.1\nDepending on your Windows configuration, you may see warnings about “unsigned drivers” or\nsimilar. Please select “Continue” on these warnings as otherwise VirtualBox might not function\ncorrectly after installation.\n1 See,\n\nfor example, http://www.python.org/download/windows/.\n\n34\n\n\f2 Installation details\nThe installer will create a “VirtualBox” group in the Windows “Start” menu which allows you\nto launch the application and access its documentation.\nWith standard settings, VirtualBox will be installed for all users on the local system. In case\nthis is not wanted, you have to invoke the installer by first extracting it by using\nVirtualBox.exe -extract\n\nand then do as follows:\nVirtualBox.exe -msiparams ALLUSERS=2\n\nor\nmsiexec /i VirtualBox-<version>-MultiArch_<x86|amd64>.msi ALLUSERS=2\n\non the extracted .MSI files. This will install VirtualBox only for the current user.\nIf you do not want to install all features of VirtualBox, you can set the optional ADDLOCAL\nparameter to explicitly name the features to be installed. The following features are available:\nVBoxApplication Main binaries of VirtualBox.\nNote: This feature must not be absent since it contains the minimum set of files to have\nworking VirtualBox installation.\n\nVBoxUSB USB support.\nVBoxNetwork All networking support; includes the VBoxNetworkFlt and VBoxNetworkAdp features (see below).\nVBoxNetworkFlt Bridged networking support.\nVBoxNetworkAdp Host-only networking support.\nVBoxPython Python support.\nFor example, to only install USB support along with the main binaries, do a:\nVirtualBox.exe -msiparams ADDLOCAL=VBoxApplication,VBoxUSB\n\nor\nmsiexec /i VirtualBox-<version>-MultiArch_<x86|amd64>.msi ADDLOCAL=VBoxApplication,VBoxUSB\n\nThe user is able to choose between NDIS5 and NDIS6 host network filters drivers during the\ninstallation. This is realized via a command line parameter NETWORKTYPE. The NDIS6 driver is\ndefault for Windows Vista and later. For older Windows versions, the installer will automatically\nselect the NDIS5 driver and this cannot be changed. For Windows Vista and later the user can\nforce to install the (legacy) NDIS5 host network filter driver using NETWORKTYPE=NDIS5. For\nexample, to install the NDIS5 driver on Windows 7, do\nVirtualBox.exe -msiparams NETWORKTYPE=NDIS5\n\nor\nmsiexec /i VirtualBox-<version>-MultiArch_<x86|amd64>.msi NETWORKTYPE=NDIS5\n\n35\n\n\f2 Installation details\n\n2.1.3 Uninstallation\nAs VirtualBox uses the standard Microsoft Windows installer, VirtualBox can be safely uninstalled\nat any time by choosing the program entry in the “Add/Remove Programs” applet in the Windows\nControl Panel.\n\n2.1.4 Unattended installation\nUnattended installations can be performed using the standard MSI support.\n\n2.1.5 Public properties\nThe following public properties can be specified via MSI API,\nVirtualBox.exe -msiparams NAME=VALUE [...]\n\nor\nmsiexec /i VirtualBox-<version>-MultiArch_<x86|amd64>.msi NAME=VALUE [...]\n\nto control additional behavior and/or features of the Windows host installer:\nVBOX_INSTALLDESKTOPSHORTCUT Specifies whether or not a VirtualBox icon on the desktop should be created.\nSet to 1 to enable, 0 to disable. Default is 1.\nVBOX_INSTALLQUICKLAUNCHSHORTCUT Specifies whether or not a VirtualBox icon in the\nQuick Launch Bar should be created.\nSet to 1 to enable, 0 to disable. Default is 1.\nVBOX_REGISTERFILEEXTENSIONS Specifies whether or not the file extensions .vbox, .vboxextpack, .ovf, .ova, .vdi, .vmdk, .vhd and .vdd should be associated with VirtualBox. Files\nof these types then will be opened with VirtualBox.\nSet to 1 to enable, 0 to disable. Default is 1.\nVBOX_START Specifies whether or not VirtualBox should be started right after successful installation.\nSet to 1 to enable, 0 to disable. Default is 1.\n\n2.2 Installing on Mac OS X hosts\n2.2.1 Performing the installation\nFor Mac OS X hosts, VirtualBox ships in a disk image (dmg) file. Perform the following steps:\n1. Double-click on that file to have its contents mounted.\n2. A window will open telling you to double click on the VirtualBox.mpkg installer file\ndisplayed in that window.\n3. This will start the installer, which will allow you to select where to install VirtualBox to.\nAfter installation, you can find a VirtualBox icon in the “Applications” folder in the Finder.\n\n36\n\n\f2 Installation details\n\n2.2.2 Uninstallation\nTo uninstall VirtualBox, open the disk image (dmg) file again and double-click on the uninstall\nicon contained therein.\n\n2.2.3 Unattended installation\nTo perform a non-interactive installation of VirtualBox you can use the command line version of\nthe installer application.\nMount the disk image (dmg) file as described in the normal installation or use the following\ncommand line:\nhdiutil attach /path/to/VirtualBox-xyz.dmg\n\nThen open a terminal session and execute:\nsudo installer -pkg /Volumes/VirtualBox/VirtualBox.pkg -target /Volumes/Macintosh\\ HD\n\n2.3 Installing on Linux hosts\n2.3.1 Prerequisites\nFor the various versions of Linux that we support as host operating systems, please refer to\nchapter 1.4, Supported host operating systems, page 15.\nYou will need to install the following packages on your Linux system before starting the installation (some systems will do this for you automatically when you install VirtualBox):\n• Qt 4.8.0 or higher;\n• SDL 1.2.7 or higher (this graphics library is typically called libsdl or similar).\n\nNote: To be precise, these packages are only required if you want to run the VirtualBox\ngraphical user interfaces. In particular, VirtualBox, the graphical VirtualBox manager,\nrequires both Qt and SDL; VBoxSDL, our simplified GUI, requires only SDL. By contrast,\nif you only want to run VBoxHeadless, neither Qt nor SDL are required.\n\n2.3.2 The VirtualBox kernel module\nVirtualBox uses a special kernel module called vboxdrv to perform physical memory allocation\nand to gain control of the processor for guest system execution. Without this kernel module,\nyou can still use the VirtualBox manager to configure virtual machines, but they will not start. In\naddition, there are the network kernel modules vboxnetflt and vboxnetadp which are required\nfor the more advanced networking features of VirtualBox.\nThe VirtualBox kernel module is automatically installed on your system when you install\nVirtualBox. To maintain it with future kernel updates, for those Linux distributions which provide\nit – most current ones – we recommend installing Dynamic Kernel Module Support (DKMS)2 .\nThis framework helps with building and upgrading kernel modules.\nIf DKMS is not already installed, execute one of the following:\n• On an Ubuntu system:\nsudo apt-get install dkms\n2 See http://en.wikipedia.org/wiki/Dynamic_Kernel_Module_Support\n\n37\n\nfor an introduction.\n\n\f2 Installation details\n• On a Fedora system:\nyum install dkms\n\n• On a Mandriva or Mageia system:\nurpmi dkms\n\nIf DKMS is available and installed, the VirtualBox kernel module should always work automatically, and it will be automatically rebuilt if your host kernel is updated.\nOtherwise, there are only two situations in which you will need to worry about the kernel\nmodule:\n1. The original installation fails. This probably means that your Linux system is not prepared\nfor building external kernel modules.\nMost Linux distributions can be set up simply by installing the right packages - normally,\nthese will be the GNU compiler (GCC), GNU Make (make) and packages containing header\nfiles for your kernel - and making sure that all system updates are installed and that the\nsystem is running the most up-to-date kernel included in the distribution. The version\nnumbers of the header file packages must be the same as that of the kernel you are using.\n• With Debian and Ubuntu releases, you must install the right version of the\nlinux-headers and if it exists the linux-kbuild package. Current Ubuntu releases\nshould have the right packages installed by default.\n• In even older Debian and Ubuntu releases, you must install the right version of the\nkernel-headers package.\n• On Fedora and Redhat systems, the package is kernel-devel.\n• On SUSE and openSUSE Linux, you must install the right versions of the\nkernel-source and kernel-syms packages.\n• If you have built your own kernel, you will need to make sure that you also installed\nall the required header and other files for building external modules to the right locations. The details of how to do this will depend on how you built your kernel, and if\nyou are unsure you should consult the documentation which you followed to do so.\n2. The kernel of your Linux host was updated and DKMS is not installed. In that case, the\nkernel module will need to be reinstalled by executing (as root):\nrcvboxdrv setup\n\n2.3.3 Performing the installation\nVirtualBox is available in a number of package formats native to various common Linux distributions (see chapter 1.4, Supported host operating systems, page 15 for details). In addition, there\nis an alternative generic installer (.run) which should work on most Linux distributions.\n2.3.3.1 Installing VirtualBox from a Debian/Ubuntu package\nFirst, download the appropriate package for your distribution. The following examples assume\nthat you are installing to a 32-bit Ubuntu Raring system. Use dpkg to install the Debian package:\nsudo dpkg -i virtualbox-5.0_5.0.16_Debian_Ubuntu_raring_i386.deb\n\nYou will be asked to accept the VirtualBox Personal Use and Evaluation License. Unless you\nanswer “yes” here, the installation will be aborted.\nThe installer will also search for a VirtualBox kernel module suitable for your kernel. The package includes pre-compiled modules for the most common kernel configurations. If no suitable\nkernel module is found, the installation script tries to build a module itself. If the build process\n\n38\n\n\f2 Installation details\nis not successful you will be shown a warning and the package will be left unconfigured. Please\nhave a look at /var/log/vbox-install.log to find out why the compilation failed. You may\nhave to install the appropriate Linux kernel headers (see chapter 2.3.2, The VirtualBox kernel\nmodule, page 37). After correcting any problems, do\nsudo rcvboxdrv setup\n\nThis will start a second attempt to build the module.\nIf a suitable kernel module was found in the package or the module was successfully built, the\ninstallation script will attempt to load that module. If this fails, please see chapter 12.8.1, Linux\nkernel module refuses to load, page 242 for further information.\nOnce VirtualBox has been successfully installed and configured, you can start it by selecting\n“VirtualBox” in your start menu or from the command line (see chapter 2.3.5, Starting VirtualBox\non Linux, page 42).\n2.3.3.2 Using the alternative installer (VirtualBox.run)\nThe alternative installer performs the following steps:\n• It unpacks the application files to the target directory,\n/opt/VirtualBox/\n\nwhich cannot be changed.\n• It builds the VirtualBox kernel modules (vboxdrv, vboxnetflt and vboxnetadp) and installs them.\n• It creates /sbin/rcvboxdrv, an init script to start the VirtualBox kernel module.\n• It creates a new system group called vboxusers.\n• It creates symbolic links in /usr/bin to the a shell script (/opt/VirtualBox/VBox) which\ndoes some sanity checks and dispatches to the actual executables, VirtualBox, VBoxSDL,\nVBoxVRDP, VBoxHeadless and VBoxManage\n• It creates /etc/udev/rules.d/60-vboxdrv.rules, a description file for udev, if that is\npresent, which makes the USB devices accessible to all users in the vboxusers group.\n• It writes the installation directory to /etc/vbox/vbox.cfg.\nThe installer must be executed as root with either install or uninstall as the first parameter.\nsudo ./VirtualBox.run install\n\nOr if you do not have the “sudo” command available, run the following as root instead:\n./VirtualBox.run install\n\nAfter that you need to put every user which should be able to access USB devices from\nVirtualBox guests in the group vboxusers, either through the GUI user management tools or\nby running the following command as root:\nsudo usermod -a -G vboxusers username\n\nNote: The usermod command of some older Linux distributions does not support the\n-a option (which adds the user to the given group without affecting membership of\nother groups). In this case, find out the current group memberships with the groups\ncommand and add all these groups in a comma-separated list to the command line after\nthe -G option, e.g. like this: usermod -G group1,group2,vboxusers username.\n\n39\n\n\f2 Installation details\n2.3.3.3 Performing a manual installation\nIf, for any reason, you cannot use the shell script installer described previously, you can also\nperform a manual installation. Invoke the installer like this:\n./VirtualBox.run --keep --noexec\n\nThis will unpack all the files needed for installation in the directory install under the current\ndirectory. The VirtualBox application files are contained in VirtualBox.tar.bz2 which you can\nunpack to any directory on your system. For example:\nsudo mkdir /opt/VirtualBox\nsudo tar jxf ./install/VirtualBox.tar.bz2 -C /opt/VirtualBox\n\nor as root:\nmkdir /opt/VirtualBox\ntar jxf ./install/VirtualBox.tar.bz2 -C /opt/VirtualBox\n\nThe sources for VirtualBox’s kernel module are provided in the src directory. To build the\nmodule, change to the directory and issue\nmake\n\nIf everything builds correctly, issue the following command to install the module to the appropriate module directory:\nsudo make install\n\nIn case you do not have sudo, switch the user account to root and perform\nmake install\n\nThe VirtualBox kernel module needs a device node to operate. The above make command\nwill tell you how to create the device node, depending on your Linux system. The procedure\nis slightly different for a classical Linux setup with a /dev directory, a system with the now\ndeprecated devfs and a modern Linux system with udev.\nOn certain Linux distributions, you might experience difficulties building the module. You will\nhave to analyze the error messages from the build system to diagnose the cause of the problems.\nIn general, make sure that the correct Linux kernel sources are used for the build process.\nNote that the /dev/vboxdrv kernel module device node must be owned by root:root and must\nbe read/writable only for the user.\nNext, you will have to install the system initialization script for the kernel module:\ncp /opt/VirtualBox/vboxdrv.sh /sbin/rcvboxdrv\n\n(assuming you installed VirtualBox to the /opt/VirtualBox directory) and activate the initialization script using the right method for your distribution. You should create VirtualBox’s\nconfiguration file:\nmkdir /etc/vbox\necho INSTALL_DIR=/opt/VirtualBox > /etc/vbox/vbox.cfg\n\nand, for convenience, create the following symbolic links:\nln\nln\nln\nln\n\n-sf\n-sf\n-sf\n-sf\n\n/opt/VirtualBox/VBox.sh\n/opt/VirtualBox/VBox.sh\n/opt/VirtualBox/VBox.sh\n/opt/VirtualBox/VBox.sh\n\n/usr/bin/VirtualBox\n/usr/bin/VBoxManage\n/usr/bin/VBoxHeadless\n/usr/bin/VBoxSDL\n\n40\n\n\f2 Installation details\n2.3.3.4 Updating and uninstalling VirtualBox\nBefore updating or uninstalling VirtualBox, you must terminate any virtual machines which are\ncurrently running and exit the VirtualBox or VBoxSVC applications. To update VirtualBox, simply\nrun the installer of the updated version. To uninstall VirtualBox, invoke the installer like this:\nsudo ./VirtualBox.run uninstall\n\nor as root\n./VirtualBox.run uninstall\n\n. Starting with version 2.2.2, you can uninstall the .run package by invoking\n/opt/VirtualBox/uninstall.sh\n\nTo manually uninstall VirtualBox, simply undo the steps in the manual installation in reverse\norder.\n2.3.3.5 Automatic installation of Debian packages\nThe Debian packages will request some user feedback when installed for the first time. The\ndebconf system is used to perform this task. To prevent any user interaction during installation,\ndefault values can be defined. A file vboxconf can contain the following debconf settings:\nvirtualbox virtualbox/module-compilation-allowed boolean true\nvirtualbox virtualbox/delete-old-modules boolean true\n\nThe first line allows compilation of the vboxdrv kernel module if no module was found for the\ncurrent kernel. The second line allows the package to delete any old vboxdrv kernel modules\ncompiled by previous installations.\nThese default settings can be applied with\ndebconf-set-selections vboxconf\n\nprior to the installation of the VirtualBox Debian package.\nIn addition there are some common configuration options that can be set prior to the installation, described in chapter 2.3.3.7, Automatic installation options, page 41.\n2.3.3.6 Automatic installation of .rpm packages\nThe .rpm format does not provide a configuration system comparable to the debconf system. See\nchapter 2.3.3.7, Automatic installation options, page 41 for how to set some common installation\noptions provided by VirtualBox.\n2.3.3.7 Automatic installation options\nTo configure the installation process of our .deb and .rpm packages, you can create a response\nfile named /etc/default/virtualbox. The automatic generation of the udev rule can be prevented by the following setting:\nINSTALL_NO_UDEV=1\n\nThe creation of the group vboxusers can be prevented by\nINSTALL_NO_GROUP=1\n\nIf the line\nINSTALL_NO_VBOXDRV=1\n\nis specified, the package installer will not try to build the vboxdrv kernel module if no module\nfitting the current kernel was found.\n\n41\n\n\f2 Installation details\n\n2.3.4 The vboxusers group\nThe Linux installers create the system user group vboxusers during installation. Any system\nuser who is going to use USB devices from VirtualBox guests must be a member of that group. A\nuser can be made a member of the group vboxusers through the GUI user/group management\nor at the command line with\nsudo usermod -a -G vboxusers username\n\n2.3.5 Starting VirtualBox on Linux\nThe easiest way to start a VirtualBox program is by running the program of your choice\n(VirtualBox, VBoxManage, VBoxSDL or VBoxHeadless) from a terminal. These are symbolic\nlinks to VBox.sh that start the required program for you.\nThe following detailed instructions should only be of interest if you wish to execute VirtualBox\nwithout installing it first. You should start by compiling the vboxdrv kernel module (see above)\nand inserting it into the Linux kernel. VirtualBox consists of a service daemon (VBoxSVC) and\nseveral application programs. The daemon is automatically started if necessary. All VirtualBox\napplications will communicate with the daemon through Unix local domain sockets. There\ncan be multiple daemon instances under different user accounts and applications can only\ncommunicate with the daemon running under the user account as the application. The local\ndomain socket resides in a subdirectory of your system’s directory for temporary files called\n.vbox-<username>-ipc. In case of communication problems or server startup problems, you\nmay try to remove this directory.\nAll VirtualBox applications (VirtualBox, VBoxSDL, VBoxManage and VBoxHeadless) require\nthe VirtualBox directory to be in the library path:\nLD_LIBRARY_PATH=. ./VBoxManage showvminfo \"Windows XP\"\n\n2.4 Installing on Solaris hosts\nFor the specific versions of Solaris that we support as host operating systems, please refer to\nchapter 1.4, Supported host operating systems, page 15.\nIf you have a previously installed instance of VirtualBox on your Solaris host, please uninstall it\nfirst before installing a new instance. Refer to chapter 2.4.4, Uninstallation, page 43 for uninstall\ninstructions.\n\n2.4.1 Performing the installation\nVirtualBox is available as a standard Solaris package. Download the VirtualBox SunOS package\nwhich includes the 64-bit versions of VirtualBox. The installation must be performed as root and\nfrom the global zone as the VirtualBox installer loads kernel drivers which cannot be done from\nnon-global zones. To verify which zone you are currently in, execute the zonename command.\nExecute the following commands:\ngunzip -cd VirtualBox-5.0.16_Debian-SunOS.tar.gz | tar xvf -\n\nStarting with VirtualBox 3.1 the VirtualBox kernel package is no longer a separate package\nand has been integrated into the main package. Install the VirtualBox package using:\npkgadd -d VirtualBox-5.0.16_Debian-SunOS.pkg\n\nNote: If you are using Solaris Zones, to install VirtualBox only into the current zone\nand not into any other zone, use pkgadd -G. For more information refer to the pkgadd\nmanual; see also chapter 2.4.6, Configuring a zone for running VirtualBox, page 44.\n\n42\n\n\f2 Installation details\nThe installer will then prompt you to enter the package you wish to install. Choose “1” or\n“all” and proceed. Next the installer will ask you if you want to allow the postinstall script to\nbe executed. Choose “y” and proceed as it is essential to execute this script which installs the\nVirtualBox kernel module. Following this confirmation the installer will install VirtualBox and\nexecute the postinstall setup script.\nOnce the postinstall script has been executed your installation is now complete. You may now\nsafely delete the uncompressed package and autoresponse files from your system. VirtualBox\nwould be installed in /opt/VirtualBox.\n\n2.4.2 The vboxuser group\nStarting with VirtualBox 4.1, the installer creates the system user group vboxuser during installation for Solaris hosts that support the USB features required by VirtualBox. Any system user\nwho is going to use USB devices from VirtualBox guests must be a member of this group. A\nuser can be made a member of this group through the GUI user/group management or at the\ncommand line by executing as root:\nusermod -G vboxuser username\n\nNote that adding an active user to that group will require that user to log out and back in\nagain. This should be done manually after successful installation of the package.\n\n2.4.3 Starting VirtualBox on Solaris\nThe easiest way to start a VirtualBox program is by running the program of your choice\n(VirtualBox, VBoxManage, VBoxSDL or VBoxHeadless) from a terminal. These are symbolic\nlinks to VBox.sh that start the required program for you.\nAlternatively, you can directly invoke the required programs from /opt/VirtualBox. Using\nthe links provided is easier as you do not have to type the full path.\nYou can configure some elements of the VirtualBox Qt GUI such as fonts and colours by\nexecuting VBoxQtconfig from the terminal.\n\n2.4.4 Uninstallation\nUninstallation of VirtualBox on Solaris requires root permissions. To perform the uninstallation,\nstart a root terminal session and execute:\npkgrm SUNWvbox\n\nAfter confirmation, this will remove VirtualBox from your system.\nIf you are uninstalling VirtualBox version 3.0 or lower, you need to remove the VirtualBox\nkernel interface package, execute:\npkgrm SUNWvboxkern\n\n2.4.5 Unattended installation\nTo perform a non-interactive installation of VirtualBox we have provided a response file named\nautoresponse that the installer will use for responses to inputs rather than ask them from you.\nExtract the tar.gz package as described in the normal installation. Then open a root terminal\nsession and execute:\npkgadd -d VirtualBox-5.0.16_Debian-SunOS-x86 -n -a autoresponse SUNWvbox\n\nTo perform a non-interactive uninstallation, open a root terminal session and execute:\npkgrm -n -a /opt/VirtualBox/autoresponse SUNWvbox\n\n43\n\n\f2 Installation details\n\n2.4.6 Configuring a zone for running VirtualBox\nAssuming that VirtualBox has already been installed into your zone, you need to give the zone\naccess to VirtualBox’s device node. This is done by performing the following steps. Start a root\nterminal and execute:\nzonecfg -z vboxzone\n\nReplace “vboxzone” with the name of the zone in which you intend to run VirtualBox.\nInside the zonecfg prompt add the device resource and match properties to the zone. Here’s\nhow it can be done:\nzonecfg:vboxzone>add device\nzonecfg:vboxzone:device>set match=/dev/vboxdrv\nzonecfg:vboxzone:device>end\nzonecfg:vboxzone>add device\nzonecfg:vboxzone:device>set match=/dev/vboxdrvu\nzonecfg:vboxzone:device>end\nzonecfg:vboxzone>exit\n\nIf you are running VirtualBox 2.2.0 or above on Solaris 11 or above, you may add a device for\n/dev/vboxusbmon too, similar to what was shown above. This does not apply to Solaris 10 hosts\n\ndue to lack of USB support.\nNext reboot the zone using zoneadm and you should be able to run VirtualBox from within the\nconfigured zone.\n\n44\n\n\f3 Configuring virtual machines\nWhereas chapter 1, First steps, page 11 gave you a quick introduction to VirtualBox and how to\nget your first virtual machine running, the following chapter describes in detail how to configure\nvirtual machines.\nYou have considerable latitude in deciding what virtual hardware will be provided to the guest.\nThe virtual hardware can be used for communicating with the host system or with other guests.\nFor instance, if you provide VirtualBox with the image of a CD-ROM in an ISO file, VirtualBox\ncan present this image to a guest system as if it were a physical CD-ROM. Similarly, you can give\na guest system access to the real network via its virtual network card, and, if you so choose, give\nthe host system, other guests, or computers on the Internet access to the guest system.\n\n3.1 Supported guest operating systems\nSince VirtualBox is designed to provide a generic virtualization environment for x86 systems,\nit may run operating systems of any kind, even those not listed here. However, the focus is to\noptimize VirtualBox for the following guest systems:\nWindows NT 4.0 All versions, editions and service packs are fully supported; however, there\nare some issues with older service packs. We recommend to install service pack 6a. Guest\nAdditions are available with a limited feature set.\nWindows 2000 / XP / Server 2003 / Vista / Server 2008 / Windows 7 / Windows 8 / Windows 8.1 / Windows 10\nAll versions, editions and service packs are fully supported (including 64-bit versions, under the preconditions listed below). Guest Additions are available. Windows 8 and later\nrequires hardware virtualization to be enabled.\nDOS / Windows 3.x / 95 / 98 / ME Limited testing has been performed. Use beyond legacy installation mechanisms not recommended. No Guest Additions available.\nLinux 2.4 Limited support.\nLinux 2.6 All versions/editions are fully supported (32 bits and 64 bits). Guest Additions are\navailable.\nWe strongly recommend using a Linux kernel version 2.6.13 or higher for better performance.\nNote: Certain Linux kernel releases have bugs that prevent them from executing in a\nvirtual environment; please see chapter 12.4.3, Buggy Linux 2.6 kernel versions, page\n239 for details.\nLinux 3.x All versions/editions are fully supported (32 bits and 64 bits). Guest Additions are\navailable.\nSolaris 10 (u6 and higher), Solaris 11 (including Solaris 11 Express) Fully supported (64\nbits, prior to Solaris 11 11/11 also 32 bits). Guest Additions are available.\nFreeBSD Requires hardware virtualization to be enabled. Limited support. Guest Additions are\nnot available yet.\n\n45\n\n\f3 Configuring virtual machines\nOpenBSD Requires hardware virtualization to be enabled. Versions 3.7 and later are supported.\nGuest Additions are not available yet.\nOS/2 Warp 4.5 Requires hardware virtualization to be enabled. We officially support MCP2\nonly; other OS/2 versions may or may not work. Guest Additions are available with a\nlimited feature set.1\nMac OS X VirtualBox 3.2 added experimental support for Mac OS X guests, but this comes with\nrestrictions. Please see the following section as well as chapter 14, Known limitations, page\n252.\n\n3.1.1 Mac OS X guests\nStarting with version 3.2, VirtualBox has experimental support for Mac OS X guests. This allows\nyou to install and execute unmodified versions of Mac OS X on supported host hardware.\nWhereas competing solutions perform modifications to the Mac OS X install DVDs (e.g. different boot loader and replaced files), VirtualBox is the first product to provide the modern PC\narchitecture expected by OS X without requiring any “hacks”.\nYou should be aware of a number of important issues before attempting to install a Mac OS\nX guest:\n1. Mac OS X is commercial, licensed software and contains both license and technical restrictions that limit its use to certain hardware and usage scenarios. It is important that\nyou understand and obey these restrictions.\nIn particular, for most versions of Mac OS X, Apple prohibits installing them on non-Apple\nhardware.\nThese license restrictions are also enforced on a technical level. Mac OS X verifies whether\nit is running on Apple hardware, and most DVDs that that come with Apple hardware\neven check for an exact model. These restrictions are not circumvented by VirtualBox and\ncontinue to apply.\n2. Only CPUs known and tested by Apple are supported. As a result, if your Intel CPU is\nnewer than the build of Mac OS X, or if you have a non-Intel CPU, it will most likely panic\nduring bootup with an “Unsupported CPU” exception. It is generally best to use the Mac\nOS X DVD that came with your Apple hardware.\n3. The Mac OS X installer expects the harddisk to be partitioned so when it does not offer a\nselection, you have to launch the Disk Utility from the “Tools” menu and partition the hard\ndisk. Then close the Disk Utility and proceed with the installation.\n4. In addition, as Mac OS X support in VirtualBox is currently still experimental, please refer\nalso to chapter 14, Known limitations, page 252.\n\n3.1.2 64-bit guests\nVirtualBox supports 64-bit guest operating systems, even on 32-bit host operating systems,2 provided that the following conditions are met:\n1. You need a 64-bit processor with hardware virtualization support (see chapter 10.3, Hardware vs. software virtualization, page 222).\n2. You must enable hardware virtualization for the particular VM for which you want 64-bit\nsupport; software virtualization is not supported for 64-bit VMs.\n1 See\n\nchapter 14, Known limitations, page 252.\nguest support was added with VirtualBox 2.0; support for 64-bit guests on 32-bit hosts was added with\nVirtualBox 2.1.\n\n2 64-bit\n\n46\n\n\f3 Configuring virtual machines\n3. If you want to use 64-bit guest support on a 32-bit host operating system, you must also\nselect a 64-bit operating system for the particular VM. Since supporting 64 bits on 32bit hosts incurs additional overhead, VirtualBox only enables this support upon explicit\nrequest.\nOn 64-bit hosts (which typically come with hardware virtualization support), 64-bit guest\noperating systems are always supported regardless of settings, so you can simply install a\n64-bit operating system in the guest.\n\nWarning: On any host, you should enable the I/O APIC for virtual machines that\nyou intend to use in 64-bit mode. This is especially true for 64-bit Windows VMs.\nSee chapter 3.3.2, “Advanced” tab, page 48. In addition, for 64-bit Windows guests,\nyou should make sure that the VM uses the Intel networking device, since there is\nno 64-bit driver support for the AMD PCNet card; see chapter 6.1, Virtual networking\nhardware, page 96.\nIf you use the “Create VM” wizard of the VirtualBox graphical user interface (see chapter\n1.7, Creating your first virtual machine, page 18), VirtualBox will automatically use the correct\nsettings for each selected 64-bit operating system type.\n\n3.2 Emulated hardware\nVirtualBox virtualizes nearly all hardware of the host. Depending on a VM’s configuration, the\nguest will see the following virtual hardware:\n• Input devices. By default, VirtualBox emulates a standard PS/2 keyboard and mouse.\nThese devices are supported by almost all past and present operating systems.\nIn addition, VirtualBox can provide virtual USB input devices to avoid having to capture\nmouse and keyboard, as described in chapter 1.8.2, Capturing and releasing keyboard and\nmouse, page 22.\n• Graphics. The VirtualBox graphics device (sometimes referred to as VGA device) is, unlike\nnearly all other emulated devices, not based on any physical counterpart. It is a simple,\nsynthetic device which provides compatibility with standard VGA and several extended\nregisters used by the VESA BIOS Extensions (VBE).\n• Storage. VirtualBox currently emulates the standard ATA interface found on Intel\nPIIX3/PIIX4 chips, the SATA (AHCI) interface, and two SCSI adapters (LSI Logic and BusLogic); see chapter 5.1, Hard disk controllers: IDE, SATA (AHCI), SCSI, SAS, USB MSC, page\n83 for details. Whereas providing one of these would be enough for VirtualBox by itself,\nthis multitude of storage adapters is required for compatibility with other hypervisors. Windows is particularly picky about its boot devices, and migrating VMs between hypervisors\nis very difficult or impossible if the storage controllers are different.\n• Networking. See chapter 6.1, Virtual networking hardware, page 96.\n• USB. VirtualBox emulates three USB host controllers: xHCI, EHCI, and OHCI. While xHCI\nhandles all USB transfer speeds, only guest operating systems released approximately after\n2011 support xHCI. Note that for Windows 7 guests, 3rd party drivers must be installed for\nxHCI support.\nOlder operating systems typically support OHCI and EHCI. The two controllers are needed\nbecause OHCI only handles USB low- and full-speed devices (both USB 1.x and 2.0), while\nEHCI only handles high-speed devices (USB 2.0 only).\n\n47\n\n\f3 Configuring virtual machines\nThe emulated USB controllers do not communicate directly with devices on the host but\nrather with a virtual USB layer which abstracts the USB protocol and allows the use of\nremote USB devices.\n• Audio. See chapter 3.7, Audio settings, page 55.\n\n3.3 General settings\nIn the Settings window, under “General”, you can configure the most fundamental aspects of\nthe virtual machine such as memory and essential hardware. There are three tabs, “Basic”,\n“Advanced” and “Description”.\n\n3.3.1 “Basic” tab\nUnder the “Basic” tab of the “General” settings category, you can find these settings:\nName The name under which the VM is shown in the list of VMs in the main window. Under this\nname, VirtualBox also saves the VM’s configuration files. By changing the name, VirtualBox\nrenames these files as well. As a result, you can only use characters which are allowed in\nyour host operating system’s file names.\nNote that internally, VirtualBox uses unique identifiers (UUIDs) to identify virtual machines. You can display these with VBoxManage.\nOperating system / version The type of the guest operating system that is (or will be) installed\nin the VM. This is the same setting that was specified in the “New Virtual Machine” wizard,\nas described in chapter 1.7, Creating your first virtual machine, page 18.\nWhereas the default settings of a newly created VM depend on the selected operating\nsystem type, changing the type later has no effect on VM settings; this value is then purely\ninformational and decorative.\n\n3.3.2 “Advanced” tab\nSnapshot Folder By default, VirtualBox saves snapshot data together with your other\nVirtualBox configuration data; see chapter 10.1, Where VirtualBox stores its files, page\n218. With this setting, you can specify any other folder for each VM.\nShared Clipboard You can select here whether the clipboard of the guest operating system\nshould be shared with that of your host. If you select “Bidirectional”, then VirtualBox will\nalways make sure that both clipboards contain the same data. If you select “Host to guest”\nor “Guest to host”, then VirtualBox will only ever copy clipboard data in one direction.\nClipboard sharing requires that the VirtualBox Guest Additions be installed. As a result,\nthis setting has no effect otherwise; see chapter 4, Guest Additions, page 61 for details.\nThe shared clipboard is disabled by default. See chapter 13.3.2.3, Clipboard, page 249\nfor an explanation. This setting can be changed at any time using the “Shared Clipboard”\nmenu item in the “Devices” menu of the virtual machine.\nDrag and Drop This setting allows to enable support for drag and drop: Select an object (e.g.\na file) from the host or guest and directly copy or open it on the guest or host. Multiple\nper-VM drag and drop modes allow restricting access in either direction.\nFor drag and drop to work the Guest Additions need to be installed on the guest.\nNote: Drag and drop is disabled by default. This setting can be changed at any time\nusing the “Drag and Drop” menu item in the “Devices” menu of the virtual machine.\n\n48\n\n\f3 Configuring virtual machines\nSee chapter 4.4, Drag and Drop, page 74 for more information.\n\n3\n\nRemovable Media If this is checked, VirtualBox will save the state of what media has been\nmounted between several runs of a virtual machine.\nMini ToolBar In full screen or seamless mode, VirtualBox can display a small toolbar that contains some of the items that are normally available from the virtual machine’s menu bar.\nThis toolbar reduces itself to a small gray line unless you move the mouse over it. With the\ntoolbar, you can return from full screen or seamless mode, control machine execution or\nenable certain devices. If you don’t want to see the toolbar, disable this setting.\nThe second setting allows to show the toolbar at the top of the screen instead of showing\nit at the bottom.\n\n3.3.3 “Description” tab\nHere you can enter any description for your virtual machine, if you want. This has no effect on\nthe functionality of the machine, but you may find this space useful to note down things like the\nconfiguration of a virtual machine and the software that has been installed into it.\nTo insert a line break into the description text field, press Shift+Enter.\n\n3.4 System settings\nThe “System” category groups various settings that are related to the basic hardware that is\npresented to the virtual machine.\nNote: As the activation mechanism of Microsoft Windows is sensitive to hardware\nchanges, if you are changing hardware settings for a Windows guest, some of these\nchanges may trigger a request for another activation with Microsoft.\n\n3.4.1 “Motherboard” tab\nOn the “Motherboard” tab, you can influence virtual hardware that would normally be on the\nmotherboard of a real computer.\nBase memory This sets the amount of RAM that is allocated and given to the VM when it is\nrunning. The specified amount of memory will be requested from the host operating system, so it must be available or made available as free memory on the host when attempting\nto start the VM and will not be available to the host while the VM is running. This is the\nsame setting that was specified in the “New Virtual Machine” wizard, as described with\nguidelines under chapter 1.7, Creating your first virtual machine, page 18 above.\nGenerally, it is possible to change the memory size after installing the guest operating\nsystem (provided you do not reduce the memory to an amount where the operating system\nwould no longer boot).\nBoot order This setting determines the order in which the guest operating system will attempt\nto boot from the various virtual boot devices. Analogous to a real PC’s BIOS setting,\nVirtualBox can tell a guest OS to start from the virtual floppy, the virtual CD/DVD drive,\nthe virtual hard drive (each of these as defined by the other VM settings), the network, or\nnone of these.\n3 Experimental\n\nsupport for drag and drop was added with VirtualBox 4.2.\n\n49\n\n\f3 Configuring virtual machines\nIf you select “Network”, the VM will attempt to boot from a network via the PXE mechanism. This needs to be configured in detail on the command line; please see chapter 8.8,\nVBoxManage modifyvm, page 131.\nChipset Here you can select which chipset will be presented to the virtual machine. Before\nVirtualBox 4.0, PIIX3 was the only available option here. For modern guest operating systems such as Mac OS X, that old chipset is no longer well supported. As a result, VirtualBox\n4.0 introduced an emulation of the more modern ICH9 chipset, which supports PCI express, three PCI buses, PCI-to-PCI bridges and Message Signaled Interrupts (MSI). This\nallows modern operating systems to address more PCI devices and no longer requires IRQ\nsharing. Using the ICH9 chipset it is also possible to configure up to 36 network cards (up\nto 8 network adapters with PIIX3). Note that the ICH9 support is experimental and not\nrecommended for guest operating systems which do not require it.\nPointing Device The default virtual pointing devices for older guests is the traditional PS/2\nmouse. If set to USB tablet, VirtualBox reports to the virtual machine that a USB tablet\ndevice is present and communicates mouse events to the virtual machine through this\ndevice. The third setting is a USB Multi-Touch Tablet which is suited for recent Windows\nguests.\nUsing the virtual USB tablet has the advantage that movements are reported in absolute\ncoordinates (instead of as relative position changes), which allows VirtualBox to translate\nmouse events over the VM window into tablet events without having to “capture” the\nmouse in the guest as described in chapter 1.8.2, Capturing and releasing keyboard and\nmouse, page 22. This makes using the VM less tedious even if Guest Additions are not\ninstalled.4\nEnable I/O APIC Advanced Programmable Interrupt Controllers (APICs) are a newer x86 hardware feature that have replaced old-style Programmable Interrupt Controllers (PICs) in\nrecent years. With an I/O APIC, operating systems can use more than 16 interrupt requests\n(IRQs) and therefore avoid IRQ sharing for improved reliability.\nNote: Enabling the I/O APIC is required for 64-bit guest operating systems, especially\nWindows Vista; it is also required if you want to use more than one virtual CPU in a\nvirtual machine.\nHowever, software support for I/O APICs has been unreliable with some operating systems other than Windows. Also, the use of an I/O APIC slightly increases the overhead of\nvirtualization and therefore slows down the guest OS a little.\nWarning: All Windows operating systems starting with Windows 2000 install different\nkernels depending on whether an I/O APIC is available. As with ACPI, the I/O APIC\ntherefore must not be turned off after installation of a Windows guest OS. Turning it on\nafter installation will have no effect however.\n\nEnable EFI This enables Extensible Firmware Interface (EFI), which replaces the legacy BIOS\nand may be useful for certain advanced use cases. Please refer to chapter 3.12, Alternative\nfirmware (EFI), page 59 for details.\n\n4 The\n\nvirtual USB tablet was added with VirtualBox 3.2. Depending on the guest operating system selected, this is now\nenabled by default for new virtual machines.\n\n50\n\n\f3 Configuring virtual machines\nHardware clock in UTC time If checked, VirtualBox will report the system time in UTC format\nto the guest instead of local (host) time. This affects how the virtual real-time clock (RTC)\noperates and may be useful for Unix-like guest operating systems, which typically expect\nthe hardware clock to be set to UTC.\nIn addition, you can turn off the Advanced Configuration and Power Interface (ACPI) which\nVirtualBox presents to the guest operating system by default. ACPI is the current industry standard to allow operating systems to recognize hardware, configure motherboards and other devices and manage power. As all modern PCs contain this feature and Windows and Linux have\nbeen supporting it for years, it is also enabled by default in VirtualBox. It can only be turned off\non the command line; see chapter 8.8, VBoxManage modifyvm, page 131.\nWarning: All Windows operating systems starting with Windows 2000 install different\nkernels depending on whether ACPI is available, so ACPI must not be turned off after\ninstallation of a Windows guest OS. Turning it on after installation will have no effect\nhowever.\n\n3.4.2 “Processor” tab\nOn the “Processor” tab, you can set how many virtual CPU cores the guest operating systems\nshould see. Starting with version 3.0, VirtualBox supports symmetrical multiprocessing (SMP)\nand can present up to 32 virtual CPU cores to each virtual machine.\nYou should not, however, configure virtual machines to use more CPU cores than you have\navailable physically (real cores, no hyperthreads).\nOn this tab you can also set the “CPU execution cap”. This setting limits the amount of time\na host CPU spents to emulate a virtual CPU. The default setting is 100% meaning that there is no\nlimitation. A setting of 50% implies a single virtual CPU can use up to 50% of a single host CPU.\nNote that limiting the execution time of the virtual CPUs may induce guest timing problems.\nIn addition, the “Enable PAE/NX” setting determines whether the PAE and NX capabilities of\nthe host CPU will be exposed to the virtual machine. PAE stands for “Physical Address Extension”.\nNormally, if enabled and supported by the operating system, then even a 32-bit x86 CPU can\naccess more than 4 GB of RAM. This is made possible by adding another 4 bits to memory\naddresses, so that with 36 bits, up to 64 GB can be addressed. Some operating systems (such\nas Ubuntu Server) require PAE support from the CPU and cannot be run in a virtual machine\nwithout it.\nWith virtual machines running modern server operating systems, VirtualBox also supports CPU\nhot-plugging. For details about this, please refer to chapter 9.5, CPU hot-plugging, page 181.\n\n3.4.3 “Acceleration” tab\nOn this page, you can determine whether and how VirtualBox should use hardware virtualization\nextensions that your host CPU may support. This is the case with most CPUs built after 2006.\nYou can select for each virtual machine individually whether VirtualBox should use software\nor hardware virtualization.5\nIn most cases, the default settings will be fine; VirtualBox will have picked sensible defaults\ndepending on the operating system that you selected when you created the virtual machine. In\ncertain situations, however, you may want to change these preconfigured defaults.\nAdvanced users may be interested in technical details about software vs. hardware virtualization; please see chapter 10.3, Hardware vs. software virtualization, page 222.\n5 Prior\n\nto VirtualBox version 2.2, software virtualization was the default; starting with version 2.2, VirtualBox will\nenable hardware virtualization by default for new virtual machines that you create. (Existing virtual machines are not\nautomatically changed for compatibility reasons, and the default can of course be changed for each virtual machine.)\n\n51\n\n\f3 Configuring virtual machines\nIf your host’s CPU supports the nested paging (AMD-V) or EPT (Intel VT-x) features, then you\ncan expect a significant performance increase by enabling nested paging in addition to hardware\nvirtualization. For technical details, see chapter 10.7, Nested paging and VPIDs, page 227.\nStarting with version 5.0, VirtualBox provides paravirtualization interfaces to improve timekeeping accuracy and performance of guest operating systems. The options available are documented under the paravirtprovider option in chapter 8.8, VBoxManage modifyvm, page 131.\nFor futher details on the paravirtualization providers, please refer to chapter 10.4, Paravirtualization providers, page 223.\n\n3.5 Display settings\nVideo memory size This sets the size of the memory provided by the virtual graphics card\navailable to the guest, in MB. As with the main memory, the specified amount will be\nallocated from the host’s resident memory. Based on the amount of video memory, higher\nresolutions and color depths may be available.\nThe GUI will show a warning if the amount of video memory is too small to be able to\nswitch the VM into full screen mode. The minimum value depends on the number of\nvirtual monitors, the screen resolution and the color depth of the host display as well as\nof the activation of 3D acceleration and 2D video acceleration. A rough estimate is (color\ndepth / 8) x vertical pixels x horizontal pixels x number of screens = number of bytes. Like\nsaid above, there might be extra memory required for any activated display acceleration\nsetting.\nMonitor count With this setting VirtualBox can provide more than one virtual monitor to a\nvirtual machine. If a guest operating system (such as Windows) supports multiple attached\nmonitors, VirtualBox can pretend that multiple virtual monitors are present.6 Up to 8 such\nvirtual monitors are supported.\nThe output of the multiple monitors will be displayed on the host in multiple VM windows\nwhich are running side by side.\nHowever, in full screen and seamless mode, they will use the available physical monitors\nattached to the host. As a result, for full screen and seamless modes to work with multiple\nmonitors, you will need at least as many physical monitors as you have virtual monitors\nconfigured, or VirtualBox will report an error. You can configure the relationship between\nguest and host monitors using the view menu by pressing Host key + Home when you are\nin full screen or seamless mode.\nPlease see chapter 14, Known limitations, page 252 also.\nEnable 3D acceleration If a virtual machine has Guest Additions installed, you can select here\nwhether the guest should support accelerated 3D graphics. Please refer to chapter 4.5.1,\nHardware 3D acceleration (OpenGL and Direct3D 8/9), page 75 for details.\nEnable 2D video acceleration If a virtual machine with Microsoft Windows has Guest Additions installed, you can select here whether the guest should support accelerated 2D video\ngraphics. Please refer to chapter 4.5.2, Hardware 2D video acceleration for Windows guests,\npage 77 for details.\nRemote display Under the “Remote display” tab, if the VirtualBox Remote Display Extension\n(VRDE) is installed, you can enable the VRDP server that is built into VirtualBox. This\nallows you to connect to the console of the virtual machine remotely with any standard\nRDP viewer, such as mstsc.exe that comes with Microsoft Windows. On Linux and Solaris\nsystems you can use the standard open-source rdesktop program. These features are\ndescribed in detail in chapter 7.1, Remote display (VRDP support), page 107.\n6 Multiple\n\nmonitor support was added with VirtualBox 3.2.\n\n52\n\n\f3 Configuring virtual machines\nVideo Capture Under the “Video Capture” tab you can enable video capturing for this VM. Note\nthat this feature can also be enabled/disabled while the VM is executed.\n\n3.6 Storage settings\nThe “Storage” category in the VM settings allows you to connect virtual hard disk, CD/DVD and\nfloppy images and drives to your virtual machine.\nIn a real PC, so-called “storage controllers” connect physical disk drives to the rest of the computer. Similarly, VirtualBox presents virtual storage controllers to a virtual machine. Under each\ncontroller, the virtual devices (hard disks, CD/DVD or floppy drives) attached to the controller\nare shown.\nNote: This section can only give you a quick introduction to the VirtualBox storage\nsettings. Since VirtualBox gives you an enormous wealth of options in this area, we\nhave dedicated an entire chapter of this User Manual to explaining all the details:\nplease see chapter 5, Virtual storage, page 83.\nIf you have used the “Create VM” wizard to create a machine, you will normally see something\nlike the following:\n\nDepending on the guest operating system type that you selected when you created the VM, the\ntypical layout of storage devices in a new VM is as follows:\n• You will see an IDE controller, to which a virtual CD/DVD drive has been attached (to the\n“secondary master” port of the IDE controller).\n• You will also see a SATA controller, which is a more modern type of storage controller for\nhigher hard disk data throughput, to which the virtual hard disks are attached. Initially\nyou will normally have one such virtual disk, but as you can see in the above screenshot,\nyou can have more than one, each represented by a disk image file (VDI files, in this case).\n\n53\n\n\f3 Configuring virtual machines\nIf you created your VM with an older version of VirtualBox, the default storage layout may\ndiffer. You might then only have an IDE controller to which both the CD/DVD drive and the\nhard disks have been attached. This might also apply if you selected an older operating system\ntype when you created the VM. Since older operating systems do not support SATA without\nadditional drivers, VirtualBox will make sure that no such devices are present initially. Please see\nchapter 5.1, Hard disk controllers: IDE, SATA (AHCI), SCSI, SAS, USB MSC, page 83 for additional\ninformation.\nVirtualBox also provides a floppy controller, which is special: you cannot add devices other\nthan floppy drives to it. Virtual floppy drives, like virtual CD/DVD drives, can be connected to\neither a host floppy drive (if you have one) or a disk image, which in this case must be in RAW\nformat.\nYou can modify these media attachments freely. For example, if you wish to copy some files\nfrom another virtual disk that you created, you can connect that disk as a second hard disk, as in\nthe above screenshot. You could also add a second virtual CD/DVD drive, or change where these\nitems are attached. The following options are available:\n• To add another virtual hard disk, or a CD/DVD or floppy drive, select the storage controller to which it should be added (IDE, SATA, SCSI, SAS, floppy controller) and then click\non the “add disk” button below the tree. You can then either select “Add CD/DVD device”\nor “Add Hard Disk”. (If you clicked on a floppy controller, you can add a floppy drive\ninstead.) Alternatively, right-click on the storage controller and select a menu item there.\nOn the right part of the window, you can then set the following:\n1. You can then select to which device slot of the controller the virtual disk should be\nconnected to. IDE controllers have four slots which have traditionally been called\n“primary master”, “primary slave”, “secondary master” and “secondary slave”. By\ncontrast, SATA and SCSI controllers offer you up to 30 slots to which virtual devices\ncan be attached.\n2. You can select which image file to use.\n– For virtual hard disks, a button with a drop-down list appears on the right, offering you to either select a virtual hard disk file using a standard file dialog or to\ncreate a new hard disk (image file), which will bring up the “Create new disk”\nwizard, which was described in chapter 1.7, Creating your first virtual machine,\npage 18.\nFor details on the image file types that are supported, please see chapter 5.2, Disk\nimage files (VDI, VMDK, VHD, HDD), page 86.\n– For virtual CD/DVD drives, the image files will typically be in the standard ISO\nformat instead. Most commonly, you will select this option when installing an\noperating system from an ISO file that you have obtained from the Internet. For\nexample, most Linux distributions are available in this way.\nFor virtual CD/DVD drives, the following additional options are available:\n∗ If you select “Host drive” from the list, then the physical device of the host\ncomputer is connected to the VM, so that the guest operating system can read\nfrom and write to your physical device. This is, for instance, useful if you\nwant to install Windows from a real installation CD. In this case, select your\nhost drive from the drop-down list presented.\nIf you want to write (burn) CDs or DVDs using the host drive, you need to also\nenable the “Passthrough” option; see chapter 5.9, CD/DVD support, page 94.\n∗ If you select “Remove disk from virtual drive”, VirtualBox will present an\nempty CD/DVD drive to the guest into which no media has been inserted.\n\n54\n\n\f3 Configuring virtual machines\n• To remove an attachment, select it and click on the “remove” icon at the bottom (or\nright-click on it and select the menu item).\nRemovable media (CD/DVDs and floppies) can be changed while the guest is running. Since\nthe “Settings” dialog is not available at that time, you can also access these settings from the\n“Devices” menu of your virtual machine window.\n\n3.7 Audio settings\nThe “Audio” section in a virtual machine’s Settings window determines whether the VM will see\na sound card connected, and whether the audio output should be heard on the host system.\nIf audio is enabled for a guest, you can choose between the emulation of an Intel AC’97\ncontroller, an Intel HD Audio controller7 or a SoundBlaster 16 card. In any case, you can select\nwhat audio driver VirtualBox will use on the host.\nOn a Linux host, depending on your host configuration, you can also select between the OSS,\nALSA or the PulseAudio subsystem. On newer Linux distributions, the PulseAudio subsystem\nshould be preferred.\n\n3.8 Network settings\nThe “Network” section in a virtual machine’s Settings window allows you to configure how\nVirtualBox presents virtual network cards to your VM, and how they operate.\nWhen you first create a virtual machine, VirtualBox by default enables one virtual network\ncard and selects the “Network Address Translation” (NAT) mode for it. This way the guest can\nconnect to the outside world using the host’s networking and the outside world can connect to\nservices on the guest which you choose to make visible outside of the virtual machine.\nThis default setup is good for probably 95% of VirtualBox users. However, VirtualBox is extremely flexible in how it can virtualize networking. It supports many virtual network cards\nper virtual machine, the first four of which can be configured in detail in the Manager window.\nAdditional network cards can be configured on the command line with VBoxManage.\nBecause of the vast array of options available, we have dedicated an entire chapter of this\nmanual to discussing networking configuration; please see chapter 6, Virtual networking, page\n96.\n\n3.9 Serial ports\nVirtualBox fully supports virtual serial ports in a virtual machine in an easy-to-use manner.8\nEver since the original IBM PC, personal computers have been equipped with one or two serial\nports (also called COM ports by DOS and Windows). Serial ports were commonly used with\nmodems, and some computer mice used to be connected to serial ports before USB became\ncommonplace.\nWhile serial ports are no longer as ubiquitous as they used to be, there are still some important\nuses left for them. For example, serial ports can be used to set up a primitive network over a nullmodem cable, in case Ethernet is not available. Also, serial ports are indispensable for system\nprogrammers needing to do kernel debugging, since kernel debugging software usually interacts\nwith developers over a serial port. With virtual serial ports, system programmers can do kernel\ndebugging on a virtual machine instead of needing a real computer to connect to.\n\n7 Intel\n\nHD Audio support was added with VirtualBox 4.0 because Windows 7 and later (as well as 64-bit Windows Vista)\ndo not support the Intel AC’97 controller out of the box.\n8 Serial port support was added with VirtualBox 1.5.\n\n55\n\n\f3 Configuring virtual machines\nIf a virtual serial port is enabled, the guest operating system sees a standard 16550A compatible UART device. Both receiving and transmitting data is supported. How this virtual serial\nport is then connected to the host is configurable, and the details depend on your host operating\nsystem.\nYou can use either the graphical user interface or the command-line VBoxManage tool to set up\nvirtual serial ports. For the latter, please refer to chapter 8.8, VBoxManage modifyvm, page 131;\nin that section, look for the --uart and --uartmode options.\nIn either case, you can configure up to four virtual serial ports per virtual machine. For each\nsuch device, you will need to determine\n1. what kind of serial port the virtual machine should see by selecting an I/O base address\nand interrupt (IRQ). For these, we recommend to use the traditional values9 , which are:\na) COM1: I/O base 0x3F8, IRQ 4\nb) COM2: I/O base 0x2F8, IRQ 3\nc) COM3: I/O base 0x3E8, IRQ 4\nd) COM4: I/O base 0x2E8, IRQ 3\n2. Then, you will need to determine what this virtual port should be connected to. For each\nvirtual serial port, you have the following options:\n• You can elect to have the virtual serial port “disconnected”, which means that the\nguest will see the device, but it will behave as if no cable had been connected to it.\n• You can connect the virtual serial port to a physical serial port on your host. (On a\nWindows host, this will be a name like COM1; on Linux or Solaris hosts, it will be a\ndevice node like /dev/ttyS0). VirtualBox will then simply redirect all data received\nfrom and sent to the virtual serial port to the physical device.\n• You can tell VirtualBox to connect the virtual serial port to a software pipe on the host.\nThis depends on your host operating system:\n– On a Windows host, data will be sent and received through a named pipe. The\npipe name must be in the format \\\\.\\pipe\\<name> where <name> should identify the virtual machine but may be freely chosen.\n– On a Mac, Linux or Solaris host, a local domain socket is used instead. The socket\nfilename must be chosen such that the user running VirtualBox has sufficient\nprivileges to create and write to it. The /tmp directory is often a good candidate.\nOn Linux there are various tools which can connect to a local domain socket or\ncreate one in server mode. The most flexible tool is socat and is available as part\nof many distributions.\nIn this case, you can configure whether VirtualBox should create the named pipe (or,\non non-Windows hosts, the local domain socket) itself or whether VirtualBox should\nassume that the pipe (or socket) exists already. With the VBoxManage command-line\noptions, this is referred to as “server” or “client” mode, respectively.\nFor a direct connection between two virtual machines (corresponding to a null-modem\ncable), simply configure one VM to create a pipe/socket and another to attach to it.\n• You can send the virtual serial port output to a file. This option is very useful for\ncapturing diagnostic output from a guest. Any file may be used for this purpose, as\nlong as the user running VirtualBox has sufficient privileges to create and write to the\nfile.\n• TCP Socket: Useful for forwarding serial traffic over TCP/IP, acting as a server, or it\ncan act as a TCP client connecting to other servers. It allows a remote machine to\ndirectly connect to the guest’s serial port via TCP.\n9 See,\n\nfor example, http://en.wikipedia.org/wiki/COM_(hardware_interface).\n\n56\n\n\f3 Configuring virtual machines\n– TCP Server: Uncheck the Connect to existing pipe/socket checkbox and specify the\nport number. Typically 23 or 2023. Note that on UNIX-like systems you will have\nto use a port a number greater than 1024 for regular users.\nThe client can use software such as PuTTY or the telnet command line tool to\naccess the TCP Server.\n– TCP Client: To create a virtual null-modem cable over the Internet or LAN, the\nother side can connect via TCP by specifying hostname:port. The TCP socket\nwill act in client mode if check the Connect to existing pipe/socket checkbox.\nUp to four serial ports can be configured per virtual machine, but you can pick any port numbers\nout of the above. However, serial ports cannot reliably share interrupts; if both ports are to be\nused at the same time, they must use different interrupt levels, for example COM1 and COM2,\nbut not COM1 and COM3.\n\n3.10 USB support\n3.10.1 USB settings\nThe “USB” section in a virtual machine’s Settings window allows you to configure VirtualBox’s\nsophisticated USB support.\nVirtualBox can allow virtual machines to access the USB devices on your host directly. To\nachieve this, VirtualBox presents the guest operating system with a virtual USB controller. As\nsoon as the guest system starts using a USB device, it will appear as unavailable on the host.\nNote:\n1. Be careful with USB devices that are currently in use on the host! For example, if\nyou allow your guest to connect to your USB hard disk that is currently mounted\non the host, when the guest is activated, it will be disconnected from the host\nwithout a proper shutdown. This may cause data loss.\n2. Solaris hosts have a few known limitations regarding USB support; please see\nchapter 14, Known limitations, page 252.\nIn addition to allowing a guest access to your local USB devices, VirtualBox even allows your\nguests to connect to remote USB devices by use of the VirtualBox Remote Desktop Extension\n(VRDE). For details about this, see chapter 7.1.4, Remote USB, page 111.\nIn the Settings dialog, you can first configure whether USB is available in the guest at all, and\nthen choose the level of USB support: OHCI for USB 1.1, EHCI (which will also enable OHCI)\nfor USB 2.0, or xHCI for all USB speeds.\nNote: The xHCI and EHCI controllers are shipped as a VirtualBox extension package,\nwhich must be installed separately. See chapter 1.5, Installing VirtualBox and extension\npacks, page 16 for more information.\nWhen USB support is enabled for a VM, you can determine in detail which devices will be\nautomatically attached to the guest. For this, you can create so-called “filters” by specifying\ncertain properties of the USB device. USB devices with a matching filter will be automatically\npassed to the guest once they are attached to the host. USB devices without a matching filter can\nbe passed manually to the guest, for example by using the Devices / USB devices menu.\nClicking on the “+“ button to the right of the “USB Device Filters” window creates a new filter.\nYou can give the filter a name (for referencing it later) and specify the filter criteria. The more\n\n57\n\n\f3 Configuring virtual machines\ncriteria you specify, the more precisely devices will be selected. For instance, if you specify only\na vendor ID of 046d, all devices produced by Logitech will be available to the guest. If you fill\nin all fields, on the other hand, the filter will only apply to a particular device model from a\nparticular vendor, and not even to other devices of the same type with a different revision and\nserial number.\nIn detail, the following criteria are available:\n1. Vendor and product ID. With USB, each vendor of USB products carries an identification\nnumber that is unique world-wide, the “vendor ID”. Similarly, each line of products is\nassigned a “product ID” number. Both numbers are commonly written in hexadecimal\n(that is, they are composed of the numbers 0-9 and the letters A-F), and a colon separates\nthe vendor from the product ID. For example, 046d:c016 stands for Logitech as a vendor,\nand the “M-UV69a Optical Wheel Mouse” product.\nAlternatively, you can also specify “Manufacturer” and “Product” by name.\nTo list all the USB devices that are connected to your host machine with their respective\nvendor and product IDs, you can use the following command (see chapter 8, VBoxManage,\npage 117):\nVBoxManage list usbhost\n\nOn Windows, you can also see all USB devices that are attached to your system in the\nDevice Manager. On Linux, you can use the lsusb command.\n2. Serial number. While vendor and product ID are already quite specific to identify USB\ndevices, if you have two identical devices of the same brand and product line, you will also\nneed their serial numbers to filter them out correctly.\n3. Remote. This setting specifies whether the device will be local only, or remote only (over\nVRDP), or either.\nOn a Windows host, you will need to unplug and reconnect a USB device to use it after creating\na filter for it.\nAs an example, you could create a new USB filter and specify a vendor ID of 046d (Logitech,\nInc), a manufacturer index of 1, and “not remote”. Then any USB devices on the host system\nproduced by Logitech, Inc with a manufacturer index of 1 will be visible to the guest system.\nSeveral filters can select a single device – for example, a filter which selects all Logitech devices,\nand one which selects a particular webcam.\nYou can deactivate filters without deleting them by clicking in the checkbox next to the filter\nname.\n\n3.10.2 Implementation notes for Windows and Linux hosts\nOn Windows hosts, a kernel mode device driver provides USB proxy support. It implements both\na USB monitor, which allows VirtualBox to capture devices when they are plugged in, and a USB\ndevice driver to claim USB devices for a particular virtual machine. As opposed to VirtualBox\nversions before 1.4.0, system reboots are no longer necessary after installing the driver. Also,\nyou no longer need to replug devices for VirtualBox to claim them.\nOn newer Linux hosts, VirtualBox accesses USB devices through special files in the file system.\nWhen VirtualBox is installed, these are made available to all users in the vboxusers system\ngroup. In order to be able to access USB from guest systems, make sure that you are a member\nof this group.\nOn older Linux hosts, USB devices are accessed using the usbfs file system. Therefore, the\nuser executing VirtualBox needs read and write permission to the USB file system. Most distributions provide a group (e.g. usbusers) which the VirtualBox user needs to be added to. Also,\nVirtualBox can only proxy to virtual machines USB devices which are not claimed by a Linux\n\n58\n\n\f3 Configuring virtual machines\nhost USB driver. The Driver= entry in /proc/bus/usb/devices will show you which devices\nare currently claimed. Please refer to chapter 12.8.7, USB not working, page 244 also for details\nabout usbfs.\n\n3.11 Shared folders\nShared folders allow you to easily exchange data between a virtual machine and your host. This\nfeature requires that the VirtualBox Guest Additions be installed in a virtual machine and is\ndescribed in detail in chapter 4.3, Shared folders, page 71.\n\n3.12 Alternative firmware (EFI)\nStarting with release 3.1, VirtualBox includes experimental support for the Extensible Firmware\nInterface (EFI), which is a new industry standard intended to eventually replace the legacy BIOS\nas the primary interface for bootstrapping computers and certain system services later.\nBy default, VirtualBox uses the BIOS firmware for virtual machines. To use EFI for a given\nvirtual machine, you can enable EFI in the machine’s “Settings” dialog (see chapter 3.4.1, “Motherboard” tab, page 49). Alternatively, use the VBoxManage command line interface like this:\nVBoxManage modifyvm \"VM name\" --firmware efi\n\nTo switch back to using the BIOS, use:\nVBoxManage modifyvm \"VM name\" --firmware bios\n\nOne notable user of EFI is Apple’s Mac OS X, but more recent Linuxes and Windows (starting\nwith Vista) offer special versions that can be booted using EFI as well.\nAnother possible use of EFI in VirtualBox is development and testing of EFI applications, without booting any OS.\nNote that the VirtualBox EFI support is experimental and will be enhanced as EFI matures and\nbecomes more widespread. While Mac OS X and Linux guests are known to work fine, Windows\nguests are currently unable to boot with the VirtualBox EFI implementation.\n\n3.12.1 Video modes in EFI\nEFI provides two distinct video interfaces: GOP (Graphics Output Protocol) and UGA (Universal\nGraphics Adapter). Mac OS X uses GOP, while Linux tends to use UGA. VirtualBox provides a\nconfiguration option to control the framebuffer size for both interfaces.\nTo control GOP, use the following VBoxManage command:\nVBoxManage setextradata \"VM name\" VBoxInternal2/EfiGopMode N\n\nWhere N can be one of 0,1,2,3,4,5 referring to the 640x480, 800x600, 1024x768, 1280x1024,\n1440x900, 1920x1200 screen resolution respectively.\nTo change the UGA resolution:\nVBoxManage setextradata \"VM name\" VBoxInternal2/UgaHorizontalResolution 1440\nVBoxManage setextradata \"VM name\" VBoxInternal2/UgaVerticalResolution\n900\n\nThe video mode for both GOP and UGA can only be changed when the VM is powered off and\nremains persistent until changed.\n\n59\n\n\f3 Configuring virtual machines\n\n3.12.2 Specifying boot arguments\nIt is currently not possible to manipulate EFI variables from within a running guest (e.g., setting\nthe “boot-args” variable by running the nvram tool in a Mac OS X guest will not work). As an\nalternative way, “VBoxInternal2/EfiBootArgs” extradata can be passed to a VM in order to set the\n“boot-args” variable. To change the “boot-args” EFI variable:\nVBoxManage setextradata \"VM name\" VBoxInternal2/EfiBootArgs <value>\n\n60\n\n\f4 Guest Additions\nThe previous chapter covered getting started with VirtualBox and installing operating systems in\na virtual machine. For any serious and interactive use, the VirtualBox Guest Additions will make\nyour life much easier by providing closer integration between host and guest and improving the\ninteractive performance of guest systems. This chapter describes the Guest Additions in detail.\n\n4.1 Introduction\nAs mentioned in chapter 1.2, Some terminology, page 12, the Guest Additions are designed to\nbe installed inside a virtual machine after the guest operating system has been installed. They\nconsist of device drivers and system applications that optimize the guest operating system for\nbetter performance and usability. Please see chapter 3.1, Supported guest operating systems, page\n45 for details on what guest operating systems are fully supported with Guest Additions by\nVirtualBox.\nThe VirtualBox Guest Additions for all supported guest operating systems are provided as a\nsingle CD-ROM image file which is called VBoxGuestAdditions.iso. This image file is located\nin the installation directory of VirtualBox. To install the Guest Additions for a particular VM, you\nmount this ISO file in your VM as a virtual CD-ROM and install from there.\nThe Guest Additions offer the following features:\nMouse pointer integration To overcome the limitations for mouse support that were described\nin chapter 1.8.2, Capturing and releasing keyboard and mouse, page 22, this provides you\nwith seamless mouse support. You will only have one mouse pointer and pressing the Host\nkey is no longer required to “free” the mouse from being captured by the guest OS. To\nmake this work, a special mouse driver is installed in the guest that communicates with the\n“real” mouse driver on your host and moves the guest mouse pointer accordingly.\nShared folders These provide an easy way to exchange files between the host and the guest.\nMuch like ordinary Windows network shares, you can tell VirtualBox to treat a certain host\ndirectory as a shared folder, and VirtualBox will make it available to the guest operating\nsystem as a network share, irrespective of whether guest actually has a network. For details,\nplease refer to chapter 4.3, Shared folders, page 71.\nBetter video support While the virtual graphics card which VirtualBox emulates for any guest\noperating system provides all the basic features, the custom video drivers that are installed\nwith the Guest Additions provide you with extra high and non-standard video modes as\nwell as accelerated video performance.\nIn addition, with Windows, Linux and Solaris guests, you can resize the virtual machine’s\nwindow if the Guest Additions are installed. The video resolution in the guest will be automatically adjusted (as if you had manually entered an arbitrary resolution in the guest’s\ndisplay settings). Please see chapter 1.8.5, Resizing the machine’s window, page 24 also.\nFinally, if the Guest Additions are installed, 3D graphics and 2D video for guest applications\ncan be accelerated; see chapter 4.5, Hardware-accelerated graphics, page 75.\nSeamless windows With this feature, the individual windows that are displayed on the desktop\nof the virtual machine can be mapped on the host’s desktop, as if the underlying application\nwas actually running on the host. See chapter 4.6, Seamless windows, page 77 for details.\n\n61\n\n\f4 Guest Additions\nGeneric host/guest communication channels The Guest Additions enable you to control and\nmonitor guest execution in ways other than those mentioned above. The so-called “guest\nproperties” provide a generic string-based mechanism to exchange data bits between a\nguest and a host, some of which have special meanings for controlling and monitoring the\nguest; see chapter 4.7, Guest properties, page 78 for details.\nAdditionally, applications can be started in a guest from the host; see chapter 4.8, Guest\ncontrol, page 80.\nTime synchronization With the Guest Additions installed, VirtualBox can ensure that the\nguest’s system time is better synchronized with that of the host.\nFor various reasons, the time in the guest might run at a slightly different rate than the\ntime on the host. The host could be receiving updates via NTP and its own time might not\nrun linearly. A VM could also be paused, which stops the flow of time in the guest for a\nshorter or longer period of time. When the wall clock time between the guest and host only\ndiffers slightly, the time synchronization service attempts to gradually and smoothly adjust\nthe guest time in small increments to either “catch up” or “lose” time. When the difference\nis too great (e.g., a VM paused for hours or restored from saved state), the guest time is\nchanged immediately, without a gradual adjustment.\nThe Guest Additions will re-synchronize the time regularly. See chapter 9.14.3, Tuning\nthe Guest Additions time synchronization parameters, page 194 for how to configure the\nparameters of the time synchronization mechanism.\nShared clipboard With the Guest Additions installed, the clipboard of the guest operating system can optionally be shared with your host operating system; see chapter 3.3, General\nsettings, page 48.\nAutomated logons (credentials passing) For details, please see chapter 9.2, Automated guest\nlogons, page 175.\nEach version of VirtualBox, even minor releases, ship with their own version of the Guest\nAdditions. While the interfaces through which the VirtualBox core communicates with the Guest\nAdditions are kept stable so that Guest Additions already installed in a VM should continue to\nwork when VirtualBox is upgraded on the host, for best results, it is recommended to keep the\nGuest Additions at the same version.\nStarting with VirtualBox 3.1, the Windows and Linux Guest Additions therefore check automatically whether they have to be updated. If the host is running a newer VirtualBox version\nthan the Guest Additions, a notification with further instructions is displayed in the guest.\nTo disable this update check for the Guest Additions of a given virtual machine, set the value\nof its /VirtualBox/GuestAdd/CheckHostVersion guest property to 0; see chapter 4.7, Guest\nproperties, page 78 for details.\n\n4.2 Installing and Maintaining Guest Additions\nGuest Additions are available for virtual machines running Windows, Linux, Solaris or OS/2.\nThe following sections describe the specifics of each variant in detail.\n\n4.2.1 Guest Additions for Windows\nThe VirtualBox Windows Guest Additions are designed to be installed in a virtual machine running a Windows operating system. The following versions of Windows guests are supported:\n• Microsoft Windows NT 4.0 (any service pack)\n• Microsoft Windows 2000 (any service pack)\n\n62\n\n\f4 Guest Additions\n• Microsoft Windows XP (any service pack)\n• Microsoft Windows Server 2003 (any service pack)\n• Microsoft Windows Server 2008\n• Microsoft Windows Vista (all editions)\n• Microsoft Windows 7 (all editions)\n• Microsoft Windows 8 (all editions)\n• Microsoft Windows 10 RTM build 10240\n• Microsoft Windows Server 2012\n4.2.1.1 Installation\nIn the “Devices” menu in the virtual machine’s menu bar, VirtualBox has a handy menu item\nnamed “Insert Guest Additions CD image”, which mounts the Guest Additions ISO file inside\nyour virtual machine. A Windows guest should then automatically start the Guest Additions\ninstaller, which installs the Guest Additions into your Windows guest. Other guest operating\nsystems (or if automatic start of software on CD is disabled) need manual start of the installer.\nNote: For the basic Direct3D acceleration to work in a Windows Guest, you have to\ninstall the Guest Additions in “Safe Mode”. This does not apply to the experimental\nWDDM Direct3D video driver available for Vista and Windows 7 guests, see chapter\n14, Known limitations, page 252 for details.a\na The\n\nexperimental WDDM driver was added with VirtualBox 4.1.\n\nIf you prefer to mount the additions manually, you can perform the following steps:\n1. Start the virtual machine in which you have installed Windows.\n2. Select “Mount CD/DVD-ROM” from the “Devices” menu in the virtual machine’s menu bar\nand then “CD/DVD-ROM image”. This brings up the Virtual Media Manager described in\nchapter 5.3, The Virtual Media Manager, page 87.\n3. In the Virtual Media Manager, press the “Add” button and browse your host file system for\nthe VBoxGuestAdditions.iso file:\n• On a Windows host, you can find this file in the VirtualBox installation directory\n(usually under C:\\Program files\\Oracle\\VirtualBox ).\n• On Mac OS X hosts, you can find this file in the application bundle of VirtualBox.\n(Right click on the VirtualBox icon in Finder and choose Show Package Contents. There\nit is located in the Contents/MacOS folder.)\n• On a Linux host, you can find this file in the additions folder under where you\ninstalled VirtualBox (normally /opt/VirtualBox/).\n• On Solaris hosts, you can find this file in the additions folder under where you\ninstalled VirtualBox (normally /opt/VirtualBox).\n4. Back in the Virtual Media Manager, select that ISO file and press the “Select” button. This\nwill mount the ISO file and present it to your Windows guest as a CD-ROM.\n\n63\n\n\f4 Guest Additions\nUnless you have the Autostart feature disabled in your Windows guest, Windows will now\nautostart the VirtualBox Guest Additions installation program from the Additions ISO. If the\nAutostart feature has been turned off, choose VBoxWindowsAdditions.exe from the CD/DVD\ndrive inside the guest to start the installer.\nThe installer will add several device drivers to the Windows driver database and then invoke\nthe hardware detection wizard.\nDepending on your configuration, it might display warnings that the drivers are not digitally\nsigned. You must confirm these in order to continue the installation and properly install the\nAdditions.\nAfter installation, reboot your guest operating system to activate the Additions.\n4.2.1.2 Updating the Windows Guest Additions\nWindows Guest Additions can be updated by running the installation program again, as previously described. This will then replace the previous Additions drivers with updated versions.\nAlternatively, you may also open the Windows Device Manager and select “Update driver...“\nfor two devices:\n1. the VirtualBox Graphics Adapter and\n2. the VirtualBox System Device.\nFor each, choose to provide your own driver and use “Have Disk” to point the wizard to the\nCD-ROM drive with the Guest Additions.\n4.2.1.3 Unattended Installation\nAs a prerequiste for performing an unattended installation of the VirtualBox Guest Additions on\na Windows guest, there need to be Oracle CA (Certificate Authority) certificates installed in order\nto prevent user intervention popus which will undermine a silent installation.\nNote: On some Windows versions like Windows 2000 and Windows XP the user intervention popups mentioned above always will be displayed, even after importing the\nOracle certificates.\nSince VirtualBox 4.2 installing those CA certificates on a Windows guest can be done in an\nautomated fashion using the VBoxCertUtil.exe utility found on the Guest Additions installation\nCD in the cert folder:\n• Log in as Administrator on the guest.\n• Mount the VirtualBox Guest Additions .ISO.\n• Open a command line window on the guest and change to the cert folder on the VirtualBox\nGuest Additions CD.\n• Do\nVBoxCertUtil add-trusted-publisher oracle-vbox.cer --root oracle-vbox.cer\n\nThis will install the certificates to the certificate store. When installing the same certificate\nmore than once, an appropriate error will be displayed.\nPrior to VirtualBox 4.2 the Oracle CA certificates need to be imported in more manual style\nusing the certutil.exe utility, which is shipped since Windows Vista. For Windows versions\nbefore Vista you need to download and install certutil.exe manually. Since the certificates\n\n64\n\n\f4 Guest Additions\nare not accompanied on the VirtualBox Guest Additions CD-ROM prior to 4.2, these need to get\nextracted from a signed VirtualBox executable first.\nIn the following example the needed certificates will be extracted from the VirtualBox Windows Guest Additions installer on the CD-ROM:\nVeriSign Code Signing CA Open the Windows Explorer.\n• Right click on VBoxWindowsAdditions-<Architecture>.exe, click on “Properties”\n• Go to tab “Digital Signatures”, choose “Oracle Corporation” and click on “Details”\n• In tab “General” click on “View Certificate”\n• In tab “Certification Path” select “VeriSign Class 3 Public Primary CA”\n• Click on “View Certificate”\n• In tab “Details” click on “Copy to File ...“\n• In the upcoming wizard choose “DER encoded binary X.509 (.CER)“ and save the\ncertificate file to a local path, finish the wizard\n• Close certificate dialog for “Verisign Class 3 Code Signing 2010 CA”\nOracle Corporation Open the Windows Explorer.\n• Right click on VBoxWindowsAdditions-<Architecture>.exe, click on “Properties”\n• Go to tab “Digital Signatures”, choose “Oracle Corporation” and click on “Details”\n• In tab “General” click on “View Certificate”\n• In tab “Details” click on “Copy to File ...“\n• In the upcoming wizard choose “DER encoded binary X.509 (.CER)“ and save the\ncertificate file to a local path, finish the wizard\n• Close certificate dialog for “Oracle Corporation”\nAfter exporting the two certificates above they can be imported into the certificate store using\nthe certutil.exe utility:\ncertutil -addstore -f Root \"<Path to exported certificate file>\"\n\nIn order to allow for completely unattended guest installations, you can specify a command\nline parameter to the install launcher:\nVBoxWindowsAdditions.exe /S\n\nThis automatically installs the right files and drivers for the corresponding platform (32- or\n64-bit).\nNote: By default on an unattended installation on a Windows 7 or 8 guest, there will\nbe the XPDM graphics driver installed. This graphics driver does not support Windows Aero / Direct3D on the guest - instead the experimental WDDM graphics driver\nneeds to be installed. To select this driver by default, add the command line parameter\n/with_wddm when invoking the Windows Guest Additions installer.\n\nNote: For Windows Aero to run correctly on a guest, the guest’s VRAM size needs to\nbe configured to at least 128 MB.\nFor more options regarding unattended guest installations, consult the command line help by\nusing the command:\nVBoxWindowsAdditions.exe /?\n\n65\n\n\f4 Guest Additions\n4.2.1.4 Manual file extraction\nIf you would like to install the files and drivers manually, you can extract the files from the\nWindows Guest Additions setup by typing:\nVBoxWindowsAdditions.exe /extract\n\nTo explicitly extract the Windows Guest Additions for another platform than the current running one (e.g. 64-bit files on a 32-bit system), you have to execute the appropriate platform\ninstaller (VBoxWindowsAdditions-x86.exe or VBoxWindowsAdditions-amd64.exe) with the\n/extract parameter.\n\n4.2.2 Guest Additions for Linux\nLike the Windows Guest Additions, the VirtualBox Guest Additions for Linux are a set of device\ndrivers and system applications which may be installed in the guest operating system.\nThe following Linux distributions are officially supported:\n• Oracle Linux as of version 5 including UEK kernels;\n• Fedora as of Fedora Core 4;\n• Redhat Enterprise Linux as of version 3;\n• SUSE and openSUSE Linux as of version 9;\n• Ubuntu as of version 5.10.\nMany other distributions are known to work with the Guest Additions.\nThe version of the Linux kernel supplied by default in SUSE and openSUSE 10.2, Ubuntu 6.10\n(all versions) and Ubuntu 6.06 (server edition) contains a bug which can cause it to crash during\nstartup when it is run in a virtual machine. The Guest Additions work in those distributions.\nNote that some Linux distributions already come with all or part of the VirtualBox Guest\nAdditions. You may choose to keep the distribution’s version of the Guest Additions but these\nare often not up to date and limited in functionality, so we recommend replacing them with the\nGuest Additions that come with VirtualBox. The VirtualBox Linux Guest Additions installer tries\nto detect existing installation and replace them but depending on how the distribution integrates\nthe Guest Additions, this may require some manual interaction. It is highly recommended to\ntake a snapshot of the virtual machine before replacing pre-installed Guest Additions.\n4.2.2.1 Installing the Linux Guest Additions\nThe VirtualBox Guest Additions for Linux are provided on the same virtual CD-ROM file as the\nGuest Additions for Windows described above. They also come with an installation program\nguiding you through the setup process, although, due to the significant differences between\nLinux distributions, installation may be slightly more complex.\nInstallation generally involves the following steps:\n1. Before installing the Guest Additions, you will have to prepare your guest system for\nbuilding external kernel modules. This works similarly as described in chapter 2.3.2, The\nVirtualBox kernel module, page 37, except that this step must now be performed in your\nLinux guest instead of on a Linux host system, as described there.\nAgain, as with Linux hosts, we recommend using DKMS if it is available for the guest\nsystem. If it is not installed, use this command for Ubuntu/Debian systems:\nsudo apt-get install dkms\n\nor for Fedora systems:\n\n66\n\n\f4 Guest Additions\nyum install dkms\n\nBe sure to install DKMS before installing the Linux Guest Additions. If DKMS is not available\nor not installed, the guest kernel modules will need to be recreated manually whenever the\nguest kernel is updated using the command\nrcvboxadd setup\n\nas root.\n2. Insert the VBoxGuestAdditions.iso CD file into your Linux guest’s virtual CD-ROM drive,\nexactly the same way as described for a Windows guest in chapter 4.2.1.1, Installation, page\n63.\n3. Change to the directory where your CD-ROM drive is mounted and execute as root:\nsh ./VBoxLinuxAdditions.run\n\nFor your convenience, we provide the following step-by-step instructions for freshly installed\ncopies of recent versions of the most popular Linux distributions. After these preparational steps,\nyou can execute the VirtualBox Guest Additions installer as described above.\nUbuntu\n1. In order to fully update your guest system, open a terminal and run\napt-get update\n\nas root followed by\napt-get upgrade\n\n2. Install DKMS using\napt-get install dkms\n\n3. Reboot your guest system in order to activate the updates and then proceed as described\nabove.\nFedora\n1. In order to fully update your guest system, open a terminal and run\nyum update\n\nas root.\n2. Install DKMS and the GNU C compiler using\nyum install dkms\n\nfollowed by\nyum install gcc\n\n3. Reboot your guest system in order to activate the updates and then proceed as described\nabove.\n\n67\n\n\f4 Guest Additions\nopenSUSE\n1. In order to fully update your guest system, open a terminal and run\nzypper update\n\nas root.\n2. Install the make tool and the GNU C compiler using\nzypper install make gcc\n\n3. Reboot your guest system in order to activate the updates.\n4. Find out which kernel you are running using\nuname -a\n\nAn example would be 2.6.31.12-0.2-default which refers to the “default” kernel. Then\ninstall the correct kernel development package. In the above example this would be\nzypper install kernel-default-devel\n\n5. Make sure that your running kernel (uname -a) and the kernel packages you have installed\n(rpm -qa kernel\\*) have the exact same version number. Proceed with the installation\nas described above.\nSuSE Linux Enterprise Desktop (SLED)\n1. In order to fully update your guest system, open a terminal and run\nzypper update\n\nas root.\n2. Install the GNU C compiler using\nzypper install gcc\n\n3. Reboot your guest system in order to activate the updates.\n4. Find out which kernel you are running using\nuname -a\n\nAn example would be 2.6.27.19-5.1-default which refers to the “default” kernel. Then\ninstall the correct kernel development package. In the above example this would be\nzypper install kernel-syms kernel-source\n\n5. Make sure that your running kernel (uname -a) and the kernel packages you have installed\n(rpm -qa kernel\\*) have the exact same version number. Proceed with the installation\nas described above.\nMandrake\n1. Mandrake ships with the VirtualBox Guest Additions which will be replaced if you follow\nthese steps.\n2. In order to fully update your guest system, open a terminal and run\nurpmi --auto-update\n\nas root.\n3. Reboot your system in order to activate the updates.\n4. Install DKMS using\nurpmi dkms\n\nand make sure to choose the correct kernel-devel package when asked by the installer (use\nuname -a to compare).\n\n68\n\n\f4 Guest Additions\nOracle Linux, Red Hat Enterprise Linux and CentOS\n1. For versions prior to 6, add divider=10 to the kernel boot options in /etc/grub.conf to\nreduce the idle CPU load.\n2. In order to fully update your guest system, open a terminal and run\nyum update\n\nas root.\n3. Install the GNU C compiler and the kernel development packages using\nyum install gcc\n\nfollowed by\nyum install kernel-devel\n\nFor Oracle UEK kernels, use\nyum install kernel-uek-devel\n\nto install the UEK kernel headers.\n4. Reboot your guest system in order to activate the updates and then proceed as described\nabove.\n5. In case Oracle Linux does not find the required packages, you either have to install them\nfrom a different source (e.g. DVD) or use Oracle’s public Yum server located at http:\n//public-yum.oracle.com.\nDebian\n1. In order to fully update your guest system, open a terminal and run\napt-get update\n\nas root followed by\napt-get upgrade\n\n2. Install the make tool and the GNU C compiler using\napt-get install make gcc\n\n3. Reboot your guest system in order to activate the updates.\n4. Determine the exact version of your kernel using uname -a and install the correct version\nof the linux-headers package, e.g. using\napt-get install linux-headers-2.6.26-2-686\n\n4.2.2.2 Graphics and mouse integration\nIn Linux and Solaris guests, VirtualBox graphics and mouse integration goes through the X Window System. VirtualBox can use the X.Org variant of the system (or XFree86 version 4.3 which\nis identical to the first X.Org release). During the installation process, the X.Org display server\nwill be set up to use the graphics and mouse drivers which come with the Guest Additions.\nAfter installing the Guest Additions into a fresh installation of a supported Linux distribution\nor Solaris system (many unsupported systems will work correctly too), the guest’s graphics mode\nwill change to fit the size of the VirtualBox window on the host when it is resized. You can also\nask the guest system to switch to a particular resolution by sending a “video mode hint” using\nthe VBoxManage tool.\n\n69\n\n\f4 Guest Additions\nMultiple guest monitors are supported in guests using the X.Org server version 1.3 (which is\npart of release 7.3 of the X Window System version 11) or a later version. The layout of the guest\nscreens can be adjusted as needed using the tools which come with the guest operating system.\nIf you want to understand more about the details of how the X.Org drivers are set up (in\nparticular if you wish to use them in a setting which our installer doesn’t handle correctly), you\nshould read chapter 9.4.2, Guest graphics and mouse driver setup in depth, page 180.\n4.2.2.3 Updating the Linux Guest Additions\nThe Guest Additions can simply be updated by going through the installation procedure again\nwith an updated CD-ROM image. This will replace the drivers with updated versions. You should\nreboot after updating the Guest Additions.\n4.2.2.4 Uninstalling the Linux Guest Additions\nIf you have a version of the Guest Additions installed on your virtual machine and wish to\nremove it without installing new ones, you can do so by inserting the Guest Additions CD image\ninto the virtual CD-ROM drive as described above and running the installer for the current Guest\nAdditions with the “uninstall” parameter from the path that the CD image is mounted on in the\nguest:\nsh ./VBoxLinuxAdditions.run uninstall\n\nWhile this will normally work without issues, you may need to do some manual cleanup of\nthe guest (particularly of the XFree86Config or xorg.conf file) in some cases, particularly if the\nAdditions version installed or the guest operating system were very old, or if you made your own\nchanges to the Guest Additions setup after you installed them.\nStarting with version 3.1.0, you can uninstall the Additions by invoking\n/opt/VBoxGuestAdditions-5.0.16_Debian/uninstall.sh\n\nPlease replace /opt/VBoxGuestAdditions-5.0.16_Debian with the correct Guest Additions\ninstallation directory.\n\n4.2.3 Guest Additions for Solaris\nLike the Windows Guest Additions, the VirtualBox Guest Additions for Solaris take the form of\na set of device drivers and system applications which may be installed in the guest operating\nsystem.\nThe following Solaris distributions are officially supported:\n• Solaris 11 including Solaris 11 Express;\n• Solaris 10 (u5 and higher);\nOther distributions may work if they are based on comparable software releases.\n4.2.3.1 Installing the Solaris Guest Additions\nThe VirtualBox Guest Additions for Solaris are provided on the same ISO CD-ROM as the Additions for Windows and Linux described above. They also come with an installation program\nguiding you through the setup process.\nInstallation involves the following steps:\n\n70\n\n\f4 Guest Additions\n1. Mount the VBoxGuestAdditions.iso file as your Solaris guest’s virtual CD-ROM drive,\nexactly the same way as described for a Windows guest in chapter 4.2.1.1, Installation,\npage 63.\nIf in case the CD-ROM drive on the guest doesn’t get mounted (observed on some versions\nof Solaris 10), execute as root:\nsvcadm restart volfs\n\n2. Change to the directory where your CD-ROM drive is mounted and execute as root:\npkgadd -G -d ./VBoxSolarisAdditions.pkg\n\n3. Choose “1” and confirm installation of the Guest Additions package. After the installation\nis complete, re-login to X server on your guest to activate the X11 Guest Additions.\n4.2.3.2 Uninstalling the Solaris Guest Additions\nThe Solaris Guest Additions can be safely removed by removing the package from the guest.\nOpen a root terminal session and execute:\npkgrm SUNWvboxguest\n\n4.2.3.3 Updating the Solaris Guest Additions\nThe Guest Additions should be updated by first uninstalling the existing Guest Additions and\nthen installing the new ones. Attempting to install new Guest Additions without removing the\nexisting ones is not possible.\n\n4.2.4 Guest Additions for OS/2\nVirtualBox also ships with a set of drivers that improve running OS/2 in a virtual machine. Due\nto restrictions of OS/2 itself, this variant of the Guest Additions has a limited feature set; see\nchapter 14, Known limitations, page 252 for details.\nThe OS/2 Guest Additions are provided on the same ISO CD-ROM as those for the other\nplatforms. As a result, mount the ISO in OS/2 as described previously. The OS/2 Guest Additions\nare located in the directory \\32bit\\OS2.\nAs we do not provide an automatic installer at this time, please refer to the readme.txt file in\nthat directory, which describes how to install the OS/2 Guest Additions manually.\n\n4.3 Shared folders\nWith the “shared folders” feature of VirtualBox, you can access files of your host system from\nwithin the guest system. This is similar how you would use network shares in Windows networks\n– except that shared folders do not need require networking, only the Guest Additions. Shared\nFolders are supported with Windows (2000 or newer), Linux and Solaris guests.\nShared folders must physically reside on the host and are then shared with the guest, which\nuses a special file system driver in the Guest Addition to talk to the host. For Windows guests,\nshared folders are implemented as a pseudo-network redirector; for Linux and Solaris guests,\nthe Guest Additions provide a virtual file system.\nTo share a host folder with a virtual machine in VirtualBox, you must specify the path of that\nfolder and choose for it a “share name” that the guest can use to access it. Hence, first create the\nshared folder on the host; then, within the guest, connect to it.\nThere are several ways in which shared folders can be set up for a particular virtual machine:\n• In the window of a running VM, you can select “Shared folders” from the “Devices” menu,\nor click on the folder icon on the status bar in the bottom right corner.\n\n71\n\n\f4 Guest Additions\n• If a VM is not currently running, you can configure shared folders in each virtual machine’s\n“Settings” dialog.\n• From the command line, you can create shared folders using VBoxManage, as follows:\nVBoxManage sharedfolder add \"VM name\" --name \"sharename\" --hostpath \"C:\\test\"\n\nSee chapter 8.29, VBoxManage sharedfolder add/remove, page 154 for details.\nThere are two types of shares:\n1. VM shares which are only available to the VM for which they have been defined;\n2. transient VM shares, which can be added and removed at runtime and do not persist after\na VM has stopped; for these, add the --transient option to the above command line.\nShared folders have read/write access to the files at the host path by default. To restrict the\nguest to have read-only access, create a read-only shared folder. This can either be achieved\nusing the GUI or by appending the parameter --readonly when creating the shared folder with\nVBoxManage.\nStarting with version 4.0, VirtualBox shared folders also support symbolic links (symlinks),\nunder the following conditions:\n1. The host operating system must support symlinks (i.e. a Mac, Linux or Solaris host is\nrequired).\n2. Currently only Linux and Solaris Guest Additions support symlinks.\n3. For security reasons the guest OS is not allowed to create symlinks by default. If you\ntrust the guest OS to not abuse the functionality, you can enable creation of symlinks for\n“sharename” with:\nVBoxManage setextradata \"VM name\" VBoxInternal2/SharedFoldersEnableSymlinksCreate/sharename 1\n\n4.3.1 Manual mounting\nYou can mount the shared folder from inside a VM the same way as you would mount an ordinary\nnetwork share:\n• In a Windows guest, shared folders are browseable and therefore visible in Windows Explorer. So, to attach the host’s shared folder to your Windows guest, open Windows Explorer and look for it under “My Networking Places” -> “Entire Network” -> “VirtualBox\nShared Folders”. By right-clicking on a shared folder and selecting “Map network drive”\nfrom the menu that pops up, you can assign a drive letter to that shared folder.\nAlternatively, on the Windows command line, use the following:\nnet use x: \\\\vboxsvr\\sharename\n\nWhile vboxsvr is a fixed name (note that vboxsrv would also work), replace “x:“ with\nthe drive letter that you want to use for the share, and sharename with the share name\nspecified with VBoxManage.\n• In a Linux guest, use the following command:\nmount -t vboxsf [-o OPTIONS] sharename mountpoint\n\nTo mount a shared folder during boot, add the following entry to /etc/fstab:\nsharename\n\nmountpoint\n\nvboxsf\n\ndefaults\n\n0\n\n• In a Solaris guest, use the following command:\n\n72\n\n0\n\n\f4 Guest Additions\nmount -F vboxfs [-o OPTIONS] sharename mountpoint\n\nReplace sharename (use lowercase) with the share name specified with VBoxManage or the\nGUI, and mountpoint with the path where you want the share to be mounted on the guest\n(e.g. /mnt/share). The usual mount rules apply, that is, create this directory first if it does\nnot exist yet.\nHere is an example of mounting the shared folder for the user “jack” on Solaris:\n$ id\nuid=5000(jack) gid=1(other)\n$ mkdir /export/home/jack/mount\n$ pfexec mount -F vboxfs -o uid=5000,gid=1 jackshare /export/home/jack/mount\n$ cd ~/mount\n$ ls\nsharedfile1.mp3 sharedfile2.txt\n$\n\nBeyond the standard options supplied by the mount command, the following are available:\niocharset CHARSET\n\nto set the character set used for I/O operations. Note that on Linux guests, if the “iocharset”\noption is not specified then the Guest Additions driver will attempt to use the character set\nspecified by the CONFIG_NLS_DEFAULT kernel option. If this option is not set either then\nUTF-8 will be used. Also,\nconvertcp CHARSET\n\nis available in order to specify the character set used for the shared folder name (utf8 by\ndefault).\nThe generic mount options (documented in the mount manual page) apply also. Especially useful are the options uid, gid and mode, as they allow access by normal users (in\nread/write mode, depending on the settings) even if root has mounted the filesystem.\n\n4.3.2 Automatic mounting\nStarting with version 4.0, VirtualBox can mount shared folders automatically, at your option. If\nautomatic mounting is enabled for a specific shared folder, the Guest Additions will automatically\nmount that folder as soon as a user logs into the guest OS. The details depend on the guest OS\ntype:\n• With Windows guests, any auto-mounted shared folder will receive its own drive letter\n(e.g. E:) depending on the free drive letters remaining in the guest.\nIf there no free drive letters left, auto-mounting will fail; as a result, the number of automounted shared folders is typically limited to 22 or less with Windows guests.\n• With Linux guests, auto-mounted shared folders are mounted into the /media directory,\nalong with the prefix sf_. For example, the shared folder myfiles would be mounted to\n/media/sf_myfiles on Linux and /mnt/sf_myfiles on Solaris.\nThe guest property /VirtualBox/GuestAdd/SharedFolders/MountPrefix determines\nthe prefix that is used. Change that guest property to a value other than “sf” to change\nthat prefix; see chapter 4.7, Guest properties, page 78 for details.\nNote: Access to auto-mounted shared folders is only granted to the user group vboxsf,\nwhich is created by the VirtualBox Guest Additions installer. Hence guest users have to\nbe member of that group to have read/write access or to have read-only access in case\nthe folder is not mapped writable.\n\n73\n\n\f4 Guest Additions\nTo change the mount directory to something other than /media, you can set the guest\nproperty /VirtualBox/GuestAdd/SharedFolders/MountDir.\n• Solaris guests behave like Linux guests except that /mnt is used as the default mount\ndirectory instead of /media.\nTo have any changes to auto-mounted shared folders applied while a VM is running, the guest\nOS needs to be rebooted. (This applies only to auto-mounted shared folders, not the ones which\nare mounted manually.)\n\n4.4 Drag and Drop\nStarting with version 5.0, VirtualBox supports to drag and drop content from the host to the\nguest and vice versa. For this to work the latest Guest Additions must be installed on the guest.\nDrag and drop transparently allows copying or opening files, directories and even certain\nclipboard formats from one end to the other, e.g. from the host to the guest or from the guest\nto the host. One then can perform drag and drop operations between the host and a VM as it\nwould be a native drag and drop operation on the host OS.\nAt the moment drag and drop is implemented for Windows- and X-Windows-based systems,\nboth, on host and guest side. As X-Windows sports different drag and drop protocols only the\nmost used one, XDND, is supported for now. Applications using other protocols (such as Motif\nor OffiX) will not be recognized by VirtualBox.\nIn context of using drag and drop the origin of the data is called source, that is, where the\nactual data comes from and is specified. On the other hand there is the target, which specifies\nwhere the data from the source should go to. Transferring data from the source to the target can\nbe done in various ways, e.g. copying, moving or linking.1\nWhen transferring data from the host to the guest OS, the host in this case is the source,\nwhereas the guest OS is the target. However, when doing it the other way around, that is,\ntransferring data from the guest OS to the host, the guest OS this time became the source and\nthe host is the target.\nFor security reasons drag and drop can be configured at runtime on a per-VM basis either using\nthe “Drag and Drop” menu item in the “Devices” menu of the virtual machine or VBoxManage:\nThe following four modes are available:\n\n• Disabled disables the drag and drop entirely. This is the default when creating new VMs.\n• Host To Guest enables performing drag and drop operations from the host to the guest\nonly.\n1 At\n\nthe moment only copying of data is supported. Moving or linking is not yet implemented.\n\n74\n\n\f4 Guest Additions\n• Guest To Host enables performing drag and drop operations from the guest to the host\nonly.\n• Bidirectional enables performing drag and drop operations to both directions, e.g. from\nthe host to the guest and vice versa.\n\nNote: Drag and drop support depends on the frontend being used; at the moment only\nthe VirtualBox Manager frontend provides this functionality.\nTo use VBoxManage for controlling the current drag and drop mode, see chapter 8, VBoxManage, page 117. The commands modifyvm and controlvm allow setting the VM’s current drag\nand drop mode via command line.\n\n4.4.1 Supported formats\nAs VirtualBox can run on a variety of host OSes and also supports a wide range of guests, certain\ndata formats must be translated after those got transfered over so that the target OS (that is, the\nside which receiving the data) is able to handle them in an appropriate manner.\nNote: When dragging files however, no data conversion is done in any way, e.g. when\ntransferring a file from a Linux guest to a Windows host the Linux-specific line endings\nwon’t be converted to Windows ones.\nThe following formats are handled by the VirtualBox drag and drop service:\n• Plain text, from applications such as text editors, internet browsers and terminal windows\n• Files, from file managers such as Windows explorer, Nautilus and Finder\n• Directories, where the same applies as for files\n\n4.4.2 Known limitations\nThe following limitations are known:\n• On Windows hosts, dragging and dropping content from UAC-elevated (User Account\nControl) programs to non-UAC-elevated programs and vice versa is now allowed. So when\nstarting VirtualBox with Administrator privileges then drag and drop will not work with the\nWindows Explorer which runs with regular user privileges by default.\n\n4.5 Hardware-accelerated graphics\n4.5.1 Hardware 3D acceleration (OpenGL and Direct3D 8/9)\nThe VirtualBox Guest Additions contain experimental hardware 3D support for Windows, Linux\nand Solaris guests.2\nWith this feature, if an application inside your virtual machine uses 3D features through the\nOpenGL or Direct3D 8/9 programming interfaces, instead of emulating them in software (which\n2 OpenGL\n\nsupport for Windows guests was added with VirtualBox 2.1; support for Linux and Solaris followed with\nVirtualBox 2.2. With VirtualBox 3.0, Direct3D 8/9 support was added for Windows guests. OpenGL 2.0 is now\nsupported as well. With VirtualBox 4.1 Windows Aero theme support is added for Windows Vista and Windows 7\nguests (experimental)\n\n75\n\n\f4 Guest Additions\nwould be slow), VirtualBox will attempt to use your host’s 3D hardware. This works for all\nsupported host platforms (Windows, Mac, Linux, Solaris), provided that your host operating\nsystem can make use of your accelerated 3D hardware in the first place.\nThe 3D acceleration currently has the following preconditions:\n1. It is only available for certain Windows, Linux and Solaris guests. In particular:\n• 3D acceleration with Windows guests requires Windows 2000, Windows XP, Vista or\nWindows 7. Both OpenGL and Direct3D 8/9 (not with Windows 2000) are supported\n(experimental).\n• OpenGL on Linux requires kernel 2.6.27 and higher as well as X.org server version 1.5\nand higher. Ubuntu 10.10 and Fedora 14 have been tested and confirmed as working.\n• OpenGL on Solaris guests requires X.org server version 1.5 and higher.\n2. The Guest Additions must be installed.\nNote: For the basic Direct3D acceleration to work in a Windows Guest, VirtualBox\nneeds to replace Windows system files in the virtual machine. As a result, the Guest\nAdditions installation program offers Direct3D acceleration as an option that must be\nexplicitly enabled. Also, you must install the Guest Additions in “Safe Mode”. This\ndoes not apply to the experimental WDDM Direct3D video driver available for Vista\nand Windows 7 guests, see chapter 14, Known limitations, page 252 for details.\n\n3. Because 3D support is still experimental at this time, it is disabled by default and must be\nmanually enabled in the VM settings (see chapter 3.3, General settings, page 48).\nNote: Untrusted guest systems should not be allowed to use VirtualBox’s 3D acceleration features, just as untrusted host software should not be allowed to use 3D acceleration. Drivers for 3D hardware are generally too complex to be made properly secure\nand any software which is allowed to access them may be able to compromise the operating system running them. In addition, enabling 3D acceleration gives the guest direct\naccess to a large body of additional program code in the VirtualBox host process which\nit might conceivably be able to use to crash the virtual machine.\n\nWith VirtualBox 4.1, Windows Aero theme support is added for Windows Vista and Windows 7\nguests. To enable Aero theme support, the experimental VirtualBox WDDM video driver must be\ninstalled, which is available with the Guest Additions installation. Since the WDDM video driver\nis still experimental at this time, it is not installed by default and must be manually selected in\nthe Guest Additions installer by answering “No” int the “Would you like to install basic Direct3D\nsupport” dialog displayed when the Direct3D feature is selected.\nNote: Unlike the current basic Direct3D support, the WDDM video driver installation\ndoes not require the “Safe Mode”.\nThe Aero theme is not enabled by default. To enable it\n• In Windows Vista guest: right-click on the desktop, in the context menu select “Personalize”, then select “Windows Color and Appearance” in the “Personalization” window, in the\n“Appearance Settings” dialog select “Windows Aero” and press “OK”\n\n76\n\n\f4 Guest Additions\n• In Windows 7 guest: right-click on the desktop, in the context menu select “Personalize”\nand select any Aero theme in the “Personalization” window\nTechnically, VirtualBox implements this by installing an additional hardware 3D driver inside\nyour guest when the Guest Additions are installed. This driver acts as a hardware 3D driver\nand reports to the guest operating system that the (virtual) hardware is capable of 3D hardware\nacceleration. When an application in the guest then requests hardware acceleration through\nthe OpenGL or Direct3D programming interfaces, these are sent to the host through a special\ncommunication tunnel implemented by VirtualBox, and then the host performs the requested 3D\noperation via the host’s programming interfaces.\n\n4.5.2 Hardware 2D video acceleration for Windows guests\nStarting with version 3.1, the VirtualBox Guest Additions contain experimental hardware 2D\nvideo acceleration support for Windows guests.\nWith this feature, if an application (e.g. a video player) inside your Windows VM uses 2D\nvideo overlays to play a movie clip, then VirtualBox will attempt to use your host’s video acceleration hardware instead of performing overlay stretching and color conversion in software (which\nwould be slow). This currently works for Windows, Linux and Mac host platforms, provided that\nyour host operating system can make use of 2D video acceleration in the first place.\nThe 2D video acceleration currently has the following preconditions:\n1. It is only available for Windows guests (XP or later).\n2. The Guest Additions must be installed.\n3. Because 2D support is still experimental at this time, it is disabled by default and must be\nmanually enabled in the VM settings (see chapter 3.3, General settings, page 48).\nTechnically, VirtualBox implements this by exposing video overlay DirectDraw capabilities in\nthe Guest Additions video driver. The driver sends all overlay commands to the host through\na special communication tunnel implemented by VirtualBox. On the host side, OpenGL is then\nused to implement color space transformation and scaling\n\n4.6 Seamless windows\nWith the “seamless windows” feature of VirtualBox, you can have the windows that are displayed\nwithin a virtual machine appear side by side next to the windows of your host. This feature\nis supported for the following guest operating systems (provided that the Guest Additions are\ninstalled):\n• Windows guests (support added with VirtualBox 1.5);\n• Supported Linux or Solaris guests running the X Window System (added with VirtualBox\n1.6).\nAfter seamless windows are enabled (see below), VirtualBox suppresses the display of the\nDesktop background of your guest, allowing you to run the windows of your guest operating\nsystem seamlessly next to the windows of your host:\n\n77\n\n\f4 Guest Additions\n\nTo enable seamless mode, after starting the virtual machine, press the Host key (normally the\nright control key) together with “L”. This will enlarge the size of the VM’s display to the size\nof your host screen and mask out the guest operating system’s background. To go back to the\n“normal” VM display (i.e. to disable seamless windows), press the Host key and “L” again.\n\n4.7 Guest properties\nStarting with version 2.1, VirtualBox allows for requesting certain properties from a running\nguest, provided that the VirtualBox Guest Additions are installed and the VM is running. This is\ngood for two things:\n1. A number of predefined VM characteristics are automatically maintained by VirtualBox and\ncan be retrieved on the host, e.g. to monitor VM performance and statistics.\n2. In addition, arbitrary string data can be exchanged between guest and host. This works in\nboth directions.\nTo accomplish this, VirtualBox establishes a private communication channel between the\nVirtualBox Guest Additions and the host, and software on both sides can use this channel to\nexchange string data for arbitrary purposes. Guest properties are simply string keys to which a\nvalue is attached. They can be set (written to) by either the host and the guest, and they can\nalso be read from both sides.\nIn addition to establishing the general mechanism of reading and writing values, a set of\npredefined guest properties is automatically maintained by the VirtualBox Guest Additions to\nallow for retrieving interesting guest data such as the guest’s exact operating system and service\npack level, the installed version of the Guest Additions, users that are currently logged into\nthe guest OS, network statistics and more. These predefined properties are all prefixed with\n/VirtualBox/ and organized into a hierarchical tree of keys.\nSome of this runtime information is shown when you select “Session Information Dialog” from\na virtual machine’s “Machine” menu.\nA more flexible way to use this channel is via the VBoxManage guestproperty command set;\nsee chapter 8.30, VBoxManage guestproperty, page 154 for details. For example, to have all the\navailable guest properties for a given running VM listed with their respective values, use this:\n\n78\n\n\f4 Guest Additions\n$ VBoxManage guestproperty enumerate \"Windows Vista III\"\nVirtualBox Command Line Management Interface Version 5.0.16\n(C) 2005-2016 Oracle Corporation\nAll rights reserved.\nName: /VirtualBox/GuestInfo/OS/Product, value: Windows Vista Business Edition,\ntimestamp: 1229098278843087000, flags:\nName: /VirtualBox/GuestInfo/OS/Release, value: 6.0.6001,\ntimestamp: 1229098278950553000, flags:\nName: /VirtualBox/GuestInfo/OS/ServicePack, value: 1,\ntimestamp: 1229098279122627000, flags:\nName: /VirtualBox/GuestAdd/InstallDir,\nvalue: C:/Program Files/Oracle/VirtualBox\nGuest Additions, timestamp: 1229098279269739000, flags:\nName: /VirtualBox/GuestAdd/Revision, value: 40720,\ntimestamp: 1229098279345664000, flags:\nName: /VirtualBox/GuestAdd/Version, value: 5.0.16,\ntimestamp: 1229098279479515000, flags:\nName: /VirtualBox/GuestAdd/Components/VBoxControl.exe, value: 5.0.16r40720,\ntimestamp: 1229098279651731000, flags:\nName: /VirtualBox/GuestAdd/Components/VBoxHook.dll, value: 5.0.16r40720,\ntimestamp: 1229098279804835000, flags:\nName: /VirtualBox/GuestAdd/Components/VBoxDisp.dll, value: 5.0.16r40720,\ntimestamp: 1229098279880611000, flags:\nName: /VirtualBox/GuestAdd/Components/VBoxMRXNP.dll, value: 5.0.16r40720,\ntimestamp: 1229098279882618000, flags:\nName: /VirtualBox/GuestAdd/Components/VBoxService.exe, value: 5.0.16r40720,\ntimestamp: 1229098279883195000, flags:\nName: /VirtualBox/GuestAdd/Components/VBoxTray.exe, value: 5.0.16r40720,\ntimestamp: 1229098279885027000, flags:\nName: /VirtualBox/GuestAdd/Components/VBoxGuest.sys, value: 5.0.16r40720,\ntimestamp: 1229098279886838000, flags:\nName: /VirtualBox/GuestAdd/Components/VBoxMouse.sys, value: 5.0.16r40720,\ntimestamp: 1229098279890600000, flags:\nName: /VirtualBox/GuestAdd/Components/VBoxSF.sys, value: 5.0.16r40720,\ntimestamp: 1229098279893056000, flags:\nName: /VirtualBox/GuestAdd/Components/VBoxVideo.sys, value: 5.0.16r40720,\ntimestamp: 1229098279895767000, flags:\nName: /VirtualBox/GuestInfo/OS/LoggedInUsers, value: 1,\ntimestamp: 1229099826317660000, flags:\nName: /VirtualBox/GuestInfo/OS/NoLoggedInUsers, value: false,\ntimestamp: 1229098455580553000, flags:\nName: /VirtualBox/GuestInfo/Net/Count, value: 1,\ntimestamp: 1229099826299785000, flags:\nName: /VirtualBox/HostInfo/GUI/LanguageID, value: C,\ntimestamp: 1229098151272771000, flags:\nName: /VirtualBox/GuestInfo/Net/0/V4/IP, value: 192.168.2.102,\ntimestamp: 1229099826300088000, flags:\nName: /VirtualBox/GuestInfo/Net/0/V4/Broadcast, value: 255.255.255.255,\ntimestamp: 1229099826300220000, flags:\nName: /VirtualBox/GuestInfo/Net/0/V4/Netmask, value: 255.255.255.0,\ntimestamp: 1229099826300350000, flags:\nName: /VirtualBox/GuestInfo/Net/0/Status, value: Up,\ntimestamp: 1229099826300524000, flags:\nName: /VirtualBox/GuestInfo/OS/LoggedInUsersList, value: username,\ntimestamp: 1229099826317386000, flags:\n\nTo query the value of a single property, use the “get” subcommand like this:\n$ VBoxManage guestproperty get \"Windows Vista III\" \"/VirtualBox/GuestInfo/OS/Product\"\nVirtualBox Command Line Management Interface Version 5.0.16\n(C) 2005-2016 Oracle Corporation\nAll rights reserved.\nValue: Windows Vista Business Edition\n\n79\n\n\f4 Guest Additions\nTo add or change guest properties from the guest, use the tool VBoxControl. This tool is\nincluded in the Guest Additions of VirtualBox 2.2 or later. When started from a Linux guest, this\ntool requires root privileges for security reasons:\n$ sudo VBoxControl guestproperty enumerate\nVirtualBox Guest Additions Command Line Management Interface Version 5.0.16\n(C) 2009-2016 Oracle Corporation\nAll rights reserved.\nName: /VirtualBox/GuestInfo/OS/Release, value: 2.6.28-18-generic,\ntimestamp: 1265813265835667000, flags: <NULL>\nName: /VirtualBox/GuestInfo/OS/Version, value: #59-Ubuntu SMP Thu Jan 28 01:23:03 UTC 2010,\ntimestamp: 1265813265836305000, flags: <NULL>\n...\n\nFor more complex needs, you can use the VirtualBox programming interfaces; see chapter 11,\nVirtualBox programming interfaces, page 228.\n\n4.8 Guest control\nStarting with version 3.2, the Guest Additions of VirtualBox allow starting applications inside a\nVM from the host system.\nFor this to work, the application needs to be installed inside the guest; no additional software\nneeds to be installed on the host. Additionally, text mode output (to stdout and stderr) can be\nshown on the host for further processing along with options to specify user credentials and a\ntimeout value (in milliseconds) to limit time the application is able to run.\nThis feature can be used to automate deployment of software within the guest.\nStarting with version 4.0, the Guest Additions for Windows allow for automatic updating (only\nalready installed Guest Additions 4.0 or later). Also, copying files from host to the guest as well\nas remotely creating guest directories is available.\nTo use these features, use the VirtualBox command line, see chapter 8.31, VBoxManage guestcontrol, page 155.\n\n4.9 Memory overcommitment\nIn server environments with many VMs; the Guest Additions can be used to share physical host\nmemory between several VMs, reducing the total amount of memory in use by the VMs. If\nmemory usage is the limiting factor and CPU resources are still available, this can help with\npacking more VMs on each host.\n\n4.9.1 Memory ballooning\nStarting with version 3.2, the Guest Additions of VirtualBox can change the amount of host\nmemory that a VM uses while the machine is running. Because of how this is implemented, this\nfeature is called “memory ballooning”.\nNote: VirtualBox supports memory ballooning only on 64-bit hosts, and it is not supported on Mac OS X hosts.\n\nNote: Memory ballooning does not work with large pages enabled. To turn off large\npages support for a VM, run VBoxManage modifyvm <VM name> --largepages off\n\n80\n\n\f4 Guest Additions\nNormally, to change the amount of memory allocated to a virtual machine, one has to shut\ndown the virtual machine entirely and modify its settings. With memory ballooning, memory\nthat was allocated for a virtual machine can be given to another virtual machine without having\nto shut the machine down.\nWhen memory ballooning is requested, the VirtualBox Guest Additions (which run inside the\nguest) allocate physical memory from the guest operating system on the kernel level and lock\nthis memory down in the guest. This ensures that the guest will not use that memory any longer:\nno guest applications can allocate it, and the guest kernel will not use it either. VirtualBox can\nthen re-use this memory and give it to another virtual machine.\nThe memory made available through the ballooning mechanism is only available for re-use by\nVirtualBox. It is not returned as free memory to the host. Requesting balloon memory from a\nrunning guest will therefore not increase the amount of free, unallocated memory on the host.\nEffectively, memory ballooning is therefore a memory overcommitment mechanism for multiple\nvirtual machines while they are running. This can be useful to temporarily start another machine,\nor in more complicated environments, for sophisticated memory management of many virtual\nmachines that may be running in parallel depending on how memory is used by the guests.\nAt this time, memory ballooning is only supported through VBoxManage. Use the following command to increase or decrease the size of the memory balloon within a running virtual\nmachine that has Guest Additions installed:\nVBoxManage controlvm \"VM name\" guestmemoryballoon <n>\n\nwhere \"VM name\" is the name or UUID of the virtual machine in question and <n> is the amount\nof memory to allocate from the guest in megabytes. See chapter 8.13, VBoxManage controlvm,\npage 142 for more information.\nYou can also set a default balloon that will automatically be requested from the VM every time\nafter it has started up with the following command:\nVBoxManage modifyvm \"VM name\" --guestmemoryballoon <n>\n\nBy default, no balloon memory is allocated. This is a VM setting, like other modifyvm settings,\nand therefore can only be set while the machine is shut down; see chapter 8.8, VBoxManage\nmodifyvm, page 131.\n\n4.9.2 Page Fusion\nWhereas memory ballooning simply reduces the amount of RAM that is available to a VM, Page\nFusion works differently: it avoids memory duplication between several similar running VMs.\nIn a server environment running several similar VMs (e.g. with identical operating systems)\non the same host, lots of memory pages are identical. VirtualBox’s Page Fusion technology,\nintroduced with VirtualBox 3.2, is a novel technique to efficiently identify these identical memory\npages and share them between multiple VMs.\nNote: VirtualBox supports Page Fusion only on 64-bit hosts, and it is not supported on\nMac OS X hosts. Page Fusion currently works only with Windows guests (2000 and\nlater).\nThe more similar the VMs on a given host are, the more efficiently Page Fusion can reduce the\namount of host memory that is in use. It therefore works best if all VMs on a host run identical\noperating systems (e.g. Windows XP Service Pack 2). Instead of having a complete copy of each\noperating system in each VM, Page Fusion identifies the identical memory pages in use by these\noperating systems and eliminates the duplicates, sharing host memory between several machines\n(“deduplication”). If a VM tries to modify a page that has been shared with other VMs, a new\npage is allocated again for that VM with a copy of the shared page (“copy on write”). All this is\nfully transparent to the virtual machine.\n\n81\n\n\f4 Guest Additions\nYou may be familiar with this kind of memory overcommitment from other hypervisor products, which call this feature “page sharing” or “same page merging”. However, Page Fusion differs\nsignificantly from those other solutions, whose approaches have several drawbacks:\n1. Traditional hypervisors scan all guest memory and compute checksums (hashes) for every\nsingle memory page. Then, they look for pages with identical hashes and compare the\nentire content of those pages; if two pages produce the same hash, it is very likely that the\npages are identical in content. This, of course, can take rather long, especially if the system\nis not idling. As a result, the additional memory only becomes available after a significant\namount of time (this can be hours or even days!). Even worse, this kind of page sharing\nalgorithm generally consumes significant CPU resources and increases the virtualization\noverhead by 10-20%.\nPage Fusion in VirtualBox uses logic in the VirtualBox Guest Additions to quickly identify\nmemory cells that are most likely identical across VMs. It can therefore achieve most of the\npossible savings of page sharing almost immediately and with almost no overhead.\n2. Page Fusion is also much less likely to be confused by identical memory that it will eliminate\njust to learn seconds later that the memory will now change and having to perform a highly\nexpensive and often service-disrupting reallocation.\nAt this time, Page Fusion can only be controlled with VBoxManage, and only while a VM is\nshut down. To enable Page Fusion for a VM, use the following command:\nVBoxManage modifyvm \"VM name\" --pagefusion on\n\nYou can observe Page Fusion operation using some metrics. RAM/VMM/Shared shows the total\namount of fused pages, whereas the per-VM metric Guest/RAM/Usage/Shared will return the\namount of fused memory for a given VM. Please refer to chapter 8.32, VBoxManage metrics, page\n163 for information on how to query metrics.\nNote: Enabling Page Fusion might indirectly increase the chances for malicious guests\nto successfully attack other VMs running on the same host, see chapter 13.3.4, Potentially insecure operations, page 250.\n\n82\n\n\f5 Virtual storage\nAs the virtual machine will most probably expect to see a hard disk built into its virtual computer,\nVirtualBox must be able to present “real” storage to the guest as a virtual hard disk. There are\npresently three methods in which to achieve this:\n1. Most commonly, VirtualBox will use large image files on a real hard disk and present them\nto a guest as a virtual hard disk. This is described in chapter 5.2, Disk image files (VDI,\nVMDK, VHD, HDD), page 86.\n2. Alternatively, if you have iSCSI storage servers, you can attach such a server to VirtualBox\nas well; this is described in chapter 5.10, iSCSI servers, page 94.\n3. Finally, as an advanced feature, you can allow a virtual machine to access one of your host\ndisks directly; this advanced feature is described in chapter 9.9.1, Using a raw host hard\ndisk from a guest, page 186.\nEach such virtual storage device (image file, iSCSI target or physical hard disk) will need to be\nconnected to the virtual hard disk controller that VirtualBox presents to a virtual machine. This\nis explained in the next section.\n\n5.1 Hard disk controllers: IDE, SATA (AHCI), SCSI, SAS, USB\nMSC\nIn a real PC, hard disks and CD/DVD drives are connected to a device called hard disk controller\nwhich drives hard disk operation and data transfers. VirtualBox can emulate the five most common types of hard disk controllers typically found in today’s PCs: IDE, SATA (AHCI), SCSI, SAS\nand USB-based mass storage devices.1\n• IDE (ATA) controllers are a backwards compatible yet very advanced extension of the disk\ncontroller in the IBM PC/AT (1984). Initially, this interface worked only with hard disks,\nbut was later extended to also support CD-ROM drives and other types of removable media.\nIn physical PCs, this standard uses flat ribbon parallel cables with 40 or 80 wires. Each such\ncable can connect two devices to a controller, which have traditionally been called “master”\nand “slave”. Typical PCs had two connectors for such cables; as a result, support for up to\nfour IDE devices was most common.\nIn VirtualBox, each virtual machine may have one IDE contoller enabled, which gives you\nup to four virtual storage devices that you can attach to the machine. (By default, one of\nthese four – the secondary master – is preconfigured to be the machine’s virtual CD/DVD\ndrive, but this can be changed.2 )\nSo even if your guest operating system has no support for SCSI or SATA devices, it should\nalways be able to see an IDE controller.\n1 SATA\n\nsupport was added with VirtualBox 1.6; experimental SCSI support was added with 2.1 and fully implemented\nwith 2.2. Generally, storage attachments were made much more flexible with VirtualBox 3.1; see below. Support for\nthe LSI Logic SAS controller was added with VirtualBox 3.2; USB mass storage devices are supported since VirtualBox\n5.0.\n2 The assignment of the machine’s CD/DVD drive to the secondary master was fixed before VirtualBox 3.1; it is now\nchangeable, and the drive can be at other slots of the IDE controller, and there can be more than one such drive.\n\n83\n\n\f5 Virtual storage\nYou can also select which exact type of IDE controller hardware VirtualBox should present\nto the virtual machine (PIIX3, PIIX4 or ICH6). This makes no difference in terms of performance, but if you import a virtual machine from another virtualization product, the\noperating system in that machine may expect a particular controller type and crash if it\nisn’t found.\nAfter you have created a new virtual machine with the “New Virtual Machine” wizard of the\ngraphical user interface, you will typically see one IDE controller in the machine’s “Storage”\nsettings where the virtual CD/DVD drive will be attached to one of the four ports of this\ncontroller.\n• Serial ATA (SATA) is a newer standard introduced in 2003. Compared to IDE, it supports\nboth much higher speeds and more devices per controller. Also, with physical hardware,\ndevices can be added and removed while the system is running. The standard interface for\nSATA controllers is called Advanced Host Controller Interface (AHCI).\nLike a real SATA controller, VirtualBox’s virtual SATA controller operates faster and also\nconsumes fewer CPU resources than the virtual IDE controller. Also, this allows you to connect up to 30 virtual hard disks to one machine instead of just three, as with the VirtualBox\nIDE controller (with the DVD drive already attached).\nFor this reason, starting with version 3.2 and depending on the selected guest operating\nsystem, VirtualBox uses SATA as the default for newly created virtual machines. One virtual\nSATA controller is created by default, and the default disk that is created with a new VM is\nattached to this controller.\nWarning: The entire SATA controller and the virtual disks attached to it (including\nthose in IDE compatibility mode) will not be seen by operating systems that do not\nhave device support for AHCI. In particular, there is no support for AHCI in Windows\nbefore Windows Vista, so Windows XP (even SP3) will not see such disks unless you\ninstall additional drivers. It is possible to switch from IDE to SATA after installation by\ninstalling the SATA drivers and changing the controller type in the VM settings dialog.a\na VirtualBox\n\nrecommends the Intel Matrix Storage drivers which can be downloaded from http://\n\ndownloadcenter.intel.com/Product_Filter.aspx?ProductID=2101.\n\nTo add a SATA controller to a machine for which it has not been enabled by default (either\nbecause it was created by an earlier version of VirtualBox, or because SATA is not supported by default by the selected guest operating system), go to the “Storage” page of the\nmachine’s settings dialog, click on the “Add Controller” button under the “Storage Tree”\nbox and then select “Add SATA Controller”. After this, the additional controller will appear\nas a separate PCI device in the virtual machine, and you can add virtual disks to it.\nTo change the IDE compatibility mode settings for the SATA controller, please see chapter\n8.19, VBoxManage storagectl, page 148.\n• SCSI is another established industry standard, standing for “Small Computer System Interface”. SCSI was standardized as early as 1986 as a generic interface for data transfer\nbetween all kinds of devices, including storage devices. Today SCSI is still used for connecting hard disks and tape devices, but it has mostly been displaced in commodity hardware.\nIt is still in common use in high-performance workstations and servers.\nPrimarily for compatibility with other virtualization software, VirtualBox optionally supports LSI Logic and BusLogic SCSI controllers, to each of which up to 15 virtual hard disks\ncan be attached.\nTo enable a SCSI controller, on the “Storage” page of a virtual machine’s settings dialog,\nclick on the “Add Controller” button under the “Storage Tree” box and then select “Add\n\n84\n\n\f5 Virtual storage\nSCSI Controller”. After this, the additional controller will appear as a separate PCI device\nin the virtual machine.\nWarning: As with the other controller types, a SCSI controller will only be seen by\noperating systems with device support for it. Windows 2003 and later ships with drivers\nfor the LSI Logic controller, while Windows NT 4.0 and Windows 2000 ships with\ndrivers for the BusLogic controller. Windows XP ships with drivers for neither.\n\n• Serial Attached SCSI (SAS) is another bus standard which uses the SCSI command set. As\nopposed to SCSI, however, with physical devices, serial cables are used instead of parallel\nones, which simplifies physical device connections. In some ways, therefore, SAS is to SCSI\nwhat SATA is to IDE: it allows for more reliable and faster connections.\nTo support high-end guests which require SAS controllers, VirtualBox emulates a LSI Logic\nSAS controller, which can be enabled much the same way as a SCSI controller. At this time,\nup to eight devices can be connected to the SAS controller.\nWarning: As with SATA, the SAS controller will only be seen by operating systems with\ndevice support for it. In particular, there is no support for SAS in Windows before\nWindows Vista, so Windows XP (even SP3) will not see such disks unless you install\nadditional drivers.\n\n• The USB mass storage device class is a standard to connect external storage devices like\nhard disksor flash drives to a host through USB. All major operating systems support these\ndevices for a long time and ship generic drivers making third-party drivers superfluous. In\nparticular legacy operating systems without support for SATA controllers may benefit from\nUSB mass storage devices.\nThe virtual USB storage controller offered by VirtualBox works different than the other\nstorage controller types: When storage controllers appear as a single PCI device to the\nguest with multiple disks attached to it, the USB-based storage controller does not appear\nas virtual storage controller. Each disk attached to the controller appears as a dedicated\nUSB device to the guest.\nWarning: Booting from drives attached via USB is not supported as the BIOS lacks USB\nsupport.\n\nIn summary, VirtualBox gives you the following categories of virtual storage slots:\n1. four slots attached to the traditional IDE controller, which are always present (one of which\ntypically is a virtual CD/DVD drive);\n2. 30 slots attached to the SATA controller, if enabled and supported by the guest operating\nsystem;\n3. 15 slots attached to the SCSI controller, if enabled and supported by the guest operating\nsystem;\n4. eight slots attached to the SAS controller, if enabled and supported by the guest operating\nsystem.\n\n85\n\n\f5 Virtual storage\n5. eight slots attached to the virtual USB controller, if enabled and supported by the guest\noperating system.\nGiven this large choice of storage controllers, you may ask yourself which one to choose. In\ngeneral, you should avoid IDE unless it is the only controller supported by your guest. Whether\nyou use SATA, SCSI or SAS does not make any real difference. The variety of controllers is only\nsupplied for VirtualBox for compatibility with existing hardware and other hypervisors.\n\n5.2 Disk image files (VDI, VMDK, VHD, HDD)\nDisk image files reside on the host system and are seen by the guest systems as hard disks of a\ncertain geometry. When a guest operating system reads from or writes to a hard disk, VirtualBox\nredirects the request to the image file.\nLike a physical disk, a virtual disk has a size (capacity), which must be specified when the\nimage file is created. As opposed to a physical disk however, VirtualBox allows you to expand\nan image file after creation, even if it has data already; see chapter 8.23, VBoxManage modifyhd,\npage 150 for details.3\nVirtualBox supports four variants of disk image files:\n• Normally, VirtualBox uses its own container format for guest hard disks – Virtual Disk\nImage (VDI) files. In particular, this format will be used when you create a new virtual\nmachine with a new disk.\n• VirtualBox also fully supports the popular and open VMDK container format that is used\nby many other virtualization products, in particular, by VMware.4\n• VirtualBox also fully supports the VHD format used by Microsoft.\n• Image files of Parallels version 2 (HDD format) are also supported.5 For lack of documentation of the format, newer formats (3 and 4) are not supported. You can however convert\nsuch image files to version 2 format using tools provided by Parallels.\nIrrespective of the disk capacity and format, as briefly mentioned in chapter 1.7, Creating your\nfirst virtual machine, page 18, there are two options of how to create a disk image: fixed-size or\ndynamically allocated.\n• If you create a fixed-size image, an image file will be created on your host system which\nhas roughly the same size as the virtual disk’s capacity. So, for a 10G disk, you will have\na 10G file. Note that the creation of a fixed-size image can take a long time depending on\nthe size of the image and the write performance of your hard disk.\n• For more flexible storage management, use a dynamically allocated image. This will initially be very small and not occupy any space for unused virtual disk sectors, but will grow\nevery time a disk sector is written to for the first time, until the drive reaches the maximum\ncapacity chosen when the drive was created. While this format takes less space initially,\nthe fact that VirtualBox needs to expand the image file consumes additional computing resources, so until the disk file size has stabilized, write operations may be slower than with\nfixed size disks. However, after a time the rate of growth will slow and the average penalty\nfor write operations will be negligible.\n\n3 Image\n\nresizing was added with VirtualBox 4.0.\nsupport for VMDK was added with VirtualBox 1.4; since version 2.1, VirtualBox supports VMDK fully, meaning\nthat you can create snapshots and use all the other advanced features described above for VDI images with VMDK\nalso.\n5 Support was added with VirtualBox 3.1.\n4 Initial\n\n86\n\n\f5 Virtual storage\n\n5.3 The Virtual Media Manager\nVirtualBox keeps track of all the hard disk, CD/DVD-ROM and floppy disk images which are\nin use by virtual machines. These are often referred to as “known media” and come from two\nsources:\n• all media currently attached to virtual machines;\n• “registered” media for compatibility with VirtualBox versions older than version 4.0. For\ndetails about how media registration has changed with version 4.0, please refer to chapter\n10.1, Where VirtualBox stores its files, page 218.\nThe known media can be viewed and changed in the Virtual Media Manager, which you can\naccess from the “File” menu in the VirtualBox main window:\n\nThe known media are conveniently grouped in three tabs for the three possible formats. These\nformats are:\n• Hard disk images, either in VirtualBox’s own Virtual Disk Image (VDI) format or in the\nthird-party formats listed in the previous chapter;\n• CD/DVD images in standard ISO format;\n• floppy images in standard RAW format.\nAs you can see in the screenshot above, for each image, the Virtual Media Manager shows you\nthe full path of the image file and other information, such as the virtual machine the image is\ncurrently attached to, if any.\nThe Virtual Media Manager allows you to\n• remove an image from the registry (and optionally delete the image file when doing so);\n• “release” an image, that is, detach it from a virtual machine if it is currently attached to\none as a virtual hard disk.\n\n87\n\n\f5 Virtual storage\nStarting with version 4.0, to create new disk images, please use the “Storage” page in a virtual\nmachine’s settings dialog because disk images are now by default stored in each machine’s own\nfolder.\nHard disk image files can be copied onto other host systems and imported into virtual machines\nthere, although certain guest systems (notably Windows 2000 and XP) will require that the new\nvirtual machine be set up in a similar way to the old one.\nNote: Do not simply make copies of virtual disk images. If you import such a second\ncopy into a virtual machine, VirtualBox will complain with an error, since VirtualBox\nassigns a unique identifier (UUID) to each disk image to make sure it is only used once.\nSee chapter 5.6, Cloning disk images, page 92 for instructions on this matter. Also, if\nyou want to copy a virtual machine to another system, VirtualBox has an import/export\nfacility that might be better suited for your needs; see chapter 1.14, Importing and\nexporting virtual machines, page 31.\n\n5.4 Special image write modes\nFor each virtual disk image supported by VirtualBox, you can determine separately how it should\nbe affected by write operations from a virtual machine and snapshot operations. This applies to\nall of the aforementioned image formats (VDI, VMDK, VHD or HDD) and irrespective of whether\nan image is fixed-size or dynamically allocated.\nBy default, images are in “normal” mode. To mark an existing image with one of the nonstandard modes listed below, use VBoxManage modifyhd; see chapter 8.23, VBoxManage modifyhd, page 150. Alternatively, use VBoxManage to attach the image to a VM and use the --mtype\nargument; see chapter 8.18, VBoxManage storageattach, page 146.\n1. With normal images (the default setting), there are no restrictions on how guests can read\nfrom and write to the disk.\nWhen you take a snapshot of your virtual machine as described in chapter 1.10, Snapshots,\npage 26, the state of such a “normal hard disk” will be recorded together with the snapshot,\nand when reverting to the snapshot, its state will be fully reset.\n(Technically, strictly speaking, the image file itself is not “reset”. Instead, when a snapshot\nis taken, VirtualBox “freezes” the image file and no longer writes to it. For the write operations from the VM, a second, “differencing” image file is created which receives only the\nchanges to the original image; see the next section for details.)\nWhile you can attach the same “normal” image to more than one virtual machine, only one\nof these virtual machines attached to the same image file can be executed simultaneously,\nas otherwise there would be conflicts if several machines write to the same image file.6\n2. By contrast, write-through hard disks are completely unaffected by snapshots: their state\nis not saved when a snapshot is taken, and not restored when a snapshot is restored.\n3. Shareable hard disks are a variant of write-through hard disks. In principle they behave\nexactly the same, i.e. their state is not saved when a snapshot is taken, and not restored\nwhen a snapshot is restored. The difference only shows if you attach such disks to several\nVMs. Shareable disks may be attached to several VMs which may run concurrently. This\nmakes them suitable for use by cluster filesystems between VMs and similar applications\nwhich are explicitly prepared to access a disk concurrently. Only fixed size images can be\nused in this way, and dynamically allocated images are rejected.\n6 This\n\nrestriction is more lenient now than it was before VirtualBox 2.2. Previously, each “normal” disk image could only\nbe attached to one single machine. Now it can be attached to more than one machine so long as only one of these\nmachines is running.\n\n88\n\n\f5 Virtual storage\nWarning: This is an expert feature, and misuse can lead to data loss – regular filesystems are not prepared to handle simultaneous changes by several parties.\n\n4. Next, immutable images only remember write accesses temporarily while the virtual machine is running; all changes are lost when the virtual machine is powered on the next\ntime. As a result, as opposed to “normal” images, the same immutable image can be used\nwith several virtual machines without restrictions.\nCreating an immutable image makes little sense since it would be initially empty and lose\nits contents with every machine restart (unless you really want to have a disk that is always\nunformatted when the machine starts up). As a result, normally, you would first create a\n“normal” image and then, when you deem its contents useful, later mark it immutable.\nIf you take a snapshot of a machine with immutable images, then on every machine powerup, those images are reset to the state of the last (current) snapshot (instead of the state\nof the original immutable image).\nNote: As a special exception, immutable images are not reset if they are attached to a\nmachine in saved state or whose last snapshot was taken while the machine was running (a so-called “online” snapshot). As a result, if the machine’s current snapshot is\nsuch an “online” snapshot, its immutable images behave exactly like the “normal” images described previously. To re-enable the automatic resetting of such images, delete\nthe current snapshot of the machine.\nAgain, technically, VirtualBox never writes to an immutable image directly at all. All write\noperations from the machine will be directed to a differencing image; the next time the\nVM is powered on, the differencing image is reset so that every time the VM starts, its immutable images have exactly the same content.7 The differencing image is only reset when\nthe machine is powered on from within VirtualBox, not when you reboot by requesting a\nreboot from within the machine. This is also why immutable images behave as described\nabove when snapshots are also present, which use differencing images as well.\nIf the automatic discarding of the differencing image on VM startup does not fit your needs,\nyou can turn it off using the autoreset parameter of VBoxManage modifyhd; see chapter\n8.23, VBoxManage modifyhd, page 150 for details.\n5. An image in multiattach mode can be attached to more than one virtual machine at the\nsame time, even if these machines are running simultaneously. For each virtual machine to\nwhich such an image is attached, a differencing image is created. As a result, data that is\nwritten to such a virtual disk by one machine is not seen by the other machines to which\nthe image is attached; each machine creates its own write history of the multiattach image.\nTechnically, a “multiattach” image behaves identically to an “immutable” image except the\ndifferencing image is not reset every time the machine starts.\nThis mode is useful for sharing files which are almost never written, for instance picture\ngalleries, where every guest changes only a small amount of data and the majority of the\ndisk content remains unchanged. The modified blocks are stored in differencing images\nwhich remain reletively small and the shared content is stored only once at the host.\n6. Finally, the read-only image is used automatically for CD/DVD images, since CDs/DVDs\ncan never be written to.\n7 This\n\nbehavior also changed with VirtualBox 2.2. Previously, the differencing images were discarded when the machine\nsession ended; now they are discarded every time the machine is powered on.\n\n89\n\n\f5 Virtual storage\nTo illustrate the differences between the various types with respect to snapshots: Assume\nyou have installed your guest operating system in your VM, and you have taken a snapshot.\nImagine you have accidentally infected your VM with a virus and would like to go back to the\nsnapshot. With a normal hard disk image, you simply restore the snapshot, and the earlier\nstate of your hard disk image will be restored as well (and your virus infection will be undone).\nWith an immutable hard disk, all it takes is to shut down and power on your VM, and the virus\ninfection will be discarded. With a write-through image however, you cannot easily undo the\nvirus infection by means of virtualization, but will have to disinfect your virtual machine like a\nreal computer.\nStill, you might find write-through images useful if you want to preserve critical data irrespective of snapshots, and since you can attach more than one image to a VM, you may want to have\none immutable for the operating system and one write-through for your data files.\n\n5.5 Differencing images\nThe previous section hinted at differencing images and how they are used with snapshots, immutable images and multiple disk attachments. For the inquisitive VirtualBox user, this section\ndescribes in more detail how they work.\nA differencing image is a special disk image that only holds the differences to another image.\nA differencing image by itself is useless, it must always refer to another image. The differencing\nimage is then typically referred to as a “child”, which holds the differences to its “parent”.\nWhen a differencing image is active, it receives all write operations from the virtual machine\ninstead of its parent. The differencing image only contains the sectors of the virtual hard disk\nthat have changed since the differencing image was created. When the machine reads a sector\nfrom such a virtual hard disk, it looks into the differencing image first. If the sector is present,\nit is returned from there; if not, VirtualBox looks into the parent. In other words, the parent\nbecomes “read-only”; it is never written to again, but it is read from if a sector has not changed.\nDifferencing images can be chained. If another differencing image is created for a virtual disk\nthat already has a differencing image, then it becomes a “grandchild” of the original parent.\nThe first differencing image then becomes read-only as well, and write operations only go to the\nsecond-level differencing image. When reading from the virtual disk, VirtualBox needs to look\ninto the second differencing image first, then into the first if the sector was not found, and then\ninto the original image.\nThere can be an unlimited number of differencing images, and each image can have more than\none child. As a result, the differencing images can form a complex tree with parents, “siblings”\nand children, depending on how complex your machine configuration is. Write operations always\ngo to the one “active” differencing image that is attached to the machine, and for read operations,\nVirtualBox may need to look up all the parents in the chain until the sector in question is found.\nYou can look at such a tree in the Virtual Media Manager:\n\n90\n\n\f5 Virtual storage\n\nIn all of these situations, from the point of view of the virtual machine, the virtual hard disk\nbehaves like any other disk. While the virtual machine is running, there is a slight run-time I/O\noverhead because VirtualBox might need to look up sectors several times. This is not noticeable\nhowever since the tables with sector information are always kept in memory and can be looked\nup quickly.\nDifferencing images are used in the following situations:\n1. Snapshots. When you create a snapshot, as explained in the previous section, VirtualBox\n“freezes” the images attached to the virtual machine and creates differencing images for\neach of them (to be precise: one for each image that is not in “write-through” mode). From\nthe point of view of the virtual machine, the virtual disks continue to operate before, but all\nwrite operations go into the differencing images. Each time you create another snapshot,\nfor each hard disk attachment, another differencing image is created and attached, forming\na chain or tree.\nIn the above screenshot, you see that the original disk image is now attached to a snapshot,\nrepresenting the state of the disk when the snapshot was taken.\nIf you now restore a snapshot – that is, if you want to go back to the exact machine state\nthat was stored in the snapshot –, the following happens:\na) VirtualBox copies the virtual machine settings that were copied into the snapshot\nback to the virtual machine. As a result, if you have made changes to the machine\nconfiguration since taking the snapshot, they are undone.\nb) If the snapshot was taken while the machine was running, it contains a saved machine\nstate, and that state is restored as well; after restoring the snapshot, the machine will\nthen be in “Saved” state and resume execution from there when it is next started.\nOtherwise the machine will be in “Powered Off” state and do a full boot.\nc) For each disk image attached to the machine, the differencing image holding all the\nwrite operations since the current snapshot was taken is thrown away, and the original\nparent image is made active again. (If you restored the “root” snapshot, then this will\nbe the root disk image for each attachment; otherwise, some other differencing image\ndescended from it.) This effectively restores the old machine state.\n\n91\n\n\f5 Virtual storage\nIf you later delete a snapshot in order to free disk space, for each disk attachment, one of\nthe differencing images becomes obsolete. In this case, the differencing image of the disk\nattachment cannot simply be deleted. Instead, VirtualBox needs to look at each sector of\nthe differencing image and needs to copy it back into its parent; this is called “merging”\nimages and can be a potentially lengthy process, depending on how large the differencing\nimage is. It can also temporarily need a considerable amount of extra disk space, before\nthe differencing image obsoleted by the merge operation is deleted.\n2. Immutable images. When an image is switched to “immutable” mode, a differencing image is created as well. As with snapshots, the parent image then becomes read-only, and\nthe differencing image receives all the write operations. Every time the virtual machine is\nstarted, all the immutable images which are attached to it have their respective differencing image thrown away, effectively resetting the virtual machine’s virtual disk with every\nrestart.\n\n5.6 Cloning disk images\nYou can duplicate hard disk image files on the same host to quickly produce a second virtual\nmachine with the same operating system setup. However, you should only make copies of virtual\ndisk images using the utility supplied with VirtualBox; see chapter 8.24, VBoxManage clonehd,\npage 151. This is because VirtualBox assigns a unique identity number (UUID) to each disk\nimage, which is also stored inside the image, and VirtualBox will refuse to work with two images\nthat use the same number. If you do accidentally try to reimport a disk image which you copied\nnormally, you can make a second copy using VirtualBox’s utility and import that instead.\nNote that newer Linux distributions identify the boot hard disk from the ID of the drive. The\nID VirtualBox reports for a drive is determined from the UUID of the virtual disk image. So if you\nclone a disk image and try to boot the copied image the guest might not be able to determine\nits own boot disk as the UUID changed. In this case you have to adapt the disk ID in your boot\nloader script (for example /boot/grub/menu.lst). The disk ID looks like this:\nscsi-SATA_VBOX_HARDDISK_VB5cfdb1e2-c251e503\n\nThe ID for the copied image can be determined with\nhdparm -i /dev/sda\n\n5.7 Host I/O caching\nStarting with version 3.2, VirtualBox can optionally disable the I/O caching that the host operating system would otherwise perform on disk image files.\nTraditionally, VirtualBox has opened disk image files as normal files, which results in them\nbeing cached by the host operating system like any other file. The main advantage of this is\nspeed: when the guest OS writes to disk and the host OS cache uses delayed writing, the write\noperation can be reported as completed to the guest OS quickly while the host OS can perform the\noperation asynchronously. Also, when you start a VM a second time and have enough memory\navailable for the OS to use for caching, large parts of the virtual disk may be in system memory,\nand the VM can access the data much faster.\nNote that this applies only to image files; buffering never occurred for virtual disks residing on\nremote iSCSI storage, which is the more common scenario in enterprise-class setups (see chapter\n5.10, iSCSI servers, page 94).\nWhile buffering is a useful default setting for virtualizating a few machines on a desktop\ncomputer, there are some disadvantages to this approach:\n\n92\n\n\f5 Virtual storage\n1. Delayed writing through the host OS cache is less secure. When the guest OS writes data,\nit considers the data written even though it has not yet arrived on a physical disk. If for\nsome reason the write does not happen (power failure, host crash), the likelihood of data\nloss increases.\n2. Disk image files tend to be very large. Caching them can therefore quickly use up the entire\nhost OS cache. Depending on the efficiency of the host OS caching, this may slow down\nthe host immensely, especially if several VMs run at the same time. For example, on Linux\nhosts, host caching may result in Linux delaying all writes until the host cache is nearly full\nand then writing out all these changes at once, possibly stalling VM execution for minutes.\nThis can result in I/O errors in the guest as I/O requests time out there.\n3. Physical memory is often wasted as guest operating systems typically have their own I/O\ncaches, which may result in the data being cached twice (in both the guest and the host\ncaches) for little effect.\nIf you decide to disable host I/O caching for the above reasons, VirtualBox uses its own small\ncache to buffer writes, but no read caching since this is typically already performed by the guest\nOS. In addition, VirtualBox fully supports asynchronous I/O for its virtual SATA, SCSI and SAS\ncontrollers through multiple I/O threads.\nSince asynchronous I/O is not supported by IDE controllers, for performance reasons, you may\nwant to leave host caching enabled for your VM’s virtual IDE controllers.\nFor this reason, VirtualBox allows you to configure whether the host I/O cache is used for each\nI/O controller separately. Either uncheck the “Use host I/O cache” box in the “Storage” settings\nfor a given virtual storage controller, or use the following VBoxManage command to disable the\nhost I/O cache for a virtual storage controller:\nVBoxManage storagectl \"VM name\" --name <controllername> --hostiocache off\n\nSee chapter 8.19, VBoxManage storagectl, page 148 for details.\nFor the above reasons also, VirtualBox now uses SATA controllers by default for new virtual\nmachines.\n\n5.8 Limiting bandwidth for disk images\nStarting with version 4.0, VirtualBox allows for limiting the maximum bandwidth used for asynchronous I/O. Additionally it supports sharing limits through bandwidth groups for several images. It is possible to have more than one such limit.\nLimits are configured through VBoxManage. The example below creates a bandwidth group\nnamed “Limit”, sets the limit to 20 MB/s and assigns the group to the attached disks of the VM:\nVBoxManage bandwidthctl \"VM name\" add Limit --type disk --limit 20M\nVBoxManage storageattach \"VM name\" --storagectl \"SATA\" --port 0 --device 0 --type hdd\n--medium disk1.vdi --bandwidthgroup Limit\nVBoxManage storageattach \"VM name\" --storagectl \"SATA\" --port 1 --device 0 --type hdd\n--medium disk2.vdi --bandwidthgroup Limit\n\nAll disks in a group share the bandwidth limit, meaning that in the example above the bandwidth of both images combined can never exceed 20 MB/s. However, if one disk doesn’t require\nbandwidth the other can use the remaining bandwidth of its group.\nThe limits for each group can be changed while the VM is running, with changes being picked\nup immediately. The example below changes the limit for the group created in the example\nabove to 10 MB/s:\nVBoxManage bandwidthctl \"VM name\" set Limit --limit 10M\n\n93\n\n\f5 Virtual storage\n\n5.9 CD/DVD support\nThe virtual CD/DVD drive(s) by default support only reading. The medium configuration is\nchangeable at runtime. You can select between three options to provide the medium data:\n• Host Drive defines that the guest can read from the medium in the host drive.\n• Image file (typically an ISO file) gives the guest read-only access to the data in the image.\n• Empty stands for a drive without an inserted medium.\nChanging between the above, or changing a medium in the host drive that is accessed by a\nmachine, or changing an image file will signal a medium change to the guest operating system,\nwhich can then react to the change (e.g. by starting an installation program).\nMedium changes can be prevented by the guest, and VirtualBox reflects that by locking the\nhost drive if appropriate. You can force a medium removal in such situations via the VirtualBox\nGUI or the VBoxManage command line tool. Effectively this is the equivalent of the emergency\neject which many CD/DVD drives provide, with all associated side effects: the guest OS can issue\nerror messages, just like on real hardware, and guest applications may misbehave. Use this with\ncaution.\nNote: The identification string of the drive provided to the guest (which, in the guest,\nwould be displayed by configuration tools such as the Windows Device Manager) is\nalways “VBOX CD-ROM”, irrespective of the current configuration of the virtual drive.\nThis is to prevent hardware detection from being triggered in the guest operating system every time the configuration is changed.\nThe standard CD/DVD emulation allows for reading standard data CD and DVD formats only.\nAs an experimental feature, for additional capabilities, it is possible to give the guest direct access\nto the CD/DVD host drive by enabling “passthrough” mode. Depending on the host hardware,\nthis may enable three things to work, potentially:\n• CD/DVD writing from within the guest, if the host DVD drive is a CD/DVD writer;\n• playing audio CDs;\n• playing encrypted DVDs.\nThere is a “Passthrough” checkbox in the GUI dialog for configuring the media attached to a\nstorage controller, or you can use the --passthrough option with VBoxManage storageattach;\nsee chapter 8.18, VBoxManage storageattach, page 146 for details.\nEven if pass-through is enabled, unsafe commands, such as updating the drive firmware, will\nbe blocked. Video CD formats are never supported, not even in passthrough mode, and cannot\nbe played from a virtual machine.\nOn Solaris hosts, pass-through requires running VirtualBox with real root permissions due to\nsecurity measures enforced by the host.\n\n5.10 iSCSI servers\niSCSI stands for “Internet SCSI” and is a standard that allows for using the SCSI protocol over\nInternet (TCP/IP) connections. Especially with the advent of Gigabit Ethernet, it has become\naffordable to attach iSCSI storage servers simply as remote hard disks to a computer network. In\niSCSI terminology, the server providing storage resources is called an “iSCSI target”, while the\nclient connecting to the server and accessing its resources is called “iSCSI initiator”.\n\n94\n\n\f5 Virtual storage\nVirtualBox can transparently present iSCSI remote storage to a virtual machine as a virtual\nhard disk. The guest operating system will not see any difference between a virtual disk image\n(VDI file) and an iSCSI target. To achieve this, VirtualBox has an integrated iSCSI initiator.\nVirtualBox’s iSCSI support has been developed according to the iSCSI standard and should\nwork with all standard-conforming iSCSI targets. To use an iSCSI target with VirtualBox, you\nmust use the command line; see chapter 8.18, VBoxManage storageattach, page 146.\n\n95\n\n\f6 Virtual networking\nAs briefly mentioned in chapter 3.8, Network settings, page 55, VirtualBox provides up to eight\nvirtual PCI Ethernet cards for each virtual machine. For each such card, you can individually\nselect\n1. the hardware that will be virtualized as well as\n2. the virtualization mode that the virtual card will be operating in with respect to your\nphysical networking hardware on the host.\nFour of the network cards can be configured in the “Network” section of the settings dialog\nin the graphical user interface of VirtualBox. You can configure all eight network cards on the\ncommand line via VBoxManage modifyvm; see chapter 8.8, VBoxManage modifyvm, page 131.\nThis chapter explains the various networking settings in more detail.\n\n6.1 Virtual networking hardware\nFor each card, you can individually select what kind of hardware will be presented to the virtual\nmachine. VirtualBox can virtualize the following six types of networking hardware:\n• AMD PCNet PCI II (Am79C970A);\n• AMD PCNet FAST III (Am79C973, the default);\n• Intel PRO/1000 MT Desktop (82540EM);\n• Intel PRO/1000 T Server (82543GC);\n• Intel PRO/1000 MT Server (82545EM);\n• Paravirtualized network adapter (virtio-net).\nThe PCNet FAST III is the default because it is supported by nearly all operating systems out\nof the box, as well as the GNU GRUB boot manager. As an exception, the Intel PRO/1000 family\nadapters are chosen for some guest operating system types that no longer ship with drivers for\nthe PCNet card, such as Windows Vista.\nThe Intel PRO/1000 MT Desktop type works with Windows Vista and later versions. The T\nServer variant of the Intel PRO/1000 card is recognized by Windows XP guests without additional\ndriver installation. The MT Server variant facilitates OVF imports from other platforms.\nThe “Paravirtualized network adapter (virtio-net)“ is special. If you select this, then\nVirtualBox does not virtualize common networking hardware (that is supported by common\nguest operating systems out of the box). Instead, VirtualBox then expects a special software\ninterface for virtualized environments to be provided by the guest, thus avoiding the complexity\nof emulating networking hardware and improving network performance. Starting with version\n3.1, VirtualBox provides support for the industry-standard “virtio” networking drivers, which are\npart of the open-source KVM project.\nThe “virtio” networking drivers are available for the following guest operating systems:\n• Linux kernels version 2.6.25 or later can be configured to provide virtio support; some\ndistributions also back-ported virtio to older kernels.\n\n96\n\n\f6 Virtual networking\n• For Windows 2000, XP and Vista, virtio drivers can be downloaded and installed from the\nKVM project web page.1\nVirtualBox also has limited support for so-called jumbo frames, i.e. networking packets with\nmore than 1500 bytes of data, provided that you use the Intel card virtualization and bridged\nnetworking. In other words, jumbo frames are not supported with the AMD networking devices;\nin those cases, jumbo packets will silently be dropped for both the transmit and the receive\ndirection. Guest operating systems trying to use this feature will observe this as a packet loss,\nwhich may lead to unexpected application behavior in the guest. This does not cause problems\nwith guest operating systems in their default configuration, as jumbo frames need to be explicitly\nenabled.\n\n6.2 Introduction to networking modes\nEach of the eight networking adapters can be separately configured to operate in one of the\nfollowing modes:\nNot attached In this mode, VirtualBox reports to the guest that a network card is present, but\nthat there is no connection – as if no Ethernet cable was plugged into the card. This way\nit is possible to “pull” the virtual Ethernet cable and disrupt the connection, which can\nbe useful to inform a guest operating system that no network connection is available and\nenforce a reconfiguration.\nNetwork Address Translation (NAT) If all you want is to browse the Web, download files and\nview e-mail inside the guest, then this default mode should be sufficient for you, and you\ncan safely skip the rest of this section. Please note that there are certain limitations when\nusing Windows file sharing (see chapter 6.3.3, NAT limitations, page 99 for details).\nNAT Network The NAT network is a new NAT flavour introduced in VirtualBox 4.3. See chapter\n6.4, Network Address Translation Service (experimental), page 100 for details.\nBridged networking This is for more advanced networking needs such as network simulations\nand running servers in a guest. When enabled, VirtualBox connects to one of your installed\nnetwork cards and exchanges network packets directly, circumventing your host operating\nsystem’s network stack.\nInternal networking This can be used to create a different kind of software-based network\nwhich is visible to selected virtual machines, but not to applications running on the host or\nto the outside world.\nHost-only networking This can be used to create a network containing the host and a set of\nvirtual machines, without the need for the host’s physical network interface. Instead, a\nvirtual network interface (similar to a loopback interface) is created on the host, providing\nconnectivity among virtual machines and the host.\nGeneric networking Rarely used modes share the same generic network interface, by allowing\nthe user to select a driver which can be included with VirtualBox or be distributed in an\nextension pack.\nAt the moment there are potentially two available sub-modes:\nUDP Tunnel This can be used to interconnect virtual machines running on different hosts\ndirectly, easily and transparently, over existing network infrastructure.\nVDE (Virtual Distributed Ethernet) networking This option can be used to connect to a\nVirtual Distributed Ethernet switch on a Linux or a FreeBSD host. At the moment this\nneeds compiling VirtualBox from sources, as the Oracle packages do not include it.\n1 http://www.linux-kvm.org/page/WindowsGuestDrivers.\n\n97\n\n\f6 Virtual networking\nThe following sections describe the available network modes in more detail.\n\n6.3 Network Address Translation (NAT)\nNetwork Address Translation (NAT) is the simplest way of accessing an external network from\na virtual machine. Usually, it does not require any configuration on the host network and guest\nsystem. For this reason, it is the default networking mode in VirtualBox.\nA virtual machine with NAT enabled acts much like a real computer that connects to the\nInternet through a router. The “router”, in this case, is the VirtualBox networking engine, which\nmaps traffic from and to the virtual machine transparently. In VirtualBox this router is placed\nbetween each virtual machine and the host. This separation maximizes security since by default\nvirtual machines cannot talk to each other.\nThe disadvantage of NAT mode is that, much like a private network behind a router, the virtual\nmachine is invisible and unreachable from the outside internet; you cannot run a server this way\nunless you set up port forwarding (described below).\nThe network frames sent out by the guest operating system are received by VirtualBox’s NAT\nengine, which extracts the TCP/IP data and resends it using the host operating system. To an\napplication on the host, or to another computer on the same network as the host, it looks like\nthe data was sent by the VirtualBox application on the host, using an IP address belonging to the\nhost. VirtualBox listens for replies to the packages sent, and repacks and resends them to the\nguest machine on its private network.\nThe virtual machine receives its network address and configuration on the private network\nfrom a DHCP server integrated into VirtualBox. The IP address thus assigned to the virtual\nmachine is usually on a completely different network than the host. As more than one card of\na virtual machine can be set up to use NAT, the first card is connected to the private network\n10.0.2.0, the second card to the network 10.0.3.0 and so on. If you need to change the guestassigned IP range for some reason, please refer to chapter 9.11, Fine-tuning the VirtualBox NAT\nengine, page 189.\n\n6.3.1 Configuring port forwarding with NAT\nAs the virtual machine is connected to a private network internal to VirtualBox and invisible\nto the host, network services on the guest are not accessible to the host machine or to other\ncomputers on the same network. However, like a physical router, VirtualBox can make selected\nservices available to the world outside the guest through port forwarding. This means that\nVirtualBox listens to certain ports on the host and resends all packets which arrive there to the\nguest, on the same or a different port.\nTo an application on the host or other physical (or virtual) machines on the network, it looks as\nthough the service being proxied is actually running on the host. This also means that you cannot\nrun the same service on the same ports on the host. However, you still gain the advantages of\nrunning the service in a virtual machine – for example, services on the host machine or on other\nvirtual machines cannot be compromised or crashed by a vulnerability or a bug in the service,\nand the service can run in a different operating system than the host system.\nTo configure Port Forwarding you can use the graphical Port Forwarding editor which can be\nfound in the Network Settings dialog for Network Adaptors configured to use NAT. Here you can\nmap host ports to guest ports to allow network traffic to be routed to a specific port in the guest.\nAlternatively command line tool VBoxManage could be used; for details, please refer to chapter\n8.8, VBoxManage modifyvm, page 131.\nYou will need to know which ports on the guest the service uses and to decide which ports\nto use on the host (often but not always you will want to use the same ports on the guest and\non the host). You can use any ports on the host which are not already in use by a service. For\nexample, to set up incoming NAT connections to an ssh server in the guest, use the following\ncommand:\n\n98\n\n\f6 Virtual networking\nVBoxManage modifyvm \"VM name\" --natpf1 \"guestssh,tcp,,2222,,22\"\n\nWith the above example, all TCP traffic arriving on port 2222 on any host interface will be\nforwarded to port 22 in the guest. The protocol name tcp is a mandatory attribute defining\nwhich protocol should be used for forwarding (udp could also be used). The name guestssh is\npurely descriptive and will be auto-generated if omitted. The number after --natpf denotes the\nnetwork card, like in other parts of VBoxManage.\nTo remove this forwarding rule again, use the following command:\nVBoxManage modifyvm \"VM name\" --natpf1 delete \"guestssh\"\n\nIf for some reason the guest uses a static assigned IP address not leased from the built-in DHCP\nserver, it is required to specify the guest IP when registering the forwarding rule:\nVBoxManage modifyvm \"VM name\" --natpf1 \"guestssh,tcp,,2222,10.0.2.19,22\"\n\nThis example is identical to the previous one, except that the NAT engine is being told that the\nguest can be found at the 10.0.2.19 address.\nTo forward all incoming traffic from a specific host interface to the guest, specify the IP of that\nhost interface like this:\nVBoxManage modifyvm \"VM name\" --natpf1 \"guestssh,tcp,127.0.0.1,2222,,22\"\n\nThis forwards all TCP traffic arriving on the localhost interface (127.0.0.1) via port 2222 to port\n22 in the guest.\nIt is possible to configure incoming NAT connections while the VM is running, see chapter\n8.13, VBoxManage controlvm, page 142.\n\n6.3.2 PXE booting with NAT\nPXE booting is now supported in NAT mode. The NAT DHCP server provides a boot file\nname of the form vmname.pxe if the directory TFTP exists in the directory where the user’s\nVirtualBox.xml file is kept. It is the responsibility of the user to provide vmname.pxe.\n\n6.3.3 NAT limitations\nThere are four limitations of NAT mode which users should be aware of:\nICMP protocol limitations: Some frequently used network debugging tools (e.g. ping or\ntracerouting) rely on the ICMP protocol for sending/receiving messages. While ICMP support has been improved with VirtualBox 2.1 (ping should now work), some other tools\nmay not work reliably.\nReceiving of UDP broadcasts is not reliable: The guest does not reliably receive broadcasts,\nsince, in order to save resources, it only listens for a certain amount of time after the guest\nhas sent UDP data on a particular port. As a consequence, NetBios name resolution based\non broadcasts does not always work (but WINS always works). As a workaround, you can\nuse the numeric IP of the desired server in the \\\\server\\share notation.\nProtocols such as GRE are unsupported: Protocols other than TCP and UDP are not supported. This means some VPN products (e.g. PPTP from Microsoft) cannot be used. There\nare other VPN products which use simply TCP and UDP.\nForwarding host ports < 1024 impossible: On Unix-based hosts (e.g. Linux, Solaris, Mac OS\nX) it is not possible to bind to ports below 1024 from applications that are not run by root.\nAs a result, if you try to configure such a port forwarding, the VM will refuse to start.\nThese limitations normally don’t affect standard network use. But the presence of NAT has\nalso subtle effects that may interfere with protocols that are normally working. One example is\nNFS, where the server is often configured to refuse connections from non-privileged ports (i.e.\nports not below 1024).\n\n99\n\n\f6 Virtual networking\n\n6.4 Network Address Translation Service (experimental)\nThe Network Address Translation (NAT) service works in a similar way to a home router, grouping the systems using it into a network and preventing systems outside of this network from\ndirectly accessing systems inside it, but letting systems inside communicate with each other and\nwith systems outside using TCP and UDP over IPv4 and IPv6.\nA NAT service is attached to an internal network. Virtual machines which are to make use of it\nshould be attached to that internal network. The name of internal network is chosen when the\nNAT service is created and the internal network will be created if it does not already exist. An\nexample command to create a NAT network is:\nVBoxManage natnetwork add --netname natnet1 --network \"192.168.15.0/24\" --enable\n\nHere, “natnet1” is the name of the internal network to be used and “192.168.15.0/24” is the\nnetwork address and mask of the NAT service interface. By default in this static configuration the\ngateway will be assigned the address 192.168.15.1 (the address following the interface address),\nthough this is subject to change. To attach a DHCP server to the internal network, we modify the\nexample as follows:\nVBoxManage natnetwork add --netname natnet1 --network \"192.168.15.0/24\" --enable --dhcp on\n\nor to add a DHCP server to the network after creation:\nVBoxManage natnetwork modify --netname natnet1 --dhcp on\n\nTo disable it again, use:\nVBoxManage natnetwork modify --netname natnet1 --dhcp off\n\nDHCP server provides list of registered nameservers, but doesn’t map servers from 127/8\nnetwork.\nTo start the NAT service, use the following command:\nVBoxManage natnetwork start --netname natnet1\n\nIf the network has a DHCP server attached then it will start together with the NAT network\nservice.\nVBoxManage natnetwork stop --netname natnet1\n\nstops the NAT network service, together with DHCP server if any.\nTo delete the NAT network service use:\nVBoxManage natnetwork remove --netname natnet1\n\nThis command does not remove the DHCP server if one is enabled on the internal network.\nPort-forwarding is supported (using the “–port-forward-4” switch for IPv4 and “–port-forward6” for IPv6):\nVBoxManage natnetwork modify --netname natnet1 --port-forward-4 \"ssh:tcp:[]:1022:[192.168.15.5]:22\"\n\nThis adds a port-forwarding rule from the host’s TCP 1022 port to the port 22 on the guest\nwith IP address 192.168.15.5. Host port, guest port and guest IP are mandatory. To delete the\nrule, use:\nVBoxManage natnetwork modify --netname natnet1 --port-forward-4 delete ssh\n\nIt’s possible to bind NAT service to specified interface:\nVBoxManage setextradata global \"NAT/win-nat-test-0/SourceIp4\" 192.168.1.185\n\nTo see the list of registered NAT networks, use:\nVBoxManage list natnetworks\n\n100\n\n\f6 Virtual networking\n\n6.5 Bridged networking\nWith bridged networking, VirtualBox uses a device driver on your host system that filters data\nfrom your physical network adapter. This driver is therefore called a “net filter” driver. This\nallows VirtualBox to intercept data from the physical network and inject data into it, effectively\ncreating a new network interface in software. When a guest is using such a new software interface, it looks to the host system as though the guest were physically connected to the interface\nusing a network cable: the host can send data to the guest through that interface and receive\ndata from it. This means that you can set up routing or bridging between the guest and the rest\nof your network.\nFor this to work, VirtualBox needs a device driver on your host system. The way bridged networking works has been completely rewritten with VirtualBox 2.0 and 2.1, depending on the host\noperating system. From the user perspective, the main difference is that complex configuration\nis no longer necessary on any of the supported host operating systems.2\nNote: Even though TAP is no longer necessary on Linux with bridged networking, you\ncan still use TAP interfaces for certain advanced setups, since you can connect a VM to\nany host interface – which could also be a TAP interface.\nTo enable bridged networking, all you need to do is to open the Settings dialog of a virtual\nmachine, go to the “Network” page and select “Bridged network” in the drop down list for the\n“Attached to” field. Finally, select desired host interface from the list at the bottom of the page,\nwhich contains the physical network interfaces of your systems. On a typical MacBook, for\nexample, this will allow you to select between “en1: AirPort” (which is the wireless interface)\nand “en0: Ethernet”, which represents the interface with a network cable.\nNote: Bridging to a wireless interface is done differently from bridging to a wired interface, because most wireless adapters do not support promiscuous mode. All traffic\nhas to use the MAC address of the host’s wireless adapter, and therefore VirtualBox\nneeds to replace the source MAC address in the Ethernet header of an outgoing packet\nto make sure the reply will be sent to the host interface. When VirtualBox sees an incoming packet with a destination IP address that belongs to one of the virtual machine\nadapters it replaces the destination MAC address in the Ethernet header with the VM\nadapter’s MAC address and passes it on. VirtualBox examines ARP and DHCP packets\nin order to learn the IP addresses of virtual machines.\nDepending on your host operating system, the following limitations should be kept in mind:\n• On Macintosh hosts, functionality is limited when using AirPort (the Mac’s wireless networking) for bridged networking. Currently, VirtualBox supports only IPv4 over AirPort.\nFor other protocols such as IPv6 and IPX, you must choose a wired interface.\n• On Linux hosts, functionality is limited when using wireless interfaces for bridged networking. Currently, VirtualBox supports only IPv4 over wireless. For other protocols such\nas IPv6 and IPX, you must choose a wired interface.\nAlso, setting the MTU to less than 1500 bytes on wired interfaces provided by the sky2\ndriver on the Marvell Yukon II EC Ultra Ethernet NIC is known to cause packet losses\nunder certain conditions.\n2 For\n\nMac OS X and Solaris hosts, net filter drivers were already added in VirtualBox 2.0 (as initial support for Host\nInterface Networking on these platforms). With VirtualBox 2.1, net filter drivers were also added for the Windows\nand Linux hosts, replacing the mechanisms previously present in VirtualBox for those platforms; especially on Linux,\nthe earlier method required creating TAP interfaces and bridges, which was complex and varied from one distribution\nto the next. None of this is necessary anymore. Bridged network was formerly called “Host Interface Networking”\nand has been renamed with version 2.2 without any change in functionality.\n\n101\n\n\f6 Virtual networking\nSome adapters strip VLAN tags in hardware. This does not allow to use VLAN trunking between VM and the external network with pre-2.6.27 Linux kernels nor with host operating\nsystems other than Linux.\n• On Solaris hosts, there is no support for using wireless interfaces. Filtering guest traffic\nusing IPFilter is also not completely supported due to technical restrictions of the Solaris\nnetworking subsystem. These issues would be addressed in a future release of Solaris 11.\nStarting with VirtualBox 4.1, on Solaris 11 hosts (build 159 and above), it is possible to use\nSolaris’ Crossbow Virtual Network Interfaces (VNICs) directly with VirtualBox without any\nadditional configuration other than each VNIC must be exclusive for every guest network\ninterface.\nStarting with VirtualBox 2.0.4 and up to VirtualBox 4.0, VNICs can be used but with the\nfollowing caveats:\n– A VNIC cannot be shared between multiple guest network interfaces, i.e. each guest\nnetwork interface must have its own, exclusive VNIC.\n– The VNIC and the guest network interface that uses the VNIC must be assigned identical MAC addresses.\nWhen using VLAN interfaces with VirtualBox, they must be named according to the PPAhack naming scheme (e.g. “e1000g513001”), as otherwise the guest may receive packets\nin an unexpected format.\n\n6.6 Internal networking\nInternal Networking is similar to bridged networking in that the VM can directly communicate\nwith the outside world. However, the “outside world” is limited to other VMs on the same host\nwhich connect to the same internal network.\nEven though technically, everything that can be done using internal networking can also be\ndone using bridged networking, there are security advantages with internal networking. In\nbridged networking mode, all traffic goes through a physical interface of the host system. It is\ntherefore possible to attach a packet sniffer (such as Wireshark) to the host interface and log all\ntraffic that goes over it. If, for any reason, you prefer two or more VMs on the same machine\nto communicate privately, hiding their data from both the host system and the user, bridged\nnetworking therefore is not an option.\nInternal networks are created automatically as needed, i.e. there is no central configuration.\nEvery internal network is identified simply by its name. Once there is more than one active virtual\nnetwork card with the same internal network ID, the VirtualBox support driver will automatically\n“wire” the cards and act as a network switch. The VirtualBox support driver implements a\ncomplete Ethernet switch and supports both broadcast/multicast frames and promiscuous mode.\nIn order to attach a VM’s network card to an internal network, set its networking mode to\n“internal networking”. There are two ways to accomplish this:\n• You can use a VM’s “Settings” dialog in the VirtualBox graphical user interface. In the\n“Networking” category of the settings dialog, select “Internal Networking” from the dropdown list of networking modes. Now select the name of an existing internal network from\nthe drop-down below or enter a new name into the entry field.\n• You can use\nVBoxManage modifyvm \"VM name\" --nic<x> intnet\n\nOptionally, you can specify a network name with the command\nVBoxManage modifyvm \"VM name\" --intnet<x> \"network name\"\n\n102\n\n\f6 Virtual networking\nIf you do not specify a network name, the network card will be attached to the network\nintnet by default.\nUnless you configure the (virtual) network cards in the guest operating systems that are participating in the internal network to use static IP addresses, you may want to use the DHCP server\nthat is built into VirtualBox to manage IP addresses for the internal network. Please see chapter\n8.34, VBoxManage dhcpserver, page 164 for details.\nAs a security measure, the Linux implementation of internal networking only allows VMs\nrunning under the same user ID to establish an internal network.\n\n6.7 Host-only networking\nHost-only networking is another networking mode that was added with version 2.2 of VirtualBox.\nIt can be thought of as a hybrid between the bridged and internal networking modes: as with\nbridged networking, the virtual machines can talk to each other and the host as if they were\nconnected through a physical Ethernet switch. Similarly, as with internal networking however, a\nphysical networking interface need not be present, and the virtual machines cannot talk to the\nworld outside the host since they are not connected to a physical networking interface.\nInstead, when host-only networking is used, VirtualBox creates a new software interface on\nthe host which then appears next to your existing network interfaces. In other words, whereas\nwith bridged networking an existing physical interface is used to attach virtual machines to,\nwith host-only networking a new “loopback” interface is created on the host. And whereas with\ninternal networking, the traffic between the virtual machines cannot be seen, the traffic on the\n“loopback” interface on the host can be intercepted.\nHost-only networking is particularly useful for preconfigured virtual appliances, where multiple virtual machines are shipped together and designed to cooperate. For example, one virtual\nmachine may contain a web server and a second one a database, and since they are intended\nto talk to each other, the appliance can instruct VirtualBox to set up a host-only network for the\ntwo. A second (bridged) network would then connect the web server to the outside world to\nserve data to, but the outside world cannot connect to the database.\nTo change a virtual machine’s virtual network interface to “host only” mode:\n• either go to the “Network” page in the virtual machine’s settings notebook in the graphical\nuser interface and select “Host-only networking”, or\n• on the command line, type VBoxManage modifyvm \"VM name\" --nic<x> hostonly; see\nchapter 8.8, VBoxManage modifyvm, page 131 for details.\nBefore you can attach a VM to a host-only network you have to create at least one host-only\ninterface, either from the GUI: “File” -> “Preferences” -> “Network” -> “Host-only network” ->\n“(+)Add host-only network”, or via command line with\nVBoxManage hostonlyif create\n\nsee chapter 8.33, VBoxManage hostonlyif, page 164 for details.\nFor host-only networking, like with internal networking, you may find the DHCP server useful\nthat is built into VirtualBox. This can be enabled to then manage the IP addresses in the host-only\nnetwork since otherwise you would need to configure all IP addresses statically.\n• In the VirtualBox graphical user interface, you can configure all these items in the global\nsettings via “File” -> “Preferences” -> “Network”, which lists all host-only networks which\nare presently in use. Click on the network name and then on the “Edit” button to the right,\nand you can modify the adapter and DHCP settings.\n• Alternatively, you can use VBoxManage dhcpserver on the command line; please see chapter 8.34, VBoxManage dhcpserver, page 164 for details.\n\n103\n\n\f6 Virtual networking\nNote: On Linux and Mac OS X hosts the number of host-only interfaces is limited to\n128. There is no such limit for Solaris and Windows hosts.\n\n6.8 UDP Tunnel networking\nThis networking mode allows to interconnect virtual machines running on different hosts.\nTechnically this is done by encapsulating Ethernet frames sent or received by the guest network\ncard into UDP/IP datagrams, and sending them over any network available to the host.\nUDP Tunnel mode has three parameters:\nSource UDP port The port on which the host listens. Datagrams arriving on this port from any\nsource address will be forwarded to the receiving part of the guest network card.\nDestination address IP address of the target host of the transmitted data.\nDestination UDP port Port number to which the transmitted data is sent.\nWhen interconnecting two virtual machines on two different hosts, their IP addresses must be\nswapped. On single host, source and destination UDP ports must be swapped.\nIn the following example host 1 uses the IP address 10.0.0.1 and host 2 uses IP address\n10.0.0.2. Configuration via command-line:\nVBoxManage\nVBoxManage\nVBoxManage\nVBoxManage\nVBoxManage\n\nmodifyvm\nmodifyvm\nmodifyvm\nmodifyvm\nmodifyvm\n\n\"VM\n\"VM\n\"VM\n\"VM\n\"VM\n\n01\n01\n01\n01\n01\n\non\non\non\non\non\n\nhost\nhost\nhost\nhost\nhost\n\n1\"\n1\"\n1\"\n1\"\n1\"\n\n--nic<x> generic\n--nicgenericdrv<x> UDPTunnel\n--nicproperty<x> dest=10.0.0.2\n--nicproperty<x> sport=10001\n--nicproperty<x> dport=10002\n\nVBoxManage\nVBoxManage\nVBoxManage\nVBoxManage\nVBoxManage\n\nmodifyvm\nmodifyvm\nmodifyvm\nmodifyvm\nmodifyvm\n\n\"VM\n\"VM\n\"VM\n\"VM\n\"VM\n\n02\n02\n02\n02\n02\n\non\non\non\non\non\n\nhost\nhost\nhost\nhost\nhost\n\n2\"\n2\"\n2\"\n2\"\n2\"\n\n--nic<y> generic\n--nicgenericdrv<y> UDPTunnel\n--nicproperty<y> dest=10.0.0.1\n--nicproperty<y> sport=10002\n--nicproperty<y> dport=10001\n\nand\n\nOf course, you can always interconnect two virtual machines on the same host, by setting the\ndestination address parameter to 127.0.0.1 on both. It will act similarly to “Internal network” in\nthis case, however the host can see the network traffic which it could not in the normal Internal\nnetwork case.\nNote: On Unix-based hosts (e.g. Linux, Solaris, Mac OS X) it is not possible to bind to\nports below 1024 from applications that are not run by root. As a result, if you try to\nconfigure such a source UDP port, the VM will refuse to start.\n\n6.9 VDE networking\nVirtual Distributed Ethernet (VDE3 ) is a flexible, virtual network infrastructure system, spanning\nacross multiple hosts in a secure way. It allows for L2/L3 switching, including spanning-tree\nprotocol, VLANs, and WAN emulation. It is an optional part of VirtualBox which is only included\nin the source code.\nThe basic building blocks of the infrastructure are VDE switches, VDE plugs and VDE wires\nwhich inter-connect the switches.\nThe VirtualBox VDE driver has one parameter:\n3 VDE\n\nis a project developed by Renzo Davoli, Associate Professor at the University of Bologna, Italy.\n\n104\n\n\f6 Virtual networking\nVDE network The name of the VDE network switch socket to which the VM will be connected.\nThe following basic example shows how to connect a virtual machine to a VDE switch:\n1. Create a VDE switch:\nvde_switch -s /tmp/switch1\n\n2. Configuration via command-line:\nVBoxManage modifyvm \"VM name\" --nic<x> generic\nVBoxManage modifyvm \"VM name\" --nicgenericdrv<x> VDE\n\nTo connect to automatically allocated switch port, use:\nVBoxManage modifyvm \"VM name\" --nicproperty<x> network=/tmp/switch1\n\nTo connect to specific switch port <n>, use:\nVBoxManage modifyvm \"VM name\" --nicproperty<x> network=/tmp/switch1[<n>]\n\nThe latter option can be useful for VLANs.\n3. Optionally map between VDE switch port and VLAN: (from switch CLI)\nvde$ vlan/create <VLAN>\nvde$ port/setvlan <port> <VLAN>\n\nVDE is available on Linux and FreeBSD hosts only. It is only available if the VDE software\nand the VDE plugin library from the VirtualSquare project are installed on the host system4 . For\nmore information on setting up VDE networks, please see the documentation accompanying the\nsoftware.5\n\n6.10 Limiting bandwidth for network I/O\nStarting with version 4.2, VirtualBox allows for limiting the maximum bandwidth used for network transmission. Several network adapters of one VM may share limits through bandwidth\ngroups. It is possible to have more than one such limit.\nNote: VirtualBox shapes VM traffic only in the transmit direction, delaying the packets\nbeing sent by virtual machines. It does not limit the traffic being received by virtual\nmachines.\nLimits are configured through VBoxManage. The example below creates a bandwidth group\nnamed “Limit”, sets the limit to 20 Mbit/s and assigns the group to the first and second adapters\nof the VM:\nVBoxManage bandwidthctl \"VM name\" add Limit --type network --limit 20m\nVBoxManage modifyvm \"VM name\" --nicbandwidthgroup1 Limit\nVBoxManage modifyvm \"VM name\" --nicbandwidthgroup2 Limit\n\nAll adapters in a group share the bandwidth limit, meaning that in the example above the\nbandwidth of both adapters combined can never exceed 20 Mbit/s. However, if one adapter\ndoesn’t require bandwidth the other can use the remaining bandwidth of its group.\nThe limits for each group can be changed while the VM is running, with changes being picked\nup immediately. The example below changes the limit for the group created in the example\nabove to 100 Kbit/s:\n4 For\n\nLinux hosts, the shared library libvdeplug.so must be available in the search path for shared libraries\n\n5 http://wiki.virtualsquare.org/wiki/index.php/VDE_Basic_Networking.\n\n105\n\n\f6 Virtual networking\nVBoxManage bandwidthctl \"VM name\" set Limit --limit 100k\n\nTo completely disable shaping for the first adapter of VM use the following command:\nVBoxManage modifyvm \"VM name\" --nicbandwidthgroup1 none\n\nIt is also possible to disable shaping for all adapters assigned to a bandwidth group while VM\nis running, by specifying the zero limit for the group. For example, for the bandwidth group\nnamed “Limit” use:\nVBoxManage bandwidthctl \"VM name\" set Limit --limit 0\n\n6.11 Improving network performance\nVirtualBox provides a variety of virtual network adapters that can be “attached” to the host’s\nnetwork in a number of ways. Depending on which types of adapters and attachments are\nused the network performance will be different. Performance-wise the virtio network adapter\nis preferable over Intel PRO/1000 emulated adapters, which are preferred over PCNet family\nof adapters. Both virtio and Intel PRO/1000 adapters enjoy the benefit of segmentation and\nchecksum offloading. Segmentation offloading is essential for high performance as it allows for\nless context switches, dramatically increasing the sizes of packets that cross VM/host boundary.\nNote: Neither virtio nor Intel PRO/1000 drivers for Windows XP support segmentation\noffloading. Therefore Windows XP guests never reach the same transmission rates as\nother guest types. Refer to MS Knowledge base article 842264 for additional information.\nThree attachment types: internal, bridged and host-only, have nearly identical performance,\nthe internal type being a little bit faster and using less CPU cycles as the packets never reach the\nhost’s network stack. The NAT attachment is the slowest (and safest) of all attachment types as\nit provides network address translation. The generic driver attachment is special and cannot be\nconsidered as an alternative to other attachment types.\nThe number of CPUs assigned to VM does not improve network performance and in some cases\nmay hurt it due to increased concurrency in the guest.\nHere is the short summary of things to check in order to improve network performance:\n1. Whenever possible use virtio network adapter, otherwise use one of Intel PRO/1000\nadapters;\n2. Use bridged attachment instead of NAT;\n3. Make sure segmentation offloading is enabled in the guest OS. Usually it will be enabled by\ndefault. You can check and modify offloading settings using ethtool command in Linux\nguests.\n\n106\n\n\f7 Remote virtual machines\n7.1 Remote display (VRDP support)\nVirtualBox can display virtual machines remotely, meaning that a virtual machine can execute\non one computer even though the machine will be displayed on a second computer, and the\nmachine will be controlled from there as well, as if the virtual machine was running on that\nsecond computer.\nFor maximum flexibility, starting with VirtualBox 4.0, VirtualBox implements remote machine\ndisplay through a generic extension interface, the VirtualBox Remote Desktop Extension (VRDE).\nThe base open-source VirtualBox package only provides this interface, while implementations\ncan be supplied by third parties with VirtualBox extension packages, which must be installed\nseparately from the base package. See chapter 1.5, Installing VirtualBox and extension packs,\npage 16 for more information.\nOracle provides support for the VirtualBox Remote Display Protocol (VRDP) in such a\nVirtualBox extension package. When this package is installed, VirtualBox versions 4.0 and later\nsupport VRDP the same way as binary (non-open-source) versions of VirtualBox before 4.0 did.\nVRDP is a backwards-compatible extension to Microsoft’s Remote Desktop Protocol (RDP). As\na result, you can use any standard RDP client to control the remote VM.\nEven when the extension is installed, the VRDP server is disabled by default. It can easily be\nenabled on a per-VM basis either in the VirtualBox Manager in the “Display” settings (see chapter\n3.5, Display settings, page 52) or with VBoxManage:\nVBoxManage modifyvm \"VM name\" --vrde on\n\nBy default, the VRDP server uses TCP port 3389. You will need to change the default port if\nyou run more than one VRDP server, since the port can only be used by one server at a time; you\nmight also need to change it on Windows hosts since the default port might already be used by\nthe RDP server that is built into Windows itself. Ports 5000 through 5050 are typically not used\nand might be a good choice.\nThe port can be changed either in the “Display” settings of the graphical user interface or\nwith --vrdeport option of the VBoxManage modifyvm command. You can specify a commaseparated list of ports or ranges of ports. Use a dash between two port numbers to specify a\nrange. The VRDP server will bind to one of available ports from the specified list. For example,\nVBoxManage modifyvm \"VM name\" --vrdeport 5000,5010-5012 will configure the server to\nbind to one of the ports 5000, 5010, 5011 or 5012. See chapter 8.8.5, Remote machine settings,\npage 138 for details.\nThe actual port used by a running VM can be either queried with VBoxManage showvminfo\ncommand or seen in the GUI on the “Runtime” tab of the “Session Information Dialog”, which is\naccessible via the “Machine” menu of the VM window.\nSupport for IPv6 has been implemented in VirtualBox 4.3. If the host OS supports IPv6 the\nVRDP server will automatically listen for IPv6 connections in addition to IPv4.\n\n7.1.1 Common third-party RDP viewers\nSince VRDP is backwards-compatible to RDP, you can use any standard RDP viewer to connect\nto such a remote virtual machine (examples follow below). For this to work, you must specify\nthe IP address of your host system (not of the virtual machine!) as the server address to connect\nto, as well as the port number that the VRDP server is using.\n\n107\n\n\f7 Remote virtual machines\nHere follow examples for the most common RDP viewers:\n• On Windows, you can use the Microsoft Terminal Services Connector (mstsc.exe) that\nships with Windows. You can start it by bringing up the “Run” dialog (press the Windows\nkey and “R”) and typing “mstsc”. You can also find it under “Start” -> “All Programs” ->\n“Accessories” -> “Remote Desktop Connection”. If you use the “Run” dialog, you can type\nin options directly:\nmstsc 1.2.3.4:3389\n\nReplace 1.2.3.4 with the host IP address, and 3389 with a different port if necessary.\nNote: IPv6 address must be enclosed in square brackets to specify a port. For example:\nmstsc [fe80::1:2:3:4]:3389\n\nNote: When connecting to localhost in order to test the connection, the addresses\nlocalhost and 127.0.0.1 might not work using mstsc.exe. Instead, the address\n127.0.0.2[:3389] has to be used.\n\n• On other systems, you can use the standard open-source rdesktop program. This ships\nwith most Linux distributions, but VirtualBox also comes with a modified variant of rdesktop for remote USB support (see chapter 7.1.4, Remote USB, page 111 below).\nWith rdesktop, use a command line such as the following:\nrdesktop -a 16 -N 1.2.3.4:3389\n\nAs said for the Microsoft viewer above, replace 1.2.3.4 with the host IP address, and\n3389 with a different port if necessary. The -a 16 option requests a color depth of 16\nbits per pixel, which we recommend. (For best performance, after installation of the guest\noperating system, you should set its display color depth to the same value). The -N option\nenables use of the NumPad keys.\n• If you run the KDE desktop, you might prefer krdc, the KDE RDP viewer. The command\nline would look like this:\nkrdc rdp://1.2.3.4:3389\n\nAgain, replace 1.2.3.4 with the host IP address, and 3389 with a different port if necessary.\nThe “rdp://“ bit is required with krdc to switch it into RDP mode.\n• With Sun Ray thin clients you can use uttsc, which is part of the Sun Ray Windows\nConnector package. See the corresponding documentation for details.\n\n7.1.2 VBoxHeadless, the remote desktop server\nWhile any VM started from the VirtualBox Manager is capable of running virtual machines remotely, it is not convenient to have to run the full-fledged GUI if you never want to have VMs\ndisplayed locally in the first place. In particular, if you are running server hardware whose only\npurpose is to host VMs, and all your VMs are supposed to run remotely over VRDP, then it is\npointless to have a graphical user interface on the server at all – especially since, on a Linux or\nSolaris host, the VirtualBox manager comes with dependencies on the Qt and SDL libraries. This\nis inconvenient if you would rather not have the X Window system on your server at all.\n\n108\n\n\f7 Remote virtual machines\nVirtualBox therefore comes with yet another front-end called VBoxHeadless, which produces\nno visible output on the host at all, but still can deliver VRDP data. This front-end has no\ndependencies on the X Window system on Linux and Solaris hosts.1\nTo start a virtual machine with VBoxHeadless, you have three options:\n• You can use\nVBoxManage startvm \"VM name\" --type headless\n\nThe extra --type option causes VirtualBox to use VBoxHeadless as the front-end to the\ninternal virtualization engine instead of the Qt front-end.\n• One alternative is to use VBoxHeadless directly, as follows:\nVBoxHeadless --startvm <uuid|name>\n\nThis way of starting the VM helps troubleshooting problems reported by VBoxManage\nstartvm ... because you can see sometimes more detailed error messages, especially\nfor early failures before the VM execution is started. In normal situations VBoxManage\nstartvm is preferred since it runs the VM directly as a background process which has to be\ndone explicitly when directly starting VBoxHeadless.\n• The other alternative is to start VBoxHeadless from the VirtualBox Manager GUI, by holding the Shift key when starting a virtual machine or selecting Headless Start from the\nMachine menu.\nSince VirtualBox version 5.0, when you use VBoxHeadless to start a VM, the VRDP server will\nbe enabled according to the VM configuration. You can override the VM’s setting using --vrde\ncommand line parameter. To enable the VRDP server start the VM like this:\nVBoxHeadless --startvm <uuid|name> --vrde on\n\nand to disable it:\nVBoxHeadless --startvm <uuid|name> --vrde off\n\nTo have the VRDP server enabled depending on the VM configuration, as the other front-ends\nwould, you can still use:\nVBoxHeadless --startvm <uuid|name> --vrde config\n\nbut this is the same as\nVBoxHeadless --startvm <uuid|name>\n\nIf you start the VM with VBoxManage startvm ... then the configuration settings of the VM\nare always used.\n\n7.1.3 Step by step: creating a virtual machine on a headless server\nThe following instructions may give you an idea how to create a virtual machine on a headless\nserver over a network connection. We will create a virtual machine, establish an RDP connection\nand install a guest operating system – all without having to touch the headless server. All you\nneed is the following:\n1. VirtualBox on a server machine with a supported host operating system. The VirtualBox\nextension pack for the VRDP server must be installed (see the previous section). For the\nfollowing example, we will assume a Linux server.\n1 Before VirtualBox 1.6,\n\nthe headless server was called VBoxVRDP. For the sake of backwards compatibility, the VirtualBox\ninstallation still installs an executable with that name as well.\n\n109\n\n\f7 Remote virtual machines\n2. An ISO file accessible from the server, containing the installation data for the guest operating system to install (we will assume Windows XP in the following example).\n3. A terminal connection to that host through which you can access a command line (e.g. via\nssh).\n4. An RDP viewer on the remote client; see chapter 7.1.1, Common third-party RDP viewers,\npage 107 above for examples.\nNote again that on the server machine, since we will only use the headless server, neither Qt nor\nSDL nor the X Window system will be needed.\n1. On the headless server, create a new virtual machine:\nVBoxManage createvm --name \"Windows XP\" --ostype WindowsXP --register\n\nNote that if you do not specify --register, you will have to manually use the registervm\ncommand later.\nNote further that you do not need to specify --ostype, but doing so selects some sane\ndefault values for certain VM parameters, for example the RAM size and the type of the\nvirtual network device. To get a complete list of supported operating systems you can use\nVBoxManage list ostypes\n\n2. Make sure the settings for this VM are appropriate for the guest operating system that we\nwill install. For example:\nVBoxManage modifyvm \"Windows XP\" --memory 256 --acpi on --boot1 dvd --nic1 nat\n\n3. Create a virtual hard disk for the VM (in this case, 10 GB in size):\nVBoxManage createhd --filename \"WinXP.vdi\" --size 10000\n\n4. Add an IDE Controller to the new VM:\nVBoxManage storagectl \"Windows XP\" --name \"IDE Controller\"\n--add ide --controller PIIX4\n\n5. Set the VDI file created above as the first virtual hard disk of the new VM:\nVBoxManage storageattach \"Windows XP\" --storagectl \"IDE Controller\"\n--port 0 --device 0 --type hdd --medium \"WinXP.vdi\"\n\n6. Attach the ISO file that contains the operating system installation that you want to install\nlater to the virtual machine, so the machine can boot from it:\nVBoxManage storageattach \"Windows XP\" --storagectl \"IDE Controller\"\n--port 0 --device 1 --type dvddrive --medium /full/path/to/iso.iso\n\n7. Enable VirtualBox remote desktop extension (the VRDP server):\nVBoxManage modifyvm \"Windows XP\" --vrde on\n\n8. Start the virtual machine using VBoxHeadless:\nVBoxHeadless --startvm \"Windows XP\"\n\nIf everything worked, you should see a copyright notice. If, instead, you are returned to\nthe command line, then something went wrong.\n9. On the client machine, fire up the RDP viewer and try to connect to the server (see chapter\n7.1.1, Common third-party RDP viewers, page 107 above for how to use various common\nRDP viewers).\nYou should now be seeing the installation routine of your guest operating system remotely\nin the RDP viewer.\n\n110\n\n\f7 Remote virtual machines\n\n7.1.4 Remote USB\nAs a special feature on top of the VRDP support, VirtualBox supports remote USB devices over\nthe wire as well. That is, the VirtualBox guest that runs on one computer can access the USB\ndevices of the remote computer on which the VRDP data is being displayed the same way as\nUSB devices that are connected to the actual host. This allows for running virtual machines on\na VirtualBox host that acts as a server, where a client can connect from elsewhere that needs\nonly a network adapter and a display capable of running an RDP viewer. When USB devices are\nplugged into the client, the remote VirtualBox server can access them.\nFor these remote USB devices, the same filter rules apply as for other USB devices, as described\nwith chapter 3.10.1, USB settings, page 57. All you have to do is specify “Remote” (or “Any”)\nwhen setting up these rules.\nAccessing remote USB devices is only possible if the RDP client supports this extension.\nOn Linux and Solaris hosts, the VirtualBox installation provides a suitable VRDP client called\nrdesktop-vrdp. Recent versions of uttsc, a client tailored for the use with Sun Ray thin clients,\nalso support accessing remote USB devices. RDP clients for other platforms will be provided in\nfuture VirtualBox versions.\nTo make a remote USB device available to a VM, rdesktop-vrdp should be started as follows:\nrdesktop-vrdp -r usb -a 16 -N my.host.address\n\nPlease refer to chapter 12.8.7, USB not working, page 244 for further details on how to properly\nset up the permissions for USB devices. Furthermore it is advisable to disable automatic loading\nof any host driver on the remote host which might work on USB devices to ensure that the devices\nare accessible by the RDP client. If the setup was properly done on the remote host, plug/unplug\nevents are visible on the VBox.log file of the VM.\n\n7.1.5 RDP authentication\nFor each virtual machine that is remotely accessible via RDP, you can individually determine if\nand how client connections are authenticated. For this, use VBoxManage modifyvm command\nwith the --vrdeauthtype option; see chapter 8.8, VBoxManage modifyvm, page 131 for a general introduction. Three methods of authentication are available:\n• The “null” method means that there is no authentication at all; any client can connect to\nthe VRDP server and thus the virtual machine. This is, of course, very insecure and only to\nbe recommended for private networks.\n• The “external” method provides external authentication through a special authentication\nlibrary. VirtualBox ships with two such authentication libraries:\n1. The default authentication library, VBoxAuth, authenticates against user credentials\nof the hosts. Depending on the host platform, this means:\n– On Linux hosts, VBoxAuth.so authenticates users against the host’s PAM system.\n– On Windows hosts, VBoxAuth.dll authenticates users against the host’s WinLogon system.\n– On Mac OS X hosts, VBoxAuth.dylib authenticates users against the host’s directory service.2\nIn other words, the “external” method per default performs authentication with the\nuser accounts that exist on the host system. Any user with valid authentication credentials is accepted, i.e. the username does not have to correspond to the user running\nthe VM.\n2 Support\n\nfor Mac OS X was added in version 3.2.\n\n111\n\n\f7 Remote virtual machines\n2. An additional library called VBoxAuthSimple performs authentication against credentials configured in the “extradata” section of a virtual machine’s XML settings file. This\nis probably the simplest way to get authentication that does not depend on a running\nand supported guest (see below). The following steps are required:\na) Enable VBoxAuthSimple with the following command:\nVBoxManage setproperty vrdeauthlibrary \"VBoxAuthSimple\"\n\nb) To enable the library for a particular VM, you must then switch authentication to\nexternal:\nVBoxManage modifyvm \"VM name\" --vrdeauthtype external\n\nReplace <vm> with the VM name or UUID.\nc) You will then need to configure users and passwords by writing items into the\nmachine’s extradata. Since the XML machine settings file, into whose “extradata”\nsection the password needs to be written, is a plain text file, VirtualBox uses\nhashes to encrypt passwords. The following command must be used:\nVBoxManage setextradata \"VM name\" \"VBoxAuthSimple/users/<user>\" <hash>\n\nReplace <vm> with the VM name or UUID, <user> with the user name who should\nbe allowed to log in and <hash> with the encrypted password. As an example,\nto obtain the hash value for the password “secret”, you can use the following\ncommand:\nVBoxManage internalcommands passwordhash \"secret\"\n\nThis will print\n2bb80d537b1da3e38bd30361aa855686bde0eacd7162fef6a25fe97bf527a25b\n\nYou can then use VBoxManage setextradata to store this value in the machine’s\n“extradata” section.\nAs example, combined together, to set the password for the user “john” and the\nmachine “My VM” to “secret”, use this command:\nVBoxManage setextradata \"My VM\" \"VBoxAuthSimple/users/john\"\n2bb80d537b1da3e38bd30361aa855686bde0eacd7162fef6a25fe97bf527a25b\n\n• Finally, the “guest” authentication method performs authentication with a special component that comes with the Guest Additions; as a result, authentication is not performed on\nthe host, but with the guest user accounts.\nThis method is currently still in testing and not yet supported.\nIn addition to the methods described above, you can replace the default “external” authentication module with any other module. For this, VirtualBox provides a well-defined interface that\nallows you to write your own authentication module. This is described in detail in the VirtualBox\nSoftware Development Kit (SDK) reference; please see chapter 11, VirtualBox programming interfaces, page 228 for details.\n\n7.1.6 RDP encryption\nRDP features data stream encryption, which is based on the RC4 symmetric cipher (with keys up\nto 128bit). The RC4 keys are being replaced in regular intervals (every 4096 packets).\nRDP provides different authentication methods:\n1. Historically, RDP4 authentication was used, with which the RDP client does not perform\nany checks in order to verify the identity of the server it connects to. Since user credentials can be obtained using a “man in the middle” (MITM) attack, RDP4 authentication is\ninsecure and should generally not be used.\n\n112\n\n\f7 Remote virtual machines\n2. RDP5.1 authentication employs a server certificate for which the client possesses the public\nkey. This way it is guaranteed that the server possess the corresponding private key. However, as this hard-coded private key became public some years ago, RDP5.1 authentication\nis also insecure.\n3. RDP5.2 authentication uses the Enhanced RDP Security, which means that an external\nsecurity protocol is used to secure the connection. RDP4 and RDP5.1 use Standard RDP\nSecurity. The VRDP server supports Enhanced RDP Security with TLS protocol and, as a\npart of TLS handshake, sends the server certificate to the client.\nThe Security/Method VRDE property sets the desired security method, which is used for\na connection. Valid values are:\n• Negotiate - both Enhanced (TLS) and Standard RDP Security connections are allowed. The security method is negotiated with the client. This is the default setting.\n• RDP - only Standard RDP Security is accepted.\n• TLS - only Enhanced RDP Security is accepted. The client must support TLS.\nFor example the following command allows a client to use either Standard or Enhanced\nRDP Security connection:\nvboxmanage modifyvm \"VM name\" --vrdeproperty \"Security/Method=negotiate\"\n\nIf the Security/Method property is set to either Negotiate or TLS, the TLS protocol\nwill be automatically used by the server, if the client supports TLS. However, in order to\nuse TLS the server must possess the Server Certificate, the Server Private Key and the\nCertificate Authority (CA) Certificate. The following example shows how to generate a\nserver certificate.\na) Create a CA self signed certificate:\nopenssl req -new -x509 -days 365 -extensions v3_ca \\\n-keyout ca_key_private.pem -out ca_cert.pem\n\nb) Generate a server private key and a request for signing:\nopenssl genrsa -out server_key_private.pem\nopenssl req -new -key server_key_private.pem -out server_req.pem\n\nc) Generate the server certificate:\nopenssl x509 -req -days 365 -in server_req.pem \\\n-CA ca_cert.pem -CAkey ca_key_private.pem -set_serial 01 -out server_cert.pem\n\nThe server must be configured to access the required files:\nvboxmanage modifyvm \"VM name\" \\\n--vrdeproperty \"Security/CACertificate=path/ca_cert.pem\"\nvboxmanage modifyvm \"VM name\" \\\n--vrdeproperty \"Security/ServerCertificate=path/server_cert.pem\"\nvboxmanage modifyvm \"VM name\" \\\n--vrdeproperty \"Security/ServerPrivateKey=path/server_key_private.pem\"\n\nAs the client that connects to the server determines what type of encryption will be used, with\nrdesktop, the Linux RDP viewer, use the -4 or -5 options.\n\n7.1.7 Multiple connections to the VRDP server\nThe VRDP server of VirtualBox supports multiple simultaneous connections to the same running\nVM from different clients. All connected clients see the same screen output and share a mouse\npointer and keyboard focus. This is similar to several people using the same computer at the\nsame time, taking turns at the keyboard.\nThe following command enables multiple connection mode:\nVBoxManage modifyvm \"VM name\" --vrdemulticon on\n\n113\n\n\f7 Remote virtual machines\n\n7.1.8 Multiple remote monitors\nTo access two or more remote VM displays you have to enable the VRDP multiconnection mode\n(see chapter 7.1.7, Multiple connections to the VRDP server, page 113).\nThe RDP client can select the virtual monitor number to connect to using the domain logon\nparameter (-d). If the parameter ends with @ followed by a number, VirtualBox interprets this\nnumber as the screen index. The primary guest screen is selected with @1, the first secondary\nscreen is @2, etc.\nThe Microsoft RDP6 client does not let you specify a separate domain name. Instead, use\ndomain\\username in the Username: field – for example, @2\\name. name must be supplied, and\nmust be the name used to log in if the VRDP server is set up to require credentials. If it is not,\nyou may use any text as the username.\n\n7.1.9 VRDP video redirection\nStarting with VirtualBox 3.2, the VRDP server can redirect video streams from the guest to the\nRDP client. Video frames are compressed using the JPEG algorithm allowing a higher compression ratio than standard RDP bitmap compression methods. It is possible to increase the\ncompression ratio by lowering the video quality.\nThe VRDP server automatically detects video streams in a guest as frequently updated rectangular areas. As a result, this method works with any guest operating system without having to\ninstall additional software in the guest; in particular, the Guest Additions are not required.\nOn the client side, however, currently only the Windows 7 Remote Desktop Connection client\nsupports this feature. If a client does not support video redirection, the VRDP server falls back to\nregular bitmap updates.\nThe following command enables video redirection:\nVBoxManage modifyvm \"VM name\" --vrdevideochannel on\n\nThe quality of the video is defined as a value from 10 to 100 percent, representing a JPEG\ncompression level (where lower numbers mean lower quality but higher compression). The\nquality can be changed using the following command:\nVBoxManage modifyvm \"VM name\" --vrdevideochannelquality 75\n\n7.1.10 VRDP customization\nWith VirtualBox 4.0 it is possible to disable display output, mouse and keyboard input, audio,\nremote USB or clipboard individually in the VRDP server.\nThe following commands change corresponding server settings:\nVBoxManage\nVBoxManage\nVBoxManage\nVBoxManage\nVBoxManage\nVBoxManage\n\nmodifyvm\nmodifyvm\nmodifyvm\nmodifyvm\nmodifyvm\nmodifyvm\n\n\"VM\n\"VM\n\"VM\n\"VM\n\"VM\n\"VM\n\nname\"\nname\"\nname\"\nname\"\nname\"\nname\"\n\n--vrdeproperty\n--vrdeproperty\n--vrdeproperty\n--vrdeproperty\n--vrdeproperty\n--vrdeproperty\n\nClient/DisableDisplay=1\nClient/DisableInput=1\nClient/DisableUSB=1\nClient/DisableAudio=1\nClient/DisableClipboard=1\nClient/DisableUpstreamAudio=1\n\nTo reenable a feature use a similar command without the trailing 1. For example:\nVBoxManage modifyvm \"VM name\" --vrdeproperty Client/DisableDisplay=\n\nThese properties were introduced with VirtualBox 3.2.10. However, in the 3.2.x series, it was\nnecessary to use the following commands to alter these settings instead:\nVBoxManage\nVBoxManage\nVBoxManage\nVBoxManage\nVBoxManage\n\nsetextradata\nsetextradata\nsetextradata\nsetextradata\nsetextradata\n\n\"VM\n\"VM\n\"VM\n\"VM\n\"VM\n\nname\"\nname\"\nname\"\nname\"\nname\"\n\n\"VRDP/Feature/Client/DisableDisplay\" 1\n\"VRDP/Feature/Client/DisableInput\" 1\n\"VRDP/Feature/Client/DisableUSB\" 1\n\"VRDP/Feature/Client/DisableAudio\" 1\n\"VRDP/Feature/Client/DisableClipboard\" 1\n\n114\n\n\f7 Remote virtual machines\nTo reenable a feature use a similar command without the trailing 1. For example:\nVBoxManage setextradata \"VM name\" \"VRDP/Feature/Client/DisableDisplay\"\n\n7.2 Teleporting\nStarting with version 3.1, VirtualBox supports “teleporting” – that is, moving a virtual machine\nover a network from one VirtualBox host to another, while the virtual machine is running. This\nworks regardless of the host operating system that is running on the hosts: you can teleport\nvirtual machines between Solaris and Mac hosts, for example.\nTeleporting requires that a machine be currently running on one host, which is then called\nthe “source”. The host to which the virtual machine will be teleported will then be called the\n“target”; the machine on the target is then configured to wait for the source to contact the target.\nThe machine’s running state will then be transferred from the source to the target with minimal\ndowntime.\nTeleporting happens over any TCP/IP network; the source and the target only need to agree\non a TCP/IP port which is specified in the teleporting settings.\nAt this time, there are a few prerequisites for this to work, however:\n1. On the target host, you must configure a virtual machine in VirtualBox with exactly the\nsame hardware settings as the machine on the source that you want to teleport. This does\nnot apply to settings which are merely descriptive, such as the VM name, but obviously for\nteleporting to work, the target machine must have the same amount of memory and other\nhardware settings. Otherwise teleporting will fail with an error message.\n2. The two virtual machines on the source and the target must share the same storage (hard\ndisks as well as floppy and CD/DVD images). This means that they either use the same\niSCSI targets or that the storage resides somewhere on the network and both hosts have\naccess to it via NFS or SMB/CIFS.\nThis also means that neither the source nor the target machine can have any snapshots.\nThen perform the following steps:\n1. On the target host, configure the virtual machine to wait for a teleport request to arrive\nwhen it is started, instead of actually attempting to start the machine. This is done with\nthe following VBoxManage command:\nVBoxManage modifyvm <targetvmname> --teleporter on --teleporterport <port>\n\nwhere <targetvmname> is the name of the virtual machine on the target host and <port>\nis a TCP/IP port number to be used on both the source and the target hosts. For example,\nuse 6000. For details, see chapter 8.8.6, Teleporting settings, page 139.\n2. Start the VM on the target host. You will see that instead of actually running, it will show\na progress dialog. indicating that it is waiting for a teleport request to arrive.\n3. Start the machine on the source host as usual. When it is running and you want it to be\nteleported, issue the following command on the source host:\nVBoxManage controlvm <sourcevmname> teleport --host <targethost> --port <port>\n\nwhere <sourcevmname> is the name of the virtual machine on the source host (the machine\nthat is currently running), <targethost> is the host or IP name of the target host on which\nthe machine is waiting for the teleport request, and <port> must be the same number as\nspecified in the command on the target host. For details, see chapter 8.13, VBoxManage\ncontrolvm, page 142.\n\n115\n\n\f7 Remote virtual machines\nFor testing, you can also teleport machines on the same host; in that case, use “localhost” as\nthe hostname on both the source and the target host.\nNote: In rare cases, if the CPUs of the source and the target are very different, teleporting can fail with an error message, or the target may hang. This may happen\nespecially if the VM is running application software that is highly optimized to run\non a particular CPU without correctly checking that certain CPU features are actually\npresent. VirtualBox filters what CPU capabilities are presented to the guest operating\nsystem. Advanced users can attempt to restrict these virtual CPU capabilities with the\nVBoxManage --modifyvm --cpuid command; see chapter 8.8.6, Teleporting settings,\npage 139.\n\n116\n\n\f8 VBoxManage\n8.1 Introduction\nAs briefly mentioned in chapter 1.16, Alternative front-ends, page 32, VBoxManage is the\ncommand-line interface to VirtualBox. With it, you can completely control VirtualBox from the\ncommand line of your host operating system. VBoxManage supports all the features that the\ngraphical user interface gives you access to, but it supports a lot more than that. It exposes really\nall the features of the virtualization engine, even those that cannot (yet) be accessed from the\nGUI.\nYou will need to use the command line if you want to\n• use a different user interface than the main GUI (for example, VBoxSDL or the VBoxHeadless server);\n• control some of the more advanced and experimental configuration settings for a VM.\nThere are two main things to keep in mind when using VBoxManage: First, VBoxManage must\nalways be used with a specific “subcommand”, such as “list” or “createvm” or “startvm”. All the\nsubcommands that VBoxManage supports are described in detail in chapter 8, VBoxManage, page\n117.\nSecond, most of these subcommands require that you specify a particular virtual machine after\nthe subcommand. There are two ways you can do this:\n• You can specify the VM name, as it is shown in the VirtualBox GUI. Note that if that name\ncontains spaces, then you must enclose the entire name in double quotes (as it is always\nrequired with command line arguments that contain spaces).\nFor example:\nVBoxManage startvm \"Windows XP\"\n\n• You can specify the UUID, which is the internal unique identifier that VirtualBox uses to\nrefer to the virtual machine. Assuming that the aforementioned VM called “Windows XP”\nhas the UUID shown below, the following command has the same effect as the previous:\nVBoxManage startvm 670e746d-abea-4ba6-ad02-2a3b043810a5\n\nYou can type VBoxManage list vms to have all currently registered VMs listed with all their\nsettings, including their respective names and UUIDs.\nSome typical examples of how to control VirtualBox from the command line are listed below:\n• To create a new virtual machine from the command line and immediately register it with\nVirtualBox, use VBoxManage createvm with the --register option,1 like this:\n$ VBoxManage createvm --name \"SUSE 10.2\" --register\nVirtualBox Command Line Management Interface Version 5.0.16\n(C) 2005-2016 Oracle Corporation\nAll rights reserved.\nVirtual machine ’SUSE 10.2’ is created.\nUUID: c89fc351-8ec6-4f02-a048-57f4d25288e5\nSettings file: ’/home/username/.config/VirtualBox/Machines/SUSE 10.2/SUSE 10.2.xml’\n1 For\n\ndetails, see chapter 8.7, VBoxManage createvm, page 131.\n\n117\n\n\f8 VBoxManage\nAs can be seen from the above output, a new virtual machine has been created with a new\nUUID and a new XML settings file.\n• To show the configuration of a particular VM, use VBoxManage showvminfo; see chapter\n8.5, VBoxManage showvminfo, page 129 for details and an example.\n• To change settings while a VM is powered off, use VBoxManage modifyvm, e.g. as follows:\nVBoxManage modifyvm \"Windows XP\" --memory 512\n\nFor details, see chapter 8.8, VBoxManage modifyvm, page 131.\n• To change the storage configuration (e.g. to add a storage controller and then a virtual\ndisk), use VBoxManage storagectl and VBoxManage storageattach; see chapter 8.19,\nVBoxManage storagectl, page 148 and chapter 8.18, VBoxManage storageattach, page 146\nfor details.\n• To control VM operation, use one of the following:\n– To start a VM that is currently powered off, use VBoxManage startvm; see chapter\n8.12, VBoxManage startvm, page 142 for details.\n– To pause or save a VM that is currently running or change some of its settings, use\nVBoxManage controlvm; see chapter 8.13, VBoxManage controlvm, page 142 for details.\n\n8.2 Commands overview\nWhen running VBoxManage without parameters or when supplying an invalid command line, the\nbelow syntax diagram will be shown. Note that the output will be slightly different depending on\nthe host platform; when in doubt, check the output of VBoxManage for the commands available\non your particular host.\nUsage:\nVBoxManage [<general option>] <command>\n\nGeneral Options:\n[-v|--version]\n[-q|--nologo]\n[--settingspw <pw>]\n[--settingspwfile <file>]\n\nprint version number and exit\nsuppress the logo\nprovide the settings password\nprovide a file containing the settings password\n\nCommands:\nlist [--long|-l]\n\nvms|runningvms|ostypes|hostdvds|hostfloppies|\nintnets|bridgedifs|hostonlyifs|natnets|dhcpservers|\nhostinfo|hostcpuids|hddbackends|hdds|dvds|floppies|\nusbhost|usbfilters|systemproperties|extpacks|\ngroups|webcams|screenshotformats\n\nshowvminfo\nshowvminfo\n\n<uuid|vmname> [--details]\n[--machinereadable]\n<uuid|vmname> --log <idx>\n\nregistervm\n\n<filename>\n\nunregistervm\n\n<uuid|vmname> [--delete]\n\ncreatevm\n\n--name <name>\n\n118\n\n\f8 VBoxManage\n[--groups <group>, ...]\n[--ostype <ostype>]\n[--register]\n[--basefolder <path>]\n[--uuid <uuid>]\nmodifyvm\n\n<uuid|vmname>\n[--name <name>]\n[--groups <group>, ...]\n[--description <desc>]\n[--ostype <ostype>]\n[--iconfile <filename>]\n[--memory <memorysize in MB>]\n[--pagefusion on|off]\n[--vram <vramsize in MB>]\n[--acpi on|off]\n[--pciattach 03:04.0]\n[--pciattach 03:04.0@02:01.0]\n[--pcidetach 03:04.0]\n[--ioapic on|off]\n[--hpet on|off]\n[--triplefaultreset on|off]\n[--paravirtprovider none|default|legacy|minimal|\nhyperv|kvm]\n[--hwvirtex on|off]\n[--nestedpaging on|off]\n[--largepages on|off]\n[--vtxvpid on|off]\n[--vtxux on|off]\n[--pae on|off]\n[--longmode on|off]\n[--cpuid-portability-level <0..3>\n[--cpuidset <leaf> <eax> <ebx> <ecx> <edx>]\n[--cpuidremove <leaf>]\n[--cpuidremoveall]\n[--hardwareuuid <uuid>]\n[--cpus <number>]\n[--cpuhotplug on|off]\n[--plugcpu <id>]\n[--unplugcpu <id>]\n[--cpuexecutioncap <1-100>]\n[--rtcuseutc on|off]\n[--graphicscontroller none|vboxvga|vmsvga]\n[--monitorcount <number>]\n[--accelerate3d on|off]\n[--accelerate2dvideo on|off]\n[--firmware bios|efi|efi32|efi64]\n[--chipset ich9|piix3]\n[--bioslogofadein on|off]\n[--bioslogofadeout on|off]\n[--bioslogodisplaytime <msec>]\n[--bioslogoimagepath <imagepath>]\n[--biosbootmenu disabled|menuonly|messageandmenu]\n[--biossystemtimeoffset <msec>]\n[--biospxedebug on|off]\n[--boot<1-4> none|floppy|dvd|disk|net>]\n[--nic<1-N> none|null|nat|bridged|intnet|hostonly|\ngeneric|natnetwork]\n[--nictype<1-N> Am79C970A|Am79C973|\n82540EM|82543GC|82545EM|\nvirtio]\n[--cableconnected<1-N> on|off]\n[--nictrace<1-N> on|off]\n[--nictracefile<1-N> <filename>]\n[--nicproperty<1-N> name=[value]]\n[--nicspeed<1-N> <kbps>]\n[--nicbootprio<1-N> <priority>]\n\n119\n\n\f8 VBoxManage\n[--nicpromisc<1-N> deny|allow-vms|allow-all]\n[--nicbandwidthgroup<1-N> none|<name>]\n[--bridgeadapter<1-N> none|<devicename>]\n[--hostonlyadapter<1-N> none|<devicename>]\n[--intnet<1-N> <network name>]\n[--nat-network<1-N> <network name>]\n[--nicgenericdrv<1-N> <driver>\n[--natnet<1-N> <network>|default]\n[--natsettings<1-N> [<mtu>],[<socksnd>],\n[<sockrcv>],[<tcpsnd>],\n[<tcprcv>]]\n[--natpf<1-N> [<rulename>],tcp|udp,[<hostip>],\n<hostport>,[<guestip>],<guestport>]\n[--natpf<1-N> delete <rulename>]\n[--nattftpprefix<1-N> <prefix>]\n[--nattftpfile<1-N> <file>]\n[--nattftpserver<1-N> <ip>]\n[--natbindip<1-N> <ip>\n[--natdnspassdomain<1-N> on|off]\n[--natdnsproxy<1-N> on|off]\n[--natdnshostresolver<1-N> on|off]\n[--nataliasmode<1-N> default|[log],[proxyonly],\n[sameports]]\n[--macaddress<1-N> auto|<mac>]\n[--mouse ps2|usb|usbtablet|usbmultitouch]\n[--keyboard ps2|usb\n[--uart<1-N> off|<I/O base> <IRQ>]\n[--uartmode<1-N> disconnected|\nserver <pipe>|\nclient <pipe>|\ntcpserver <port>|\ntcpclient <hostname:port>|\nfile <file>|\n<devicename>]\n[--lpt<1-N> off|<I/O base> <IRQ>]\n[--lptmode<1-N> <devicename>]\n[--guestmemoryballoon <balloonsize in MB>]\n[--audio none|null|dsound|solaudio|oss|alsa|pulse|\noss|pulse|coreaudio]\n[--audiocontroller ac97|hda|sb16]\n[--audiocodec stac9700|ad1980|stac9221|sb16]\n[--clipboard disabled|hosttoguest|guesttohost|\nbidirectional]\n[--draganddrop disabled|hosttoguest]\n[--vrde on|off]\n[--vrdeextpack default|<name>\n[--vrdeproperty <name=[value]>]\n[--vrdeport <hostport>]\n[--vrdeaddress <hostip>]\n[--vrdeauthtype null|external|guest]\n[--vrdeauthlibrary default|<name>\n[--vrdemulticon on|off]\n[--vrdereusecon on|off]\n[--vrdevideochannel on|off]\n[--vrdevideochannelquality <percent>]\n[--usb on|off]\n[--usbehci on|off]\n[--usbxhci on|off]\n[--usbrename <oldname> <newname>]\n[--snapshotfolder default|<path>]\n[--teleporter on|off]\n[--teleporterport <port>]\n[--teleporteraddress <address|empty>\n[--teleporterpassword <password>]\n[--teleporterpasswordfile <file>|stdin]\n[--tracing-enabled on|off]\n[--tracing-config <config-string>]\n\n120\n\n\f8 VBoxManage\n[--tracing-allow-vm-access on|off]\n[--usbcardreader on|off]\n[--autostart-enabled on|off]\n[--autostart-delay <seconds>]\n[--videocap on|off]\n[--videocapscreens all|<screen ID> [<screen ID> ...]]\n[--videocapfile <filename>]\n[--videocapres <width> <height>]\n[--videocaprate <rate>]\n[--videocapfps <fps>]\n[--videocapmaxtime <ms>]\n[--videocapmaxsize <MB>]\n[--videocapopts <key=value> [<key=value> ...]]\n[--defaultfrontend default|<name>]\nclonevm\n\n<uuid|vmname>\n[--snapshot <uuid>|<name>]\n[--mode machine|machineandchildren|all]\n[--options link|keepallmacs|keepnatmacs|\nkeepdisknames]\n[--name <name>]\n[--groups <group>, ...]\n[--basefolder <basefolder>]\n[--uuid <uuid>]\n[--register]\n\nimport\n\n<ovfname/ovaname>\n[--dry-run|-n]\n[--options keepallmacs|keepnatmacs|importtovdi]\n[more options]\n(run with -n to have options displayed\nfor a particular OVF)\n\nexport\n\n<machines> --output|-o <name>.<ovf/ova>\n[--legacy09|--ovf09|--ovf10|--ovf20]\n[--manifest]\n[--iso]\n[--options manifest|iso|nomacs|nomacsbutnat]\n[--vsys <number of virtual system>]\n[--product <product name>]\n[--producturl <product url>]\n[--vendor <vendor name>]\n[--vendorurl <vendor url>]\n[--version <version info>]\n[--description <description info>]\n[--eula <license text>]\n[--eulafile <filename>]\n\nstartvm\n\n<uuid|vmname>...\n[--type gui|sdl|headless|separate]\n\ncontrolvm\n\n<uuid|vmname>\npause|resume|reset|poweroff|savestate|\nacpipowerbutton|acpisleepbutton|\nkeyboardputscancode <hex> [<hex> ...]|\nsetlinkstate<1-N> on|off |\nnic<1-N> null|nat|bridged|intnet|hostonly|generic|\nnatnetwork [<devicename>] |\nnictrace<1-N> on|off |\nnictracefile<1-N> <filename> |\nnicproperty<1-N> name=[value] |\nnicpromisc<1-N> deny|allow-vms|allow-all |\nnatpf<1-N> [<rulename>],tcp|udp,[<hostip>],\n<hostport>,[<guestip>],<guestport> |\nnatpf<1-N> delete <rulename> |\nguestmemoryballoon <balloonsize in MB> |\nusbattach <uuid>|<address>\n\n121\n\n\f8 VBoxManage\n[--capturefile <filename>] |\nusbdetach <uuid>|<address> |\nclipboard disabled|hosttoguest|guesttohost|\nbidirectional |\ndraganddrop disabled|hosttoguest |\nvrde on|off |\nvrdeport <port> |\nvrdeproperty <name=[value]> |\nvrdevideochannelquality <percent> |\nsetvideomodehint <xres> <yres> <bpp>\n[[<display>] [<enabled:yes|no> |\n[<xorigin> <yorigin>]]] |\nscreenshotpng <file> [display] |\nvideocap on|off |\nvideocapscreens all|none|<screen>,[<screen>...] |\nvideocapfile <file>\nvideocapres <width>x<height>\nvideocaprate <rate>\nvideocapfps <fps>\nvideocapmaxtime <ms>\nvideocapmaxsize <MB>\nsetcredentials <username>\n--passwordfile <file> | <password>\n<domain>\n[--allowlocallogon <yes|no>] |\nteleport --host <name> --port <port>\n[--maxdowntime <msec>]\n[--passwordfile <file> |\n--password <password>] |\nplugcpu <id> |\nunplugcpu <id> |\ncpuexecutioncap <1-100>\nwebcam <attach [path [settings]]> | <detach [path]> | <list>\naddencpassword <id>\n<password file>|[--removeonsuspend <yes|no>]\nremoveencpassword <id>\nremoveallencpasswords\ndiscardstate\n\n<uuid|vmname>\n\nadoptstate\n\n<uuid|vmname> <state_file>\n\nsnapshot\n\n<uuid|vmname>\ntake <name> [--description <desc>] [--live]\n[--uniquename Number,Timestamp,Space,Force] |\ndelete <uuid|snapname> |\nrestore <uuid|snapname> |\nrestorecurrent |\nedit <uuid|snapname>|--current\n[--name <name>]\n[--description <desc>] |\nlist [--details|--machinereadable]\nshowvminfo <uuid|snapname>\n\nclosemedium\n\n[disk|dvd|floppy] <uuid|filename>\n[--delete]\n\nstorageattach\n\n<uuid|vmname>\n--storagectl <name>\n[--port <number>]\n[--device <number>]\n[--type dvddrive|hdd|fdd]\n[--medium none|emptydrive|additions|\n<uuid|filename>|host:<drive>|iscsi]\n[--mtype normal|writethrough|immutable|shareable|\nreadonly|multiattach]\n\n122\n\n\f8 VBoxManage\n[--comment <text>]\n[--setuuid <uuid>]\n[--setparentuuid <uuid>]\n[--passthrough on|off]\n[--tempeject on|off]\n[--nonrotational on|off]\n[--discard on|off]\n[--hotpluggable on|off]\n[--bandwidthgroup <name>]\n[--forceunmount]\n[--server <name>|<ip>]\n[--target <target>]\n[--tport <port>]\n[--lun <lun>]\n[--encodedlun <lun>]\n[--username <username>]\n[--password <password>]\n[--initiator <initiator>]\n[--intnet]\nstoragectl\n\n<uuid|vmname>\n--name <name>\n[--add ide|sata|scsi|floppy|sas]\n[--controller LSILogic|LSILogicSAS|BusLogic|\nIntelAHCI|PIIX3|PIIX4|ICH6|I82078]\n[--portcount <1-n>]\n[--hostiocache on|off]\n[--bootable on|off]\n[--rename <name>]\n[--remove]\n\nbandwidthctl\n\n<uuid|vmname>\nadd <name> --type disk|network\n--limit <megabytes per second>[k|m|g|K|M|G] |\nset <name>\n--limit <megabytes per second>[k|m|g|K|M|G] |\nremove <name> |\nlist [--machinereadable]\n(limit units: k=kilobit, m=megabit, g=gigabit,\nK=kilobyte, M=megabyte, G=gigabyte)\n\nshowmediuminfo\n\n[disk|dvd|floppy] <uuid|filename>\n\ncreatemedium\n\n[disk|dvd|floppy] --filename <filename>\n[--size <megabytes>|--sizebyte <bytes>]\n[--diffparent <uuid>|<filename>\n[--format VDI|VMDK|VHD] (default: VDI)\n[--variant Standard,Fixed,Split2G,Stream,ESX]\n\nmodifymedium\n\n[disk|dvd|floppy] <uuid|filename>\n[--type normal|writethrough|immutable|shareable|\nreadonly|multiattach]\n[--autoreset on|off]\n[--property <name=[value]>]\n[--compact]\n[--resize <megabytes>|--resizebyte <bytes>]\n\nclonemedium\n\n[disk|dvd|floppy] <uuid|inputfile> <uuid|outputfile>\n[--format VDI|VMDK|VHD|RAW|<other>]\n[--variant Standard,Fixed,Split2G,Stream,ESX]\n[--existing]\n\nmediumproperty\n\n[disk|dvd|floppy] set <uuid|filename>\n<property> <value>\n[disk|dvd|floppy] get <uuid|filename>\n<property>\n\n123\n\n\f8 VBoxManage\n\n[disk|dvd|floppy] delete <uuid|filename>\n<property>\nencryptmedium\n\n<uuid|filename>\n[--newpassword <file>|-]\n[--oldpassword <file>|-]\n[--cipher <cipher identifier>]\n[--newpasswordid <password identifier>]\n\ncheckmediumpwd\n\n<uuid|filename>\n<pwd file>|-\n\nconvertfromraw\n\n<filename> <outputfile>\n[--format VDI|VMDK|VHD]\n[--variant Standard,Fixed,Split2G,Stream,ESX]\n[--uuid <uuid>]\nstdin <outputfile> <bytes>\n[--format VDI|VMDK|VHD]\n[--variant Standard,Fixed,Split2G,Stream,ESX]\n[--uuid <uuid>]\n\nconvertfromraw\n\ngetextradata\n\nglobal|<uuid|vmname>\n<key>|enumerate\n\nsetextradata\n\nglobal|<uuid|vmname>\n<key>\n[<value>] (no value deletes key)\n\nsetproperty\n\nmachinefolder default|<folder> |\nhwvirtexclusive on|off |\nvrdeauthlibrary default|<library> |\nwebsrvauthlibrary default|null|<library> |\nvrdeextpack null|<library> |\nautostartdbpath null|<folder> |\nloghistorycount <value>\ndefaultfrontend default|<name>\nlogginglevel <log setting>\n\nusbfilter\n\nadd <index,0-N>\n--target <uuid|vmname>|global\n--name <string>\n--action ignore|hold (global filters only)\n[--active yes|no] (yes)\n[--vendorid <XXXX>] (null)\n[--productid <XXXX>] (null)\n[--revision <IIFF>] (null)\n[--manufacturer <string>] (null)\n[--product <string>] (null)\n[--remote yes|no] (null, VM filters only)\n[--serialnumber <string>] (null)\n[--maskedinterfaces <XXXXXXXX>]\n\nusbfilter\n\nmodify <index,0-N>\n--target <uuid|vmname>|global\n[--name <string>]\n[--action ignore|hold] (global filters only)\n[--active yes|no]\n[--vendorid <XXXX>|\"\"]\n[--productid <XXXX>|\"\"]\n[--revision <IIFF>|\"\"]\n[--manufacturer <string>|\"\"]\n[--product <string>|\"\"]\n[--remote yes|no] (null, VM filters only)\n[--serialnumber <string>|\"\"]\n[--maskedinterfaces <XXXXXXXX>]\n\n124\n\n\f8 VBoxManage\nusbfilter\n\nremove <index,0-N>\n--target <uuid|vmname>|global\n\nsharedfolder\n\nadd <uuid|vmname>\n--name <name> --hostpath <hostpath>\n[--transient] [--readonly] [--automount]\n\nsharedfolder\n\nremove <uuid|vmname>\n--name <name> [--transient]\n\nguestproperty\n\nget <uuid|vmname>\n<property> [--verbose]\n\nguestproperty\n\nset <uuid|vmname>\n<property> [<value> [--flags <flags>]]\n\nguestproperty\n\ndelete|unset <uuid|vmname>\n<property>\n\nguestproperty\n\nenumerate <uuid|vmname>\n[--patterns <patterns>]\n\nguestproperty\n\nwait <uuid|vmname> <patterns>\n[--timeout <msec>] [--fail-on-timeout]\n\nguestcontrol\n\n<uuid|vmname> [--verbose|-v] [--quiet|-q]\n[--username <name>] [--domain <domain>]\n[--passwordfile <file> | --password <password>]\nrun [common-options]\n[--exe <path to executable>] [--timeout <msec>]\n[-E|--putenv <NAME>[=<VALUE>]] [--unquoted-args]\n[--ignore-operhaned-processes] [--no-profile]\n[--no-wait-stdout|--wait-stdout]\n[--no-wait-stderr|--wait-stderr]\n[--dos2unix] [--unix2dos]\n-- <program/arg0> [argument1] ... [argumentN]]\nstart [common-options]\n[--exe <path to executable>] [--timeout <msec>]\n[-E|--putenv <NAME>[=<VALUE>]] [--unquoted-args]\n[--ignore-operhaned-processes] [--no-profile]\n-- <program/arg0> [argument1] ... [argumentN]]\ncopyfrom [common-options]\n[--dryrun] [--follow] [-R|--recursive]\n<guest-src0> [guest-src1 [...]] <host-dst>\ncopyfrom [common-options]\n[--dryrun] [--follow] [-R|--recursive]\n[--target-directory <host-dst-dir>]\n<guest-src0> [guest-src1 [...]]\ncopyto [common-options]\n[--dryrun] [--follow] [-R|--recursive]\n<host-src0> [host-src1 [...]] <guest-dst>\ncopyto [common-options]\n[--dryrun] [--follow] [-R|--recursive]\n[--target-directory <guest-dst>]\n<host-src0> [host-src1 [...]]\nmkdir|createdir[ectory] [common-options]\n[--parents] [--mode <mode>]\n<guest directory> [...]\nrmdir|removedir[ectory] [common-options]\n\n125\n\n\f8 VBoxManage\n[-R|--recursive]\n<guest directory> [...]\nremovefile|rm [common-options] [-f|--force]\n<guest file> [...]\nmv|move|ren[ame] [common-options]\n<source> [source1 [...]] <dest>\nmktemp|createtemp[orary] [common-options]\n[--secure] [--mode <mode>] [--tmpdir <directory>]\n<template>\nstat [common-options]\n<file> [...]\nguestcontrol\n\n<uuid|vmname> [--verbose|-v] [--quiet|-q]\nlist <all|sessions|processes|files> [common-opts]\ncloseprocess [common-options]\n<\n--session-id <ID>\n| --session-name <name or pattern>\n<PID1> [PID1 [...]]\nclosesession [common-options]\n< --all | --session-id <ID>\n| --session-name <name or pattern> >\nupdatega|updateguestadditions|updateadditions\n[--source <guest additions .ISO>]\n[--wait-start] [common-options]\n[-- [<argument1>] ... [<argumentN>]]\nwatch [common-options]\n\ndebugvm\n\n<uuid|vmname>\ndumpguestcore --filename <name> |\ninfo <item> [args] |\ninjectnmi |\nlog [--release|--debug] <settings> ...|\nlogdest [--release|--debug] <settings> ...|\nlogflags [--release|--debug] <settings> ...|\nosdetect |\nosinfo |\nosdmesg [--lines|-n <N>] |\ngetregisters [--cpu <id>] <reg>|all ... |\nsetregisters [--cpu <id>] <reg>=<value> ... |\nshow [--human-readable|--sh-export|--sh-eval|\n--cmd-set]\n<logdbg-settings|logrel-settings>\n[[opt] what ...] |\nstatistics [--reset] [--pattern <pattern>]\n[--descriptions]\n\nmetrics\n\nlist [*|host|<vmname> [<metric_list>]]\n(comma-separated)\n\nmetrics\n\nsetup\n[--period <seconds>] (default: 1)\n[--samples <count>] (default: 1)\n[--list]\n[*|host|<vmname> [<metric_list>]]\n\nmetrics\n\nquery [*|host|<vmname> [<metric_list>]]\n\nmetrics\n\nenable\n\n126\n\n\f8 VBoxManage\n[--list]\n[*|host|<vmname> [<metric_list>]]\nmetrics\n\ndisable\n[--list]\n[*|host|<vmname> [<metric_list>]]\n\nmetrics\n\ncollect\n[--period <seconds>] (default: 1)\n[--samples <count>] (default: 1)\n[--list]\n[--detach]\n[*|host|<vmname> [<metric_list>]]\n\nnatnetwork\n\nadd --netname <name>\n--network <network>\n[--enable|--disable]\n[--dhcp on|off]\n[--port-forward-4 <rule>]\n[--loopback-4 <rule>]\n[--ipv6 on|off]\n[--port-forward-6 <rule>]\n[--loopback-6 <rule>]\n\nnatnetwork\n\nremove --netname <name>\n\nnatnetwork\n\nmodify --netname <name>\n[--network <network>]\n[--enable|--disable]\n[--dhcp on|off]\n[--port-forward-4 <rule>]\n[--loopback-4 <rule>]\n[--ipv6 on|off]\n[--port-forward-6 <rule>]\n[--loopback-6 <rule>]\n\nnatnetwork\n\nstart --netname <name>\n\nnatnetwork\n\nstop --netname <name>\n\nhostonlyif\n\nipconfig <name>\n[--dhcp |\n--ip<ipv4> [--netmask<ipv4> (def: 255.255.255.0)] |\n--ipv6<ipv6> [--netmasklengthv6<length> (def: 64)]]\ncreate |\nremove <name>\n\ndhcpserver\n\nadd|modify --netname <network_name> |\n--ifname <hostonly_if_name>\n[--ip <ip_address>\n--netmask <network_mask>\n--lowerip <lower_ip>\n--upperip <upper_ip>]\n[--enable | --disable]\n\ndhcpserver\n\nremove --netname <network_name> |\n--ifname <hostonly_if_name>\n\nVBoxManage\nVBoxManage\nVBoxManage\nVBoxManage\nVBoxManage\nVBoxManage\nVBoxManage\nVBoxManage\nVBoxManage\nVBoxManage\n\ndebugvm\ndebugvm\ndebugvm\ndebugvm\ndebugvm\ndebugvm\ndebugvm\ndebugvm\ndebugvm\ndebugvm\n\n<uuid|vmname>\n<uuid|vmname>\n<uuid|vmname>\n<uuid|vmname>\n<uuid|vmname>\n<uuid|vmname>\n<uuid|vmname>\n<uuid|vmname>\n<uuid|vmname>\n<uuid|vmname>\n\ndumpvmcore [--filename=name]\ninfo <item> [args...]\ninjectnmi\nlog [[--release] | [--debug]] [group-settings...]\nlogdest [[--release] | [--debug]] [destinations...]\nlogflags [[--release] | [--debug]] [flags...]\nosdetect\nosinfo\nosdmesg [--lines=lines]\ngetregisters [--cpu=id] [reg-set.reg-name...]\n\n127\n\n\f8 VBoxManage\nVBoxManage debugvm <uuid|vmname> setregisters [--cpu=id] [reg-set.reg-name=value...]\nVBoxManage debugvm <uuid|vmname> show [[--human-readable] | [--sh-export] | [--sh-eval] | [--cmd-set]]\n[settings-item...]\nVBoxManage debugvm <uuid|vmname> statistics [--reset] [--descriptions] [--pattern=pattern]\nVBoxManage extpack install [--replace] <tarball>\nVBoxManage extpack uninstall [--force] <name>\nVBoxManage extpack cleanup\n\nEach time VBoxManage is invoked, only one command can be executed. However, a command\nmight support several subcommands which then can be invoked in one single call. The following\nsections provide detailed reference information on the different commands.\n\n8.3 General options\n• --version: show the version of this tool and exit.\n• --nologo: suppress the output of the logo information (useful for scripts)\n• --settingspw: specifiy a settings password\n• --settingspwfile: specify a file containing the settings password.\nThe settings password is used for certain settings which need to be stored encrypted for security reasons. At the moment, the only encrypted setting is the iSCSI initiator secret (see chapter\n8.18, VBoxManage storageattach, page 146 for details). As long as no settings password is specified, this information is stored in plain text. After using the --settingspw|--settingspwfile\noption once, it must be always used, otherwise the encrypted setting cannot be unencrypted.\n\n8.4 VBoxManage list\nThe list command gives relevant information about your system and information about\nVirtualBox’s current settings.\nThe following subcommands are available with VBoxManage list:\n• vms lists all virtual machines currently registered with VirtualBox. By default this displays\na compact list with each VM’s name and UUID; if you also specify --long or -l, this will\nbe a detailed list as with the showvminfo command (see below).\n• runningvms lists all currently running virtual machines by their unique identifiers (UUIDs)\nin the same format as with vms.\n• ostypes lists all guest operating systems presently known to VirtualBox, along with the\nidentifiers used to refer to them with the modifyvm command.\n• hostdvds, hostfloppies, respectively, list DVD, floppy, bridged networking and host-only\nnetworking interfaces on the host, along with the name used to access them from within\nVirtualBox.\n• bridgedifs, hostonlyifs and dhcpservers, respectively, list bridged network interfaces,\nhost-only network interfaces and DHCP servers currently available on the host. Please see\nchapter 6, Virtual networking, page 96 for details on these.\n• hostinfo displays information about the host system, such as CPUs, memory size and\noperating system version.\n\n128\n\n\f8 VBoxManage\n• hostcpuids dumps the CPUID parameters for the host CPUs. This can be used for a more\nfine grained analyis of the host’s virtualization capabilities.\n• hddbackends lists all known virtual disk back-ends of VirtualBox. For each such format\n(such as VDI, VMDK or RAW), this lists the back-end’s capabilities and configuration.\n• hdds, dvds and floppies all give you information about virtual disk images currently in\nuse by VirtualBox, including all their settings, the unique identifiers (UUIDs) associated\nwith them by VirtualBox and all files associated with them. This is the command-line\nequivalent of the Virtual Media Manager; see chapter 5.3, The Virtual Media Manager, page\n87.\n• usbhost supplies information about USB devices attached to the host, notably information\nuseful for constructing USB filters and whether they are currently in use by the host.\n• usbfilters lists all global USB filters registered with VirtualBox – that is, filters for devices\nwhich are accessible to all virtual machines – and displays the filter parameters.\n• systemproperties displays some global VirtualBox settings, such as minimum and maximum guest RAM and virtual hard disk size, folder settings and the current authentication\nlibrary in use.\n• extpacks displays all VirtualBox extension packs currently installed; see chapter 1.5, Installing VirtualBox and extension packs, page 16 and chapter 8.36, VBoxManage extpack,\npage 171 for more information.\n\n8.5 VBoxManage showvminfo\nThe showvminfo command shows information about a particular virtual machine. This is the\nsame information as VBoxManage list vms --long would show for all virtual machines.\nYou will get information similar to the following:\n$ VBoxManage showvminfo \"Windows XP\"\nVirtualBox Command Line Management Interface Version 5.0.16\n(C) 2005-2016 Oracle Corporation\nAll rights reserved.\nName:\nWindows XP\nGuest OS:\nOther/Unknown\nUUID:\n1bf3464d-57c6-4d49-92a9-a5cc3816b7e7\nConfig file:\n/home/username/.config/VirtualBox/Machines/Windows XP/Windows XP.xml\nMemory size:\n512MB\nVRAM size:\n12MB\nNumber of CPUs: 2\nSynthetic Cpu:\noff\nBoot menu mode: message and menu\nBoot Device (1): DVD\nBoot Device (2): HardDisk\nBoot Device (3): Not Assigned\nBoot Device (4): Not Assigned\nACPI:\non\nIOAPIC:\non\nPAE:\non\nTime offset:\n0 ms\nHardw. virt.ext: on\nNested Paging:\non\nVT-x VPID:\noff\nState:\npowered off (since 2009-10-20T14:52:19.000000000)\nMonitor count:\n1\n3D Acceleration: off\n2D Video Acceleration: off\n\n129\n\n\f8 VBoxManage\nTeleporter Enabled: off\nTeleporter Port: 0\nTeleporter Address:\nTeleporter Password:\nStorage Controller\n(0): IDE Controller\nStorage Controller Type (0): PIIX4\nStorage Controller\n(1): Floppy Controller 1\nStorage Controller Type (1): I82078\nIDE Controller (0, 0): /home/user/windows.vdi (UUID: 46f6e53a-4557-460a-9b95-68b0f17d744b)\nIDE Controller (0, 1): /home/user/openbsd-cd46.iso (UUID: 4335e162-59d3-4512-91d5-b63e94eebe0b)\nFloppy Controller 1 (0, 0): /home/user/floppy.img (UUID: 62ac6ccb-df36-42f2-972e-22f836368137)\nNIC 1:\ndisabled\nNIC 2:\ndisabled\nNIC 3:\ndisabled\nNIC 4:\ndisabled\nNIC 5:\ndisabled\nNIC 6:\ndisabled\nNIC 7:\ndisabled\nNIC 8:\ndisabled\nUART 1:\ndisabled\nUART 2:\ndisabled\nAudio:\ndisabled (Driver: Unknown)\nClipboard Mode: Bidirectional\nVRDE:\ndisabled\nUSB:\ndisabled\nUSB Device Filters:\n<none>\nShared folders:\n<none>\nStatistics update:\n\ndisabled\n\n8.6 VBoxManage registervm / unregistervm\nThe registervm command allows you to import a virtual machine definition in an XML file into\nVirtualBox. The machine must not conflict with one already registered in VirtualBox and it may\nnot have any hard or removable disks attached. It is advisable to place the definition file in the\nmachines folder before registering it.\nNote: When creating a new virtual machine with VBoxManage createvm (see below),\nyou can directly specify the --register option to avoid having to register it separately.\nThe unregistervm command unregisters a virtual machine. If --delete is also specified, the\nfollowing files will automatically be deleted as well:\n1. all hard disk image files, including differencing files, which are used by the machine and\nnot shared with other machines;\n2. saved state files that the machine created, if any (one if the machine was in “saved” state\nand one for each online snapshot);\n3. the machine XML file and its backups;\n4. the machine log files, if any;\n5. the machine directory, if it is empty after having deleted all the above.\n\n130\n\n\f8 VBoxManage\n\n8.7 VBoxManage createvm\nThis command creates a new XML virtual machine definition file.\nThe --name <name> parameter is required and must specify the name of the machine. Since\nthis name is used by default as the file name of the settings file (with the extension .xml) and\nthe machine folder (a subfolder of the .config/VirtualBox/Machines folder - this folder name\nmay vary depending on the operating system and the version of VirtualBox which you are using),\nit must conform to your host operating system’s requirements for file name specifications. If the\nVM is later renamed, the file and folder names will change automatically.\nHowever, if the --basefolder <path> option is used, the machine folder will be named\n<path>. In this case, the names of the file and the folder will not change if the virtual machine\nis renamed.\nBy default, this command only creates the XML file without automatically registering the VM\nwith your VirtualBox installation. To register the VM instantly, use the optional --register\noption, or run VBoxManage registervm separately afterwards.\n\n8.8 VBoxManage modifyvm\nThis command changes the properties of a registered virtual machine which is not running.\nMost of the properties that this command makes available correspond to the VM settings that\nVirtualBox graphical user interface displays in each VM’s “Settings” dialog; these were described\nin chapter 3, Configuring virtual machines, page 45. Some of the more advanced settings, however, are only available through the VBoxManage interface.\nThese commands require that the machine is powered off (neither running nor in “saved”\nstate). Some machine settings can also be changed while a machine is running; those settings\nwill then have a corresponding subcommand with the VBoxManage controlvm subcommand\n(see chapter 8.13, VBoxManage controlvm, page 142).\n\n8.8.1 General settings\nThe following general settings are available through VBoxManage modifyvm:\n• --name <name>: This changes the VM’s name and possibly renames the internal virtual\nmachine files, as described with VBoxManage createvm above.\n• --groups <group>, ...: This changes the group membership of a VM. Groups always\nstart with a / and can be nested. By default VMs are in group /.\n• --description <desc>: This changes the VM’s description, which is a way to record\ndetails about the VM in a way which is meaningful for the user. The GUI interprets HTML\nformatting, the command line allows arbitrary strings potentially containing multiple lines.\n• --ostype <ostype>: This specifies what guest operating system is supposed to run in the\nVM. To learn about the various identifiers that can be used here, use VBoxManage list\nostypes.\n• --memory <memorysize>: This sets the amount of RAM, in MB, that the virtual machine\nshould allocate for itself from the host. See the remarks in chapter 1.7, Creating your first\nvirtual machine, page 18 for more information.\n• --vram <vramsize>: This sets the amount of RAM that the virtual graphics card should\nhave. See chapter 3.5, Display settings, page 52 for details.\n• --acpi on|off; --ioapic on|off: These two determine whether the VM should have\nACPI and I/O APIC support, respectively; see chapter 3.4.1, “Motherboard” tab, page 49 for\ndetails.\n\n131\n\n\f8 VBoxManage\n• --hardwareuuid <uuid>: The UUID presented to the guest via memory tables\n(DMI/SMBIOS), hardware and guest properties. By default this is the same as the VM\nuuid. Useful when cloning a VM. Teleporting takes care of this automatically.\n• --cpus <cpucount>: This sets the number of virtual CPUs for the virtual machine (see\nchapter 3.4.2, “Processor” tab, page 51). If CPU hot-plugging is enabled (see below), this\nthen sets the maximum number of virtual CPUs that can be plugged into the virtual machines.\n• --cpuhotplug on|off: This enables CPU hot-plugging. When enabled, virtual CPUs can\nbe added to and removed from a virtual machine while it is running. See chapter 9.5, CPU\nhot-plugging, page 181 for more information.\n• --plugcpu|unplugcpu <id>: If CPU hot-plugging is enabled (see above), this adds a\nvirtual CPU to the virtual machines (or removes one). <id> specifies the index of the\nvirtual CPU to be added or removed and must be a number from 0 to the maximum no. of\nCPUs configured with the --cpus option. CPU 0 can never be removed.\n• --cpuexecutioncap <1-100>: This setting controls how much cpu time a virtual CPU can\nuse. A value of 50 implies a single virtual CPU can use up to 50% of a single host CPU.\n• --pae on|off: This enables/disables PAE (see chapter 3.4.2, “Processor” tab, page 51).\n• --longmode on|off: This enables/disables long mode (see chapter 3.4.2, “Processor” tab,\npage 51).\n• --synthcpu on|off: This setting determines whether VirtualBox will expose a synthetic\nCPU to the guest to allow live migration between host systems that differ significantly.\n• --hpet on|off: This enables/disables a High Precision Event Timer (HPET) which can\nreplace the legacy system timers. This is turned off by default. Note that Windows supports\na HPET only from Vista onwards.\n• --hwvirtex on|off: This enables or disables the use of hardware virtualization extensions (Intel VT-x or AMD-V) in the processor of your host system; see chapter 10.3, Hardware vs. software virtualization, page 222.\n• --triplefaultreset on|off: This setting allows to reset the guest instead of triggering\na Guru Meditation. Some guests raise a triple fault to reset the CPU so sometimes this is\ndesired behavior. Works only for non-SMP guests.\n• --paravirtprovider none|default|legacy|minimal|hyperv|kvm: This setting specifies which paravirtualization interface to provide to the guest operating system. Specifying\nnone explicitly turns off exposing any paravirtualization interface. The option default,\nwill pick an appropriate interface depending on the guest OS type while starting the VM.\nThis is the default option chosen while creating new VMs. The legacy option is chosen for\nVMs which were created with older VirtualBox versions and will pick a paravirtualization\ninterface while starting the VM with VirtualBox 5.0 and newer. The minimal provider is\nmandatory for Mac OS X guests, while kvm and hyperv are recommended for Linux and\nWindows guests respectively. These options are explained in detail under chapter 10.4,\nParavirtualization providers, page 223.\n• --nestedpaging on|off: If hardware virtualization is enabled, this additional setting\nenables or disables the use of the nested paging feature in the processor of your host\nsystem; see chapter 10.3, Hardware vs. software virtualization, page 222.\n• --largepages on|off: If hardware virtualization and nested paging are enabled, for Intel\nVT-x only, an additional performance improvement of up to 5% can be obtained by enabling\nthis setting. This causes the hypervisor to use large pages to reduce TLB use and overhead.\n\n132\n\n\f8 VBoxManage\n• --vtxvpid on|off: If hardware virtualization is enabled, for Intel VT-x only, this additional setting enables or disables the use of the tagged TLB (VPID) feature in the processor\nof your host system; see chapter 10.3, Hardware vs. software virtualization, page 222.\n• --vtxux on|off: If hardware virtualization is enabled, for Intel VT-x only, this setting\nenables or disables the use of the unrestricted guest mode feature for executing your guest.\n• --accelerate3d on|off: This enables, if the Guest Additions are installed, whether hardware 3D acceleration should be available; see chapter 4.5.1, Hardware 3D acceleration\n(OpenGL and Direct3D 8/9), page 75.\n• --accelerate2dvideo on|off: This enables, if the Guest Additions are installed,\nwhether 2D video acceleration should be available; see chapter 4.5.2, Hardware 2D video\nacceleration for Windows guests, page 77.\n• --chipset piix3|ich9: By default VirtualBox emulates an Intel PIIX3 chipset. Usually\nthere is no reason to change the default setting unless it is required to relax some of its\nconstraints; see chapter 3.4.1, “Motherboard” tab, page 49.\n• You can influence the BIOS logo that is displayed when a virtual machine starts up with a\nnumber of settings. Per default, a VirtualBox logo is displayed.\nWith --bioslogofadein on|off and --bioslogofadeout on|off, you can determine\nwhether the logo should fade in and out, respectively.\nWith --bioslogodisplaytime <msec> you can set how long the logo should be visible,\nin milliseconds.\nWith --bioslogoimagepath <imagepath> you can, if you are so inclined, replace the\nimage that is shown, with your own logo. The image must be an uncompressed 256 color\nBMP file without color space information (Windows 3.0 format). The image must not be\nbigger than 640 x 480.\n• --biosbootmenu disabled|menuonly|messageandmenu: This specifies whether the\nBIOS allows the user to select a temporary boot device. menuonly suppresses the message,\nbut the user can still press F12 to select a temporary boot device.\n• --nicbootprio<1-N> <priority>: This specifies the order in which NICs are tried for\nbooting over the network (using PXE). The priority is an integer in the 0 to 4 range. Priority\n1 is the highest, priority 4 is low. Priority 0, which is the default unless otherwise specified,\nis the lowest.\nNote that this option only has effect when the Intel PXE boot ROM is used.\n• --biospxedebug on|off: This option enables additional debugging output when using\nthe Intel PXE boot ROM. The output will be written to the release log file (chapter 12.1.2,\nCollecting debugging information, page 230.\n• --boot<1-4> none|floppy|dvd|disk|net: This specifies the boot order for the virtual\nmachine. There are four “slots”, which the VM will try to access from 1 to 4, and for each\nof which you can set a device that the VM should attempt to boot from.\n• --rtcuseutc on|off: This option lets the real-time clock (RTC) operate in UTC time (see\nchapter 3.4.1, “Motherboard” tab, page 49).\n• --biossystemtimeoffset <ms>: This allows you to set a fixed time offset of the guest\nrelative to the host time. The offset is specified in milliseconds. If the offset is positive the\nguest time runs ahead the host time.\n• --snapshotfolder default|<path>: This allows you to specify the folder in which snapshots will be kept for a virtual machine.\n\n133\n\n\f8 VBoxManage\n• --firmware efi|bios: Specifies which firmware is used to boot particular virtual machine: EFI or BIOS. Use EFI only if your fully understand what you’re doing.\n• --guestmemoryballoon <size> sets the default size of the guest memory balloon, that is,\nmemory allocated by the VirtualBox Guest Additions from the guest operating system and\nreturned to the hypervisor for re-use by other virtual machines. <size> must be specified\nin megabytes. The default size is 0 megabytes. For details, see chapter 4.9.1, Memory\nballooning, page 80.\n• --defaultfrontend default|<name>: This allows you to specify the default frontend\nwhich will be used when starting this VM; see chapter 8.12, VBoxManage startvm, page\n142 for details.\n\n8.8.2 Networking settings\nThe following networking settings are available through VBoxManage modifyvm. With all these\nsettings, the decimal number directly following the option name (“1-N” in the list below) specifies\nthe virtual network adapter whose settings should be changed.\n• --nic<1-N> none|null|nat|natnetwork|bridged|intnet|hostonly|generic: With\nthis, you can set, for each of the VM’s virtual network cards, what type of networking\nshould be available. They can be not present (none), not connected to the host (null),\nuse network address translation (nat), use the new network address translation engine\n(natnetwork), bridged networking (bridged) or communicate with other virtual machines using internal networking (intnet), host-only networking (hostonly), or access\nrarely used sub-modes (generic). These options correspond to the modes which are described in detail in chapter 6.2, Introduction to networking modes, page 97.\n• --nicpromisc<1-N> deny|allow-vms|allow-all: This allows you, for each of the VM’s\nvirtual network cards, to specify how the promiscious mode is handled. This setting is only\nrelevant for bridged networking. deny (default setting) hides any traffic not intended for\nthis VM. allow-vms hides all host traffic from this VM but allows the VM to see traffic\nfrom/to other VMs. allow-all removes this restriction completely.\n• --nictype<1-N> Am79C970A|Am79C973|82540EM|82543GC|82545EM|virtio: This allows you, for each of the VM’s virtual network cards, to specify which networking hardware\nVirtualBox presents to the guest; see chapter 6.1, Virtual networking hardware, page 96.\n• --cableconnected<1-N> on|off: This allows you to temporarily disconnect a virtual\nnetwork interface, as if a network cable had been pulled from a real network card. This\nmight be useful for resetting certain software components in the VM.\n• With the “nictrace” options, you can optionally trace network traffic by dumping it to a file,\nfor debugging purposes.\nWith --nictrace<1-N> on|off, you can enable network tracing for a particular virtual\nnetwork card.\nIf enabled, you must specify with --nictracefile<1-N> <filename> what file the trace\nshould be logged to.\n• --natnet<1-N> <network>|default: If the networking type is set to nat (not\nnatnetwork) then this setting specifies the IP address range to be used for this network.\nSee chapter 9.11, Fine-tuning the VirtualBox NAT engine, page 189 for an example.\n• --nat-network<1-N> <network name>: If the networking type is set to natnetwork (not\nnat) then this setting specifies the name of the NAT network this adapter is connected to.\n\n134\n\n\f8 VBoxManage\n• --bridgeadapter<1-N> none|<devicename>: If bridged networking has been enabled\nfor a virtual network card (see the --nic option above; otherwise this setting has no\neffect), use this option to specify which host interface the given virtual network interface\nwill use. For details, please see chapter 6.5, Bridged networking, page 101.\n• --hostonlyadapter<1-N> none|<devicename>: If host-only networking has been enabled for a virtual network card (see the –nic option above; otherwise this setting has no\neffect), use this option to specify which host-only networking interface the given virtual\nnetwork interface will use. For details, please see chapter 6.7, Host-only networking, page\n103.\n• --intnet<1-N> network: If internal networking has been enabled for a virtual network\ncard (see the --nic option above; otherwise this setting has no effect), use this option to\nspecify the name of the internal network (see chapter 6.6, Internal networking, page 102).\n• --macaddress<1-N> auto|<mac>: With this option you can set the MAC address of the\nvirtual network card. Normally, each virtual network card is assigned a random address by\nVirtualBox at VM creation.\n• --nicgenericdrv<1-N> <backend driver>: If generic networking has been enabled for\na virtual network card (see the --nic option above; otherwise this setting has no effect),\nthis mode allows you to access rarely used networking sub-modes, such as VDE network or\nUDP Tunnel.\n• --nicproperty<1-N> <paramname>=\"paramvalue\": This option, in combination with\n“nicgenericdrv” allows you to pass parameters to rarely-used network backends.\nThose parameters are backend engine-specific, and are different between UDP Tunnel and\nthe VDE backend drivers. For example, please see chapter 6.8, UDP Tunnel networking,\npage 104.\n8.8.2.1 NAT Networking settings.\nThe following NAT networking settings are available through VBoxManage modifyvm. With all\nthese settings, the decimal number directly following the option name (“1-N” in the list below)\nspecifies the virtual network adapter whose settings should be changed.\n• --natpf<1-N> [<name>],tcp|udp,[<hostip>],<hostport>,[<guestip>], <guestport>:\nThis option defines a NAT port-forwarding rule (please see chapter 6.3.1, Configuring port\nforwarding with NAT, page 98 for details).\n• --natpf<1-N> delete <name>: This option deletes a NAT port-forwarding rule (please\nsee chapter 6.3.1, Configuring port forwarding with NAT, page 98 for details).\n• --nattftpprefix<1-N> <prefix>: This option defines a prefix for the built-in TFTP\nserver, i.e. where the boot file is located (please see chapter 6.3.2, PXE booting with NAT,\npage 99 and chapter 9.11.2, Configuring the boot server (next server) of a NAT network\ninterface, page 190 for details).\n• --nattftpfile<1-N> <bootfile>: This option defines the TFT boot file (please see chapter 9.11.2, Configuring the boot server (next server) of a NAT network interface, page 190 for\ndetails).\n• --nattftpserver<1-N> <tftpserver>: This option defines the TFTP server address to\nboot from (please see chapter 9.11.2, Configuring the boot server (next server) of a NAT\nnetwork interface, page 190 for details).\n• --natdnspassdomain<1-N> on|off: This option specifies whether the built-in DHCP\nserver passes the domain name for network name resolution.\n\n135\n\n\f8 VBoxManage\n• --natdnsproxy<1-N> on|off: This option makes the NAT engine proxy all guest DNS\nrequests to the host’s DNS servers (please see chapter 9.11.5, Enabling DNS proxy in NAT\nmode, page 190 for details).\n• --natdnshostresolver<1-N> on|off: This option makes the NAT engine use the host’s\nresolver mechanisms to handle DNS requests (please see chapter 9.11.5, Enabling DNS\nproxy in NAT mode, page 190 for details).\n• --natsettings<1-N> [<mtu>],[<socksnd>],[<sockrcv>],[<tcpsnd>], [<tcprcv>]:\nThis option controls several NAT settings (please see chapter 9.11.3, Tuning TCP/IP buffers\nfor NAT, page 190 for details).\n• --nataliasmode<1-N> default|[log],[proxyonly],[sameports]: This option defines behaviour of NAT engine core: log - enables logging, proxyonly - switches of aliasing\nmode makes NAT transparent, sameports enforces NAT engine to send packets via the same\nport as they originated on, default - disable all mentioned modes above . (please see chapter 9.11.7, Configuring aliasing of the NAT engine, page 191 for details).\n\n8.8.3 Miscellaneous settings\nThe following other hardware settings, such as serial port, audio, clipboard, drag and drop,\nmonitor and USB settings are available through VBoxManage modifyvm:\n• --uart<1-N> off|<I/O base> <IRQ>: With this option you can configure virtual serial\nports for the VM; see chapter 3.9, Serial ports, page 55 for an introduction.\n• --uartmode<1-N> <arg>: This setting controls how VirtualBox connects a given virtual\nserial port (previously configured with the --uartX setting, see above) to the host on which\nthe virtual machine is running. As described in detail in chapter 3.9, Serial ports, page 55,\nfor each such port, you can specify <arg> as one of the following options:\n– disconnected: Even though the serial port is shown to the guest, it has no “other\nend” – like a real COM port without a cable.\n– server <pipename>: On a Windows host, this tells VirtualBox to create a named\npipe on the host named <pipename> and connect the virtual serial device to it. Note\nthat Windows requires that the name of a named pipe begin with \\\\.\\pipe\\.\nOn a Linux host, instead of a named pipe, a local domain socket is used.\n– client <pipename>: This operates just like server ..., except that the pipe (or\nlocal domain socket) is not created by VirtualBox, but assumed to exist already.\n– tcpserver <port>: This tells VirtualBox to create a TCP socket on the host with TCP\n<port> and connect the virtual serial device to it. Note that UNIX-like systems require\nports over 1024 for normal users.\n– tcpclient <hostname:port>: This operates just like tcpserver ..., except that\nthe TCP socket is not created by VirtualBox, but assumed to exist already.\n– <devicename>: If, instead of the above, the device name of a physical hardware serial\nport of the host is specified, the virtual serial port is connected to that hardware port.\nOn a Windows host, the device name will be a COM port such as COM1; on a Linux\nhost, the device name will look like /dev/ttyS0. This allows you to “wire” a real\nserial port to a virtual machine.\n• --lptmode<1-N> <Device>: Specifies the Device Name of the parallel port that the Parallel Port feature will be using. Use this before --lpt. This feature is host operating system\nspecific.\n\n136\n\n\f8 VBoxManage\n• --lpt<1-N> <I/O base> <IRQ>: Specifies the I/O address of the parallel port and the\nIRQ number that the Parallel Port feature will be using. Use this after --lptmod. I/O base\naddress and IRQ are the values that guest sees i.e. the values avalable under guest Device\nManager.\n• --audio none|null|oss: With this option, you can set whether the VM should have\naudio support.\n• --clipboard disabled|hosttoguest|guesttohost|bidirectional: With this setting, you can select if and how the guest or host operating system’s clipboard should be\nshared with the host or guest; see chapter 3.3, General settings, page 48. This requires that\nthe Guest Additions be installed in the virtual machine.\n• --draganddrop disabled|hosttoguest|guesttohost|bidirectional: With this setting, you can select the current drag and drop mode being used between the host and the\nvirtual machine; see chapter 4.4, Drag and Drop, page 74. This requires that the Guest\nAdditions be installed in the virtual machine.\n• --monitorcount <count>: This enables multi-monitor support; see chapter 3.5, Display\nsettings, page 52.\n• --usb on|off: This option enables or disables the VM’s virtual USB controller; see chapter\n3.10.1, USB settings, page 57 for details.\n• --usbehci on|off: This option enables or disables the VM’s virtual USB 2.0 controller;\nsee chapter 3.10.1, USB settings, page 57 for details.\n• --usbxhci on|off: This option enables or disables the VM’s virtual USB 3.0 controller;\nsee chapter 3.10.1, USB settings, page 57 for details.\n\n8.8.4 Video Capture settings\nThe following settings for changing video recording parameters are available through\nVBoxManage modifyvm.\n• --videocap on|off: This option enables or disables recording a VM session into a\nWebM/VP8 file. If this option is enabled, recording will start when the VM session is\nstarted.\n• --videocapscreens all|<screen ID> [<screen ID> ...]: This option allows to\nspecify which screens of the VM are being recorded. Each screen is recorded into a\nseparate file.\n• --videocapfile <filename>: This option sets the filename VirtualBox uses to save the\nrecorded content.\n• --videocapres <width>x<height>: This option sets the resolution (in pixels) of the\nrecorded video.\n• --videocaprate <rate>: This option sets the bitrate in kilobits (kb) per second. Increasing this value makes the video look better for the cost of an increased file size.\n• --videocapfps <fps>: This option sets the maximum number of frames per second (FPS)\nto be recorded. Frames with a higher frequency will be skipped. Reducing this value\nincreases the number of skipped frames and reduces the file size.\n• --videocapmaxtime <ms>: This option sets the maximum time in milliseconds the video\ncapturing will be enabled since activation. The capturing stops when the defined time\ninterval has elapsed. If this value is zero the capturing is not limited by time.\n\n137\n\n\f8 VBoxManage\n• --videocapmaxsize <MB>: This option limits the maximum size of the captured video file\n(in MB). The capturing stops when the file size has reached the specified size. If this value\nis zero the capturing will not be limited by file size.\n• --videocapopts <key=value> [,<key=value> ...]: This format can be used to specify additional video capturing options. These options only are for advanced users and must\nbe specified in a comma-separated key=value format, e.g. foo=bar,a=b.\n\n8.8.5 Remote machine settings\nThe following settings that affect remote machine behavior are available through VBoxManage\nmodifyvm:\n• --vrde on|off: This enables or disables the VirtualBox remote desktop extension (VRDE)\nserver.\n• --vrdeextpack default|<name>: Allows to specify the library to use for to access the\nVM remotely. The default is to use the RDP code which is part of the Oracle VM VirtualBox\nExtension Pack.\n• --vrdeport default|<ports>: A port or a range of ports the VRDE server can bind to;\n“default” or “0” means port 3389, the standard port for RDP. You can specify a commaseparated list of ports or ranges of ports. Use a dash between two port numbers to specify a range. The VRDE server will bind to one of available ports from the specified list.\nOnly one machine can use a given port at a time. For example, the option --vrdeport\n5000,5010-5012 will tell the server to bind to one of following ports: 5000, 5010, 5011\nor 5012.\n• --vrdeaddress <IP address>: The IP address of the host network interface the VRDE\nserver will bind to. If specified, the server will accept connections only on the specified\nhost network interface.\nThe setting can be used to specify whether the VRDP server should accept either IPv4 or\nIPv6 or both connections:\n– only IPv4: --vrdeaddress \"0.0.0.0\"\n– only IPv6: --vrdeaddress \"::\"\n– both IPv6 and IPv4 (default): --vrdeaddress \"\"\n• --vrdeauthtype null|external|guest: This allows you to choose whether and how\nauthorization will be performed; see chapter 7.1.5, RDP authentication, page 111 for details.\n• --vrdeauthlibrary default|<name>: This allos to set the library used for RDP authentication, see chapter 7.1.5, RDP authentication, page 111 for details.\n• --vrdemulticon on|off: This enables multiple connections to the same VRDE server, if\nthe server supports this feature; see chapter 7.1.7, Multiple connections to the VRDP server,\npage 113.\n• --vrdereusecon on|off: This specifies the VRDE server behavior when multiple connections are disabled. When this option is enabled, the server will allow a new client to\nconnect and will drop the existing connection. When this option is disabled (this is the default setting), a new connection will not be accepted if there is already a client connected\nto the server.\n• --vrdevideochannel on|off: This enables video redirection, if it is supported by the\nVRDE server; see chapter 7.1.9, VRDP video redirection, page 114.\n\n138\n\n\f8 VBoxManage\n• --vrdevideochannelquality <percent>: Sets the image quality for video redirection;\nsee chapter 7.1.9, VRDP video redirection, page 114.\n\n8.8.6 Teleporting settings\nWith the following commands for VBoxManage modifyvm you can configure a machine to be a\ntarget for teleporting. See chapter 7.2, Teleporting, page 115 for an introduction.\n• --teleporter on|off: With this setting you turn on or off whether a machine waits for\na teleporting request to come in on the network when it is started. If “on”, when the\nmachine is started, it does not boot the virtual machine as it would normally; instead, it\nthen waits for a teleporting request to come in on the port and address listed with the next\ntwo parameters.\n• --teleporterport <port>, --teleporteraddress <address>: these must be used\nwith –teleporter and tell the virtual machine on which port and address it should listen\nfor a teleporting request from another virtual machine. <port> can be any free TCP/IP\nport number (e.g. 6000); <address> can be any IP address or hostname and specifies the\nTCP/IP socket to bind to. The default is “0.0.0.0”, which means any address.\n• --teleporterpassword <password>: if this optional argument is given, then the teleporting request will only succeed if the source machine specifies the same password as the\none given with this command.\n• --teleporterpasswordfile <password>: if this optional argument is given, then the\nteleporting request will only succeed if the source machine specifies the same password as\nthe one specified in the file give with this command. Use stdin to read the password from\nstdin.\n• --cpuid <leaf> <eax> <ebx> <ecx> <edx>: Advanced users can use this command before a teleporting operation to restrict the virtual CPU capabilities that VirtualBox presents\nto the guest operating system. This must be run on both the source and the target machines\ninvolved in the teleporting and will then modify what the guest sees when it executes the\nCPUID machine instruction. This might help with misbehaving applications that wrongly\nassume that certain CPU capabilities are present. The meaning of the parameters is hardware dependent; please refer to the AMD or Intel processor manuals.\n\n8.8.7 Debugging settings\nThe following settings are only relevant for low-level VM debugging. Regular users will never\nneed these settings.\n• --tracing-enabled on|off: Enable the tracebuffer. This consumes some memory for\nthe tracebuffer and adds extra overhead.\n• --tracing-config <config-string>: Allows to configure tracing. In particular this defines which group of tracepoints are enabled.\n\n8.9 VBoxManage clonevm\nThis command creates a full or linked copy of an existing virtual machine.\nThe clonevm subcommand takes at least the name of the virtual machine which should be\ncloned. The following additional settings can be used to further configure the clone VM operation:\n\n139\n\n\f8 VBoxManage\n• --snapshot <uuid>|<name>: Select a specific snapshot where the clone operation should\nrefer to. Default is referring to the current state.\n• --mode machine|machineandchildren|all: Selects the cloning mode of the operation.\nIf machine is selected (the default), the current state of the VM without any snapshots is\ncloned. In the machineandchildren mode the snapshot provided by --snapshot and all\nchild snapshots are cloned. If all is the selected mode all snapshots and the current state\nare cloned.\n• --options link|keepallmacs|keepnatmacs|keepdisknames: Allows additional fine\ntuning of the clone operation. The first option defines that a linked clone should be created,\nwhich is only possible for a machine clone from a snapshot. The next two options allow\nto define how the MAC addresses of every virtual network card should be handled. They\ncan either be reinitialized (the default), left unchanged (keepallmacs) or left unchanged\nwhen the network type is NAT (keepnatmacs). If you add keepdisknames all new disk\nimages are called like the original ones, otherwise they are renamed.\n• --name <name>: Select a new name for the new virtual machine. Default is “Original\nName Clone”.\n• --basefolder <basefolder>: Select the folder where the new virtual machine configuration should be saved in.\n• --uuid <uuid>: Select the UUID the new VM should have. This id has to be unique in the\nVirtualBox instance this clone should be registered. Default is creating a new UUID.\n• --register: Automatically register the new clone in this VirtualBox installation. If you\nmanually want to register the new VM later, see chapter 8.6, VBoxManage registervm /\nunregistervm, page 130 for instructions how to do so.\n\n8.10 VBoxManage import\nThis command imports a virtual appliance in OVF format by copying the virtual disk images\nand creating virtual machines in VirtualBox. See chapter 1.14, Importing and exporting virtual\nmachines, page 31 for an introduction to appliances.\nThe import subcommand takes at least the path name of an OVF file as input and expects\nthe disk images, if needed, in the same directory as the OVF file. A lot of additional commandline options are supported to control in detail what is being imported and modify the import\nparameters, but the details depend on the content of the OVF file.\nIt is therefore recommended to first run the import subcommand with the --dry-run or -n\noption. This will then print a description of the appliance’s contents to the screen how it would\nbe imported into VirtualBox, together with the optional command-line options to influence the\nimport behavior.\nAs an example, here is the screen output with a sample appliance containing a Windows XP\nguest:\nVBoxManage import WindowsXp.ovf --dry-run\nInterpreting WindowsXp.ovf...\nOK.\nVirtual system 0:\n0: Suggested OS type: \"WindowsXP\"\n(change with \"--vsys 0 --ostype <type>\"; use \"list ostypes\" to list all)\n1: Suggested VM name \"Windows XP Professional_1\"\n(change with \"--vsys 0 --vmname <name>\")\n3: Number of CPUs: 1\n(change with \"--vsys 0 --cpus <n>\")\n4: Guest memory: 956 MB (change with \"--vsys 0 --memory <MB>\")\n5: Sound card (appliance expects \"ensoniq1371\", can change on import)\n\n140\n\n\f8 VBoxManage\n(disable with \"--vsys 0 --unit 5 --ignore\")\n6: USB controller\n(disable with \"--vsys 0 --unit 6 --ignore\")\n7: Network adapter: orig bridged, config 2, extra type=bridged\n8: Floppy\n(disable with \"--vsys 0 --unit 8 --ignore\")\n9: SCSI controller, type BusLogic\n(change with \"--vsys 0 --unit 9 --scsitype {BusLogic|LsiLogic}\";\ndisable with \"--vsys 0 --unit 9 --ignore\")\n10: IDE controller, type PIIX4\n(disable with \"--vsys 0 --unit 10 --ignore\")\n11: Hard disk image: source image=WindowsXp.vmdk,\ntarget path=/home/user/disks/WindowsXp.vmdk, controller=9;channel=0\n(change controller with \"--vsys 0 --unit 11 --controller <id>\";\ndisable with \"--vsys 0 --unit 11 --ignore\")\n\nAs you can see, the individual configuration items are numbered, and depending on their type\nsupport different command-line options. The import subcommand can be directed to ignore\nmany such items with a --vsys X --unit Y --ignore option, where X is the number of the\nvirtual system (zero unless there are several virtual system descriptions in the appliance) and Y\nthe item number, as printed on the screen.\nIn the above example, Item #1 specifies the name of the target machine in VirtualBox. Items\n#9 and #10 specify hard disk controllers, respectively. Item #11 describes a hard disk image;\nin this case, the additional --controller option indicates which item the disk image should be\nconnected to, with the default coming from the OVF file.\nYou can combine several items for the same virtual system behind the same --vsys option. For\nexample, to import a machine as described in the OVF, but without the sound card and without\nthe USB controller, and with the disk image connected to the IDE controller instead of the SCSI\ncontroller, use this:\nVBoxManage import WindowsXp.ovf\n--vsys 0 --unit 5 --ignore --unit 6 --ignore --unit 11 --controller 10\n\n8.11 VBoxManage export\nThis command exports one or more virtual machines from VirtualBox into a virtual appliance in\nOVF format, including copying their virtual disk images to compressed VMDK. See chapter 1.14,\nImporting and exporting virtual machines, page 31 for an introduction to appliances.\nThe export command is simple to use: list the machine (or the machines) that you would like\nto export to the same OVF file and specify the target OVF file after an additional --output or -o\noption. Note that the directory of the target OVF file will also receive the exported disk images in\nthe compressed VMDK format (regardless of the original format) and should have enough disk\nspace left for them.\nBeside a simple export of a given virtual machine, you can append several product information\nto the appliance file. Use --product, --producturl, --vendor, --vendorurl and --version\nto specify this additional information. For legal reasons you may add a license text or the content\nof a license file by using the --eula and --eulafile option respectively. As with OVF import,\nyou must use the --vsys X option to direct the previously mentioned options to the correct\nvirtual machine.\nFor virtualization products which aren’t fully compatible with the OVF standard 1.0 you can\nenable a OVF 0.9 legacy mode with the --legacy09 option.\nTo specify options controlling the exact content of the appliance file, you can use --options\nto request the creation of a manifest file (encouraged, allows detection of corrupted appliances\non import), the additional export of DVD images, and the exclusion of MAC addresses. You can\nspecify a list of options, e.g. --options manifest,nomacs. For details, check the help output\nof VBoxManage export.\n\n141\n\n\f8 VBoxManage\n\n8.12 VBoxManage startvm\nThis command starts a virtual machine that is currently in the “Powered off” or “Saved” states.\nThe optional --type specifier determines whether the machine will be started in a window or\nwhether the output should go through VBoxHeadless, with VRDE enabled or not; see chapter\n7.1.2, VBoxHeadless, the remote desktop server, page 108 for more information. The list of types\nis subject to change, and it’s not guaranteed that all types are accepted by any product variant.\nThe global or per-VM default value for the VM frontend type will be taken if the type is not\nexplicitly specified. If none of these are set, the GUI variant will be started.\nThe following values are allowed:\ngui Starts a VM showing a GUI window. This is the default.\nheadless Starts a VM without a window for remote display only.\nsdl Starts a VM with a minimal GUI and limited features.\nseparate Starts a VM with detachable UI (technically it is a headless VM with user interface in\n\na separate process). This is an experimental feature as it lacks certain functionality at the\nmoment (e.g. 3D acceleration will not work).\n\nNote: If you experience problems with starting virtual machines with particular frontends and there is no conclusive error information, consider starting virtual machines\ndirectly by running the respective front-end, as this can give additional error information.\n\n8.13 VBoxManage controlvm\nThe controlvm subcommand allows you to change the state of a virtual machine that is currently\nrunning. The following can be specified:\n• VBoxManage controlvm <vm> pause temporarily puts a virtual machine on hold, without\nchanging its state for good. The VM window will be painted in gray to indicate that the\nVM is currently paused. (This is equivalent to selecting the “Pause” item in the “Machine”\nmenu of the GUI.)\n• Use VBoxManage controlvm <vm> resume to undo a previous pause command. (This is\nequivalent to selecting the “Resume” item in the “Machine” menu of the GUI.)\n• VBoxManage controlvm <vm> reset has the same effect on a virtual machine as pressing\nthe “Reset” button on a real computer: a cold reboot of the virtual machine, which will\nrestart and boot the guest operating system again immediately. The state of the VM is not\nsaved beforehand, and data may be lost. (This is equivalent to selecting the “Reset” item\nin the “Machine” menu of the GUI.)\n• VBoxManage controlvm <vm> poweroff has the same effect on a virtual machine as\npulling the power cable on a real computer. Again, the state of the VM is not saved beforehand, and data may be lost. (This is equivalent to selecting the “Close” item in the\n“Machine” menu of the GUI or pressing the window’s close button, and then selecting\n“Power off the machine” in the dialog.)\nAfter this, the VM’s state will be “Powered off”. From there, it can be started again; see\nchapter 8.12, VBoxManage startvm, page 142.\n\n142\n\n\f8 VBoxManage\n• VBoxManage controlvm <vm> savestate will save the current state of the VM to disk\nand then stop the VM. (This is equivalent to selecting the “Close” item in the “Machine”\nmenu of the GUI or pressing the window’s close button, and then selecting “Save the machine state” in the dialog.)\nAfter this, the VM’s state will be “Saved”. From there, it can be started again; see chapter\n8.12, VBoxManage startvm, page 142.\n• VBoxManage controlvm \"VM name\" teleport --hostname <name> --port <port>\n[--passwordfile <file> | --password <password>] makes the machine the source\nof a teleporting operation and initiates a teleport to the given target. See chapter 7.2,\nTeleporting, page 115 for an introduction. If the optional password is specified, it must\nmatch the password that was given to the modifyvm command for the target machine; see\nchapter 8.8.6, Teleporting settings, page 139 for details.\nA few extra options are available with controlvm that do not directly affect the VM’s running\nstate:\n• The setlinkstate<1-N> operation connects or disconnects virtual network cables from\ntheir network interfaces.\n• nic<1-N> null|nat|bridged|intnet|hostonly|generic: With this, you can set, for\neach of the VM’s virtual network cards, what type of networking should be available. They\ncan be not connected to the host (null), use network address translation (nat), bridged\nnetworking (bridged) or communicate with other virtual machines using internal networking (intnet) or host-only networking (hostonly) or access to rarely used sub-modes\n(generic). These options correspond to the modes which are described in detail in chapter\n6.2, Introduction to networking modes, page 97.\n• With the “nictrace” options, you can optionally trace network traffic by dumping it to a file,\nfor debugging purposes.\nWith nictrace<1-N> on|off, you can enable network tracing for a particular virtual network card.\nIf enabled, you must specify with --nictracefile<1-N> <filename> what file the trace\nshould be logged to.\n• nicpromisc<1-N> deny|allow-vms|allow-all: This allows you, for each of the VM’s\nvirtual network cards, to specify how the promiscious mode is handled. This setting is only\nrelevant for bridged networking. deny (default setting) hides any traffic not intended for\nthis VM. allow-vms hides all host traffic from this VM but allows the VM to see traffic\nfrom/to other VMs. allow-all removes this restriction completely.\n• nicproperty<1-N> <paramname>=\"paramvalue\": This option, in combination with “nicgenericdrv” allows you to pass parameters to rarely-used network backends.\nThose parameters are backend engine-specific, and are different between UDP Tunnel and\nthe VDE backend drivers. For example, please see chapter 6.8, UDP Tunnel networking,\npage 104.\n• The guestmemoryballoon operation changes the size of the guest memory balloon, that\nis, memory allocated by the VirtualBox Guest Additions from the guest operating system\nand returned to the hypervisor for re-use by other virtual machines. This must be specified\nin megabytes. For details, see chapter 4.9.1, Memory ballooning, page 80.\n• usbattach and usbdettach make host USB devices visible to the virtual machine on the\nfly, without the need for creating filters first. The USB devices can be specified by UUID\n(unique identifier) or by address on the host system.\nYou can use VBoxManage list usbhost to locate this information.\n\n143\n\n\f8 VBoxManage\n• clipboard disabled|hosttoguest|guesttohost|bidirectional: With this setting,\nyou can select if and how the guest or host operating system’s clipboard should be shared\nwith the host or guest; see chapter 3.3, General settings, page 48. This requires that the\nGuest Additions be installed in the virtual machine.\n• draganddrop disabled|hosttoguest|guesttohost|bidirectional: With this setting, you can select the current drag and drop mode being used between the host and the\nvirtual machine; see chapter 4.4, Drag and Drop, page 74. This requires that the Guest\nAdditions be installed in the virtual machine.\n• vrde on|off lets you enable or disable the VRDE server, if it is installed.\n• vrdeport default|<ports> changes the port or a range of ports that the VRDE server\ncan bind to; “default” or “0” means port 3389, the standard port for RDP. For details, see\nthe description for the --vrdeport option in chapter 8.8.3, Miscellaneous settings, page\n136.\n• setvideomodehint requests that the guest system change to a particular video mode. This\nrequires that the Guest Additions be installed, and will not work for all guest systems.\n• screenshotpng takes a screenshot of the guest display and saves it in PNG format.\n• videocap on|off enables or disables recording a VM session into a WebM/VP8 file.\n• videocapscreens all|<screen ID> [<screen ID> ...]] allows to specify which\nscreens of the VM are being recorded. This setting cannot be changed while video capturing is enabled. Each screen is recorded into a separate file.\n• videocapfile <file> sets the filename VirtualBox uses to save the recorded content.\nThis setting cannot be changed while video capturing is enabled.\n• videocapres <width> <height> sets the resolution (in pixels) of the recorded video.\nThis setting cannot be changed while video capturing is enabled.\n• videocaprate <rate> sets the bitrate in kilobits (kb) per second. Increasing this value\nmakes the video look better for the cost of an increased file size. This setting cannot be\nchanged while video capturing is enabled.\n• videocapfps <fps> sets the maximum number of frames per second (FPS) to be recorded.\nFrames with a higher frequency will be skipped. Reducing this value increases the number\nof skipped frames and reduces the file size. This setting cannot be changed while video\ncapturing is enabled.\n• videocapmaxtime <ms> sets the maximum time in milliseconds the video capturing will be\nenabled since activation. The capturing stops when the defined time interval has elapsed.\nIf this value is zero the capturing is not limited by time. This setting cannot be changed\nwhile video capturing is enabled.\n• videocapmaxsize <MB> limits the maximum size of the captured video file (in MB). The\ncapturing stops when the file size has reached the specified size. If this value is zero the\ncapturing will not be limited by file size. This setting cannot be changed while video\ncapturing is enabled.\n• videocapopts <key=value>[,<key=value> ...] can be used to specify additional\nvideo capturing options. These options only are for advanced users and must be specified in a comma-separated key=value format, e.g. foo=bar,a=b. This setting cannot be\nchanged while video capturing is enabled.\n\n144\n\n\f8 VBoxManage\n• The setcredentials operation is used for remote logons in Windows guests. For details,\nplease refer to chapter 9.2, Automated guest logons, page 175.\n• plugcpu|unplugcpu <id>: If CPU hot-plugging is enabled, this adds a virtual CPU to the\nvirtual machines (or removes one). <id> specifies the index of the virtual CPU to be added\nor removed and must be a number from 0 to the maximum no. of CPUs configured. CPU 0\ncan never be removed.\n• The cpuexecutioncap <1-100>: This operation controls how much cpu time a virtual\nCPU can use. A value of 50 implies a single virtual CPU can use up to 50% of a single host\nCPU.\n\n8.14 VBoxManage discardstate\nThis command discards the saved state of a virtual machine which is not currently running,\nwhich will cause its operating system to restart next time you start it. This is the equivalent of\npulling out the power cable on a physical machine, and should be avoided if possible.\n\n8.15 VBoxManage adoptstate\nIf you have a saved state file (.sav) that is separate from the VM configuration, you can use\nthis command to “adopt” the file. This will change the VM to saved state and when you start\nit, VirtualBox will attempt to restore it from the saved state file you indicated. This command\nshould only be used in special setups.\n\n8.16 VBoxManage snapshot\nThis command is used to control snapshots from the command line. A snapshot consists of a\ncomplete copy of the virtual machine settings, copied at the time when the snapshot was taken,\nand optionally a virtual machine saved state file if the snapshot was taken while the machine\nwas running. After a snapshot has been taken, VirtualBox creates differencing hard disk for\neach normal hard disk associated with the machine so that when a snapshot is restored, the\ncontents of the virtual machine’s virtual hard disks can be quickly reset by simply dropping the\npre-existing differencing files.\nThe take operation takes a snapshot of the current state of the virtual machine. You must\nsupply a name for the snapshot and can optionally supply a description. The new snapshot is\ninserted into the snapshots tree as a child of the current snapshot and then becomes the new\ncurrent snapshot. The --description parameter allows to describe the snapshot. If --live is\nspecified, the VM will not be stopped during the snapshot creation (live smapshotting).\nThe delete operation deletes a snapshot (specified by name or by UUID). This can take a\nwhile to finish since the differencing images associated with the snapshot might need to be\nmerged with their child differencing images.\nThe restore operation will restore the given snapshot (specified by name or by UUID) by\nresetting the virtual machine’s settings and current state to that of the snapshot. The previous\ncurrent state of the machine will be lost. After this, the given snapshot becomes the new “current”\nsnapshot so that subsequent snapshots are inserted under the snapshot from which was restored.\nThe restorecurrent operation is a shortcut to restore the current snapshot (i.e. the snapshot\nfrom which the current state is derived). This subcommand is equivalent to using the “restore”\nsubcommand with the name or UUID of the current snapshot, except that it avoids the extra step\nof determining that name or UUID.\nWith the edit operation, you can change the name or description of an existing snapshot.\n\n145\n\n\f8 VBoxManage\nWith the showvminfo operation, you can view the virtual machine settings that were stored\nwith an existing snapshot.\n\n8.17 VBoxManage closemedium\nThis commands removes a hard disk, DVD or floppy image from a VirtualBox media registry.2\nOptionally, you can request that the image be deleted. You will get appropriate diagnostics\nthat the deletion failed, however the image will become unregistered in any case.\n\n8.18 VBoxManage storageattach\nThis command attaches/modifies/removes a storage medium connected to a storage controller\nthat was previously added with the storagectl command (see the previous section). The syntax\nis as follows:\nVBoxManage storageattach\n\n<uuid|vmname>\n--storagectl <name>\n[--port <number>]\n[--device <number>]\n[--type dvddrive|hdd|fdd]\n[--medium none|emptydrive|\n<uuid>|<filename>|host:<drive>|iscsi]\n[--mtype normal|writethrough|immutable|shareable]\n[--comment <text>]\n[--setuuid <uuid>]\n[--setparentuuid <uuid>]\n[--passthrough on|off]\n[--tempeject on|off]\n[--nonrotational on|off]\n[--discard on|off]\n[--bandwidthgroup name|none]\n[--forceunmount]\n[--server <name>|<ip>]\n[--target <target>]\n[--tport <port>]\n[--lun <lun>]\n[--encodedlun <lun>]\n[--username <username>]\n[--password <password>]\n[--initiator <initiator>]\n[--intnet]\n\nA number of parameters are commonly required; the ones at the end of the list are required\nonly for iSCSI targets (see below).\nThe common parameters are:\nuuid|vmname The VM UUID or VM Name. Mandatory.\n--storagectl Name of the storage controller. Mandatory. The list of the storage controllers\ncurrently attached to a VM can be obtained with VBoxManage showvminfo; see chapter\n\n8.5, VBoxManage showvminfo, page 129.\n--port The number of the storage controller’s port which is to be modified. Mandatory, unless\n\nthe storage controller has only a single port.\n2 Before\n\nVirtualBox 4.0, it was necessary to call VBoxManage openmedium before a medium could be attached to a\nvirtual machine; that call “registered” the medium with the global VirtualBox media registry. With VirtualBox 4.0 this\nis no longer necessary; media are added to media registries automatically. The “closemedium” call has been retained,\nhowever, to allow for explicitly removing a medium from a registry.\n\n146\n\n\f8 VBoxManage\n--device The number of the port’s device which is to be modified. Mandatory, unless the\n\nstorage controller has only a single device per port.\n--type Define the type of the drive to which the medium is being attached/detached/modified.\n\nThis argument can only be omitted if the type of medium can be determined from either\nthe medium given with the --medium argument or from a previous medium attachment.\n--medium Specifies what is to be attached. The following values are supported:\n\n• “none”: Any existing device should be removed from the given slot.\n• “emptydrive”: For a virtual DVD or floppy drive only, this makes the device slot behaves like a removeable drive into which no media has been inserted.\n• “additions”: For a virtual DVD drive only, this attaches the VirtualBox Guest Additions\nimage to the given device slot.\n• If a UUID is specified, it must be the UUID of a storage medium that is already known\nto VirtualBox (e.g. because it has been attached to another virtual machine). See\nchapter 8.4, VBoxManage list, page 128 for how to list known media. This medium is\nthen attached to the given device slot.\n• If a filename is specified, it must be the full path of an existing disk image (ISO, RAW,\nVDI, VMDK or other), which is then attached to the given device slot.\n• “host:<drive>“: For a virtual DVD or floppy drive only, this connects the given device\nslot to the specified DVD or floppy drive on the host computer.\n• “iscsi”: For virtual hard disks only, this allows for specifying an iSCSI target. In this\ncase, more parameters must be given; see below.\nSome of the above changes, in particular for removeable media (floppies and CDs/DVDs),\ncan be effected while a VM is running. Others (device changes or changes in hard disk\ndevice slots) require the VM to be powered off.\n--mtype Defines how this medium behaves with respect to snapshots and write operations. See\n\nchapter 5.4, Special image write modes, page 88 for details.\n--comment Any description that you want to have stored with this medium (optional; for exam-\n\nple, for an iSCSI target, “Big storage server downstairs”). This is purely descriptive and not\nneeded for the medium to function correctly.\n--setuuid, --setparentuuid Modifies the UUID or parent UUID of a medium before attach-\n\ning it to a VM. This is an expert option. Inappropriate use can make the medium unusable\nor lead to broken VM configurations if any other VM is referring to the same media already.\nThe most frequently used variant is --setuuid \"\", which assigns a new (random) UUID\nto an image. This is useful to resolve the duplicate UUID errors if one duplicated an image\nusing file copy utilities.\n--passthrough For a virtual DVD drive only, you can enable DVD writing support (currently\n\nexperimental; see chapter 5.9, CD/DVD support, page 94).\n--tempeject For a virtual DVD drive only, you can configure the behavior for guest-triggered\n\nmedium eject. If this is set to “on”, the eject has only temporary effects. If the VM is\npowered off and restarted the originally configured medium will be still in the drive.\n--nonrotational This switch allows to enable the non-rotational flag for virtual hard disks.\n\nSome guests (i.e. Windows 7+) treat such disks like SSDs and don’t perform disk fragmentation on such media.\n--bandwidthgroup Sets the bandwidth group to use for the given device; see chapter 5.8, Lim-\n\niting bandwidth for disk images, page 93.\n\n147\n\n\f8 VBoxManage\n--forceunmount For a virtual DVD or floppy drive only, this forcibly unmounts the\n\nDVD/CD/Floppy or mounts a new DVD/CD/Floppy even if the previous one is locked\ndown by the guest for reading. Again, see chapter 5.9, CD/DVD support, page 94 for\ndetails.\nWhen “iscsi” is used with the --medium parameter for iSCSI support – see chapter 5.10, iSCSI\nservers, page 94 –, additional parameters must or can be used:\n--server The host name or IP address of the iSCSI target; required.\n--target Target name string. This is determined by the iSCSI target and used to identify the\n\nstorage resource; required.\n--tport TCP/IP port number of the iSCSI service on the target (optional).\n--lun Logical Unit Number of the target resource (optional). Often, this value is zero.\n--username, --password Username and password (initiator secret) for target authentication,\n\nif required (optional).\nNote: Username and password are stored without encryption (i.e. in clear text) in the\nXML machine configuration file if no settings password is provided. When a settings\npassword was specified the first time, the password is stored encrypted.\n\n--intnet If specified, connect to the iSCSI target via Internal Networking. This needs further\n\nconfiguration which is described in chapter 9.9.3, Access iSCSI targets via Internal Networking, page 188.\n\n8.19 VBoxManage storagectl\nThis command attaches/modifies/removes a storage controller. After this, virtual media can be\nattached to the controller with the storageattach command (see the next section).\nThe syntax is as follows:\nVBoxManage storagectl\n\n<uuid|vmname>\n--name <name>\n[--add <ide/sata/scsi/floppy>]\n[--controller <LsiLogic|LSILogicSAS|BusLogic|\nIntelAhci|PIIX3|PIIX4|ICH6|I82078|usb>]\n[--sataportcount <1-30>]\n[--hostiocache on|off]\n[--bootable on|off]\n[--remove]\n\nwhere the parameters mean:\nuuid|vmname The VM UUID or VM Name. Mandatory.\n--name Name of the storage controller. Mandatory.\n--add Define the type of the system bus to which the storage controller must be connected.\n--controller Allows to choose the type of chipset being emulated for the given storage con-\n\ntroller.\n--sataportcount This determines how many ports the SATA controller should support.\n\n148\n\n\f8 VBoxManage\n--hostiocache Configures the use of the host I/O cache for all disk images attached to this\n\nstorage controller. For details, please see chapter 5.7, Host I/O caching, page 92.\n--bootable Selects whether this controller is bootable.\n--remove Removes the storage controller from the VM config.\n\n8.20 VBoxManage bandwidthctl\nThis command creates/deletes/modifies/shows bandwidth groups of the given virtual machine:\nVBoxManage bandwidthctl\n\n<uuid|vmname>\nadd <name> --type disk|network --limit <megabytes per second>[k|m|g|K|M|G] |\nset <name> --limit <megabytes per second>[k|m|g|K|M|G] |\nremove <name> |\nlist [--machinereadable]\n\nThe following subcommands are available:\n• add, creates a new bandwidth group of given type.\n• set, modifies the limit for an existing bandwidth group.\n• remove, destroys a bandwidth group.\n• list, shows all bandwidth groups defined for the given VM.\nThe parameters mean:\nuuid|vmname The VM UUID or VM Name. Mandatory.\n--name Name of the bandwidth group. Mandatory.\n--type Type of the bandwidth group. Mandatory. Two types are supported: disk and network.\n\nSee chapter 5.8, Limiting bandwidth for disk images, page 93 or chapter 6.10, Limiting\nbandwidth for network I/O, page 105 for a description of a particular type.\n--limit Specifies the limit for the given group. Can be changed while the VM is running. The\n\ndefault unit is megabytes per second. The unit can be changed by specifying one of the\nfollowing suffixes: k for kilobits/s, m for megabits/s, g for gigabits/s, K for kilobytes/s, M\nfor megabytes/s, G for gigabytes/s.\n\nNote: The network bandwidth limits apply only to the traffic being sent by virtual\nmachines. The traffic being received by VMs is unlimited.\n\nNote: To remove a bandwidth group it must not be referenced by any disks or adapters\nin running VM.\n\n149\n\n\f8 VBoxManage\n\n8.21 VBoxManage showhdinfo\nThis command shows information about a virtual hard disk image, notably its size, its size on\ndisk, its type and the virtual machines which use it.\nNote: For compatibility with earlier versions of VirtualBox, the “showvdiinfo” command is also supported and mapped internally to the “showhdinfo” command.\nThe disk image must be specified either by its UUID (if the medium is registered) or by its\nfilename. Registered images can be listed by VBoxManage list hdds (see chapter 8.4, VBoxManage list, page 128 for more information). A filename must be specified as valid path, either\nas an absolute path or as a relative path starting from the current directory.\n\n8.22 VBoxManage createhd\nThis command creates a new virtual hard disk image. The syntax is as follows:\nVBoxManage createhd\n\n--filename <filename>\n--size <megabytes>\n[--format VDI|VMDK|VHD] (default: VDI)\n[--variant Standard,Fixed,Split2G,Stream,ESX]\n\nwhere the parameters mean:\n--filename Allows to choose a file name. Mandatory.\n--size Allows to define the image capacity, in 1 MiB units. Mandatory.\n--format Allows to choose a file format for the output file different from the file format of the\n\ninput file.\n--variant Allows to choose a file format variant for the output file. It is a comma-separated list\n\nof variant flags. Not all combinations are supported, and specifying inconsistent flags will\nresult in an error message.\n\nNote: For compatibility with earlier versions of VirtualBox, the “createvdi” command\nis also supported and mapped internally to the “createhd” command.\n\n8.23 VBoxManage modifyhd\nWith the modifyhd command, you can change the characteristics of a disk image after it has\nbeen created:\nVBoxManage modifyhd\n\n<uuid|filename>\n[--type normal|writethrough|immutable|shareable|\nreadonly|multiattach]\n[--autoreset on|off]\n[--compact]\n[--resize <megabytes>|--resizebyte <bytes>]\n\n150\n\n\f8 VBoxManage\nNote: Despite the “hd” in the subcommand name, the command works with all disk\nimages, not only hard disks. For compatibility with earlier versions of VirtualBox, the\n“modifyvdi” command is also supported and mapped internally to the “modifyhd” command.\nThe disk image to modify must be specified either by its UUID (if the medium is registered)\nor by its filename. Registered images can be listed by VBoxManage list hdds (see chapter 8.4,\nVBoxManage list, page 128 for more information). A filename must be specified as valid path,\neither as an absolute path or as a relative path starting from the current directory.\nThe following options are available:\n• With the --type argument, you can change the type of an existing image between the\nnormal, immutable, write-through and other modes; see chapter 5.4, Special image write\nmodes, page 88 for details.\n• For immutable (differencing) hard disks only, the --autoreset on|off option determines\nwhether the disk is automatically reset on every VM startup (again, see chapter 5.4, Special\nimage write modes, page 88). The default is “on”.\n• With the --compact option, can be used to compact disk images, i.e. remove blocks that\nonly contains zeroes. This will shrink a dynamically allocated image again; it will reduce\nthe physical size of the image without affecting the logical size of the virtual disk. Compaction works both for base images and for diff images created as part of a snapshot.\nFor this operation to be effective, it is required that free space in the guest system first be\nzeroed out using a suitable software tool. For Windows guests, you can use the sdelete\ntool provided by Microsoft. Execute sdelete -z in the guest to zero the free disk space\nbefore compressing the virtual disk image. For Linux, use the zerofree utility which\nsupports ext2/ext3 filesystems. For Mac OS X guests, use the diskutil secureErase\nfreespace 0 / command line from an elevated Terminal.\nPlease note that compacting is currently only available for VDI images. A similar effect can\nbe achieved by zeroing out free blocks and then cloning the disk to any other dynamically\nallocated format. You can use this workaround until compacting is also supported for disk\nformats other than VDI.\n• The --resize x option (where x is the desired new total space in megabytes) allows\nyou to change the capacity of an existing image; this adjusts the logical size of a virtual\ndisk without affecting the physical size much.3 This currently works only for VDI and\nVHD formats, and only for the dynamically allocated variants, and can only be used to\nexpand (not shrink) the capacity. For example, if you originally created a 10G disk which\nis now full, you can use the --resize 15360 command to change the capacity to 15G\n(15,360MB) without having to create a new image and copy all data from within a virtual\nmachine. Note however that this only changes the drive capacity; you will typically next\nneed to use a partition management tool inside the guest to adjust the main partition to fill\nthe drive.\nThe --resizebyte x option does almost the same thing, except that x is expressed in\nbytes instead of megabytes.\n\n8.24 VBoxManage clonehd\nThis command duplicates a registered virtual hard disk image to a new image file with a new\nunique identifier (UUID). The new image can be transferred to another host system or imported\n3 Image\n\nresizing was added with VirtualBox 4.0.\n\n151\n\n\f8 VBoxManage\ninto VirtualBox again using the Virtual Media Manager; see chapter 5.3, The Virtual Media Manager, page 87 and chapter 5.6, Cloning disk images, page 92. The syntax is as follows:\nVBoxManage clonehd\n\n<uuid|inutfile> <uuid|outputfile>\n[--format VDI|VMDK|VHD|RAW|<other>]\n[--variant Standard,Fixed,Split2G,Stream,ESX]\n[--existing]\n\nThe disk image to clone as well as the target image must be described either by its UUIDs (if\nthe mediums are registered) or by its filename. Registered images can be listed by VBoxManage\nlist hdds (see chapter 8.4, VBoxManage list, page 128 for more information). A filename must\nbe specified as valid path, either as an absolute path or as a relative path starting from the current\ndirectory.\nThe following options are available:\n--format Allow to choose a file format for the output file different from the file format of the\n\ninput file.\n--variant Allow to choose a file format variant for the output file. It is a comma-separated list\n\nof variant flags. Not all combinations are supported, and specifying inconsistent flags will\nresult in an error message.\n--existing Perform the clone operation to an already existing destination medium. Only the\n\nportion of the source medium which fits into the destination medium is copied. This means\nif the destination medium is smaller than the source only a part of it is copied, and if the\ndestination medium is larger than the source the remaining part of the destination medium\nis unchanged.\n\nNote: For compatibility with earlier versions of VirtualBox, the “clonevdi” command is\nalso supported and mapped internally to the “clonehd” command.\n\n8.25 VBoxManage convertfromraw\nThis command converts a raw disk image to a VirtualBox Disk Image (VDI) file. The syntax is as\nfollows:\nVBoxManage convertfromraw\n\nVBoxManage convertfromraw\n\n<filename> <outputfile>\n[--format VDI|VMDK|VHD]\n[--variant Standard,Fixed,Split2G,Stream,ESX]\n[--uuid <uuid>]\nstdin <outputfile> <bytes>\n[--format VDI|VMDK|VHD]\n[--variant Standard,Fixed,Split2G,Stream,ESX]\n[--uuid <uuid>]\n\nwhere the parameters mean:\n--bytes The size of the image file, in bytes, provided through stdin.\n--format Select the disk image format to create. Default is VDI.\n--variant Allow to choose a file format variant for the output file. It is a comma-separated list\n\nof variant flags. Not all combinations are supported, and specifying inconsistent flags will\nresult in an error message.\n--uuid Allow to specifiy the UUID of the output file.\n\n152\n\n\f8 VBoxManage\nThe second form forces VBoxManage to read the content for the disk image from standard input\n(useful for using that command in a pipe).\nNote: For compatibility with earlier versions of VirtualBox, the “convertdd” command\nis also supported and mapped internally to the “convertfromraw” command.\n\n8.26 VBoxManage getextradata/setextradata\nThese commands let you attach and retrieve string data to a virtual machine or to a VirtualBox\nconfiguration (by specifying global instead of a virtual machine name). You must specify a key\n(as a text string) to associate the data with, which you can later use to retrieve it. For example:\nVBoxManage setextradata Fedora5 installdate 2006.01.01\nVBoxManage setextradata SUSE10 installdate 2006.02.02\n\nwould associate the string “2006.01.01” with the key installdate for the virtual machine Fedora5, and “2006.02.02” on the machine SUSE10. You could retrieve the information as follows:\nVBoxManage getextradata Fedora5 installdate\n\nwhich would return\nVirtualBox Command Line Management Interface Version 5.0.16\n(C) 2005-2016 Oracle Corporation\nAll rights reserved.\nValue: 2006.01.01\n\nTo remove a key, the setextradata command must be run without specifying data (only the\nkey), for example:\nVBoxManage setextradata Fedora5 installdate\n\n8.27 VBoxManage setproperty\nThis command is used to change global settings which affect the entire VirtualBox installation.\nSome of these correspond to the settings in the “Global settings” dialog in the graphical user\ninterface. The following properties are available:\nmachinefolder This specifies the default folder in which virtual machine definitions are kept;\n\nsee chapter 10.1, Where VirtualBox stores its files, page 218 for details.\nhwvirtexclusive This specifies whether VirtualBox will make exclusive use of the hardware\n\nvirtualization extensions (Intel VT-x or AMD-V) of the host system’s processor; see chapter\n10.3, Hardware vs. software virtualization, page 222. If you wish to share these extensions\nwith other hypervisors running at the same time, you must disable this setting. Doing so\nhas negative performance implications.\nvrdeauthlibrary This specifies which library to use when “external” authentication has been\n\nselected for a particular virtual machine; see chapter 7.1.5, RDP authentication, page 111\nfor details.\nwebsrvauthlibrary This specifies which library the web service uses to authenticate users.\n\nFor details about the VirtualBox web service, please refer to the separate VirtualBox SDK\nreference (see chapter 11, VirtualBox programming interfaces, page 228).\n\n153\n\n\f8 VBoxManage\nvrdeextpack This specifies which library implements the VirtualBox Remote Desktop Extension.\nloghistorycount This selects how many rotated (old) VM logs are kept.\nautostartdbpath This selects the path to the autostart database. See chapter 9.24, Starting\n\nvirtual machines during system boot, page 211.\ndefaultfrontend This selects the global default VM frontend setting. See chapter 8.12, VBox-\n\nManage startvm, page 142.\nlogginglevel This configures the VBoxSVC release logging details.4\n\n8.28 VBoxManage usbfilter add/modify/remove\nThe usbfilter commands are used for working with USB filters in virtual machines, or global\nfilters which affect the whole VirtualBox setup. Global filters are applied before machine-specific\nfilters, and may be used to prevent devices from being captured by any virtual machine. Global\nfilters are always applied in a particular order, and only the first filter which fits a device is applied. So for example, if the first global filter says to hold (make available) a particular Kingston\nmemory stick device and the second to ignore all Kingston devices, that memory stick will be\navailable to any machine with an appropriate filter, but no other Kingston device will.\nWhen creating a USB filter using usbfilter add, you must supply three or four mandatory\nparameters. The index specifies the position in the list at which the filter should be placed. If\nthere is already a filter at that position, then it and the following ones will be shifted back one\nplace. Otherwise the new filter will be added onto the end of the list. The target parameter\nselects the virtual machine that the filter should be attached to or use “global” to apply it to all\nvirtual machines. name is a name for the new filter and for global filters, action says whether to\nallow machines access to devices that fit the filter description (“hold”) or not to give them access\n(“ignore”). In addition, you should specify parameters to filter by. You can find the parameters\nfor devices attached to your system using VBoxManage list usbhost. Finally, you can specify\nwhether the filter should be active, and for local filters, whether they are for local devices, remote\n(over an RDP connection) or either.\nWhen you modify a USB filter using usbfilter modify, you must specify the filter by index (see the output of VBoxManage list usbfilters to find global filter indexes and that of\nVBoxManage showvminfo to find indexes for individual machines) and by target, which is either a virtual machine or “global”. The properties which can be changed are the same as for\nusbfilter add. To remove a filter, use usbfilter remove and specify the index and the target.\n\n8.29 VBoxManage sharedfolder add/remove\nThis command allows you to share folders on the host computer with guest operating systems.\nFor this, the guest systems must have a version of the VirtualBox Guest Additions installed which\nsupports this functionality.\nShared folders are described in detail in chapter 4.3, Shared folders, page 71.\n\n8.30 VBoxManage guestproperty\nThe “guestproperty” commands allow you to get or set properties of a running virtual machine.\nPlease see chapter 4.7, Guest properties, page 78 for an introduction. As explained there, guest\nproperties are arbitrary key/value string pairs which can be written to and read from by either\n4 http://www.virtualbox.org/wiki/VBoxLogging.\n\n154\n\n\f8 VBoxManage\nthe guest or the host, so they can be used as a low-volume communication channel for strings,\nprovided that a guest is running and has the Guest Additions installed. In addition, a number of\nvalues whose keys begin with “/VirtualBox/“ are automatically set and maintained by the Guest\nAdditions.\nThe following subcommands are available (where <vm>, in each case, can either be a VM name\nor a VM UUID, as with the other VBoxManage commands):\n• enumerate <vm> [--patterns <pattern>]: This lists all the guest properties that are\navailable for the given VM, including the value. This list will be very limited if the guest’s\nservice process cannot be contacted, e.g. because the VM is not running or the Guest\nAdditions are not installed.\nIf --patterns <pattern> is specified, it acts as a filter to only list properties that match\nthe given pattern. The pattern can contain the following wildcard characters:\n– * (asterisk): represents any number of characters; for example, “/VirtualBox*“\nwould match all properties beginning with “/VirtualBox”.\n– ? (question mark): represents a single arbitrary character; for example, “fo?“ would\nmatch both “foo” and “for”.\n– | (pipe symbol): can be used to specify multiple alternative patterns; for example,\n“s*|t*“ would match anything starting with either “s” or “t”.\n• get <vm> <property> : This retrieves the value of a single property only. If the property\ncannot be found (e.g. because the guest is not running), this will print\nNo value set!\n\n• set <vm> <property> [<value> [--flags <flags>]]: This allows you to set a guest\nproperty by specifying the key and value. If <value> is omitted, the property is deleted.\nWith --flags you can optionally specify additional behavior (you can combine several by\nseparating them with commas):\n– TRANSIENT: the value will not be stored with the VM data when the VM exits;\n– TRANSRESET: the value will be deleted as soon as the VM restarts and/or exits;\n– RDONLYGUEST: the value can only be changed by the host, but the guest can only read\nit;\n– RDONLYHOST: reversely, the value can only be changed by the guest, but the host can\nonly read it;\n– READONLY: a combination of the two, the value cannot be changed at all.\n• wait <vm> <pattern> --timeout <timeout>: This waits for a particular value described by “pattern” to change or to be deleted or created. The pattern rules are the same\nas for the “enumerate” subcommand above.\n• delete <vm> <property> : Deletes a formerly set guest property.\n\n8.31 VBoxManage guestcontrol\nThe guestcontrol commands allow you to control certain things inside a guest from the host.\nPlease see chapter 4.8, Guest control, page 80 for an introduction.\nThere are two sets of subcommands here. The first set requires guest credentials to be specified, the second set does not.\nThe first set of subcommands are on the following form:\n\n155\n\n\f8 VBoxManage\nVBoxManage guestcontrol <uuid|vmname> <sub-command>\n[-v|--verbose] [-q|quiet] [--username <name>] [--domain <domain> ]\n[--passwordfile <file> | --password <password>] ...\n\nand the second set are on the following form:\nVBoxManage guestcontrol <uuid|vmname> <sub-command>\n[-v|--verbose] [-q|quiet] ...\n\nwhere the common parameters are:\nuuid|vmname The VM UUID or VM name. Mandatory.\n--username <name> Name of the user the process should run under. This user must exist on\n\nthe guest OS. If not specified the host user name is used.\n--domain <domain> User domain for windows guests, optional.\n--passwordfile <file> Password of the specified user account to be read from the given file.\n\nIf not given, an empty password is assumed.\n--password <password> Password of the specified user account. If not given, an empty pass-\n\nword is assumed.\n-v|--verbose Makes the sub-command execution more noisy.\n-q|--quiet Makes the sub-command execution more quiet.\n\nThe first set of subcommands:\n• run, allows you to execute a guest program waiting for it to complete and forwarding\nstdout, stderr and stdin to/from the host.\nVBoxManage guestcontrol <uuid|vmname> run [common-options]\n[--exe <path to executable>] [--timeout <msec>]\n[-E|--putenv <NAME>[=<VALUE>]] [--unquoted-args]\n[--ignore-operhaned-processes] [--no-profile]\n[--no-wait-stdout|--wait-stdout]\n[--no-wait-stderr|--wait-stderr]\n[--dos2unix] [--unix2dos]\n-- <program/arg0> [argument1] ... [argumentN]]\n\nwhere the options are:\n--exe \"<path to program>\" Guest path to the guest executable that should be executed. in the guest, e.g. C:\\Windows\\System32\\calc.exe\n--username <name> Name of the user the process should run under. This user must exist\n\non the guest OS.\n--passwordfile <file> Password of the user account specified to be read from the given\n\nfile. If not given, an empty password is assumed.\n--password <password> Password of the user account specified with --username. If not\n\ngiven, an empty password is assumed.\n--dos2unix Converts output from DOS/Windows guests to UNIX-compatible line endings\n\n(CR + LF -> LF). Not implemented yet.\n\n156\n\n\f8 VBoxManage\n--environment \"<NAME>=<VALUE>\" One or more environment variables to be set or un-\n\nset.\nBy default, the new process in the guest will be created with the standard environment\nof the guest OS. This option allows for modifying that environment. To set/modify\na variable, a pair of NAME=VALUE must be specified; to unset a certain variable, the\nname with no value must set, e.g. NAME=.\nArguments containing spaces must be enclosed in quotation marks. More than one\n--environment at a time can be specified to keep the command line tidy.\n--timeout <msec> Value (in milliseconds) that specifies the time how long the started\n\nprocess is allowed to run and how long VBoxManage waits for getting output from\nthat process. If no timeout is specified, VBoxManage will wait forever until the started\nprocess ends or an error occured.\n--unix2dos Converts output from a UNIX/Linux guests to DOS-/Windows-compatible\n\nline endings (LF -> CR + LF). Not implemented yet.\n--verbose Tells VBoxManage to be more verbose.\n--wait-exit Waits until the process ends and outputs its exit code along with the exit\n\nreason/flags.\n--wait-stdout Waits until the process ends and outputs its exit code along with the exit\n\nreason/flags. While waiting VBoxManage retrieves the process output collected from\nstdout.\n--wait-stderr Waits until the process ends and outputs its exit code along with the exit\n\nreason/flags. While waiting VBoxManage retrieves the process output collected from\nstderr.\n[-- [<argument1s>] ...\n\n[<argumentNs>]] One or more arguments to pass to the\n\nprocess being executed.\nArguments containing spaces must be enclosed in quotation marks.\n\nNote: On Windows there are certain limitations for graphical applications; please see\nchapter 14, Known limitations, page 252 for more information.\nExamples:\nVBoxManage --nologo guestcontrol \"My VM\" execute --image \"/bin/ls\"\n--username foo --passwordfile bar.txt --wait-exit --wait-stdout -- -l /usr\nVBoxManage --nologo guestcontrol \"My VM\" execute --image \"c:\\\\windows\\\\system32\\\\ipconfig.exe\"\n--username foo --passwordfile bar.txt --wait-exit --wait-stdout\n\nNote that the double backslashes in the second example are only required on Unix hosts.\nNote: For certain commands a user name of an existing user account on the guest must\nbe specified; anonymous executions are not supported for security reasons. A user\naccount password, however, is optional and depends on the guest’s OS security policy\nor rules. If no password is specified for a given user name, an empty password will be\nused. On certain OSes like Windows the security policy may needs to be adjusted in\norder to allow user accounts with an empty password set. Also, global domain rules\nmight apply and therefore cannot be changed.\nStarting at VirtualBox 4.1.2 guest process execution by default is limited to serve up to 5\nguest processes at a time. If a new guest process gets started which would exceed this limit,\n\n157\n\n\f8 VBoxManage\nthe oldest not running guest process will be discarded in order to be able to run that new\nprocess. Also, retrieving output from this old guest process will not be possible anymore\nthen. If all 5 guest processes are still active and running, starting a new guest process will\nresult in an appropriate error message.\nTo raise or lower the guest process execution limit, either the guest property\n/VirtualBox/GuestAdd/VBoxService/--control-procs-max-kept or VBoxService’\ncommand line by specifying --control-procs-max-kept needs to be modified. A restart\nof the guest OS is required afterwards. To serve unlimited guest processes, a value of 0\nneeds to be set (not recommended).\n• copyto, which allows copying files from the host to the guest (only with installed Guest\nAdditions 4.0 and later).\nVBoxManage guestcontrol <uuid|vmname> copyto|cp\n<guest source> <host dest> --username <name>\n[--passwordfile <file> | --password <password>]\n[--dryrun] [--follow] [--recursive] [--verbose]\n\nwhere the parameters mean:\nuuid|vmname The VM UUID or VM name. Mandatory.\nsource on host Absolute path of source file(s) on host to copy over to the guest, e.g.\nC:\\Windows\\System32\\calc.exe. This also can be a wildcard expression, e.g.\nC:\\Windows\\System32\\*.dll\ndestination on guest Absolute destination path on the guest, e.g. C:\\Temp\n--username <name> Name of the user the copy process should run under. This user must\n\nexist on the guest OS.\n--passwordfile <file> Password of the user account specified to be read from the given\n\nfile. If not given, an empty password is assumed.\n--password <password> Password of the user account specified with --username. If not\n\ngiven, an empty password is assumed.\n--dryrun Tells VBoxManage to only perform a dry run instead of really copying files to\n\nthe guest.\n--follow Enables following symlinks on the host’s source.\n--recursive Recursively copies files/directories of the specified source.\n--verbose Tells VBoxManage to be more verbose.\n--flags <flags> Additional flags to set. This is not used at the moment.\n\n• copyfrom, which allows copying files from the guest to the host (only with installed Guest\nAdditions 4.0 and later). It has the same parameters as copyto above.\n• createdirectory, which allows copying files from the host to the guest (only with installed Guest Additions 4.0 and later).\nVBoxManage guestcontrol <uuid|vmname> createdir[ectory]|mkdir|md\n<guest directory>... --username <name>\n[--passwordfile <file> | --password <password>]\n[--parents] [--mode <mode>] [--verbose]\n\nwhere the parameters mean:\nuuid|vmname The VM UUID or VM name. Mandatory.\ndirectory to create on guest Absolute path of directory/directories to create on\nguest, e.g. D:\\Foo\\Bar. Parent directories need to exist (e.g. in this example D:\\Foo)\nwhen switch --parents is omitted. The specified user must have appropriate rights\n\nto create the specified directory.\n\n158\n\n\f8 VBoxManage\n--username <name> Name of the user the copy process should run under. This user must\n\nexist on the guest OS.\n--passwordfile <file> Password of the user account specified to be read from the given\n\nfile. If not given, an empty password is assumed.\n--password <password> Password of the user account specified with --username. If not\n\ngiven, an empty password is assumed.\n--parents Also creates not yet existing parent directories of the specified directory, e.g.\nif the directory D:\\Foo of D:\\Foo\\Bar does not exist yet it will be created. Without\nspecifying --parent the action would have failed.\n--mode <mode> Sets the permission mode of the specified directory. Only octal modes\n(e.g. 0755) are supported right now.\n--verbose Tells VBoxManage to be more verbose.\n\n• removedirectory, which allows deletion of guest directories (only with installed Guest\nAdditions 4.3.2 and later).\nVBoxManage guestcontrol <uuid|vmname> removedir[ectory]|rmdir\n<guest directory>... --username <name>\n[--passwordfile <file> | --password <password>]\n[--recursive|-R|-r] [--verbose]\n\nwhere the parameters mean:\nuuid|vmname The VM UUID or VM name. Mandatory.\ndirectory to remove on guest Absolute path of directory/directories to remove on\nguest, e.g. D:\\Foo\\Bar. The specified user must have appropriate rights to delete\n\nthe specified guest directories.\n--username <name> Name of the user the copy process should run under. This user must\n\nexist on the guest OS.\n--passwordfile <file> Password of the user account specified to be read from the given\n\nfile. If not given, an empty password is assumed.\n--password <password> Password of the user account specified with --username. If not\n\ngiven, an empty password is assumed.\n--recursive Remove directories and their contents recursively.\n--verbose Tells VBoxManage to be more verbose.\n\n• removefile, which allows deletion of guest files (only with installed Guest Additions 4.3.2\nand later).\nVBoxManage guestcontrol <uuid|vmname> removefile|rm\n<guest file>... --username <name>\n[--passwordfile <file> | --password <password>]\n[--verbose]\n\nwhere the parameters mean:\nuuid|vmname The VM UUID or VM name. Mandatory.\nfile to remove on guest Absolute path of a file/files to remove on guest, e.g.\nD:\\Foo\\Bar\\text.txt. The specified user must have appropriate rights to delete the\n\nspecified guest files.\n--username <name> Name of the user the copy process should run under. This user must\n\nexist on the guest OS.\n--passwordfile <file> Password of the user account specified to be read from the given\n\nfile. If not given, an empty password is assumed.\n\n159\n\n\f8 VBoxManage\n--password <password> Password of the user account specified with --username. If not\n\ngiven, an empty password is assumed.\n--verbose Tells VBoxManage to be more verbose.\n\n• ren[ame]|mv, which allows renaming of guest files and/or directories (only with installed\nGuest Additions 4.3.2 and later).\nVBoxManage guestcontrol <uuid|vmname> ren[ame]|mv\n<source>... <dest> --username <name>\n[--passwordfile <file> | --password <password>]\n[--verbose]\n\nwhere the parameters mean:\nuuid|vmname The VM UUID or VM name. Mandatory.\nsource Absolute path of one or more source(s) to move to destination. If more than\n\none source is specified, destination must be an existing directory on the guest. The\nspecified user must have appropriate rights to access source and destination files and\ndirectories.\ndest Absolute path of the destination to move the source(s) to. This can be a directory or\n\na file, depending if one or more sources have been specified. The specified user must\nhave appropriate rights to access the destination file and directory.\n--username <name> Name of the user the copy process should run under. This user must\n\nexist on the guest OS.\n--passwordfile <file> Password of the user account specified to be read from the given\n\nfile. If not given, an empty password is assumed.\n--password <password> Password of the user account specified with --username. If not\n\ngiven, an empty password is assumed.\n--verbose Tells VBoxManage to be more verbose.\n\n• createtemporary, which allows copying files from the host to the guest (only with installed Guest Additions 4.2 and later).\nVBoxManage guestcontrol <uuid|vmname> createtemp[orary]|mktemp\n<template> --username <name>\n[--passwordfile <file> | --password <password>]\n[--directory] [--secure] [--tmpdir <directory>]\n[--domain <domain>] [--mode <mode>] [--verbose]\n\nwhere the parameters mean:\nuuid|vmname The VM UUID or VM name. Mandatory.\ntemplate A file name without a path and with at least three consecutive ’X’ characters or\n\nending in ’X’\n--username <name> Name of the user the copy process should run under. This user must\n\nexist on the guest OS.\n--passwordfile <file> Password of the user account specified to be read from the given\n\nfile. If not given, an empty password is assumed.\n--password <password> Password of the user account specified with --username. If not\n\ngiven, an empty password is assumed.\n--directory Create a temporary directory instead of a file.\n--secure Secure creation. The file mode is fixed to 0755. And the operation will fail if it\n\ncannot performed securely.\n--tmpdir <directory> Directory where the file / directory is created. If not specified,\n\nthe platform-specific temp directory is used.\n\n160\n\n\f8 VBoxManage\n--mode <mode> Sets the permission mode of the specified directory. Only octal modes\n(e.g. 0755) are supported right now.\n--verbose Tells VBoxManage to be more verbose.\n\n• list, which lists various guest control information such as open guest sessions, guest\nprocesses and guest files.\nVBoxManage guestcontrol <uuid|vmname> list\n<all|sessions|processes|files> [--verbose]\n\nwhere the parameters mean:\nuuid|vmname The VM UUID or VM name. Mandatory.\nall|sessions|processes|files Whether to list guest sessions, guest processes, guest\n\nfiles or all information available. Mandatory.\n--verbose Tells VBoxManage to be more verbose.\n\n• process kill, which terminates specific guest processes of a guest session, based on either the session’s ID or the session’s name.\nVBoxManage guestcontrol <uuid|vmname> process kill\n--session-id <ID>\n| --session-name <name or pattern>\n[--verbose]\n<PID> ... <PID n>\n\nwhere the parameters mean:\nuuid|vmname The VM UUID or VM name. Mandatory.\n--session-id Specifies the guest session to use by its ID.\n--session-name Specifies the guest session to use by its name. Multiple sessions can be\n\nclosed when specifying * or ? wildcards.\n--verbose Tells VBoxManage to be more verbose.\n<PID> ...\n\n<PID n> List of process identifiers (PIDs) to terminate.\n\n• [p[s]]kill, which terminates specific guest processes of a guest session, based on either\nthe session’s ID or the session’s name.\nVBoxManage guestcontrol <uuid|vmname> process kill\n--session-id <ID>\n| --session-name <name or pattern>\n[--verbose]\n<PID> ... <PID n>\n\nwhere the parameters mean:\nuuid|vmname The VM UUID or VM name. Mandatory.\n--session-id Specifies the guest session to use by its ID.\n--session-name Specifies the guest session to use by its name. Multiple sessions can be\n\nclosed when specifying * or ? wildcards.\n--verbose Tells VBoxManage to be more verbose.\n<PID> ...\n\n<PID n> List of process identifiers (PIDs) to terminate.\n\n• session close, which closes specific guest sessions, based on either the session’s ID or\nthe session’s name.\nVBoxManage guestcontrol <uuid|vmname> session close\n--session-id <ID>\n| --session-name <name or pattern>\n| --all\n[--verbose]\n\n161\n\n\f8 VBoxManage\nwhere the parameters mean:\nuuid|vmname The VM UUID or VM name. Mandatory.\n--session-id Close a guest session specified by its ID.\n--session-name Close a guest session specified by its name. Multiple sessions can be\n\nclosed when specifying * or ? wildcards.\n--all Close all guest sessions.\n--verbose Tells VBoxManage to be more verbose.\n\n• stat, which displays file or file system status on the guest.\nVBoxManage guestcontrol <uuid|vmname> stat\n<file>... --username <name>\n[--passwordfile <file> | --password <password>]\n[--verbose]\n\nwhere the parameters mean:\nuuid|vmname The VM UUID or VM name. Mandatory.\nfile element(s) to check on guest Absolute path of directory/directories to check\non guest, e.g. /home/foo/a.out. The specified user must have appropriate rights to\n\naccess the given file element(s).\n--username <name> Name of the user the copy process should run under. This user must\n\nexist on the guest OS.\n--passwordfile <file> Password of the user account specified to be read from the given\n\nfile. If not given, an empty password is assumed.\n--password <password> Password of the user account specified with --username. If not\n\ngiven, an empty password is assumed.\n--verbose Tells VBoxManage to be more verbose.\n\n• updateadditions, which allows for updating an already installed Guest Additions version\non the guest (only already installed Guest Additions 4.0 and later).\nVBoxManage guestcontrol <uuid|vmname> updateadditions\n[--source \"<guest additions .ISO file to use>\"] [--verbose]\n[--wait-start] [-- [<argument1>] ... [<argumentN>]]\n\nwhere the parameters mean:\nuuid|vmname The VM UUID or VM name. Mandatory.\n--source “<guest additions .ISO file to use>“ Full path to an alternative VirtualBox\n\nGuest Additions .ISO file to use for the Guest Additions update.\n--verbose Tells VBoxManage to be more verbose.\n--wait-start Starts the regular updating process and waits until the actual Guest Ad-\n\nditions update inside the guest was started. This can be necessary due to needed\ninteraction with the guest OS during the installation phase.\nWhen omitting this flag VBoxManage will wait for the whole Guest Additions update\nto complete.\n[<argumentNs>]] Optional command line arguments to\nuse for the Guest Additions installer. Useful for retrofitting features which weren’t\ninstalled before on the guest.\n\n[-- [<argument1s>] ...\n\nArguments containing spaces must be enclosed in quotation marks.\n• watch, which prints current guest control activity.\n\n162\n\n\f8 VBoxManage\nVBoxManage guestcontrol <uuid|vmname> watch\n[--verbose]\n\nwhere the parameters mean:\nuuid|vmname The VM UUID or VM name. Mandatory.\n--verbose Tells VBoxManage to be more verbose.\n\n8.32 VBoxManage metrics\nThis command supports monitoring the usage of system resources. Resources are represented by\nvarious metrics associated with the host system or a particular VM. For example, the host system\nhas a CPU/Load/User metric that shows the percentage of time CPUs spend executing in user\nmode over a specific sampling period.\nMetric data is collected and retained internally; it may be retrieved at any time with the\nVBoxManage metrics query subcommand. The data is available as long as the background\nVBoxSVC process is alive. That process terminates shortly after all VMs and frontends have been\nclosed.\nBy default no metrics are collected at all. Metrics collection does not start until VBoxManage\nmetrics setup is invoked with a proper sampling interval and the number of metrics to be retained. The interval is measured in seconds. For example, to enable collecting the host processor\nand memory usage metrics every second and keeping the 5 most current samples, the following\ncommand can be used:\nVBoxManage metrics setup --period 1 --samples 5 host CPU/Load,RAM/Usage\n\nMetric collection can only be enabled for started VMs. Collected data and collection settings\nfor a particular VM will disappear as soon as it shuts down. Use VBoxManage metrics list\nsubcommand to see which metrics are currently available. You can also use --list option with\nany subcommand that modifies metric settings to find out which metrics were affected.\nNote that the VBoxManage metrics setup subcommand discards all samples that may have\nbeen previously collected for the specified set of objects and metrics.\nTo enable or disable metrics collection without discarding the data VBoxManage metrics\nenable and VBoxManage metrics disable subcommands can be used. Note that these subcommands expect metrics, not submetrics, like CPU/Load or RAM/Usage as parameters. In other\nwords enabling CPU/Load/User while disabling CPU/Load/Kernel is not supported.\nThe host and VMs have different sets of associated metrics. Available metrics can be listed\nwith VBoxManage metrics list subcommand.\nA complete metric name may include an aggregate function. The name has the following form:\nCategory/Metric[/SubMetric][:aggregate]. For example, RAM/Usage/Free:min stands for\nthe minimum amount of available memory over all retained data if applied to the host object.\nSubcommands may apply to all objects and metrics or can be limited to one object or/and a\nlist of metrics. If no objects or metrics are given in the parameters, the subcommands will apply\nto all available metrics of all objects. You may use an asterisk (“*“) to explicitly specify that the\ncommand should be applied to all objects or metrics. Use “host” as the object name to limit the\nscope of the command to host-related metrics. To limit the scope to a subset of metrics, use a\nmetric list with names separated by commas.\nFor example, to query metric data on the CPU time spent in user and kernel modes by the\nvirtual machine named “test”, you can use the following command:\nVBoxManage metrics query test CPU/Load/User,CPU/Load/Kernel\n\nThe following list summarizes the available subcommands:\nlist This subcommand shows the parameters of the currently existing metrics. Note that VM-\n\nspecific metrics are only available when a particular VM is running.\n\n163\n\n\f8 VBoxManage\nsetup This subcommand sets the interval between taking two samples of metric data and the\n\nnumber of samples retained internally. The retained data is available for displaying with\nthe query subcommand. The --list option shows which metrics have been modified as\nthe result of the command execution.\nenable This subcommand “resumes” data collection after it has been stopped with disable\n\nsubcommand. Note that specifying submetrics as parameters will not enable underlying\nmetrics. Use --list to find out if the command did what was expected.\ndisable This subcommand “suspends” data collection without affecting collection parameters\n\nor collected data. Note that specifying submetrics as parameters will not disable underlying\nmetrics. Use --list to find out if the command did what was expected.\nquery This subcommand retrieves and displays the currently retained metric data.\n\nNote: The query subcommand does not remove or “flush” retained data. If you query\noften enough you will see how old samples are gradually being “phased out” by new\nsamples.\n\ncollect This subcommand sets the interval between taking two samples of metric data and\n\nthe number of samples retained internally. The collected data is displayed periodically\nuntil Ctrl-C is pressed unless the --detach option is specified. With the --detach option,\nthis subcommand operates the same way as setup does. The --list option shows which\nmetrics match the specified filter.\n\n8.33 VBoxManage hostonlyif\nWith “hostonlyif” you can change the IP configuration of a host-only network interface. For a\ndescription of host-only networking, please refer to chapter 6.7, Host-only networking, page 103.\nEach host-only interface is identified by a name and can either use the internal DHCP server or\na manual IP configuration (both IP4 and IP6).\nThe following list summarizes the available subcommands:\nipconfig \"<name>\" Configure a hostonly interface\ncreate Ceates a new vboxnet<N> interface on the host OS. This command is essential before\n\nyou can attach VMs to host-only network.\nremove vboxnet<N> Removes a vboxnet<N> interface from the host OS.\n\n8.34 VBoxManage dhcpserver\nThe “dhcpserver” commands allow you to control the DHCP server that is built into VirtualBox.\nYou may find this useful when using internal or host-only networking. (Theoretically, you can\nenable it for a bridged network as well, but that will likely cause conflicts with other DHCP\nservers in your physical network.)\nUse the following command line options:\n• If you use internal networking for a virtual network adapter of a virtual machine, use\nVBoxManage dhcpserver add --netname <network_name>, where <network_name> is\nthe same network name you used with VBoxManage modifyvm <vmname> --intnet<X>\n<network_name>.\n\n164\n\n\f8 VBoxManage\n• If you use host-only networking for a virtual network adapter of a virtual machine,\nuse VBoxManage dhcpserver add --ifname <hostonly_if_name> instead, where\n<hostonly_if_name> is the same host-only interface name you used with VBoxManage\nmodifyvm <vmname> --hostonlyadapter<X> <hostonly_if_name>.\nAlternatively, you can also use the –netname option as with internal networks if you\nknow the host-only network’s name; you can see the names with VBoxManage list\nhostonlyifs (see chapter 8.4, VBoxManage list, page 128 above).\nThe following additional parameters are required when first adding a DHCP server:\n• With --ip, specify the IP address of the DHCP server itself.\n• With --netmask, specify the netmask of the network.\n• With --lowerip and --upperip, you can specify the lowest and highest IP address, respectively, that the DHCP server will hand out to clients.\nFinally, you must specify --enable or the DHCP server will be created in the disabled state,\ndoing nothing.\nAfter this, VirtualBox will automatically start the DHCP server for given internal or host-only\nnetwork as soon as the first virtual machine which uses that network is started.\nReversely, use VBoxManage dhcpserver remove with the given --netname <network_name>\nor --ifname <hostonly_if_name> to remove the DHCP server again for the given internal or\nhost-only network.\nTo modify the settings of a DHCP server created earlier with VBoxManage dhcpserver add,\nyou can use VBoxManage dhcpserver modify for a given network or host-only interface name.\n\n8.35 VBoxManage debugvm\nIntrospection and guest debugging.\n\nSynopsis\nVBoxManage debugvm <uuid|vmname> dumpvmcore [--filename=name]\nVBoxManage debugvm <uuid|vmname> info <item> [args...]\nVBoxManage debugvm <uuid|vmname> injectnmi\nVBoxManage debugvm <uuid|vmname> log [[--release] | [--debug]] [group-settings...]\nVBoxManage debugvm <uuid|vmname> logdest [[--release] | [--debug]] [destinations...]\nVBoxManage debugvm <uuid|vmname> logflags [[--release] | [--debug]] [flags...]\nVBoxManage debugvm <uuid|vmname> osdetect\nVBoxManage debugvm <uuid|vmname> osinfo\nVBoxManage debugvm <uuid|vmname> osdmesg [--lines=lines]\nVBoxManage debugvm <uuid|vmname> getregisters [--cpu=id] [reg-set.reg-name...]\nVBoxManage debugvm <uuid|vmname> setregisters [--cpu=id] [reg-set.reg-name=value...]\nVBoxManage debugvm <uuid|vmname> show [[--human-readable] | [--sh-export] |\n[--sh-eval] | [--cmd-set]] [settings-item...]\nVBoxManage debugvm <uuid|vmname> statistics [--reset] [--descriptions] [--pattern=pattern]\n\nDescription\nThe “debugvm” commands are for experts who want to tinker with the exact details of virtual\nmachine execution. Like the VM debugger described in chapter 12.1.3, The built-in VM debugger,\npage 230, these commands are only useful if you are very familiar with the details of the PC\narchitecture and how to debug software.\n\n165\n\n\f8 VBoxManage\nCommon options\nThe subcommands of debugvm all operate on a running virtual machine:\nuuid|vmname\n\nEither the UUID or the name (case sensitive) of a VM.\ndebugvm dumpvmcore\nVBoxManage debugvm <uuid|vmname> dumpvmcore [--filename=name]\n\nCreates a system dump file of the specified VM. This file will have the standard ELF core format\n(with custom sections); see chapter 12.1.4, VM core format, page 232.\nThis corresponds to the writecore command in the debugger.\n--filename=filename\n\nThe name of the output file.\ndebugvm info\nVBoxManage debugvm <uuid|vmname> info <item> [args...]\n\nDisplays info items relating to the VMM, device emulations and associated drivers.\nThis corresponds to the info command in the debugger.\ninfo\n\nName of the info item to display. The special name help will list all the available info items\nand hints about optional arguments.\nargs\n\nOptional argument string for the info item handler. Most info items does not take any extra\narguments. Arguments not recognized are generally ignored.\ndebugvm injectnmi\nVBoxManage debugvm <uuid|vmname> injectnmi\n\nCauses a non-maskable interrupt (NMI) to be injected into the guest. This might be useful for\ncertain debugging scenarios. What happens exactly is dependent on the guest operating system,\nbut an NMI can crash the whole guest operating system. Do not use unless you know what you’re\ndoing.\ndebugvm log\nVBoxManage debugvm <uuid|vmname> log [[--release] | [--debug]] [group-settings...]\n\nChanges the group settings for either debug (--debug) or release (--release) logger of the\nVM process.\nThe group-settings are typically strings on the form em.e.f.l, hm=~0 and -em.f. Basic\nwildcards are supported for group matching. The all group is an alias for all the groups.\nPlease do keep in mind that the group settings are applied as modifications to the current ones.\nThis corresponds to the log command in the debugger.\n\n166\n\n\f8 VBoxManage\ndebugvm logdest\nVBoxManage debugvm <uuid|vmname> logdest [[--release] | [--debug]] [destinations...]\n\nChanges the destination settings for either debug (--debug) or release (--release)\nlogger of the VM process.\nFor details on the destination format, the best source is\nsrc/VBox/Runtime/common/log/log.cpp.\nThe destinations is one or more mnemonics, optionally prefixed by “no” to disable them.\nSome of them take values after a “:“ or “=“ separator. Multiple mnemonics can be separated by\nspace or given as separate arguments on the command line.\nList of available destination:\nfile[=file], nofile\n\nSpecifies a log file. It no filname is given, one will be generated based on the current UTC\ntime and VM process name and placed in the current directory of the VM process. Note\nthat this will currently not have any effect if the log file has already been opened.\ndir=directory, nodir\n\nSpecifies the output directory for log files. Note that this will currently not have any effect\nif the log file has already been opened.\nhistory=count, nohistory\n\nA non-zero value enables log historization, with the value specifying how many old log files\nto keep.\nhistsize=bytes\n\nThe max size of a log file before it is historized. Default is infinite.\nhisttime=seconds\n\nThe max age (in seconds) of a log file before it is historized. Default is infinite.\nringbuffer, noringbuffer\n\nOnly log to the log buffer until an explicit flush (e.g. via an assertion) occurs. This is fast\nand saves diskspace.\nstdout, nostdout\n\nWrite the log content to standard output.\nstdout, nostdout\n\nWrite the log content to standard error.\ndebugger, nodebugger\n\nWrite the log content to the debugger, if supported by the host OS.\ncom, nocom\n\nWrites logging to the COM port. This is only applicable for raw-mode and ring-0 logging.\nuser, nouser\n\nCustom destination which has no meaning to VM processes..\nThis corresponds to the logdest command in the debugger.\ndebugvm logflags\nVBoxManage debugvm <uuid|vmname> logflags [[--release] | [--debug]] [flags...]\n\nChanges the flags on either debug (--debug) or release (--release) logger of the VM process.\nPlease note that the modifications are applied onto the existing changes, they are not replacing\nthem.\n\n167\n\n\f8 VBoxManage\nThe flags are a list of flag mnemonics, optionally prefixed by a “no”, “¡‘, “~“ or “-“ to negate\ntheir meaning. The “+“ prefix can be used to undo previous negation or use as a separator,\nthough better use whitespace or separate arguments for that.\nList of log flag mnemonics, with their counter form where applicable (asterisk indicates defaults):\nenabled*, disabled\n\nEnables or disables logging.\nbuffered, unbuffered*\n\nEnabling buffering of log output before it hits the destinations.\nwritethrough(/writethru)\n\nWhether to open the destination file with writethru buffering settings or not.\nflush\n\nEnables flushing of the output file (to disk) after each log statement.\nlockcnts\n\nPrefix each log line with lock counts for the current thread.\ncpuid\n\nPrefix each log line with the ID of the current CPU.\npid\n\nPrefix each log line with the current process ID.\nflagno\n\nPrefix each log line with the numberic flags corresponding to the log statement.\nflag\n\nPrefix each log line with the flag mnemonics corresponding to the log statement.\ngroupno\n\nPrefix each log line with the log group number for the log statement producing it.\ngroup\n\nPrefix each log line with the log group name for the log statement producing it.\ntid\n\nPrefix each log line with the current thread identifier.\nthread\n\nPrefix each log line with the current thread name.\ntime\n\nPrefix each log line with the current UTC wall time.\ntimeprog\n\nPrefix each log line with the current monotonic time since the start of the program.\nmsprog\n\nPrefix each log line with the current monotonic timestamp value in milliseconds since the\nstart of the program.\nts\n\nPrefix each log line with the current monotonic timestamp value in nanoseconds.\ntsc\n\nPrefix each log line with the current CPU timestamp counter (TSC) value.\n\n168\n\n\f8 VBoxManage\nrel, abs*\n\nSelects the whether ts and tsc prefixes should be displayed as relative to the previous log\nline or as absolute time.\nhex*, dec\n\nSelects the whether the ts and tsc prefixes should be formatted as hexadecimal or decimal.\ncustom\n\nCustom log prefix, has by default no meaning for VM processes.\nusecrlf, uself*\n\nOutput with DOS style (CRLF) or just UNIX style (LF) line endings.\noverwrite*, append\n\nOverwrite the destination file or append to it.\nThis corresponds to the logflags command in the debugger.\ndebugvm osdetect\nVBoxManage debugvm <uuid|vmname> osdetect\n\nMake the VMM’s debugger facility (re)-detect the guest operating system (OS). This will first\nload all debugger plug-ins.\nThis corresponds to the detect command in the debugger.\ndebugvm osinfo\nVBoxManage debugvm <uuid|vmname> osinfo\n\nDisplays information about the guest operating system (OS) previously detected by the VMM’s\ndebugger facility.\ndebugvm osdmesg\nVBoxManage debugvm <uuid|vmname> osdmesg [--lines=lines]\n\nDisplays the guest OS kernel log, if detected and supported.\n--lines=lines\n\nNumber of lines of the log to display, counting from the end. The default is infinite.\ndebugvm getregisters\nVBoxManage debugvm <uuid|vmname> getregisters [--cpu=id] [reg-set.reg-name...]\n\nRetrieves register values for guest CPUs and emulated devices.\nreg-set.reg-name\n\nOne of more registers, each having one of the following forms:\n1. register-set.register-name.sub-field\n2. register-set.register-name\n3. cpu-register-name.sub-field\n4. cpu-register-name\n\n169\n\n\f8 VBoxManage\n5. all\nThe all form will cause all registers to be shown (no sub-fields). The registers names are\ncase-insensitive.\n--cpu=id\n\nSelects the CPU register set when specifying just a CPU register (3rd and 4th form). The\ndefault is 0.\ndebugvm setregisters\nVBoxManage debugvm <uuid|vmname> setregisters [--cpu=id] [reg-set.reg-name=value...]\n\nChanges register values for guest CPUs and emulated devices.\nreg-set.reg-name=value\n\nOne of more register assignment, each having one of the following forms:\n1. register-set.register-name.sub-field=value\n2. register-set.register-name=value\n3. cpu-register-name.sub-field=value\n4. cpu-register-name=value\nThe value format should be in the same style as what getregisters displays, with the\nexception that both octal and decimal can be used instead of hexadecimal.\n--cpu id\n\nSelects the CPU register set when specifying just a CPU register (3rd and 4th form). The\ndefault is 0.\ndebugvm show\nVBoxManage debugvm <uuid|vmname> show [[--human-readable] | [--sh-export] |\n[--sh-eval] | [--cmd-set]] [settings-item...]\n\nShows logging settings for the VM.\n--human-readable\n\nSelects human readable output.\n--sh-export\n\nSelects output format as bourne shell style export commands.\n--sh-eval\n\nSelects output format as bourne shell style eval command input.\n--cmd-set\n\nSelects output format as DOS style SET commands.\nsettings-item\n\nWhat to display. One or more of the following:\n• logdbg-settings - debug log settings.\n• logrel-settings - release log settings.\n• log-settings - alias for both debug and release log settings.\n\n170\n\n\f8 VBoxManage\ndebugvm statistics\nVBoxManage debugvm <uuid|vmname> statistics [--reset] [--descriptions] [--pattern=pattern]\n\nDisplays or resets VMM statistics.\nRetrieves register values for guest CPUs and emulated devices.\n--pattern=pattern\n\nDOS/NT-style wildcards patterns for selecting statistics. Multiple patterns can be specified\nby using the ’|’ (pipe) character as separator.\n--reset\n\nSelect reset instead of display mode.\n\n8.36 VBoxManage extpack\nExtension package management.\n\nSynopsis\nVBoxManage extpack install [--replace] <tarball>\nVBoxManage extpack uninstall [--force] <name>\nVBoxManage extpack cleanup\n\nDescription\nextpack install\nVBoxManage extpack install [--replace] <tarball>\n\nInstalls a new extension pack on the system. This command will fail if an older version of the\nsame extension pack is already installed. The --replace option can be used to uninstall any old\npackage before the new one is installed.\n--replace\n\nUninstall existing extension pack version.\ntarball\n\nThe file containing the extension pack to be installed.\nextpack uninstall\nVBoxManage extpack uninstall [--force] <name>\n\nUninstalls an extension pack from the system. The subcommand will also succeed in the case\nwhere the specified extension pack is not present on the system. You can use VBoxManage list\nextpacks to show the names of the extension packs which are currently installed.\n--force\n\nOverrides most refusals to uninstall an extension pack\nname\n\nThe name of the extension pack to be uninstalled.\n\n171\n\n\f8 VBoxManage\nextpack cleanup\nVBoxManage extpack cleanup\n\nUsed to remove temporary files and directories that may have been left behind if a previous\ninstall or uninstall command failed.\n\nExamples\nHow to list extension packs:\n$ VBoxManage list extpacks\nExtension Packs: 1\nPack no. 0:\nOracle VM VirtualBox Extension Pack\nVersion:\n4.1.12\nRevision:\n77218\nEdition:\nDescription: USB 2.0 Host Controller, VirtualBox RDP, PXE ROM with E1000 support.\nVRDE Module: VBoxVRDP\nUsable:\ntrue\nWhy unusable:\n\nHow to remove an extension pack:\n$ VBoxManage extpack uninstall \"Oracle VM VirtualBox Extension Pack\"\n0%...10%...20%...30%...40%...50%...60%...70%...80%...90%...100%\nSuccessfully uninstalled \"Oracle VM VirtualBox Extension Pack\".\n\n172\n\n\f9 Advanced topics\n9.1 VBoxSDL, the simplified VM displayer\n9.1.1 Introduction\nVBoxSDL is a simple graphical user interface (GUI) that lacks the nice point-and-click support\nwhich VirtualBox, our main GUI, provides. VBoxSDL is currently primarily used internally for\ndebugging VirtualBox and therefore not officially supported. Still, you may find it useful for\nenvironments where the virtual machines are not necessarily controlled by the same person that\nuses the virtual machine.\nNote: VBoxSDL is not available on the Mac OS X host platform.\nAs you can see in the following screenshot, VBoxSDL does indeed only provide a simple window that contains only the “pure” virtual machine, without menus or other controls to click upon\nand no additional indicators of virtual machine activity:\n\nTo start a virtual machine with VBoxSDL instead of the VirtualBox GUI, enter the following on\na command line:\nVBoxSDL --startvm <vm>\n\nwhere <vm> is, as usual with VirtualBox command line parameters, the name or UUID of an\nexisting virtual machine.\n\n9.1.2 Secure labeling with VBoxSDL\nWhen running guest operating systems in full screen mode, the guest operating system usually\nhas control over the whole screen. This could present a security risk as the guest operating\n\n173\n\n\f9 Advanced topics\nsystem might fool the user into thinking that it is either a different system (which might have a\nhigher security level) or it might present messages on the screen that appear to stem from the\nhost operating system.\nIn order to protect the user against the above mentioned security risks, the secure labeling\nfeature has been developed. Secure labeling is currently available only for VBoxSDL. When\nenabled, a portion of the display area is reserved for a label in which a user defined message is\ndisplayed. The label height in set to 20 pixels in VBoxSDL. The label font color and background\ncolor can be optionally set as hexadecimal RGB color values. The following syntax is used to\nenable secure labeling:\nVBoxSDL --startvm \"VM name\"\n--securelabel --seclabelfnt ~/fonts/arial.ttf\n--seclabelsiz 14 --seclabelfgcol 00FF00 --seclabelbgcol 00FFFF\n\nIn addition to enabling secure labeling, a TrueType font has to be supplied. To use another\nfont size than 12 point use the parameter --seclabelsiz.\nThe label text can be set with\nVBoxManage setextradata \"VM name\" \"VBoxSDL/SecureLabel\" \"The Label\"\n\nChanging this label will take effect immediately.\nTypically, full screen resolutions are limited to certain “standard” geometries such as 1024 x\n768. Increasing this by twenty lines is not usually feasible, so in most cases, VBoxSDL will chose\nthe next higher resolution, e.g. 1280 x 1024 and the guest’s screen will not cover the whole\ndisplay surface. If VBoxSDL is unable to choose a higher resolution, the secure label will be\npainted on top of the guest’s screen surface. In order to address the problem of the bottom part\nof the guest screen being hidden, VBoxSDL can provide custom video modes to the guest that\nare reduced by the height of the label. For Windows guests and recent Solaris and Linux guests,\nthe VirtualBox Guest Additions automatically provide the reduced video modes. Additionally,\nthe VESA BIOS has been adjusted to duplicate its standard mode table with adjusted resolutions.\nThe adjusted mode IDs can be calculated using the following formula:\nreduced_modeid = modeid + 0x30\n\nFor example, in order to start Linux with 1024 x 748 x 16, the standard mode 0x117 (1024\nx 768 x 16) is used as a base. The Linux video mode kernel parameter can then be calculated\nusing:\nvga = 0x200 | 0x117 + 0x30\nvga = 839\n\nThe reason for duplicating the standard modes instead of only supplying the adjusted modes\nis that most guest operating systems require the standard VESA modes to be fixed and refuse to\nstart with different modes.\nWhen using the X.org VESA driver, custom modelines have to be calculated and added to the\nconfiguration (usually in /etc/X11/xorg.conf. A handy tool to determine modeline entries can\nbe found at http://www.tkk.fi/Misc/Electronics/faq/vga2rgb/calc.html.)\n\n9.1.3 Releasing modifiers with VBoxSDL on Linux\nWhen switching from a X virtual terminal (VT) to another VT using Ctrl-Alt-Fx while the\nVBoxSDL window has the input focus, the guest will receive Ctrl and Alt keypress events without\nreceiving the corresponding key release events. This is an architectural limitation of Linux. In\norder to reset the modifier keys, it is possible to send SIGUSR1 to the VBoxSDL main thread (first\nentry in the ps list). For example, when switching away to another VT and saving the virtual\nmachine from this terminal, the following sequence can be used to make sure the VM is not\nsaved with stuck modifiers:\nkill -usr1 <pid>\nVBoxManage controlvm \"Windows 2000\" savestate\n\n174\n\n\f9 Advanced topics\n\n9.2 Automated guest logons\nVirtualBox provides Guest Addition modules for Windows, Linux and Solaris to enable automated\nlogons on the guest.\nWhen a guest operating system is running in a virtual machine, it might be desirable to perform\ncoordinated and automated logons using credentials from a master logon system. (With “credentials”, we are referring to logon information consisting of user name, password and domain\nname, where each value might be empty.)\n\n9.2.1 Automated Windows guest logons\nSince Windows NT, Windows has provided a modular system logon subsystem (“Winlogon”)\nwhich can be customized and extended by means of so-called GINA modules (Graphical Identification and Authentication). With Windows Vista and Windows 7, the GINA modules were\nreplaced with a new mechanism called “credential providers”. The VirtualBox Guest Additions\nfor Windows come with both, a GINA and a credential provider module, and therefore enable\nany Windows guest to perform automated logons.\nTo activate the VirtualBox GINA or credential provider module, install the Guest Additions\nwith using the command line switch /with_autologon. All the following manual steps required\nfor installing these modules will be then done by the installer.\nTo manually install the VirtualBox GINA module, extract the Guest Additions (see chapter 4.2.1.4, Manual file extraction, page 66) and copy the file VBoxGINA.dll to the Windows\nSYSTEM32 directory. Then, in the registry, create the following key:\nHKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\GinaDLL\n\nwith a value of VBoxGINA.dll.\nNote: The VirtualBox GINA module is implemented as a wrapper around the standard\nWindows GINA module (MSGINA.DLL). As a result, it will most likely not work correctly\nwith 3rd party GINA modules.\nTo manually install the VirtualBox credential provider module, extract the Guest Additions\n(see chapter 4.2.1.4, Manual file extraction, page 66) and copy the file VBoxCredProv.dll to\nthe Windows SYSTEM32 directory. Then, in the registry, create the following keys:\nHKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\\nAuthentication\\Credential Providers\\{275D3BCC-22BB-4948-A7F6-3A3054EBA92B}\nHKEY_CLASSES_ROOT\\CLSID\\{275D3BCC-22BB-4948-A7F6-3A3054EBA92B}\nHKEY_CLASSES_ROOT\\CLSID\\{275D3BCC-22BB-4948-A7F6-3A3054EBA92B}\\InprocServer32\n\nwith all default values (the key named (Default) in each key) set to VBoxCredProv. After\nthat a new string named\nHKEY_CLASSES_ROOT\\CLSID\\{275D3BCC-22BB-4948-A7F6-3A3054EBA92B}\\InprocServer32\\ThreadingModel\n\nwith a value of Apartment has to be created.\nTo set credentials, use the following command on a running VM:\nVBoxManage controlvm \"Windows XP\" setcredentials \"John Doe\" \"secretpassword\" \"DOMTEST\"\n\nWhile the VM is running, the credentials can be queried by the VirtualBox logon modules\n(GINA or credential provider) using the VirtualBox Guest Additions device driver. When Windows is in “logged out” mode, the logon modules will constantly poll for credentials and if they\n\n175\n\n\f9 Advanced topics\nare present, a logon will be attempted. After retrieving the credentials, the logon modules will\nerase them so that the above command will have to be repeated for subsequent logons.\nFor security reasons, credentials are not stored in any persistent manner and will be lost when\nthe VM is reset. Also, the credentials are “write-only”, i.e. there is no way to retrieve the\ncredentials from the host side. Credentials can be reset from the host side by setting empty\nvalues.\nDepending on the particular variant of the Windows guest, the following restrictions apply:\n1. For Windows XP guests, the logon subsystem needs to be configured to use the classic\nlogon dialog as the VirtualBox GINA module does not support the XP-style welcome dialog.\n2. For Windows Vista, Windows 7 and Windows 8 guests, the logon subsystem does not\nsupport the so-called Secure Attention Sequence (CTRL+ALT+DEL). As a result, the guest’s\ngroup policy settings need to be changed to not use the Secure Attention Sequence. Also,\nthe user name given is only compared to the true user name, not the user friendly name.\nThis means that when you rename a user, you still have to supply the original user name\n(internally, Windows never renames user accounts).\n3. Auto-logon handling of the built-in Windows Remote Desktop Service (formerly known as\nTerminal Services) is disabled by default. To enable it, create the registry key\nHKEY_LOCAL_MACHINE\\SOFTWARE\\Oracle\\VirtualBox Guest Additions\\AutoLogon\n\nwith a DWORD value of 1.\nThe following command forces VirtualBox to keep the credentials after they were read by the\nguest and on VM reset:\nVBoxManage setextradata \"Windows XP\" VBoxInternal/Devices/VMMDev/0/Config/KeepCredentials 1\n\nNote that this is a potential security risk as a malicious application running on the guest could\nrequest this information using the proper interface.\n\n9.2.2 Automated Linux/Unix guest logons\nStarting with version 3.2, VirtualBox provides a custom PAM module (Pluggable Authentication\nModule) which can be used to perform automated guest logons on platforms which support this\nframework. Virtually all modern Linux/Unix distributions rely on PAM.\nFor automated logons on Ubuntu (or Ubuntu-derived) distributions using LightDM as the display manager, please see chapter 9.2.2.1, VirtualBox Greeter for Ubuntu / LightDM, page 178.\nThe pam_vbox.so module itself does not do an actual verification of the credentials passed to\nthe guest OS; instead it relies on other modules such as pam_unix.so or pam_unix2.so down\nin the PAM stack to do the actual validation using the credentials retrieved by pam_vbox.so.\nTherefore pam_vbox.so has to be on top of the authentication PAM service list.\nNote: The pam_vbox.so only supports the auth primitive. Other primitives such as\naccount, session or password are not supported.\nThe pam_vbox.so module is shipped as part of the Guest Additions but it is not installed\nand/or activated on the guest OS by default. In order to install it, it has to be copied from\n/opt/VBoxGuestAdditions-<version>/lib/VBoxGuestAdditions/ to the security modules\ndirectory, usually /lib/security/ on 32-bit guest Linuxes or /lib64/security/ on 64-bit\nones. Please refer to your guest OS documentation for the correct PAM module directory.\nFor example, to use pam_vbox.so with a Ubuntu Linux guest OS and GDM (the GNOME\nDesktop Manager) to logon users automatically with the credentials passed by the host, the\nguest OS has to be configured like the following:\n\n176\n\n\f9 Advanced topics\n1. The pam_vbox.so module has to be copied to the security modules directory, in this case it\nis /lib/security.\n2. Edit the PAM configuration file for GDM found at /etc/pam.d/gdm, adding the line auth\nrequisite pam_vbox.so at the top. Additionaly, in most Linux distributions there is a\nfile called /etc/pam.d/common-auth. This file is included in many other services (like\nthe GDM file mentioned above). There you also have to add the line auth requisite\npam_vbox.so.\n3. If authentication against the shadow database using pam_unix.so or pam_unix2.so\nis desired, the argument try_first_pass for pam_unix.so or use_first_pass for\npam_unix2.so is needed in order to pass the credentials from the VirtualBox module\nto the shadow database authentication module. For Ubuntu, this needs to be added to\n/etc/pam.d/common-auth, to the end of the line referencing pam_unix.so. This argument tells the PAM module to use credentials already present in the stack, i.e. the ones\nprovided by the VirtualBox PAM module.\n\nWarning: An incorrectly configured PAM stack can effectively prevent you from logging\ninto your guest system!\nTo make deployment easier, you can pass the argument debug right after the pam_vbox.so\nstatement. Debug log output will then be recorded using syslog.\nNote: By default, pam_vbox will not wait for credentials to arrive from the host, in\nother words: When a login prompt is shown (for example by GDM/KDM or the text\nconsole) and pam_vbox does not yet have credentials it does not wait until they arrive.\nInstead the next module in the PAM stack (depending on the PAM configuration) will\nhave the chance for authentication.\nStarting with VirtualBox 4.1.4 pam_vbox supports various guest property parameters which\nall reside in /VirtualBox/GuestAdd/PAM/. These parameters allow pam_vbox to wait for credentials to be provided by the host and optionally can show a message while waiting for those.\nThe following guest properties can be set:\n1. CredsWait: Set to “1” if pam_vbox should start waiting until credentials arrive from the\nhost. Until then no other authentication methods such as manually logging in will be\navailable. If this property is empty or get deleted no waiting for credentials will be performed and pam_vbox will act like before (see paragraph above). This property must be\nset read-only for the guest (RDONLYGUEST).\n2. CredsWaitAbort: Aborts waiting for credentials when set to any value. Can be set from\nhost and the guest.\n3. CredsWaitTimeout: Timeout (in seconds) to let pam_vbox wait for credentials to arrive.\nWhen no credentials arrive within this timeout, authentication of pam_vbox will be set to\nfailed and the next PAM module in chain will be asked. If this property is not specified,\nset to “0” or an invalid value, an infinite timeout will be used. This property must be set\nread-only for the guest (RDONLYGUEST).\nTo customize pam_vbox further there are the following guest properties:\n1. CredsMsgWaiting: Custom message showed while pam_vbox is waiting for credentials\nfrom the host. This property must be set read-only for the guest (RDONLYGUEST).\n\n177\n\n\f9 Advanced topics\n2. CredsMsgWaitTimeout: Custom message showed when waiting for credentials by\npam_vbox timed out, e.g. did not arrive within time. This property must be set readonly for the guest (RDONLYGUEST).\n\nNote: If a pam_vbox guest property does not have set the right flags (RDONLYGUEST)\nthis property will be ignored then and - depending on the property - a default value will\nbe set. This can result in pam_vbox not waiting for credentials. Consult the appropriate\nsyslog file for more information and use the debug option.\n\n9.2.2.1 VirtualBox Greeter for Ubuntu / LightDM\nStarting with version 4.2.12, VirtualBox comes with an own greeter module named vbox-greeter\nwhich can be used with LightDM 1.0.1 or later. LightDM is the default display manager since\nUbuntu 10.11 and therefore also can be used for automated guest logons.\nvbox-greeter does not need the pam_vbox module described above in order to function –\nit comes with its own authentication mechanism provided by LightDM. However, to provide\nmaximum of flexibility both modules can be used together on the same guest.\nAs for the pam_vbox module, vbox-greeter is shipped as part of the Guest Additions but it is\nnot installed and/or activated on the guest OS by default For installing vbox-greeter automatically upon Guest Additions installation, use the --with-autologon switch when starting the\nVBoxLinuxAdditions.run file:\n# ./VBoxLinuxAdditions.run -- --with-autologon\n\nFor manual or postponed installation, the vbox-greeter.desktop file has to be copied from\n/opt/VBoxGuestAdditions-<version>/shared/VBoxGuestAdditions/ to the xgreeters directory, usually /usr/share/xgreeters/. Please refer to your guest OS documentation for the\ncorrect LightDM greeter directory.\nThe vbox-greeter module itself already was installed by the VirtualBox Guest Additions installer and resides in /usr/sbin/. To enable vbox-greeter as the standard greeter module, the\nfile /etc/lightdm/lightdm.conf needs to be edited:\n[SeatDefaults]\ngreeter-session=vbox-greeter\n\nNote: The LightDM server needs to be fully restarted in order to get vbox-greeter used\nas the default greeter. As root, do a service lightdm --full-restart on Ubuntu,\nor simply restart the guest.\n\nNote: vbox-greeter is independent of the graphical session chosen by the user (like\nGnome, KDE, Unity etc). However, it requires FLTK 1.3 for representing its own user\ninterface.\nThere are numerous guest properties which can be used to further customize the login experience. For automatically logging in users, the same guest properties apply as for pam_vbox, see\nchapter 9.2.2, Automated Linux/Unix guest logons, page 176.\nIn addition to the above mentioned guest properties, vbox-greeter allows further customization\nof its user interface. These special guest properties all reside in /VirtualBox/GuestAdd/Greeter/:\n\n178\n\n\f9 Advanced topics\n1. HideRestart: Set to “1” if vbox-greeter should hide the button to restart the guest. This\nproperty must be set read-only for the guest (RDONLYGUEST).\n2. HideShutdown: Set to “1” if vbox-greeter should hide the button to shutdown the guest.\nThis property must be set read-only for the guest (RDONLYGUEST).\n3. BannerPath: Path to a .PNG file for using it as a banner on the top. The image size\nmust be 460 x 90 pixels, any bit depth. This property must be set read-only for the guest\n(RDONLYGUEST).\n4. UseTheming: Set to “1” for turning on the following theming options. This property must\nbe set read-only for the guest (RDONLYGUEST).\n5. Theme/BackgroundColor: Hexadecimal RRGGBB color for the background. This property\nmust be set read-only for the guest (RDONLYGUEST).\n6. Theme/LogonDialog/HeaderColor: Hexadecimal RRGGBB foreground color for the\nheader text. This property must be set read-only for the guest (RDONLYGUEST).\n7. Theme/LogonDialog/BackgroundColor: Hexadecimal RRGGBB color for the logon dialog\nbackground. This property must be set read-only for the guest (RDONLYGUEST).\n8. Theme/LogonDialog/ButtonColor: Hexadecimal RRGGBB background color for the logon dialog button. This property must be set read-only for the guest (RDONLYGUEST).\nNote: The same restrictions for the guest properties above apply as for the ones specified in the pam_vbox section.\n\n9.3 Advanced configuration for Windows guests\n9.3.1 Automated Windows system preparation\nBeginning with Windows NT 4.0, Microsoft offers a “system preparation” tool (in short: Sysprep)\nto prepare a Windows system for deployment or redistribution. Whereas Windows 2000 and\nXP ship with Sysprep on the installation medium, the tool also is available for download on\nthe Microsoft web site. In a standard installation of Windows Vista and 7, Sysprep is already\nincluded. Sysprep mainly consists of an executable called sysprep.exe which is invoked by the\nuser to put the Windows installation into preparation mode.\nStarting with VirtualBox 3.2.2, the Guest Additions offer a way to launch a system preparation\non the guest operating system in an automated way, controlled from the host system. To achieve\nthat, see chapter 4.8, Guest control, page 80 for using the feature with the special identifier\nsysprep as the program to execute, along with the user name sysprep and password sysprep\nfor the credentials. Sysprep then gets launched with the required system rights.\nNote: Specifying the location of “sysprep.exe” is not possible – instead the following\npaths are used (based on the operating system):\n• C:\\sysprep\\sysprep.exe for Windows NT 4.0, 2000 and XP\n• %WINDIR%\\System32\\Sysprep\\sysprep.exe for Windows Vista, 2008 Server\nand 7\nThe Guest Additions will automatically use the appropriate path to execute the system\npreparation tool.\n\n179\n\n\f9 Advanced topics\n\n9.4 Advanced configuration for Linux and Solaris guests\n9.4.1 Manual setup of selected guest services on Linux\nThe VirtualBox Guest Additions contain several different drivers. If for any reason you do not\nwish to set them all up, you can install the Guest Additions using the following command:\nsh ./VBoxLinuxAdditions.run no_setup\n\nAfter this, you will need to at least compile the kernel modules by running the command\nrcvboxadd setup\n\nas root (you will need to replace lib by lib64 on some 64bit guests), and on older guests without\nthe udev service you will need to add the vboxadd service to the default runlevel to ensure that\nthe modules get loaded.\nTo setup the time synchronization service, add the service vboxadd-service to the default runlevel. To set up the X11 and OpenGL part of the Guest Additions, run the command\nrcvboxadd-x11 setup\n\n(you do not need to enable any services for this).\nTo recompile the guest kernel modules, use this command:\nrcvboxadd setup\n\nAfter compilation you should reboot your guest to ensure that the new modules are actually\nused.\n\n9.4.2 Guest graphics and mouse driver setup in depth\nThis section assumes that you are familiar with configuring the X.Org server using xorg.conf and\noptionally the newer mechanisms using hal or udev and xorg.conf.d. If not you can learn about\nthem by studying the documentation which comes with X.Org.\nThe VirtualBox Guest Additions come with drivers for X.Org versions\n• X11R6.8/X11R6.9 and XFree86 version 4.3 (vboxvideo_drv_68.o and vboxmouse_drv_68.o)\n• X11R7.0 (vboxvideo_drv_70.so and vboxmouse_drv_70.so)\n• X11R7.1 (vboxvideo_drv_71.so and vboxmouse_drv_71.so)\n• X.Org Server versions 1.3 and later (vboxvideo_drv_13.so and vboxmouse_drv_13.so and\nso on).\nBy default these drivers can be found in the directory\n/opt/VBoxGuestAdditions-<version>/lib/VBoxGuestAdditions\n\nand the correct versions for the X server are symbolically linked into the X.Org driver directories.\nFor graphics integration to work correctly, the X server must load the vboxvideo driver (many\nrecent X server versions look for it automatically if they see that they are running in VirtualBox)\nand for an optimal user experience the guest kernel drivers must be loaded and the Guest Additions tool VBoxClient must be running as a client in the X session. For mouse integration to\nwork correctly, the guest kernel drivers must be loaded and in addition, in X servers from X.Org\nX11R6.8 to X11R7.1 and in XFree86 version 4.3 the right vboxmouse driver must be loaded\nand associated with /dev/mouse or /dev/psaux; in X.Org server 1.3 or later a driver for a PS/2\nmouse must be loaded and the right vboxmouse driver must be associated with /dev/vboxguest.\n\n180\n\n\f9 Advanced topics\nThe VirtualBox guest graphics driver can use any graphics configuration for which the virtual\nresolution fits into the virtual video memory allocated to the virtual machine (minus a small\namount used by the guest driver) as described in chapter 3.5, Display settings, page 52. The driver\nwill offer a range of standard modes at least up to the default guest resolution for all active guest\nmonitors. In X.Org Server 1.3 and later the default mode can be changed by setting the output\nproperty VBOX_MODE to “<width>x<height>“ for any guest monitor. When VBoxClient and\nthe kernel drivers are active this is done automatically when the host requests a mode change.\nThe driver for older versions can only receive new modes by querying the host for requests at\nregular intervals.\nWith pre-1.3 X Servers you can also add your own modes to the X server configuration file. You\nsimply need to add them to the “Modes” list in the “Display” subsection of the “Screen” section.\nFor example, the section shown here has a custom 2048x800 resolution mode added:\nSection \"Screen\"\nIdentifier\n\"Default Screen\"\nDevice\n\"VirtualBox graphics card\"\nMonitor\n\"Generic Monitor\"\nDefaultDepth 24\nSubSection \"Display\"\nDepth\n24\nModes\n\"2048x800\" \"800x600\" \"640x480\"\nEndSubSection\nEndSection\n\n9.5 CPU hot-plugging\nWith virtual machines running modern server operating systems, VirtualBox supports CPU hotplugging.1 Whereas on a physical computer this would mean that a CPU can be added or removed while the machine is running, VirtualBox supports adding and removing virtual CPUs\nwhile a virtual machine is running.\nCPU hot-plugging works only with guest operating systems that support it. So far this applies\nonly to Linux and Windows Server 2008 x64 Data Center Edition. Windows supports only hotadd while Linux supports hot-add and hot-remove but to use this feature with more than 8 CPUs\na 64bit Linux guest is required.\nAt this time, CPU hot-plugging requires using the VBoxManage command-line interface. First,\nhot-plugging needs to be enabled for a virtual machine:\nVBoxManage modifyvm \"VM name\" --cpuhotplug on\n\nAfter that, the –cpus option specifies the maximum number of CPUs that the virtual machine\ncan have:\nVBoxManage modifyvm \"VM name\" --cpus 8\n\nWhen the VM is off, you can then add and remove virtual CPUs with the modifyvm –plugcpu and\n–unplugcpu subcommands, which take the number of the virtual CPU as a parameter, like this:\nVBoxManage modifyvm \"VM name\" --plugcpu 3\nVBoxManage modifyvm \"VM name\" --unplugcpu 3\n\nNote that CPU 0 can never be removed.\nWhile the VM is running, CPUs can be added with the controlvm plugcpu/unplugcpu commands instead:\nVBoxManage controlvm \"VM name\" plugcpu 3\nVBoxManage controlvm \"VM name\" unplugcpu 3\n1 Support\n\nfor CPU hot-plugging was introduced with VirtualBox 3.2.\n\n181\n\n\f9 Advanced topics\nSee chapter 8.8, VBoxManage modifyvm, page 131 and chapter 8.13, VBoxManage controlvm,\npage 142 for details.\nWith Linux guests, the following applies: To prevent ejection while the CPU is still used it has\nto be ejected from within the guest before. The Linux Guest Additions contain a service which\nreceives hot-remove events and ejects the CPU. Also, after a CPU is added to the VM it is not\nautomatically used by Linux. The Linux Guest Additions service will take care of that if installed.\nIf not a CPU can be started with the following command:\necho 1 > /sys/devices/system/cpu/cpu<id>/online\n\n9.6 PCI passthrough\nWhen running on Linux hosts, with a recent enough kernel (at least version 2.6.31) experimental host PCI devices passthrough is available.2\nNote: The PCI passthrough module is shipped as a VirtualBox extension package,\nwhich must be installed separately. See chapter 1.5, Installing VirtualBox and extension packs, page 16 for more information.\nEssentially this feature allows to directly use physical PCI devices on the host by the guest even\nif host doesn’t have drivers for this particular device. Both, regular PCI and some PCI Express\ncards, are supported. AGP and certain PCI Express cards are not supported at the moment if\nthey rely on GART (Graphics Address Remapping Table) unit programming for texture management as it does rather nontrivial operations with pages remapping interfering with IOMMU. This\nlimitation may be lifted in future releases.\nTo be fully functional, PCI passthrough support in VirtualBox depends upon an IOMMU hardware unit which is not yet too widely available. If the device uses bus mastering (i.e. it performs\nDMA to the OS memory on its own), then an IOMMU is required, otherwise such DMA transactions may write to the wrong physical memory address as the device DMA engine is programmed\nusing a device-specific protocol to perform memory transactions. The IOMMU functions as translation unit mapping physical memory access requests from the device using knowledge of the\nguest physical address to host physical addresses translation rules.\nIntel’s solution for IOMMU is marketed as “Intel Virtualization Technology for Directed I/O”\n(VT-d), and AMD’s one is called AMD-Vi. So please check if your motherboard datasheet has\nappropriate technology. Even if your hardware doesn’t have a IOMMU, certain PCI cards may\nwork (such as serial PCI adapters), but the guest will show a warning on boot and the VM\nexecution will terminate if the guest driver will attempt to enable card bus mastering.\nIt is very common that the BIOS or the host OS disables the IOMMU by default. So before any\nattempt to use it please make sure that\n1. Your motherboard has an IOMMU unit.\n2. Your CPU supports the IOMMU.\n3. The IOMMU is enabled in the BIOS.\n4. The VM must run with VT-x/AMD-V and nested paging enabled.\n5. Your Linux kernel was compiled with IOMMU support (including DMA remapping, see\nCONFIG_DMAR kernel compilation option). The PCI stub driver (CONFIG_PCI_STUB) is required as well.\n\n2 Experimental\n\nsupport for PCI passthrough was introduced with VirtualBox 4.1.\n\n182\n\n\f9 Advanced topics\n6. Your Linux kernel recognizes and uses the IOMMU unit (intel_iommu=on boot option\ncould be needed). Search for DMAR and PCI-DMA in kernel boot log.\nOnce you made sure that the host kernel supports the IOMMU, the next step is to select the\nPCI card and attach it to the guest. To figure out the list of available PCI devices, use the lspci\ncommand. The output will look like this:\n01:00.0 VGA compatible controller: ATI Technologies Inc Cedar PRO [Radeon HD 5450]\n01:00.1 Audio device: ATI Technologies Inc Manhattan HDMI Audio [Mobility Radeon HD 5000 Series]\n02:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168B PCI Express Gigabit\nEthernet controller (rev 03)\n03:00.0 SATA controller: JMicron Technology Corp. JMB362/JMB363 Serial ATA Controller (rev 03)\n03:00.1 IDE interface: JMicron Technology Corp. JMB362/JMB363 Serial ATA Controller (rev 03)\n06:00.0 VGA compatible controller: nVidia Corporation G86 [GeForce 8500 GT] (rev a1)\n\nThe first column is a PCI address (in format bus:device.function). This address could be\nused to identify the device for further operations. For example, to attach a PCI network controller\non the system listed above to the second PCI bus in the guest, as device 5, function 0, use the\nfollowing command:\nVBoxManage modifyvm \"VM name\" --pciattach 02:00.0@01:05.0\n\nTo detach same device, use\nVBoxManage modifyvm \"VM name\" --pcidetach 02:00.0\n\nPlease note that both host and guest could freely assign a different PCI address to the card\nattached during runtime, so those addresses only apply to the address of the card at the moment\nof attachment (host), and during BIOS PCI init (guest).\nIf the virtual machine has a PCI device attached, certain limitations apply:\n1. Only PCI cards with non-shared interrupts (such as using MSI on host) are supported at\nthe moment.\n2. No guest state can be reliably saved/restored (as the internal state of the PCI card could\nnot be retrieved).\n3. Teleportation (live migration) doesn’t work (for the same reason).\n4. No lazy physical memory allocation. The host will preallocate the whole RAM required for\nthe VM on startup (as we cannot catch physical hardware accesses to the physical memory).\n\n9.7 Webcam passthrough\n9.7.1 Using a host webcam in the guest\nVirtualBox 4.3 includes an experimental feature which allows a guest to use a host webcam.\nThis complements the general USB passthrough support which was the typical way of using\nhost webcams in earlier versions. The webcam passthrough support can handle non-USB video\nsources in theory, but this is completely untested.\nNote: The webcam passthrough module is shipped as part of the Oracle VM VirtualBox\nextension pack, which must be installed separately. See chapter 1.5, Installing\nVirtualBox and extension packs, page 16 for more information.\n\n183\n\n\f9 Advanced topics\nThe host webcam can be attached to the VM using “Devices” menu in the VM menu bar. The\n“Webcams” menu contains a list of available video input devices on the host. Clicking on a\nwebcam name attaches or detaches the corresponding host device.\nThe VBoxManage command line tool can be used to enable webcam passthrough. Please see\nthe host-specific sections below for additional details. The following commands are available:\n• Get a list of host webcams (or other video input devices):\nVBoxManage list webcams\n\nThe output format:\nalias \"user friendly name\"\nhost path or identifier\n\nThe alias can be used as a shortcut in other commands. Alias ’.0’ means default video input\ndevice on the host, ’.1’, ’.2’, etc mean first, second, etc video input device. The device order\nis host-specific.\n• Attach a webcam to a running VM:\nVBoxManage controlvm \"VM name\" webcam attach [host_path|alias [settings]]\n\nThis will attach a USB webcam device to the guest.\nThe settings parameter is a string Setting1=Value1;Setting2=Value2, which allows\nto configure the emulated webcam device. The following settings are supported:\n– MaxFramerate The highest rate at which video frames are sent to the guest. A higher\nframe rate requires more CPU power. Therefore sometimes it is useful to set a lower\nlimit. Default is no limit and allow the guest to use all frame rates supported by the\nhost webcam.\n– MaxPayloadTransferSize How many bytes the emulated webcam can send to the\nguest at a time. Default value is 3060 bytes, which is used by some webcams. Higher\nvalues can slightly reduce CPU load, if the guest is able to use larger buffers. However,\na high MaxPayloadTransferSize might be not supported by some guests.\n• Detach a webcam from a running VM:\nVBoxManage controlvm \"VM name\" webcam detach [host_path|alias]\n\n• List webcams attached to a running VM:\nVBoxManage controlvm \"VM name\" webcam list\n\nThe output contains path or alias which was used in ’webcam attach’ command for each\nattached webcam.\n\n9.7.2 Windows hosts\nWhen the webcam device is detached from the host, the emulated webcam device is automatically detached from the guest.\n\n9.7.3 Mac OS X hosts\nOS X version 10.7 or newer is required.\nWhen the webcam device is detached from the host, the emulated webcam device remains\nattached to the guest and must be manually detached using the VBoxManage controlvm \"VM\nname\" webcam detach ... command.\n\n184\n\n\f9 Advanced topics\n\n9.7.4 Linux and Solaris hosts\nWhen the webcam is detached from the host the emulated webcam device is automatically detached from the guest only if the webcam is streaming video. If the emulated webcam is inactive\nit should be manually detached using the VBoxManage controlvm \"VM name\" webcam detach\n... command.\nAliases .0 and .1 are mapped to /dev/video0, alias .2 is mapped to /dev/video1 and so\nforth.\n\n9.8 Advanced display configuration\n9.8.1 Custom VESA resolutions\nApart from the standard VESA resolutions, the VirtualBox VESA BIOS allows you to add up to 16\ncustom video modes which will be reported to the guest operating system. When using Windows\nguests with the VirtualBox Guest Additions, a custom graphics driver will be used instead of the\nfallback VESA solution so this information does not apply.\nAdditional video modes can be configured for each VM using the extra data facility. The extra\ndata key is called CustomVideoMode<x> with x being a number from 1 to 16. Please note that\nmodes will be read from 1 until either the following number is not defined or 16 is reached. The\nfollowing example adds a video mode that corresponds to the native display resolution of many\nnotebook computers:\nVBoxManage setextradata \"VM name\" \"CustomVideoMode1\" \"1400x1050x16\"\n\nThe VESA mode IDs for custom video modes start at 0x160. In order to use the above defined\ncustom video mode, the following command line has be supplied to Linux:\nvga = 0x200 | 0x160\nvga = 864\n\nFor guest operating systems with VirtualBox Guest Additions, a custom video mode can be set\nusing the video mode hint feature.\n\n9.8.2 Configuring the maximum resolution of guests when using the\ngraphical frontend\nWhen guest systems with the Guest Additions installed are started using the graphical frontend\n(the normal VirtualBox application), they will not be allowed to use screen resolutions greater\nthan the host’s screen size unless the user manually resizes them by dragging the window, switching to full screen or seamless mode or sending a video mode hint using VBoxManage. This behavior is what most users will want, but if you have different needs, it is possible to change it by\nissuing one of the following commands from the command line:\nVBoxManage setextradata global GUI/MaxGuestResolution any\n\nwill remove all limits on guest resolutions.\nVBoxManage setextradata global GUI/MaxGuestResolution >width,height<\n\nmanually specifies a maximum resolution.\nVBoxManage setextradata global GUI/MaxGuestResolution auto\n\nrestores the default settings. Note that these settings apply globally to all guest systems, not\njust to a single machine.\n\n185\n\n\f9 Advanced topics\n\n9.9 Advanced storage configuration\n9.9.1 Using a raw host hard disk from a guest\nStarting with version 1.4, as an alternative to using virtual disk images (as described in detail in\nchapter 5, Virtual storage, page 83), VirtualBox can also present either entire physical hard disks\nor selected partitions thereof as virtual disks to virtual machines.\nWith VirtualBox, this type of access is called “raw hard disk access”; it allows a guest operating system to access its virtual hard disk without going through the host OS file system. The\nactual performance difference for image files vs. raw disk varies greatly depending on the overhead of the host file system, whether dynamically growing images are used, and on host OS\ncaching strategies. The caching indirectly also affects other aspects such as failure behavior, i.e.\nwhether the virtual disk contains all data written before a host OS crash. Consult your host OS\ndocumentation for details on this.\nWarning: Raw hard disk access is for expert users only. Incorrect use or use of an\noutdated configuration can lead to total loss of data on the physical disk. Most importantly, do not attempt to boot the partition with the currently running host operating\nsystem in a guest. This will lead to severe data corruption.\nRaw hard disk access – both for entire disks and individual partitions – is implemented as part\nof the VMDK image format support. As a result, you will need to create a special VMDK image\nfile which defines where the data will be stored. After creating such a special VMDK image, you\ncan use it like a regular virtual disk image. For example, you can use the VirtualBox Manager\n(chapter 5.3, The Virtual Media Manager, page 87) or VBoxManage to assign the image to a virtual\nmachine.\n9.9.1.1 Access to entire physical hard disk\nWhile this variant is the simplest to set up, you must be aware that this will give a guest operating\nsystem direct and full access to an entire physical disk. If your host operating system is also booted\nfrom this disk, please take special care to not access the partition from the guest at all. On the\npositive side, the physical disk can be repartitioned in arbitrary ways without having to recreate\nthe image file that gives access to the raw disk.\nTo create an image that represents an entire physical hard disk (which will not contain any\nactual data, as this will all be stored on the physical disk), on a Linux host, use the command\nVBoxManage internalcommands createrawvmdk -filename /path/to/file.vmdk\n-rawdisk /dev/sda\n\nThis creates the image /path/to/file.vmdk (must be absolute), and all data will be read and\nwritten from /dev/sda.\nOn a Windows host, instead of the above device specification, use e.g. \\\\.\\PhysicalDrive0.\nOn a Mac OS X host, instead of the above device specification use e.g. /dev/disk1. Note that\non OS X you can only get access to an entire disk if no volume is mounted from it.\nCreating the image requires read/write access for the given device. Read/write access is also\nlater needed when using the image from a virtual machine. On some host platforms (e.g. Windows Vista and later), raw disk access may be restricted and not permitted by the host OS in\nsome situations.\nJust like with regular disk images, this does not automatically attach the newly created image\nto a virtual machine. This can be done with e.g.\nVBoxManage storageattach WindowsXP --storagectl \"IDE Controller\"\n--port 0 --device 0 --type hdd --medium /path/to/file.vmdk\n\nWhen this is done the selected virtual machine will boot from the specified physical disk.\n\n186\n\n\f9 Advanced topics\n9.9.1.2 Access to individual physical hard disk partitions\nThis “raw partition support” is quite similar to the “full hard disk” access described above. However, in this case, any partitioning information will be stored inside the VMDK image, so you can\ne.g. install a different boot loader in the virtual hard disk without affecting the host’s partitioning information. While the guest will be able to see all partitions that exist on the physical disk,\naccess will be filtered in that reading from partitions for which no access is allowed the partitions\nwill only yield zeroes, and all writes to them are ignored.\nTo create a special image for raw partition support (which will contain a small amount of data,\nas already mentioned), on a Linux host, use the command\nVBoxManage internalcommands createrawvmdk -filename /path/to/file.vmdk\n-rawdisk /dev/sda -partitions 1,5\n\nAs you can see, the command is identical to the one for “full hard disk” access, except for the\nadditional -partitions parameter. This example would create the image /path/to/file.vmdk\n(which, again, must be absolute), and partitions 1 and 5 of /dev/sda would be made accessible\nto the guest.\nVirtualBox uses the same partition numbering as your Linux host. As a result, the numbers\ngiven in the above example would refer to the first primary partition and the first logical drive in\nthe extended partition, respectively.\nOn a Windows host, instead of the above device specification, use e.g. \\\\.\\PhysicalDrive0.\nOn a Mac OS X host, instead of the above device specification use e.g. /dev/disk1. Note that\non OS X you can only use partitions which are not mounted (eject the respective volume first).\nPartition numbers are the same on Linux, Windows and Mac OS X hosts.\nThe numbers for the list of partitions can be taken from the output of\nVBoxManage internalcommands listpartitions -rawdisk /dev/sda\n\nThe output lists the partition types and sizes to give the user enough information to identify the\npartitions necessary for the guest.\nImages which give access to individual partitions are specific to a particular host disk setup.\nYou cannot transfer these images to another host; also, whenever the host partitioning changes,\nthe image must be recreated.\nCreating the image requires read/write access for the given device. Read/write access is also\nlater needed when using the image from a virtual machine. If this is not feasible, there is a special\nvariant for raw partition access (currently only available on Linux hosts) that avoids having to\ngive the current user access to the entire disk. To set up such an image, use\nVBoxManage internalcommands createrawvmdk -filename /path/to/file.vmdk\n-rawdisk /dev/sda -partitions 1,5 -relative\n\nWhen used from a virtual machine, the image will then refer not to the entire disk, but only to the\nindividual partitions (in the example /dev/sda1 and /dev/sda5). As a consequence, read/write\naccess is only required for the affected partitions, not for the entire disk. During creation however, read-only access to the entire disk is required to obtain the partitioning information.\nIn some configurations it may be necessary to change the MBR code of the created image, e.g.\nto replace the Linux boot loader that is used on the host by another boot loader. This allows e.g.\nthe guest to boot directly to Windows, while the host boots Linux from the “same” disk. For this\npurpose the -mbr parameter is provided. It specifies a file name from which to take the MBR\ncode. The partition table is not modified at all, so a MBR file from a system with totally different\npartitioning can be used. An example of this is\nVBoxManage internalcommands createrawvmdk -filename /path/to/file.vmdk\n-rawdisk /dev/sda -partitions 1,5 -mbr winxp.mbr\n\nThe modified MBR will be stored inside the image, not on the host disk.\nThe created image can be attached to a storage controller in a VM configuration as usual.\n\n187\n\n\f9 Advanced topics\n\n9.9.2 Configuring the hard disk vendor product data (VPD)\nVirtualBox reports vendor product data for its virtual hard disks which consist of hard disk serial number, firmware revision and model number. These can be changed using the following\ncommands:\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/ahci/0/Config/Port0/SerialNumber\" \"serial\"\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/ahci/0/Config/Port0/FirmwareRevision\" \"firmware\"\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/ahci/0/Config/Port0/ModelNumber\" \"model\"\n\nThe serial number is a 20 byte alphanumeric string, the firmware revision an 8 byte alphanumeric string and the model number a 40 byte alphanumeric string. Instead of “Port0” (referring\nto the first port), specify the desired SATA hard disk port.\nThe above commands apply to virtual machines with an AHCI (SATA) controller. The commands for virtual machines with an IDE controller are:\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/piix3ide/0/Config/PrimaryMaster/SerialNumber\" \"serial\"\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/piix3ide/0/Config/PrimaryMaster/FirmwareRevision\" \"firmware\"\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/piix3ide/0/Config/PrimaryMaster/ModelNumber\" \"model\"\n\nFor hard disks it’s also possible to mark the drive as having a non-rotational medium with:\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/ahci/0/Config/Port0/NonRotational\" \"1\"\n\nAdditional three parameters are needed for CD/DVD drives to report the vendor product data:\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/ahci/0/Config/Port0/ATAPIVendorId\" \"vendor\"\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/ahci/0/Config/Port0/ATAPIProductId\" \"product\"\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/ahci/0/Config/Port0/ATAPIRevision\" \"revision\"\n\nThe vendor id is an 8 byte alphanumeric string, the product id an 16 byte alphanumeric string\nand the revision a 4 byte alphanumeric string. Instead of “Port0” (referring to the first port),\nspecify the desired SATA hard disk port.\n\n9.9.3 Access iSCSI targets via Internal Networking\nAs an experimental feature, VirtualBox allows for accessing an iSCSI target running in a virtual\nmachine which is configured for using Internal Networking mode. Please see chapter 5.10, iSCSI\nservers, page 94; chapter 6.6, Internal networking, page 102; and chapter 8.18, VBoxManage\nstorageattach, page 146 for additional information.\nThe IP stack accessing Internal Networking must be configured in the virtual machine which\naccesses the iSCSI target. A free static IP and a MAC address not used by other virtual machines\nmust be chosen. In the example below, adapt the name of the virtual machine, the MAC address,\nthe IP configuration and the Internal Networking name (“MyIntNet”) according to your needs.\nThe following eight commands must first be issued:\nVBoxManage\nVBoxManage\nVBoxManage\nVBoxManage\nVBoxManage\nVBoxManage\nVBoxManage\nVBoxManage\n\nsetextradata\nsetextradata\nsetextradata\nsetextradata\nsetextradata\nsetextradata\nsetextradata\nsetextradata\n\n\"VM\n\"VM\n\"VM\n\"VM\n\"VM\n\"VM\n\"VM\n\"VM\n\nname\"\nname\"\nname\"\nname\"\nname\"\nname\"\nname\"\nname\"\n\nVBoxInternal/Devices/IntNetIP/0/Trusted 1\nVBoxInternal/Devices/IntNetIP/0/Config/MAC 08:00:27:01:02:0f\nVBoxInternal/Devices/IntNetIP/0/Config/IP 10.0.9.1\nVBoxInternal/Devices/IntNetIP/0/Config/Netmask 255.255.255.0\nVBoxInternal/Devices/IntNetIP/0/LUN#0/Driver IntNet\nVBoxInternal/Devices/IntNetIP/0/LUN#0/Config/Network MyIntNet\nVBoxInternal/Devices/IntNetIP/0/LUN#0/Config/TrunkType 2\nVBoxInternal/Devices/IntNetIP/0/LUN#0/Config/IsService 1\n\n188\n\n\f9 Advanced topics\nFinally the iSCSI disk must be attached with the --intnet option to tell the iSCSI initiator to\nuse internal networking:\nVBoxManage storageattach ... --medium iscsi\n--server 10.0.9.30 --target iqn.2008-12.com.sun:sampletarget --intnet\n\nCompared to a “regular” iSCSI setup, IP address of the target must be specified as a numeric\nIP address, as there is no DNS resolver for internal networking.\nThe virtual machine with the iSCSI target should be started before the VM using it is powered\non. If a virtual machine using an iSCSI disk is started without having the iSCSI target powered\nup, it can take up to 200 seconds to detect this situation. The VM will fail to power up.\n\n9.10 Legacy commands for using serial ports\nStarting with version 1.4, VirtualBox provided support for virtual serial ports, which, at the time,\nwas rather complicated to set up with a sequence of VBoxManage setextradata statements.\nSince version 1.5, that way of setting up serial ports is no longer necessary and deprecated. To\nset up virtual serial ports, use the methods now described in chapter 3.9, Serial ports, page 55.\nNote: For backwards compatibility, the old setextradata statements, whose description is retained below from the old version of the manual, take precedence over the\nnew way of configuring serial ports. As a result, if configuring serial ports the new way\ndoesn’t work, make sure the VM in question does not have old configuration data such\nas below still active.\nThe old sequence of configuring a serial port used the following 6 commands:\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/serial/0/Config/IRQ\" 4\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/serial/0/Config/IOBase\" 0x3f8\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/serial/0/LUN#0/Driver\" Char\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/serial/0/LUN#0/AttachedDriver/Driver\" NamedPipe\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/serial/0/LUN#0/AttachedDriver/Config/Location\" \"\\\\.\\pipe\\vboxCOM1\"\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/serial/0/LUN#0/AttachedDriver/Config/IsServer\" 1\n\nThis sets up a serial port in the guest with the default settings for COM1 (IRQ 4, I/O address\n0x3f8) and the Location setting assumes that this configuration is used on a Windows host,\nbecause the Windows named pipe syntax is used. Keep in mind that on Windows hosts a named\npipe must always start with \\\\.\\pipe\\. On Linux the same configuration settings apply, except\nthat the path name for the Location can be chosen more freely. Local domain sockets can be\nplaced anywhere, provided the user running VirtualBox has the permission to create a new file\nin the directory. The final command above defines that VirtualBox acts as a server, i.e. it creates\nthe named pipe itself instead of connecting to an already existing one.\n\n9.11 Fine-tuning the VirtualBox NAT engine\n9.11.1 Configuring the address of a NAT network interface\nIn NAT mode, the guest network interface is assigned to the IPv4 range 10.0.x.0/24 by default\nwhere x corresponds to the instance of the NAT interface +2. So x is 2 when there is only one\n\n189\n\n\f9 Advanced topics\nNAT instance active. In that case the guest is assigned to the address 10.0.2.15, the gateway is\nset to 10.0.2.2 and the name server can be found at 10.0.2.3.\nIf, for any reason, the NAT network needs to be changed, this can be achieved with the following command:\nVBoxManage modifyvm \"VM name\" --natnet1 \"192.168/16\"\n\nThis command would reserve the network addresses from 192.168.0.0 to 192.168.254.254\nfor the first NAT network instance of “VM name”. The guest IP would be assigned to\n192.168.0.15 and the default gateway could be found at 192.168.0.2.\n\n9.11.2 Configuring the boot server (next server) of a NAT network\ninterface\nFor network booting in NAT mode, by default VirtualBox uses a built-in TFTP server at the IP\naddress 10.0.2.4. This default behavior should work fine for typical remote-booting scenarios.\nHowever, it is possible to change the boot server IP and the location of the boot image with the\nfollowing commands:\nVBoxManage modifyvm \"VM name\" --nattftpserver1 10.0.2.2\nVBoxManage modifyvm \"VM name\" --nattftpfile1 /srv/tftp/boot/MyPXEBoot.pxe\n\n9.11.3 Tuning TCP/IP buffers for NAT\nThe VirtualBox NAT stack performance is often determined by its interaction with the host’s\nTCP/IP stack and the size of several buffers (SO_RCVBUF and SO_SNDBUF). For certain setups\nusers might want to adjust the buffer size for a better performance. This can by achieved using\nthe following commands (values are in kilobytes and can range from 8 to 1024):\nVBoxManage modifyvm \"VM name\" --natsettings1 16000,128,128,0,0\n\nThis example illustrates tuning the NAT settings. The first parameter is the MTU, then the size\nof the socket’s send buffer and the size of the socket’s receive buffer, the initial size of the TCP\nsend window, and lastly the initial size of the TCP receive window. Note that specifying zero\nmeans fallback to the default value.\nEach of these buffers has a default size of 64KB and default MTU is 1500.\n\n9.11.4 Binding NAT sockets to a specific interface\nBy default, VirtualBox’s NAT engine will route TCP/IP packets through the default interface\nassigned by the host’s TCP/IP stack. (The technical reason for this is that the NAT engine uses\nsockets for communication.) If, for some reason, you want to change this behavior, you can tell\nthe NAT engine to bind to a particular IP address instead. Use the following command:\nVBoxManage modifyvm \"VM name\" --natbindip1 \"10.45.0.2\"\n\nAfter this, all outgoing traffic will be sent through the interface with the IP address 10.45.0.2.\nPlease make sure that this interface is up and running prior to this assignment.\n\n9.11.5 Enabling DNS proxy in NAT mode\nThe NAT engine by default offers the same DNS servers to the guest that are configured on the\nhost. In some scenarios, it can be desirable to hide the DNS server IPs from the guest, for example\nwhen this information can change on the host due to expiring DHCP leases. In this case, you can\ntell the NAT engine to act as DNS proxy using the following command:\nVBoxManage modifyvm \"VM name\" --natdnsproxy1 on\n\n190\n\n\f9 Advanced topics\n\n9.11.6 Using the host’s resolver as a DNS proxy in NAT mode\nFor resolving network names, the DHCP server of the NAT engine offers a list of registered\nDNS servers of the host. If for some reason you need to hide this DNS server list and use the\nhost’s resolver settings, thereby forcing the VirtualBox NAT engine to intercept DNS requests and\nforward them to host’s resolver, use the following command:\nVBoxManage modifyvm \"VM name\" --natdnshostresolver1 on\n\nNote that this setting is similar to the DNS proxy mode, however whereas the proxy mode\njust forwards DNS requests to the appropriate servers, the resolver mode will interpret the DNS\nrequests and use the host’s DNS API to query the information and return it to the guest.\n9.11.6.1 User-defined host name resolving\nIn some cases it might be useful to intercept the name resolving mechanism, providing a userdefined IP address on a particular DNS request. The intercepting mechanism allows the user to\nmap not only a single host but domains and even more complex namings conventions if required.\nThe following command sets a rule for mapping a name to a specified IP:\nVBoxManage setextradata \"VM name\" \\\n\"VBoxInternal/Devices/{pcnet,e1000}/0/LUN#0/AttachedDriver/Config/HostResolverMappings/ \\\n<unique rule name of interception rule>/HostIP\" <IPv4>\nVBoxManage setextradata \"VM name\" \\\n\"VBoxInternal/Devices/{pcnet,e1000}/0/LUN#0/AttachedDriver/Config/HostResolverMappings/ \\\n<unique rule name>/HostName\" <name of host>\n\nThe following command sets a rule for mapping a pattern name to a specified IP:\nVBoxManage setextradata \"VM name\" \\\n\"VBoxInternal/Devices/{pcnet,e1000}/0/LUN#0/AttachedDriver/Config/HostResolverMappings/ \\\n<unique rule name>/HostIP\" <IPv4>\nVBoxManage setextradata \"VM name\" \\\n\"VBoxInternal/Devices/{pcnet,e1000}/0/LUN#0/AttachedDriver/Config/HostResolverMappings/ \\\n<unique rule name>/HostNamePattern\" <hostpattern>\n\nThe host pattern may include \"|\", \"?\" and \"*\".\nThis example demonstrates how to instruct the host-resolver mechanism to resolve all domain\nand probably some mirrors of www.blocked-site.info site with IP 127.0.0.1:\nVBoxManage setextradata \"VM name\" \\\n\"VBoxInternal/Devices/e1000/0/LUN#0/AttachedDriver/Config/HostResolverMappings/ \\\nall_blocked_site/HostIP\" 127.0.0.1\nVBoxManage setextradata \"VM name\" \\\n\"VBoxInternal/Devices/e1000/0/LUN#0/AttachedDriver/Config/HostResolverMappings/ \\\nall_blocked_site/HostNamePattern\" \"*.blocked-site.*|*.fb.org\"\n\nThe host resolver mechanism should be enabled to use user-defined mapping rules, otherwise\nthey don’t have any effect.\n\n9.11.7 Configuring aliasing of the NAT engine\nBy default, the NAT core uses aliasing and uses random ports when generating an alias for a\nconnection. This works well for the most protocols like SSH, FTP and so on. Though some\nprotocols might need a more transparent behavior or may depend on the real port number the\npacket was sent from. It is possible to change the NAT mode via the VBoxManage frontend with\nthe following commands:\nVBoxManage modifyvm \"VM name\" --nataliasmode1 proxyonly\n\nand\n\n191\n\n\f9 Advanced topics\nVBoxManage modifyvm \"Linux Guest\" --nataliasmode1 sameports\n\nThe first example disables aliasing and switches NAT into transparent mode, the second example enforces preserving of port values. These modes can be combined if necessary.\n\n9.12 Configuring the BIOS DMI information\nThe DMI data VirtualBox provides to guests can be changed for a specific VM. Use the following\ncommands to configure the DMI BIOS information. In case your VM is configured to use EFI\nfirmware you need to replace pcbios by efi in the keys.\nDMI BIOS information (type 0)\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/pcbios/0/Config/DmiBIOSVendor\"\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/pcbios/0/Config/DmiBIOSVersion\"\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/pcbios/0/Config/DmiBIOSReleaseDate\"\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/pcbios/0/Config/DmiBIOSReleaseMajor\"\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/pcbios/0/Config/DmiBIOSReleaseMinor\"\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/pcbios/0/Config/DmiBIOSFirmwareMajor\"\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/pcbios/0/Config/DmiBIOSFirmwareMinor\"\n\n\"BIOS Vendor\"\n\"BIOS Version\"\n\"BIOS Release Date\"\n1\n2\n3\n4\n\nDMI system information (type 1)\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/pcbios/0/Config/DmiSystemVendor\"\n\"System Vendor\"\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/pcbios/0/Config/DmiSystemProduct\"\n\"System Product\"\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/pcbios/0/Config/DmiSystemVersion\"\n\"System Version\"\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/pcbios/0/Config/DmiSystemSerial\"\n\"System Serial\"\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/pcbios/0/Config/DmiSystemSKU\"\n\"System SKU\"\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/pcbios/0/Config/DmiSystemFamily\"\n\"System Family\"\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/pcbios/0/Config/DmiSystemUuid\"\n\"9852bf98-b83c-49db-a8de-182c42c7226b\"\n\nDMI board information (type 2)\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/pcbios/0/Config/DmiBoardVendor\"\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/pcbios/0/Config/DmiBoardProduct\"\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/pcbios/0/Config/DmiBoardVersion\"\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/pcbios/0/Config/DmiBoardSerial\"\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/pcbios/0/Config/DmiBoardAssetTag\"\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/pcbios/0/Config/DmiBoardLocInChass\"\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/pcbios/0/Config/DmiBoardBoardType\"\n\nDMI system enclosure or chassis (type 3)\n\n192\n\n\"Board Vendor\"\n\"Board Product\"\n\"Board Version\"\n\"Board Serial\"\n\"Board Tag\"\n\"Board Location\"\n10\n\n\f9 Advanced topics\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/pcbios/0/Config/DmiChassisVendor\"\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/pcbios/0/Config/DmiChassisType\"\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/pcbios/0/Config/DmiChassisVersion\"\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/pcbios/0/Config/DmiChassisSerial\"\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/pcbios/0/Config/DmiChassisAssetTag\"\n\n\"Chassis Vendor\"\n3\n\"Chassis Version\"\n\"Chassis Serial\"\n\"Chassis Tag\"\n\nDMI processor information (type 4)\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/pcbios/0/Config/DmiProcManufacturer\"\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/pcbios/0/Config/DmiProcVersion\"\n\n\"GenuineIntel\"\n\"Pentium(R) III\"\n\nDMI OEM strings (type 11)\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/pcbios/0/Config/DmiOEMVBoxVer\"\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/pcbios/0/Config/DmiOEMVBoxRev\"\n\n\"vboxVer_1.2.3\"\n\"vboxRev_12345\"\n\nIf a DMI string is not set, the default value of VirtualBox is used. To set an empty string use\n\"<EMPTY>\".\n\nNote that in the above list, all quoted parameters (DmiBIOSVendor, DmiBIOSVersion but\nnot DmiBIOSReleaseMajor) are expected to be strings. If such a string is a valid number,\nthe parameter is treated as number and the VM will most probably refuse to start with an\nVERR_CFGM_NOT_STRING error. In that case, use \"string:<value>\", for instance\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/pcbios/0/Config/DmiSystemSerial\"\n\n\"string:1234\"\n\nChanging this information can be necessary to provide the DMI information of the host to the\nguest to prevent Windows from asking for a new product key. On Linux hosts the DMI BIOS\ninformation can be obtained with\ndmidecode -t0\n\nand the DMI system information can be obtained with\ndmidecode -t1\n\n9.13 Configuring the custom ACPI table\nVirtualBox can be configured to present an custom ACPI table to the guest. Use the following\ncommand to configure this:\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/acpi/0/Config/CustomTable\" \"/path/to/table.bin\"\n\nConfiguring a custom ACPI table can prevent Windows Vista and Windows 7 from asking for a new product key. On Linux hosts, one of the host tables can be read from\n/sys/firmware/acpi/tables/.\n\n193\n\n\f9 Advanced topics\n\n9.14 Fine-tuning timers and time synchronization\n9.14.1 Configuring the guest time stamp counter (TSC) to reflect guest\nexecution\nBy default, VirtualBox keeps all sources of time visible to the guest synchronized to a single time\nsource, the monotonic host time. This reflects the assumptions of many guest operating systems,\nwhich expect all time sources to reflect “wall clock” time. In special circumstances it may be\nuseful however to make the TSC (time stamp counter) in the guest reflect the time actually spent\nexecuting the guest.\nThis special TSC handling mode can be enabled on a per-VM basis, and for best results must\nbe used only in combination with hardware virtualization. To enable this mode use the following\ncommand:\nVBoxManage setextradata \"VM name\" \"VBoxInternal/TM/TSCTiedToExecution\" 1\n\nTo revert to the default TSC handling mode use:\nVBoxManage setextradata \"VM name\" \"VBoxInternal/TM/TSCTiedToExecution\"\n\nNote that if you use the special TSC handling mode with a guest operating system which is very\nstrict about the consistency of time sources you may get a warning or error message about the\ntiming inconsistency. It may also cause clocks to become unreliable with some guest operating\nsystems depending on how they use the TSC.\n\n9.14.2 Accelerate or slow down the guest clock\nFor certain purposes it can be useful to accelerate or to slow down the (virtual) guest clock. This\ncan be achieved as follows:\nVBoxManage setextradata \"VM name\" \"VBoxInternal/TM/WarpDrivePercentage\" 200\n\nThe above example will double the speed of the guest clock while\nVBoxManage setextradata \"VM name\" \"VBoxInternal/TM/WarpDrivePercentage\" 50\n\nwill halve the speed of the guest clock. Note that changing the rate of the virtual clock can\nconfuse the guest and can even lead to abnormal guest behavior. For instance, a higher clock\nrate means shorter timeouts for virtual devices with the result that a slightly increased response\ntime of a virtual device due to an increased host load can cause guest failures. Note further\nthat any time synchronization mechanism will frequently try to resynchronize the guest clock\nwith the reference clock (which is the host clock if the VirtualBox Guest Additions are active).\nTherefore any time synchronization should be disabled if the rate of the guest clock is changed as\ndescribed above (see chapter 9.14.3, Tuning the Guest Additions time synchronization parameters,\npage 194).\n\n9.14.3 Tuning the Guest Additions time synchronization parameters\nThe VirtualBox Guest Additions ensure that the guest’s system time is synchronized with the host\ntime. There are several parameters which can be tuned. The parameters can be set for a specific\nVM using the following command:\nVBoxManage guestproperty set \"VM name\" \"/VirtualBox/GuestAdd/VBoxService/PARAMETER\" VALUE\n\nwhere PARAMETER is one of the following:\n--timesync-interval Specifies the interval at which to synchronize the time with the host.\n\nThe default is 10000 ms (10 seconds).\n\n194\n\n\f9 Advanced topics\n--timesync-min-adjust The minimum absolute drift value measured in milliseconds to make\n\nadjustments for. The default is 1000 ms on OS/2 and 100 ms elsewhere.\n--timesync-latency-factor The factor to multiply the time query latency with to calculate\n\nthe dynamic minimum adjust time. The default is 8 times, that means in detail: Measure\nthe time it takes to determine the host time (the guest has to contact the VM host service\nwhich may take some time), multiply this value by 8 and do an adjustment only if the time\ndifference between host and guest is bigger than this value. Don’t do any time adjustment\notherwise.\n--timesync-max-latency The max host timer query latency to accept. The default is 250 ms.\n--timesync-set-threshold The absolute drift threshold, given as milliseconds where to start\n\nsetting the time instead of trying to smoothly adjust it. The default is 20 minutes.\n--timesync-set-start Set the time when starting the time sync service.\n--timesync-set-on-restore 0|1 Set the time after the VM was restored from a saved state\n\nwhen passing 1 as parameter (default). Disable by passing 0. In the latter case, the time\nwill be adjusted smoothly which can take a long time.\nAll these parameters can be specified as command line parameters to VBoxService as well.\n\n9.14.4 Disabling the Guest Additions time synchronization\nOnce installed and started, the VirtualBox Guest Additions will try to synchronize the guest time\nwith the host time. This can be prevented by forbidding the guest service from reading the host\nclock:\nVBoxManage setextradata \"VM name\" \"VBoxInternal/Devices/VMMDev/0/Config/GetHostTimeDisabled\" 1\n\n9.15 Installing the alternate bridged networking driver on\nSolaris 11 hosts\nStarting with VirtualBox 4.1, VirtualBox ships a new network filter driver that utilizes Solaris\n11’s Crossbow functionality. By default, this new driver is installed for Solaris 11 hosts (builds\n159 and above) that has support for it.\nTo force installation of the older STREAMS based network filter driver, execute as root the\nfollowing command before installing the VirtualBox package:\ntouch /etc/vboxinst_vboxflt\n\nTo force installation of the Crossbow based network filter driver, execute as root the following\ncommand before installing the VirtualBox package:\ntouch /etc/vboxinst_vboxbow\n\nTo check which driver is currently being used by VirtualBox, execute:\nmodinfo | grep vbox\n\nIf the output contains “vboxbow”, it indicates VirtualBox is using the Crossbow network filter\ndriver, while the name “vboxflt” indicates usage of the older STREAMS network filter.\n\n195\n\n\f9 Advanced topics\n\n9.16 VirtualBox VNIC templates for VLANs on Solaris 11\nhosts\nVirtualBox supports VNIC (Virtual Network Interface) templates for configuring VMs over\nVLANs.3 A VirtualBox VNIC template is a VNIC whose name starts with “vboxvnic_template”\n(case-sensitive).\nOn Solaris 11 hosts4 , a VNIC template may be used to specify the VLAN ID to use while bridging\nover a network link.\nHere is an example of how to use a VNIC template to configure a VM over a VLAN. Create a\nVirtualBox VNIC template, by executing as root:\ndladm create-vnic -t -l nge0 -v 23 vboxvnic_template0\n\nThis will create a temporary VNIC template over interface “nge0” with the VLAN ID 23. To\ncreate VNIC templates that are persistent across host reboots, skip the -t parameter in the above\ncommand. You may check the current state of links using:\n$ dladm show-link\nLINK\nCLASS\nMTU\nnge0\nphys\n1500\nnge1\nphys\n1500\nvboxvnic_template0 vnic 1500\n$ dladm show-vnic\nLINK\nOVER\nvboxvnic_template0 nge0\n\nSTATE\nup\ndown\nup\n\nSPEED\n1000\n\nBRIDGE\n----\n\nOVER\n--nge0\n\nMACADDRESS\n2:8:20:25:12:75\n\nMACADDRTYPE\nrandom\n\nVID\n23\n\nOnce the VNIC template is created, any VMs that need to be on VLAN 23 over the interface\n“nge0” can be configured to bridge using this VNIC template.\nVNIC templates makes managing VMs on VLANs simpler and efficient. The VLAN details are\nnot stored as part of every VM’s configuration but rather inherited from the VNIC template while\nstarting the VM. The VNIC template itself can be modified anytime using dladm.\nVNIC templates can be created with additional properties such as bandwidth limits, CPU fanout\netc. Refer to your Solaris network documentation on how to accomplish this. These additional\nproperties, if any, are also applied to VMs which bridge using the VNIC template.\n\n9.17 Configuring multiple host-only network interfaces on\nSolaris hosts\nBy default VirtualBox provides you with one host-only network interface. Adding more host-only\nnetwork interfaces on Solaris hosts requires manual configuration. Here’s how to add another\nhost-only network interface.\nBegin by stopping all running VMs. Then, unplumb the existing “vboxnet0” interface by execute the following command as root:\nifconfig vboxnet0 unplumb\n\nIf you have several vboxnet interfaces, you will need to unplumb all of them. Once all vboxnet\ninterfaces are unplumbed, remove the driver by executing the following command as root:\nrem_drv vboxnet\n\nEdit the file /platform/i86pc/kernel/drv/vboxnet.conf and add a line for the new interface we want to add as shown below:\n3 Support\n\nfor Crossbow based bridged networking was introduced with VirtualBox 4.1 and requires Solaris 11 build 159\nor above.\n4 When Crossbow based bridged networking is used.\n\n196\n\n\f9 Advanced topics\nname=\"vboxnet\" parent=\"pseudo\" instance=1;\nname=\"vboxnet\" parent=\"pseudo\" instance=2;\n\nAdd as many of these lines as required with each line having a unique instance number.\nNext, reload the vboxnet driver by executing the following command as root:\nadd_drv vboxnet\n\nOn Solaris 11.1 and newer hosts you may want to rename the default vanity interface name.\nTo check what name has been assigned, execute:\ndladm show-phys\nLINK\nnet0\nnet2\nnet1\n\nMEDIA\nEthernet\nEthernet\nEthernet\n\nSTATE\nup\nup\nup\n\nSPEED\n100\n1000\n1000\n\nDUPLEX\nfull\nfull\nfull\n\nDEVICE\ne1000g0\nvboxnet1\nvboxnet0\n\nIn the above example, we can rename “net2” to “vboxnet1” before proceeding to plumb the\ninterface. This can be done by executing as root:\ndladm rename-link net2 vboxnet1\n\nNow plumb all the interfaces using ifconfig vboxnetX plumb (where ’X’ would be 1 in this\ncase). Once the interface is plumbed, it may be configured like any other network interface.\nRefer to the ifconfig documentation for further details.\nTo make the newly added interfaces’ settings persistent across reboots, you will need to edit the\nfiles /etc/inet/netmasks, and if you are using NWAM /etc/nwam/llp and add the appropriate\nentries to set the netmask and static IP for each of those interfaces. The VirtualBox installer only\nupdates these configuration files for the one “vboxnet0” interface it creates by default.\n\n9.18 Configuring the VirtualBox CoreDumper on Solaris\nhosts\nVirtualBox is capable of producing its own core files for extensive debugging when things go\nwrong. Currently this is only available on Solaris hosts.\nThe VirtualBox CoreDumper can be enabled using the following command:\nVBoxManage setextradata \"VM name\" VBoxInternal2/CoreDumpEnabled 1\n\nYou can specify which directory to use for core dumps with this command:\nVBoxManage setextradata \"VM name\" VBoxInternal2/CoreDumpDir <path-to-directory>\n\nMake sure the directory you specify is on a volume with sufficient free space and that the\nVirtualBox process has sufficient permissions to write files to this directory. If you skip this\ncommand and don’t specify any core dump directory, the current directory of the VirtualBox executable will be used (which would most likely fail when writing cores as they are protected with\nroot permissions). It is recommended you explicitly set a core dump directory.\nYou must specify when the VirtualBox CoreDumper should be triggered. This is done using the\nfollowing commands:\nVBoxManage setextradata \"VM name\" VBoxInternal2/CoreDumpReplaceSystemDump 1\nVBoxManage setextradata \"VM name\" VBoxInternal2/CoreDumpLive 1\n\nAt least one of the above two commands will have to be provided if you have enabled the\nVirtualBox CoreDumper.\n\n197\n\n\f9 Advanced topics\nSetting CoreDumpReplaceSystemDump sets up the VM to override the host’s core dumping\nmechanism and in the event of any crash only the VirtualBox CoreDumper would produce the\ncore file.\nSetting CoreDumpLive sets up the VM to produce cores whenever the VM process receives a\nSIGUSR2 signal. After producing the core file, the VM will not be terminated and will continue\nto run. You can thus take cores of the VM process using:\nkill -s SIGUSR2 <VM-process-id>\n\nCore files produced by the VirtualBox CoreDumper are of the form core.vb.<ProcessName>.<ProcessID>,\nfor example core.vb.VBoxHeadless.11321.\n\n9.19 VirtualBox and Solaris kernel zones\nSolaris kernel zones on x86-based systems make use of hardware-assisted virtualization features\nlike VirtualBox does. However, for kernel zones and VirtualBox to share this hardware resource,\nthey need to co-operate.\nBy default, due to performance reasons, VirtualBox acquires the hardware-assisted virtualization resource (VT-x/AMD-V) globally on the host machine and uses it until the last VirtualBox\nVM that requires it is powered off. This prevents other software from using VT-x/AMD-V during\nthe time VirtualBox has taken control of it.\nVirtualBox can be instructed to relinquish use of hardware-assisted virtualization features\nwhen not executing guest code, thereby allowing kernel zones to make use of them. To do\nthis, shutdown all VirtualBox VMs and execute the following command:\nVBoxManage setproperty hwvirtexclusive off\n\nThis command needs to be executed only once as the setting is stored as part of the global\nVirtualBox settings which will continue to persist across host-reboots and VirtualBox upgrades.\n\n9.20 Locking down the VirtualBox manager GUI\n9.20.1 Customizing the VM manager\nThere are several advanced customization settings for locking down the VirtualBox manager, that\nis, removing some features that the user should not see.\nVBoxManage setextradata global GUI/Customizations OPTION[,OPTION...]\n\nwhere OPTION is one of the following keywords:\nnoSelector Don’t allow to start the VirtualBox manager. Trying to do so will show a window\n\ncontaining a proper error message.\nnoMenuBar VM windows will not contain a menu bar.\nnoStatusBar VM windows will not contain a status bar.\n\nTo disable any of these VM manager customizations do\nVBoxManage setextradata global GUI/Customizations\n\n198\n\n\f9 Advanced topics\n\n9.20.2 VM selector customization\nThe following per-machine VM extradata settings can be used to change the behavior of the VM\nselector window in respect of certain VMs:\nVBoxManage setextradata \"VM name\" SETTING true\n\nwhere SETTING can be:\nGUI/HideDetails Don’t show the VM configuration of a certain VM. The details window will\n\nremain just empty if this VM is selected.\nGUI/PreventReconfiguration Don’t allow the user to open the settings dialog for a certain\n\nVM.\nGUI/PreventSnapshotOperations Prevent snapshot operations for a VM from the GUI, either\n\nat runtime or when the VM is powered off.\nGUI/HideFromManager Hide a certain VM in the VM selector window.\nGUI/PreventApplicationUpdate Disable the automatic update check and hide the corre-\n\nsponding menu item.\nPlease note that these settings wouldn’t prevent the user from reconfiguring the VM by\nVBoxManage modifyvm.\n\n9.20.3 Configure VM selector menu entries\nYou can disable (i.e. black-list) certain entries in the global settings page of the VM selector:\nVBoxManage setextradata global GUI/RestrictedGlobalSettingsPages OPTION[,OPTION...]\n\nwhere OPTION is one of the following keywords:\nGeneral Don’t show the General settings pane.\nInput Don’t show the Input settings pane.\nUpdate Don’t show the Update settings pane.\nLanguage Don’t show the Language settings pane.\nDisplay Don’t show the Display settings pane.\nNetwork Don’t show the Network settings pane.\nExtensions Don’t show the Extensions settings pane.\nProxy Don’t show the Proxy settings pane.\n\nThis is a global setting. Any combination of the above is allowed. To restore the default\nbehavior, use\nVBoxManage setextradata global GUI/RestrictedGlobalSettingsPages\n\n199\n\n\f9 Advanced topics\n\n9.20.4 Configure VM window menu entries\nYou can disable (i.e. black-list) certain menu actions in the VM window:\nVBoxManage setextradata \"VM name\" GUI/RestrictedRuntimeMenus OPTION[,OPTION...]\n\nwhere OPTION is one of the following keywords:\nAll Don’t show any menu in the VM window.\nMachine Don’t show the Machine menu in the VM window.\nView Don’t show the View menu in the VM window.\nDevices Don’t show the Devices menu in the VM window.\nHelp Don’t show the Help menu in the VM window.\nDebug Don’t show the Debug menu in the VM window. The debug menu is only visible if the GUI\n\nwas started with special command line parameters or environment variable settings.\nThis is a per-VM setting. Any combination of the above is allowed. To restore the default\nbehavior, use\nVBoxManage setextradata \"VM name\" GUI/RestrictedRuntimeMenus\n\nYou can also disable (i.e. blacklist) certain menu actions of certain menus. Use the following\ncommand to disable certain actions of the Application menu (only available on Mac OS X hosts):\nVBoxManage setextradata \"VM name\" GUI/RestrictedRuntimeApplicationMenuActions OPTION[,OPTION...]\n\nwhere OPTION is one of the following keywords:\nAll Don’t show any menu item in this menu.\nAbout Don’t show the About menu item in this menu.\n\nThis is a per-VM setting. Any combination of the above is allowed. To restore the default\nbehavior, use\nVBoxManage setextradata \"VM name\" GUI/RestrictedRuntimeMenus\n\nUse the following command to disable certain actions of the Machine menu:\nVBoxManage setextradata \"VM name\" GUI/RestrictedRuntimeApplicationMenuActions OPTION[,OPTION...]\n\nwhere OPTION is one of the following keywords:\nAll Don’t show any menu item in this menu.\nSettingsDialog Don’t show the Settings menu item in this menu.\nTakeSnapshot Don’t show the Take Snapshot menu item in this menu.\nTakeScreenshot Don’t show the Take Screenshot menu item in this menu.\nInformationDialog Don’t show the Session Information menu item in this menu.\nMouseIntegration Don’t show the Disable Mouse Integration menu item in this menu.\nTypeCAD Don’t show the Insert Ctrl+Alt+Del menu item in this menu.\n\n200\n\n\f9 Advanced topics\nTypeCABS Don’t show the Insert Ctrl+Alt+Backspace menu item in this menu (available on X11\n\nhosts only).\nPause Don’t show the Pause menu item in this menu.\nReset Don’t show the Reset menu item in this menu.\nSaveState Don’t show the Save the machine state menu item in this menu.\nShutdown Don’t show the ACPI Shutdown menu item in this menu.\nPowerOff Don’t show the Power Off the machine menu item in this menu.\n\nThis is a per-VM setting. Any combination of the above is allowed. To restore the default\nbehavior, use\nVBoxManage setextradata \"VM name\" GUI/RestrictedRuntimeApplicationMenuActions\n\nUse the following command to disable certain actions of the View menu:\nVBoxManage setextradata \"VM name\" GUI/RestrictedRuntimeViewMenuActions OPTION[,OPTION...]\n\nwhere OPTION is one of the following keywords:\nAll Don’t show any menu item in this menu.\nFullscreen Don’t show the Switch to Fullscreen menu item in this menu.\nSeamless Don’t show the Switch to Seamless Mode menu item in this menu.\nScale Don’t show the Switch to Scaled Mode menu item in this menu.\nGuestAutoresize Don’t show the Auto-resize Guest Display menu item in this menu.\nAdjustWindow Don’t show the Adjust Window Size menu item in this menu.\nMultiscreen Don’t show the Multiscreen menu item in this menu (only visible in full screen /\n\nseamless mode).\nThis is a per-VM setting. Any combination of the above is allowed. To restore the default\nbehavior, use\nVBoxManage setextradata \"VM name\" GUI/RestrictedRuntimeViewMenuActions\n\nUse the following command to disable certain actions of the View menu:\nVBoxManage setextradata \"VM name\" GUI/RestrictedRuntimeDevicesMenuActions OPTION[,OPTION...]\n\nwhere OPTION is one of the following keywords to disable actions in the Devices menu:\nAll Don’t show any menu item in this menu.\nOpticalDevices Don’t show the CD/DVD Devices menu item in this menu.\nFloppyDevices Don’t show the FLoppy Devices menu item in this menu.\nUSBDevices Don’t show the USB Devices menu item in this menu.\nSharedClipboard Don’t show the Shared Clipboard menu item in this menu.\nDragAndDrop Don’t show the Drag and Drop menu item in this menu.\nNetworkSettings Don’t show the Network Settings... menu item in this menu.\n\n201\n\n\f9 Advanced topics\nSharedFoldersSettings Don’t show the Shared Folders Settings... menu item in this menu.\nVRDEServer Don’t show the Remove Display menu item in this menu.\nInstallGuestTools Don’t show the Insert Guest Additions CD imnage... menu item in this\n\nmenu.\nThis is a per-VM setting. Any combination of the above is allowed. To restore the default\nbehavior, use\nVBoxManage setextradata \"VM name\" GUI/RestrictedRuntimeDevicesMenuActions\n\nUse the following command to disable certain actions of the View menu:\nVBoxManage setextradata \"VM name\" GUI/RestrictedRuntimeDebuggerMenuActions OPTION[,OPTION...]\n\nwhere OPTION is one of the following keywords to disable actions in the Debug menu (normally\ncompletely disabled):\nAll Don’t show any menu item in this menu.\nStatistics Don’t show the Statistics... menu item in this menu.\nCommandLine Don’t show the Command Line... menu item in this menu.\nLogging Don’t show the Logging... menu item in this menu.\nLogDialog Don’t show the Show Log... menu item in this menu.\n\nThis is a per-VM setting. Any combination of the above is allowed. To restore the default\nbehavior, use\nVBoxManage setextradata \"VM name\" GUI/RestrictedRuntimeDebuggerMenuActions\n\nUse the following command to disable certain actions of the View menu:\nVBoxManage setextradata \"VM name\" GUI/RestrictedRuntimeHelpMenuActions OPTION[,OPTION...]\n\nwhere OPTION is one of the following keywords to disable actions in the Help menu (normally\ncompletely disabled):\nAll Don’t show any menu item in this menu.\nContents Don’t show the Contents... menu item in this menu.\nWebSite Don’t show the VirtualBox Web Site... menu item in this menu.\nResetWarnings Don’t show the Reset All Warnings menu item in this menu.\nNetworkAccessManager Don’t show the Network Operations Manager menu item in this menu.\nAbout Don’t show the About menu item in this menu (only on non Mac OS X hosts).\nContents Don’t show the Contents... menu item in this menu.\nContents Don’t show the Contents... menu item in this menu.\n\nThis is a per-VM setting. Any combination of the above is allowed. To restore the default\nbehavior, use\nVBoxManage setextradata \"VM name\" GUI/RestrictedRuntimeHelpMenuActions\n\n202\n\n\f9 Advanced topics\n\n9.20.5 Configure VM window status bar entries\nYou can disable (i.e. black-list) certain status bar items:\nVBoxManage setextradata \"VM name\" GUI/RestrictedStatusBarIndicators OPTION[,OPTION...]\n\nwhere OPTION is one of the following keywords:\nHardDisks Don’t show the hard disk icon in the VM window status bar. By default the hard disk\n\nicon is only shown if the VM configuration contains one or more hard disks.\nOpticalDisks Don’t show the CD icon in the VM window status bar. By default the CD icon is\n\nonly shown if the VM configuration contains one or more CD drives.\nFloppyDisks Don’t show the floppy icon in the VM window status bar. By default the floppy\n\nicon is only shown if the VM configuration contains one more more floppy drives.\nNetwork Don’t show the network icon in the VM window status bar. By default the network icon\n\nis only shown if the VM configuration contains one or more active network adapters.\nUSB Don’t show the USB icon in the status bar.\nSharedFolders Don’t show the shared folders icon in the status bar.\nVideoCapture Don’t show the video capture icon in the status bar.\nFeatures Don’t show the CPU features icon in the status bar.\nMouse Don’t show the mouse icon in the status bar.\nKeyboard Don’t show the keyboard icon in the status bar.\n\nThis is a per-VM setting. Any combination of the above is allowed. If all options are specified,\nno icons are displayed in the status bar of the VM window. To restore the default behavior, use\nVBoxManage setextradata \"VM name\" GUI/RestrictedStatusBarIndicators\n\n9.20.6 Configure VM window visual modes\nYou can disable (i.e. black-list) certain VM visual modes:\nVBoxManage setextradata \"VM name\" GUI/RestrictedVisualStates OPTION[,OPTION...]\n\nwhere OPTION is one of the following keywords:\nFullscreen Don’t allow to switch the VM into full screen mode.\nSeamless Don’t allow to switch the VM into seamless mode.\nScale Don’t allow to switch the VM into scale mode.\n\nThis is a per-VM setting. Any combination of the above is allowed. To restore the default\nbehavior, use\nVBoxManage setextradata \"VM name\" GUI/RestrictedVisualStates\n\n203\n\n\f9 Advanced topics\n\n9.20.7 Host Key customization\nTo disable all host key combinations, open the preferences and change the host key to None. This\nmight be useful when using VirtualBox in a kiosk mode.\nTo redefine or disable certain host key actions, use the following command:\nVBoxManage setextradata global GUI/Input/MachineShortcuts \"FullscreenMode=F,....\"\n\nThe following list shows the possible host key actions together with their default host key\nshortcut. Setting an action to None will disable that host key action.\nAction\nTakeSnapshot\nTakeScreenshot\nMouseIntegration\nTypeCAD\nTypeCABS\nPause\nReset\nSaveState\nShutdown\nPowerOff\nClose\nFullscreenMode\nSeamlessMode\nScaleMode\nGuestAutoResize\nWindowAdjust\nPopupMenu\nSettingsDialog\nInformationDialog\nNetworkAdaptersDialog\nSharedFoldersDialog\nInstallGuestAdditions\n\nDefault Key\nT\nE\nI\nDel\nBackspace\nP\nR\nH\nQ\nF\nL\nC\nG\nA\nHome\nS\nN\n\nD\n\nAction\ntake a snapshot\ntake a screenshot\ntoggle mouse integration\ninject Ctrl+Alt+Del\ninject Ctrl+Alt+Backspace\nPause the VM\n(hard) reset the guest\nsave the VM state and terminate the VM\npress the (virtual) ACPI power button\npower the VM off (without saving the state!)\nshow the VM close dialog\nswitch the VM into full screen\nswitch the VM into seamless mode\nswitch the VM into scale mode\nautomatically resize the guest window\nimmediately resize the guest window\nshow popup menu in full screen / seaml. mode\nopen the VM settings dialog\nshow the VM information window\nshow the VM network adapters dialog\nshow the VM shared folders dialog\nmount the ISO containing the Guest Additions\n\nTo disable the full screen mode as well as the seamless mode, use the following command:\nVBoxManage setextradata global GUI/Input/MachineShortcuts \"FullscreenMode=None,SeamlessMode=None\"\n\n9.20.8 Action when terminating the VM\nYou can disallow (i.e. black-list) certain actions when terminating a VM. To disallow specific\nactions, type:\nVBoxManage setextradata \"VM name\" GUI/RestrictedCloseActions OPTION[,OPTION...]\n\nwhere OPTION is one of the following keywords:\nSaveState Don’t allow the user to save the VM state when terminating the VM.\nShutdown Don’t allow the user to shutdown the VM by sending the ACPI power-off event to the\n\nguest.\nPowerOff Don’t allow the user to power off the VM.\nPowerOffRestoringSnapshot Don’t allow the user to return to the last snapshot when power-\n\ning off the VM.\nThis is a per-VM setting. Any combination of the above is allowed. If all options are specified,\nthe VM cannot be shut down at all.\n\n204\n\n\f9 Advanced topics\n\n9.20.9 Action for handling a Guru Meditation\nA VM runs into a Guru Meditation if there is a problem which cannot be fixed by other means\nthan terminating the process. The default is to show a message window which instructs the user\nto open a bug report.\nThis behavior can be configured:\nVBoxManage setextradata \"VM name\" GUI/GuruMeditationHandler MODE\n\nwhere MODE is one of the following keywords:\nDefault A message window is shown. After the user confirmed, the VM is terminated.\nPowerOff The VM is immediately powered-off without showing any message window. The VM\n\nlogfile will show information about what happend.\nIgnore The VM is left in stuck mode. Execution is stopped but no message window is shown.\n\nThe VM has to be powered off manually.\nThis is a per-VM setting.\n\n9.20.10 Configuring automatic mouse capturing\nBy default, the mouse is captured if the user clicks on the guest window and the guest expects\nrelative mouse coordiantes at this time. This happens if the pointing device is configured as PS/2\nmouse and the guest did not (yet) start the VirtualBox Guest Additions (for instance, the guest\nis booting or no Guest Additions installed at all) or if the pointing device is configured as USB\ntablet but the guest has no USB driver loaded yet. Once the Guest Additions become active or\nthe USB guest driver is started, the mouse capture is automatically released.\nThe default behavior is sometimes not desired. Therefore it can be configured:\nVBoxManage setextradata \"VM name\" GUI/MouseCapturePolicy MODE\n\nwhere MODE is one of the following keywords:\nDefault The default behavior as described above.\nHostComboOnly The mouse is only captured if the Host Key is toggled.\nDisabled The mouse is never captured, also not by toggling the Host Key\n\nThis is a per-VM setting.\n\n9.20.11 Configuring automatic mouse capturing\nBy default, the mouse is captured if the user clicks on the guest window and the guest expects\nrelative mouse coordiantes at this time. This happens if the pointing device is configured as PS/2\nmouse and the guest did not (yet) start the VirtualBox Guest Additions (for instance, the guest\nis booting or no Guest Additions installed at all) or if the pointing device is configured as USB\ntablet but the guest has no USB driver loaded yet. Once the Guest Additions become active or\nthe USB guest driver is started, the mouse capture is automatically released.\nThe default behavior is sometimes not desired. Therefore it can be configured:\nVBoxManage setextradata \"VM name\" GUI/MouseCapturePolicy MODE\n\nwhere MODE is one of the following keywords:\nDefault The default behavior as described above.\nHostComboOnly The mouse is only captured if the Host Key is toggled.\nDisabled The mouse is never captured, also not by toggling the Host Key\n\nThis is a per-VM setting.\n\n205\n\n\f9 Advanced topics\n\n9.20.12 Requesting legacy full-screen mode\nAs of version 4.3.16, VirtualBox uses special window manager facilities to switch a multi-screen\nmachine to full-screen on a multi-monitor host system. However, not all window managers\nprovide these facilities correctly, so VirtualBox can be told to use the old method of switching to\nfull-screen mode instead using the command:\nVBoxManage setextradata global GUI/Fullscreen/LegacyMode true\n\nYou can go back to the new method using the command:\nVBoxManage setextradata global GUI/Fullscreen/LegacyMode\n\nThis is a global setting.\n\n9.21 Starting the VirtualBox web service automatically\nThe VirtualBox web service (vboxwebsrv) is used for controlling VirtualBox remotely. It is documented in detail in the VirtualBox Software Development Kit (SDK); please see chapter 11,\nVirtualBox programming interfaces, page 228. As the client base using this interface is growing,\nwe added start scripts for the various operation systems we support. The following sections describe how to use them. The VirtualBox web service is never started automatically as a result of\na standard installation.\n\n9.21.1 Linux: starting the webservice via init\nOn Linux, the web service can be automatically started during host boot by adding appropriate parameters to the file /etc/default/virtualbox. There is one mandatory parameter,\nVBOXWEB_USER, which must be set to the user which will later start the VMs. The parameters in\nthe table below all start with VBOXWEB_ (VBOXWEB_HOST, VBOXWEB_PORT etc.):\nParameter\nUSER\nHOST\nPORT\nSSL_KEYFILE\nSSL_PASSWORDFILE\nSSL_CACERT\nSSL_CAPATH\nSSL_DHFILE\nSSL_RANDFILE\nTIMEOUT\nCHECK_INTERVAL\nTHREADS\nKEEPALIVE\nROTATE\nLOGSIZE\nLOGINTERVAL\n\nDescription\nThe user as which the web service runs\nThe host to bind the web service to\nThe port to bind the web service to\nServer key and certificate file, PEM format\nFile name for password to server key\nCA certificate file, PEM format\nCA certificate path\nDH file name or DH key length in bits\nFile containing seed for random number generator\nSession timeout in seconds; 0 disables timeouts\nFrequency of timeout checks in seconds\nMaximum number of worker threads to run in parallel\nMaximum number of requests before a socket will be\nclosed\nNumber of log files; 0 disables log rotation\nMaximum size of a log file in bytes to trigger rotation\nMaximum time interval in seconds to trigger log rotation\n\nDefault\nlocalhost\n18083\n\n300\n5\n100\n100\n10\n1MB\n1 day\n\nSetting the parameter SSL_KEYFILE enables the SSL/TLS support. Using encryption is strongly\nencouraged, as otherwise everything (including passwords) is transferred in clear text.\n\n206\n\n\f9 Advanced topics\n\n9.21.2 Solaris: starting the web service via SMF\nOn Solaris hosts, the VirtualBox web service daemon is integrated into the SMF framework. You\ncan change the parameters, but don’t have to if the defaults below already match your needs:\nsvccfg -s svc:/application/virtualbox/webservice:default setprop config/host=localhost\nsvccfg -s svc:/application/virtualbox/webservice:default setprop config/port=18083\nsvccfg -s svc:/application/virtualbox/webservice:default setprop config/user=root\n\nThe table in the previous section showing the parameter names and defaults also applies to\nSolaris. The parameter names must be changed to lowercase and a prefix of config/ has to be\nadded, e.g. config/user or config/ssl_keyfile. If you made any change, don’t forget to run\nthe following command to put the changes into effect immediately:\nsvcadm refresh svc:/application/virtualbox/webservice:default\n\nIf you forget the above command then the previous settings will be used when enabling the\nservice. Check the current property settings with:\nsvcprop -p config svc:/application/virtualbox/webservice:default\n\nWhen everything is configured correctly you can start the VirtualBox web service with the\nfollowing command:\nsvcadm enable svc:/application/virtualbox/webservice:default\n\nFor more information about SMF, please refer to the Solaris documentation.\n\n9.21.3 Mac OS X: starting the webservice via launchd\nOn Mac OS X, launchd is used to start the VirtualBox webservice. An example configuration file\ncan be found in $HOME/Library/LaunchAgents/org.virtualbox.vboxwebsrv.plist. It can\nbe enabled by changing the Disabled key from true to false. To manually start the service use\nthe following command:\nlaunchctl load ~/Library/LaunchAgents/org.virtualbox.vboxwebsrv.plist\n\nFor additional information on how launchd services could be configured see http://\ndeveloper.apple.com/mac/library/documentation/MacOSX/Conceptual/BPSystemStartup/\nBPSystemStartup.html.\n\n9.22 VirtualBox Watchdog\nStarting with VirtualBox 4.2 the memory ballooning service formerly known as VBoxBalloonCtrl\nwas renamed to VBoxWatchdog, which now incorporates several host services that are meant to\nbe run in a server environment.\nThese services are:\n• Memory ballooning control, which automatically takes care of a VM’s configured memory\nballoon (see chapter 4.9.1, Memory ballooning, page 80 for an introduction to memory\nballooning). This especially is useful for server environments where VMs may dynamically\nrequire more or less memory during runtime.\nThe service periodically checks a VM’s current memory balloon and its free guest RAM and\nautomatically adjusts the current memory balloon by inflating or deflating it accordingly.\nThis handling only applies to running VMs having recent Guest Additions installed.\n\n207\n\n\f9 Advanced topics\n• Host isolation detection, which provides a way to detect whether the host cannot reach the\nspecific VirtualBox server instance anymore and take appropriate actions, such as shutting\ndown, saving the current state or even powering down certain VMs.\nAll configuration values can be either specified via command line or global extradata, whereas\ncommand line values always have a higher priority when set. Some of the configuration values\nalso be be specified on a per-VM basis. So the overall lookup order is: command line, per-VM\nbasis extradata (if available), global extradata.\n\n9.22.1 Memory ballooning control\nThe memory ballooning control inflates and deflates the memory balloon of VMs based on the\nVMs free memory and the desired maximum balloon size.\nTo set up the memory ballooning control the maximum ballooning size a VM can reach needs\nto be set. This can be specified via command line with\n--balloon-max <Size in MB>\n\n, on a per-VM basis extradata value with\nVBoxManage setextradata <VM-Name> VBoxInternal2/Watchdog/BalloonCtrl/BalloonSizeMax <Size in MB>\n\nor using a global extradata value with\nVBoxManage setextradata global VBoxInternal2/Watchdog/BalloonCtrl/BalloonSizeMax <Size in MB>\n\nNote: If no maximum ballooning size is specified by at least one of the parameters\nabove, no ballooning will be performed at all.\nSetting the ballooning increment in MB can be either done via command line with\n--balloon-inc <Size in MB>\n\nor using a global extradata value with\nVBoxManage setextradata global VBoxInternal2/Watchdog/BalloonCtrl/BalloonIncrementMB <Size in MB>\n\nDefault ballooning increment is 256 MB if not specified.\nSame goes with the ballooning decrement: Via command line with\n--balloon-dec <Size in MB>\n\nor using a global extradata value with\nVBoxManage setextradata global VBoxInternal2/Watchdog/BalloonCtrl/BalloonDecrementMB <Size in MB>\n\nDefault ballooning decrement is 128 MB if not specified.\nTo define the lower limit in MB a balloon can be the command line with\n--balloon-lower-limit <Size in MB>\n\ncan be used or using a global extradata value with\nVBoxManage setextradata global VBoxInternal2/Watchdog/BalloonCtrl/BalloonLowerLimitMB <Size in MB>\n\nis available. Default lower limit is 128 if not specified.\n\n208\n\n\f9 Advanced topics\n\n9.22.2 Host isolation detection\nTo detect whether a host is being isolated, that is, the host cannot reach the VirtualBox server\ninstance anymore, the host needs to set an alternating value to a global extradata value within a\ntime period. If this value is not set within that time period a timeout occurred and the so-called\nhost isolation response will be performed to the VMs handled. Which VMs are handled can be\ncontrolled by defining VM groups and assigning VMs to those groups. By default no groups are\nset, meaning that all VMs on the server will be handled when no host response is received within\n30 seconds.\nTo set the groups handled by the host isolation detection via command line:\n--apimon-groups=<string[,stringN]>\n\nor using a global extradata value with\nVBoxManage setextradata global VBoxInternal2/Watchdog/APIMonitor/Groups <string[,stringN]>\n\nTo set the host isolation timeout via command line:\n--apimon-isln-timeout=<ms>\n\nor using a global extradata value with\nVBoxManage setextradata global VBoxInternal2/Watchdog/APIMonitor/IsolationTimeoutMS <ms>\n\nTo set the actual host isolation response via command line:\n--apimon-isln-response=<cmd>\n\nor using a global extradata value with\nVBoxManage setextradata global VBoxInternal2/Watchdog/APIMonitor/IsolationResponse <cmd>\n\nThe following response commands are available:\n• none, which does nothing.\n• pause, which pauses the execution of a VM.\n• poweroff, which shuts down the VM by pressing the virtual power button. The VM will\nnot have the chance of saving any data or veto the shutdown process.\n• save, which saves the current machine state and powers off the VM afterwards. If saving\nthe machine state fails the VM will be paused.\n• shutdown, which shuts down the VM in a gentle way by sending an ACPI shutdown event\nto the VM’s operating system. The OS then has the chance of doing a clean shutdown.\n\n9.22.3 More information\nFor more advanced options and parameters like verbose logging check the built-in command line\nhelp accessible with --help.\n\n209\n\n\f9 Advanced topics\n\n9.22.4 Linux: starting the watchdog service via init\nOn Linux, the watchdog service can be automatically started during host boot by adding appropriate parameters to the file /etc/default/virtualbox. There is one mandatory parameter,\nVBOXWATCHDOG_USER, which must be set to the user which will later start the VMs. For backward\ncompatibility you can also specify VBOXBALLOONCTRL_USERThe parameters in the table below all\nstart with VBOXWATCHDOG_ (VBOXWATCHDOG_BALLOON_INTERVAL, VBOXWATCHDOG_LOGSIZE etc.,\nand for previously existing parameters the VBOXBALLOONCTRL_INTERVAL etc. parameters can\nstill be used):\nParameter\n\nDescription\n\nDefault\n\nUSER\nROTATE\nLOGSIZE\nLOGINTERVAL\nBALLOON_INTERVAL\nBALLOON_INCREMENT\nBALLOON_DECREMENT\nBALLOON_LOWERLIMIT\nBALLOON_SAFETYMARGIN\n\nThe user as which the watchdog service runs\nNumber of log files; 0 disables log rotation\nMaximum size of a log file in bytes to trigger rotation\nMaximum time interval in seconds to trigger log rotation\nInterval for checking the balloon size (msec)\nBalloon size increment (MByte)\nBalloon size decrement (MByte)\nBalloon size lower limit (MByte)\nFree memory required for decreasing the balloon size\n(MByte)\n\n10\n1MB\n1 day\n30000\n256\n128\n64\n1024\n\n9.22.5 Solaris: starting the watchdog service via SMF\nOn Solaris hosts, the VirtualBox watchdog service daemon is integrated into the SMF framework.\nYou can change the parameters, but don’t have to if the defaults already match your needs:\nsvccfg -s svc:/application/virtualbox/balloonctrl:default setprop config/balloon_interval=10000\nsvccfg -s svc:/application/virtualbox/balloonctrl:default setprop config/balloon_safetymargin=134217728\n\nThe table in the previous section showing the parameter names and defaults also applies to\nSolaris. The parameter names must be changed to lowercase and a prefix of config/ has to be\nadded, e.g. config/user or config/balloon_safetymargin. If you made any change, don’t\nforget to run the following command to put the changes into effect immediately:\nsvcadm refresh svc:/application/virtualbox/balloonctrl:default\n\nIf you forget the above command then the previous settings will be used when enabling the\nservice. Check the current property settings with:\nsvcprop -p config svc:/application/virtualbox/balloonctrl:default\n\nWhen everything is configured correctly you can start the VirtualBox watchdog service with\nthe following command:\nsvcadm enable svc:/application/virtualbox/balloonctrl:default\n\nFor more information about SMF, please refer to the Solaris documentation.\n\n9.23 Other extension packs\nStarting with VirtualBox 4.2.0 there is another extension pack, VNC, which is open source and\nreplaces the previous integration of the VNC remote access protocol. This is experimental code,\nand will be initially available in the VirtualBox source code package only. It is to a large portion\ncode contributed by users, and is not supported in any way by Oracle.\n\n210\n\n\f9 Advanced topics\nThe keyboard handling is severely limited, and only the US keyboard layout works. Other\nkeyboard layouts will have at least some keys which produce the wrong results (often quite\nsurprising effects), and for layouts which have significant differences to the US keyboard layout\nit is most likely unusable.\nIt is possible to install both the Oracle VM VirtualBox Extension Pack and VNC, but only one\nVRDE module can be active at any time. The following command switches to the VNC VRDE\nmodule in VNC:\nVBoxManage setproperty vrdeextpack VNC\n\nConfiguring the remote access works very similarly to VRDP (see chapter 7.1, Remote display\n(VRDP support), page 107), with some limitations: VNC does not support specifying several\nport numbers, and the authentication is done differently. VNC can only deal with password\nauthentication, and there is no option to use password hashes. This leaves no other choice\nthan having a clear-text password in the VM configuration, which can be set with the following\ncommand:\nVBoxManage modifyvm \"VM name\" --vrdeproperty VNCPassword=secret\n\nThe user is responsible for keeping this password secret, and it should be removed when a\nVM configuration is passed to another person, for whatever purpose. Some VNC servers claim to\nhave “encrypted” passwords in the configuration. This is not true encryption, it is only concealing\nthe passwords, which is exactly as secure as clear-text passwords.\nThe following command switches back to VRDP (if installed):\nVBoxManage setproperty vrdeextpack \"Oracle VM VirtualBox Extension Pack\"\n\n9.24 Starting virtual machines during system boot\nStarting with VirtualBox 4.2.0 it is possible to start VMs automatically during system boot on\nLinux, Solaris and Mac OS X for all users.\n\n9.24.1 Linux: starting the autostart service via init\nOn Linux, the autostart service is activated by setting two variables in /etc/default/virtualbox.\nThe first one is VBOXAUTOSTART_DB which contains an absolute path to the autostart database directory. The directory should have write access for every user who should be able to start virtual\nmachines automatically. Furthermore the directory should have the sticky bit set. The second\nvariable is VBOXAUTOSTART_CONFIG which points the service to the autostart configuration file\nwhich is used during boot to determine whether to allow individual users to start a VM automatically and configure startup delays. The configuration file can be placed in /etc/vbox and\ncontains several options. One is default_policy which controls whether the autostart service\nallows or denies to start a VM for users which are not in the exception list. The exception list\nstarts with exception_list and contains a comma separated list with usernames. Furthermore\na separate startup delay can be configured for every user to avoid overloading the host. A sample\nconfiguration is given below:\n# Default policy is to deny starting a VM, the other option is \"allow\".\ndefault_policy = deny\n# Bob is allowed to start virtual machines but starting them\n# will be delayed for 10 seconds\nbob = {\nallow = true\nstartup_delay = 10\n}\n\n211\n\n\f9 Advanced topics\n\n# Alice is not allowed to start virtual machines, useful to exclude certain users\n# if the default policy is set to allow.\nalice = {\nallow = false\n}\n\nEvery user who wants to enable autostart for individual machines has to set the path to the\nautostart database directory with\nVBoxManage setproperty autostartdbpath <Autostart directory>\n\n9.24.2 Solaris: starting the autostart service via SMF\nOn Solaris hosts, the VirtualBox autostart daemon is integrated into the SMF framework. To\nenable it you have to point the service to an existing configuration file which has the same\nformat as on Linux (see chapter 9.24.1, Linux: starting the autostart service via init, page 211):\nsvccfg -s svc:/application/virtualbox/autostart:default setprop config/config=/etc/vbox/autostart.cfg\n\nWhen everything is configured correctly you can start the VirtualBox autostart service with the\nfollowing command:\nsvcadm enable svc:/application/virtualbox/autostart:default\n\nFor more information about SMF, please refer to the Solaris documentation.\n\n9.24.3 Mac OS X: starting the autostart service via launchd\n\nOn Mac OS X, launchd is used to start the VirtualBox autostart service. An example configuration\nfile can be found in /Applications/VirtualBox.app/Contents/MacOS/org.virtualbox.vboxautostart.plist.\nTo enable the service copy the file to /Library/LaunchDaemons and change the Disabled key\nfrom true to false. Furthermore replace the second parameter to an existing configuration file\nwhich has the same format as on Linux (see chapter 9.24.1, Linux: starting the autostart service\nvia init, page 211). To manually start the service use the following command:\nlaunchctl load /Library/LaunchDaemons/org.virtualbox.vboxautostart.plist\n\nFor additional information on how launchd services could be configured see http://\ndeveloper.apple.com/mac/library/documentation/MacOSX/Conceptual/BPSystemStartup/\nBPSystemStartup.html.\n\n9.25 VirtualBox expert storage management\nIn case the snapshot model of VirtualBox is not sufficient it is possible to enable a special mode\nwhich makes it possible to reconfigure storage attachments while the VM is paused. The user\nhas to make sure that the disk data stays consistent to the guest because unlike with hotplugging\nthe guest is not informed about detached or newly attached media.\nThe expert storage management mode can be enabled per VM executing:\nVBoxManage setextradata \"VM name\" \"VBoxInternal2/SilentReconfigureWhilePaused\" 1\n\nStorage attachments can be reconfigured while the VM is paused afterwards using:\nVBoxManage storageattach ...\n\n212\n\n\f9 Advanced topics\n\n9.26 Handling of host power management events\nSome host power management events are handled by VirtualBox. The actual behavior depends\non the platform:\nHost Suspends This event is generated when the host is about to suspend, that is, the host\nsaves the state to some non-volatile storage and powers off.\nThis event is currently only handled on Windows hosts and Mac OS X hosts. When this\nevent is generated, VirtualBox will pause all running VMs.\nHost Resumes This event is generated when the host woke up from the suspended state.\nThis event is currently only handled on Windows hosts and Mac OS X hosts. When this\nevent is generated, VirtualBox will resume all VMs which are where paused before.\nBattery Low The battery level reached a critical level (usually less than 5 percent charged).\nThis event is currently only handled on Windows hosts and Mac OS X hosts. When this\nevent is generated, VirtualBox will save the state and terminate all VMs in preperation of a\npotential host powerdown.\nThe behavior can be configured. By executing the following command, no VM is saved:\nVBoxManage setextradata global \"VBoxInternal2/SavestateOnBatteryLow\" 0\n\nThis is a global setting as well as a per-VM setting. The per-VM value has higher precedence\nthan the global value. The following command will save the state of all VMs but will not\nsave the state of VM “foo”:\nVBoxManage setextradata global \"VBoxInternal2/SavestateOnBatteryLow\" 1\nVBoxManage setextradata \"foo\" \"VBoxInternal2/SavestateOnBatteryLow\" 0\n\nThe first line is actually not required as by default the savestate action is performed.\n\n9.27 Experimental support for passing through SSE4.1 /\nSSE4.2 instructions\nTo provide SSE 4.1 / SSE 4.2 support to guests, the host CPU has to implement these instruction\nsets. Starting with VirtualBox 4.3.8 it is possible to enable these instructions for certain guests\nusing the following commands:\nVBoxManage setextradata \"VM name\" VBoxInternal/CPUM/SSE4.1 1\nVBoxManage setextradata \"VM name\" VBoxInternal/CPUM/SSE4.2 1\n\nThese are a per-VM settings and they are turned off by default.\n\n9.28 Support for keyboard indicators synchronization\nThis feature makes the host keyboard lights match those of the virtual machine’s virtual keyboard when the machine window is selected. It is currently implemented for Mac OS X and\nWindows hosts and available as of releases 4.2.24 and 4.3.8. The feature can be enabled using\nthe following command:\nVBoxManage setextradata \"VM name\" GUI/HidLedsSync \"1\"\n\nIn order to disable it, use the same command but change “1” to “0”, or use the VBoxManage\ncommand to remove the extra data. This is a per-VM setting and it is disabled by default.\n\n213\n\n\f9 Advanced topics\n\n9.29 Capturing USB traffic for selected devices\nStarting with VirtualBox 5.0 it is possible to capture USB traffic for single USB devices or on the\nroot hub level which captures the traffic of all USB devices attached to the root hub. VirtualBox\nstores the traffic in a format which is compatible with Wireshark. To capture the traffic of a specific USB device it must be attached to the VM with VBoxManage using the following command:\nVBoxManage controlvm \"VM name\" usbattach \"device uuid|address\" --capturefile \"filename\"\n\nIn order to enable capturing on the root hub use the following command while the VM is not\nrunning:\nVBoxManage setextradata \"VM name\" VBoxInternal/Devices/usb-ehci/0/LUN#0/Config/CaptureFilename \"filename\"\n\nThe command above enables capturing on the root hub attached to the EHCI controller. To\nenable it for the OHCI or XHCI controller replace usb-ehci with usb-ohci or usb-xhci respectively.\n\n9.30 Configuring the heartbeat service\nVirtualBox ships a simple heartbeat service. Once the Guest Additions are active, the guest sends\nfrequent heartbeat pings to the host. If the guest stops sending the heartbeat pings without\nproperly termination the service, the VM process will log this event in the VBox.log file. In the\nfuture it might be possible to configure dedicated actions but for there is only a warning in the\nlog file.\nThere are two parameters to configure. The heartbeat interval defines the time between two\nheartbeat pings. The default value is 2 seconds, that is, the heartbeat service of the VirtualBox\nGuest Additions will send a heartbeat ping every two seconds. The value in nanoseconds can be\nconfigured like this:\nVBoxManage controlvm \"VM name\" VBoxInternal/Devices/VMMDev/0/Config/HeartbeatInterval 2000000000\n\nThe heartbeat timeout defines the time the host waits starting from the last heartbeat ping\nbefore it defines the guest as unresponsive. The default value is 2 times the heartbeat interval (4\nseconds) and can be configured as following (in nanoseconds):\nVBoxManage controlvm \"VM name\" VBoxInternal/Devices/VMMDev/0/Config/HeartbeatTimeout 4000000000\n\nIf the heartbeat timeout expires, there will be a log message like VMMDev: HeartBeatCheckTimer: Guest seems to be unresponsive. Last heartbeat received 5 seconds ago. If another heartbeat\nping arrives after this warning, there will be a log message like VMMDev: GuestHeartBeat: Guest\nis alive.\n\n9.31 Encryption of disk images\nStarting with VirtualBox 5.0, it is possible to encrypt the data stored in hard disk images transparently for the guest. It does not depend on a specific image format to be used. Images which\nhave the data encrypted are not portable between VirtualBox and other virtualization software.\nVirtualBox uses the AES algorithm in XTS mode and supports 128 or 256 bit data encryption\nkeys (DEK). The DEK is stored encrypted in the medium properties and is decrypted during VM\nstartup by entering a password which was chosen when the image was encrypted.\nSince the DEK is stored as part of the VM configuration file, it is important that it is kept\nsafe. Losing the DEK means that the data stored in the disk images is lost irrecoverably. Having\ncomplete and up to date backups of all data related to the VM is the responsibility of the user.\n\n214\n\n\f9 Advanced topics\n\n9.31.1 Limitations\nThere are some limitations the user needs to be aware of when using this feature:\n• This feature is part of the Oracle VM VirtualBox Extension Pack, which needs to be installed.\nOtherwise disk encryption is unavailable.\n• Since encryption works only on the stored user data, it is currently not possible to check\nfor metadata integrity of the disk image. Attackers might destroy data by removing or\nchanging blocks of data in the image or change metadata items such as the disk size.\n• Exporting appliances which contain encrypted disk images is not possible because the OVF\nspecification doesn’t support this. All images are therefore decrypted during export.\n• The DEK is kept in memory while the VM is running to be able to decrypt data read and\nencrypt data written by the guest. While this should be obvious the user needs to be aware\nof this because an attacker might be able to extract the key on a compromised host and\ndecrypt the data.\n• When encrypting or decrypting the images, the password is passed in clear text via the\nVirtualBox API. This needs to be kept in mind, especially when using third party API clients\nwhich make use of the webservice where the password might be transmitted over the\nnetwork. The use of HTTPS is mandatory in such a case.\n• Encrypting images with differencing images is only possible if there are no snapshots or a\nlinear chain of snapshots. This limitation may be addressed in a future VirtualBox version.\n\n9.31.2 Encrypting disk images\nEncrypting disk images can be done either using the GUI or VBoxManage. While the GUI is easier\nto use, it works on a per VM basis and encrypts all disk images attached to the specific VM. With\nVBoxManage one can encrypt individual images (including all differencing images). To encrypt\nan unencrypted medium with VBoxManage, use:\nVBoxManage encryptmedium \"uuid|filename\" --newpassword \"file|-\" --cipher \"cipher id\" --newpasswordid \"id\"\n\nTo supply the encryption password point VBoxManage to the file where the password is stored\nor specify - to let VBoxManage ask you for the password on the command line.\nThe cipher parameter specifies the cipher to use for encryption and can be either\nAES-XTS128-PLAIN64 or AES-XTS256-PLAIN64. The specified password identifier can be freely\nchosen by the user and is used for correct identification when supplying multiple passwords\nduring VM startup.\nIf the user uses the same password when encrypting multiple images and also the same password identifier, the user needs to supply the password only once during VM startup.\n\n9.31.3 Starting a VM with encrypted images\nWhen a VM is started using the GUI, a dialog will open where the user needs to enter all passwords for all encrypted images attached to the VM. If another frontend like VBoxHeadless is\nused, the VM will be paused as soon as the guest tries to access an encrypted disk. The user\nneeds to provide the passwords through VBoxManage using the following command:\nVBoxManage controlvm \"uuid|vmname\" addencpassword \"id\" \"password\" [--removeonsuspend \"yes|no\"]\n\nThe id parameter must be the same as the password identifier supplied when encrypting the\nimages. password is the password used when encrypting the images. The user can optionally\nspecify --removeonsuspend \"yes|no\" to specify whether to remove the password from VM\nmemory when the VM is suspended. Before the VM can be resumed, the user needs to supply\nthe passwords again. This is useful when a VM is suspended by a host suspend event and the\nuser doesn’t want the password to remain in memory.\n\n215\n\n\f9 Advanced topics\n\n9.31.4 Decrypting encrypted images\nIn some circumstances it might be required to decrypt previously encrypted images. This can be\ndone in the GUI for a complete VM or using VBoxManage with the following command:\nVBoxManage encryptmedium \"uuid|filename\" --oldpassword \"file|-\"\n\nThe only required parameter is the password the image was encrypted with. The options are\nthe same as for encrypting images.\n\n9.32 PC speaker passthrough\nAs an experimental feature (primarily due to being limited to Linux host only and unknown\nLinux distribution coverage) VirtualBox supports passing through the PC speaker to the host.\nThe PC speaker (sometimes called system speaker) is a way to produce audible feedback such as\nbeeps without the need for regular audio/sound card support.\nThe PC speaker passthrough feature in VirtualBox handles beeps only. Advanced PC speaker\nuse by the VM (such as PCM audio) will not work, resulting in undefined host behavior.\nProducing beeps on Linux is unfortunately a very complex topic. VirtualBox offers a collection\nof options, in an attempt to make this work deterministically and reliably on as many Linux\ndistributions and system configurations as possible:\nCode\n1\n\nDevice\n\n2\n\n/dev/input/\nby-path/platformpcspkr-event-spkr\n/dev/tty\n\n3\n\n/dev/tty0 or /dev/vc/0\n\n9\n\nuser specified console or evdev\ndevice path\n\n70\n\n/dev/tty\n\n79\n\nuser specified terminal device\npath\nall of the above\n\n100\n\nNotes\nDirect host PC speaker use.\n\nUses the terminal association of the VM process.\nVM needs to be started on a virtual console.\nCan only be used by user root or users with\ncapability cap_sys_tty_config\nLike 1-3, just with a custom device path.\nStandard beep only. Loses frequency and length.\nSee code 2.\nLike 70, just with a custom device path.\nTries all above codes.\n\nTo enable PC speaker passthrough use the following command:\nVBoxManage setextradata \"VM name\" \"VBoxInternal/Devices/i8254/0/Config/PassthroughSpeaker\" N\n\nReplace N with the code representing the case you want to use. Changing this setting will take\neffect when the VM is started next. It is safe to enable PC speaker passthrough on all host OSes.\nIt will only have an effect on Linux.\nThe VM log file, VBox.log, will contain lines with the prefix PIT: speaker: showing the PC\nspeaker passthrough setup activities. It gives hints which device it picked or why it failed.\nEnabling PC speaker passthrough for the VM is usually the simple part. The real difficulty\nis making sure that VirtualBox can access the necessary device, because in a typical Linux install most of them can only be accessed by user root. You should follow the preferred way to\npersistently change this, e.g by referring to your distribution’s documentation. Since there are\ncountless Linux distribution variants, we can only give the general hints that there is often a way\nto give the X11 session user access to additional devices, or you need to find a working solution\nusing a udev configuration file. If everything fails you might try setting the permissions using a\nscript which is run late enough in the host system startup.\n\n216\n\n\f9 Advanced topics\nSometimes additional rules are applied by the kernel to limit access (e.g. that the VM process\nmust have the same controlling terminal as the device configured to be used for beeping, something which is often very difficult to achieve for GUI applications such as VirtualBox). The table\nabove contains some hints, but generally refer to the Linux documentation.\nIf you have trouble getting any beeps even if the device permissions are set up and VBox.log\nconfirms that it uses evdev or console for the PC speaker control, check if your system has a PC\nspeaker. Some systems do not have one. Other complications can arise from Linux rerouting the\nPC speaker output to a sound card. Check if the beeps are audible if you connect speakers to\nyour sound card. Today almost all systems have one. Finally, check if the audio mixer control\nhas a channel named “beep” (could be hidden in the mixer settings) and that it isn’t muted.\n\n217\n\n\f10 Technical background\nThe contents of this chapter are not required to use VirtualBox successfully. The following is\nprovided as additional information for readers who are more familiar with computer architecture\nand technology and wish to find out more about how VirtualBox works “under the hood”.\n\n10.1 Where VirtualBox stores its files\nIn VirtualBox, a virtual machine and its settings are described in a virtual machine settings file\nin XML format. In addition, most virtual machine have one or more virtual hard disks, which\nare typically represented by disk images (e.g. in VDI format). Where all these files are stored\ndepends on which version of VirtualBox created the machine.\n\n10.1.1 Machines created by VirtualBox version 4.0 or later\nStarting with version 4.0, by default, each virtual machine has one directory on your host computer where all the files of that machine are stored – the XML settings file (with a .vbox file\nextension) and its disk images.\nBy default, this “machine folder” is placed in a common folder called “VirtualBox VMs”, which\nVirtualBox creates in the current system user’s home directory. The location of this home directory depends on the conventions of the host operating system:\n• On Windows, this is %HOMEDRIVE%%HOMEPATH%; typically something like C:\\Documents\nand Settings\\Username\\.\n• On Mac OS X, this is /Users/username.\n• On Linux and Solaris, this is /home/username.\nFor simplicity, we will abbreviate this as $HOME below. Using that convention, the common\nfolder for all virtual machines is $HOME/VirtualBox VMs.\nAs an example, when you create a virtual machine called “Example VM”, you will find that\nVirtualBox creates\n1. the folder $HOME/VirtualBox VMs/Example VM/ and, in that folder,\n2. the settings file Example VM.vbox and\n3. the virtual disk image Example VM.vdi.\nThis is the default layout if you use the “Create new virtual machine” wizard as described in\nchapter 1.7, Creating your first virtual machine, page 18. Once you start working with the VM,\nadditional files will show up: you will find log files in a subfolder called Logs, and once you have\ntaken snapshots, they will appear in a Snapshots subfolder. For each VM, you can change the\nlocation of its snapsnots folder in the VM settings.\nYou can change the default machine folder by selecting “Preferences” from the “File” menu\nin the VirtualBox main window. Then, in the window that pops up, click on the “General” tab.\nAlternatively, use VBoxManage setproperty machinefolder; see chapter 8.27, VBoxManage\nsetproperty, page 153.\n\n218\n\n\f10 Technical background\n\n10.1.2 Machines created by VirtualBox versions before 4.0\nIf you have upgraded to VirtualBox 4.0 from an earlier version of VirtualBox, you probably have\nsettings files and disks in the earlier file system layout.\nBefore version 4.0, VirtualBox separated the machine settings files from virtual disk images.\nThe machine settings files had an .xml file extension and resided in a folder called “Machines”\nunder the global VirtualBox configuration directory (see the next section). So, for example, on\nLinux, this was the hidden $HOME/.VirtualBox/Machines directory. The default hard disks\nfolder was called “HardDisks” and resided in the .VirtualBox folder as well. Both locations\ncould be changed by the user in the global preferences. (The concept of a “default hard disk\nfolder” has been abandoned with VirtualBox 4.0, since disk images now reside in each machine’s\nfolder by default.)\nThe old layout had several severe disadvantages.\n1. It was very difficult to move a virtual machine from one host to another because the\nfiles involved did not reside in the same folder. In addition, the virtual media of all\nmachines were registered with a global registry in the central VirtualBox settings file\n($HOME/.VirtualBox/VirtualBox.xml).\nTo move a machine to another host, it was therefore not enough to move the XML settings\nfile and the disk images (which were in different locations), but the hard disk entries from\nthe global media registry XML had to be meticulously copied as well, which was close to\nimpossible if the machine had snapshots and therefore differencing images.\n2. Storing virtual disk images, which can grow very large, under the hidden .VirtualBox\ndirectory (at least on Linux and Solaris hosts) made many users wonder where their disk\nspace had gone.\nWhereas new VMs created with VirtualBox 4.0 or later will conform to the new layout, for\nmaximum compatibility, old VMs are not converted to the new layout. Otherwise machine settings would be irrevocably broken if a user downgraded from 4.0 back to an older version of\nVirtualBox.\n\n10.1.3 Global configuration data\nIn addition to the files of the virtual machines, VirtualBox maintains global configuration data. On Linux and Solaris as of VirtualBox 4.3, this is in the hidden directory\n$HOME/.config/VirtualBox, although $HOME/.VirtualBox will be used if it exists for compatibility with earlier versions; on Windows (and on Linux and Solaris with VirtualBox 4.2 and\nearlier) this is in $HOME/.VirtualBox; on a Mac it resides in $HOME/Library/VirtualBox.\nVirtualBox creates this configuration directory automatically if necessary. Optionally, you can\nsupply an alternate configuration directory by setting the VBOX_USER_HOME environment variable, or additionally on Linux or Solaris by using the standard XDG_CONFIG_HOME variable. (Since\nthe global VirtualBox.xml settings file points to all other configuration files, this allows for\nswitching between several VirtualBox configurations entirely.)\nMost importantly, in this directory, VirtualBox stores its global settings file, another XML file\ncalled VirtualBox.xml. This includes global configuration options and the list of registered\nvirtual machines with pointers to their XML settings files. (Neither the location of this file nor its\ndirectory has changed with VirtualBox 4.0.)\nBefore VirtualBox 4.0, all virtual media (disk image files) were also contained in a global\nregistry in this settings file. For compatibility, this media registry still exists if you upgrade\nVirtualBox and there are media from machines which were created with a version before 4.0.\nIf you have no such machines, then there will be no global media registry; with VirtualBox 4.0,\neach machine XML file has its own media registry.\nAlso before VirtualBox 4.0, the default “Machines” folder and the default “HardDisks” folder\nresided under the VirtualBox configuration directory (e.g. $HOME/.VirtualBox/Machines on\n\n219\n\n\f10 Technical background\nLinux). If you are upgrading from a VirtualBox version before 4.0, files in these directories are\nnot automatically moved in order not to break backwards compatibility.\n\n10.1.4 Summary of 4.0 configuration changes\nThe following table gives a brief overview of the configuration changes between older versions\nand version 4.0 or above:\nSetting\nDefault machines folder\n\nBefore 4.0\n\n4.0 or above\n\n$HOME/.VirtualBox/Machines\n\n$HOME/VirtualBox\nVMs\n\nDefault disk image location\nMachine settings file\nextension\nMedia registry\n\n$HOME/.VirtualBox/HardDisks In each machine’s folder\n.xml\n.vbox\n\nMedia registration\n\nExplicit open/close required\n\nGlobal VirtualBox.xml file\n\nEach machine settings\nfile\nAutomatic on attach\n\n10.1.5 VirtualBox XML files\nVirtualBox uses XML for both the machine settings files and the global configuration file,\nVirtualBox.xml.\nAll VirtualBox XML files are versioned. When a new settings file is created (e.g. because a\nnew virtual machine is created), VirtualBox automatically uses the settings format of the current\nVirtualBox version. These files may not be readable if you downgrade to an earlier version of\nVirtualBox. However, when VirtualBox encounters a settings file from an earlier version (e.g.\nafter upgrading VirtualBox), it attempts to preserve the settings format as much as possible. It\nwill only silently upgrade the settings format if the current settings cannot be expressed in the\nold format, for example because you enabled a feature that was not present in an earlier version\nof VirtualBox.1 In such cases, VirtualBox backs up the old settings file in the virtual machine’s\nconfiguration directory. If you need to go back to the earlier version of VirtualBox, then you will\nneed to manually copy these backup files back.\nWe intentionally do not document the specifications of the VirtualBox XML files, as we must\nreserve the right to modify them in the future. We therefore strongly suggest that you do not\nedit these files manually. VirtualBox provides complete access to its configuration data through\nits the VBoxManage command line tool (see chapter 8, VBoxManage, page 117) and its API (see\nchapter 11, VirtualBox programming interfaces, page 228).\n\n10.2 VirtualBox executables and components\nVirtualBox was designed to be modular and flexible. When the VirtualBox graphical user interface (GUI) is opened and a VM is started, at least three processes are running:\n1. VBoxSVC, the VirtualBox service process which always runs in the background. This process is started automatically by the first VirtualBox client process (the GUI, VBoxManage,\nVBoxHeadless, the web service or others) and exits a short time after the last client exits.\nThe service is responsible for bookkeeping, maintaining the state of all VMs, and for providing communication between VirtualBox components. This communication is implemented\nvia COM/XPCOM.\n1 As\n\nan example, before VirtualBox 3.1, it was only possible to enable or disable a single DVD drive in a virtual machine.\nIf it was enabled, then it would always be visible as the secondary master of the IDE controller. With VirtualBox 3.1,\nDVD drives can be attached to arbitrary slots of arbitrary controllers, so they could be the secondary slave of an IDE\ncontroller or in a SATA slot. If you have a machine settings file from an earlier version and upgrade VirtualBox to 3.1\nand then move the DVD drive from its default position, this cannot be expressed in the old settings format; the XML\nmachine file would get written in the new format, and a backup file of the old format would be kept.\n\n220\n\n\f10 Technical background\nNote: When we refer to “clients” here, we mean the local clients of a particular VBoxSVC server process, not clients in a network. VirtualBox employs its own\nclient/server design to allow its processes to cooperate, but all these processes run under the same user account on the host operating system, and this is totally transparent\nto the user.\n2. The GUI process, VirtualBox, a client application based on the cross-platform Qt library. When started without the --startvm option, this application acts as the VirtualBox\nmanager, displaying the VMs and their settings. It then communicates settings and\nstate changes to VBoxSVC and also reflects changes effected through other means, e.g.,\nVBoxManage.\n3. If the VirtualBox client application is started with the --startvm argument, it loads the\nVMM library which includes the actual hypervisor and then runs a virtual machine and\nprovides the input and output for the guest.\nAny VirtualBox front-end (client) will communicate with the service process and can both\ncontrol and reflect the current state. For example, either the VM selector or the VM window or\nVBoxManage can be used to pause the running VM, and other components will always reflect\nthe changed state.\nThe VirtualBox GUI application is only one of several available front ends (clients). The complete list shipped with VirtualBox is:\n1. VirtualBox, the Qt front end implementing the manager and running VMs;\n2. VBoxManage, a less user-friendly but more powerful alternative, described in chapter 8,\nVBoxManage, page 117.\n3. VBoxSDL, a simple graphical front end based on the SDL library; see chapter 9.1, VBoxSDL,\nthe simplified VM displayer, page 173.\n4. VBoxHeadless, a VM front end which does not directly provide any video output and\nkeyboard/mouse input, but allows redirection via VirtualBox Remote Desktop Extension;\nsee chapter 7.1.2, VBoxHeadless, the remote desktop server, page 108.\n5. vboxwebsrv, the VirtualBox web service process which allows for controlling a VirtualBox\nhost remotely. This is described in detail in the VirtualBox Software Development Kit (SDK)\nreference; please see chapter 11, VirtualBox programming interfaces, page 228 for details.\n6. The VirtualBox Python shell, a Python alternative to VBoxManage. This is also described\nin the SDK reference.\nInternally, VirtualBox consists of many more or less separate components. You may encounter\nthese when analyzing VirtualBox internal error messages or log files. These include:\n• IPRT, a portable runtime library which abstracts file access, threading, string manipulation,\netc. Whenever VirtualBox accesses host operating features, it does so through this library\nfor cross-platform portability.\n• VMM (Virtual Machine Monitor), the heart of the hypervisor.\n• EM (Execution Manager), controls execution of guest code.\n• REM (Recompiled Execution Monitor), provides software emulation of CPU instructions.\n• TRPM (Trap Manager), intercepts and processes guest traps and exceptions.\n• HWACCM (Hardware Acceleration Manager), provides support for VT-x and AMD-V.\n\n221\n\n\f10 Technical background\n• PDM (Pluggable Device Manager), an abstract interface between the VMM and emulated\ndevices which separates device implementations from VMM internals and makes it easy\nto add new emulated devices. Through PDM, third-party developers can add new virtual\ndevices to VirtualBox without having to change VirtualBox itself.\n• PGM (Page Manager), a component controlling guest paging.\n• PATM (Patch Manager), patches guest code to improve and speed up software virtualization.\n• TM (Time Manager), handles timers and all aspects of time inside guests.\n• CFGM (Configuration Manager), provides a tree structure which holds configuration settings for the VM and all emulated devices.\n• SSM (Saved State Manager), saves and loads VM state.\n• VUSB (Virtual USB), a USB layer which separates emulated USB controllers from the controllers on the host and from USB devices; this also enables remote USB.\n• DBGF (Debug Facility), a built-in VM debugger.\n• VirtualBox emulates a number of devices to provide the hardware environment that various guests need. Most of these are standard devices found in many PC compatible machines and widely supported by guest operating systems. For network and storage devices\nin particular, there are several options for the emulated devices to access the underlying\nhardware. These devices are managed by PDM.\n• Guest Additions for various guest operating systems. This is code that is installed from\nwithin a virtual machine; see chapter 4, Guest Additions, page 61.\n• The “Main” component is special: it ties all the above bits together and is the only public\nAPI that VirtualBox provides. All the client processes listed above use only this API and\nnever access the hypervisor components directly. As a result, third-party applications that\nuse the VirtualBox Main API can rely on the fact that it is always well-tested and that all\ncapabilities of VirtualBox are fully exposed. It is this API that is described in the VirtualBox\nSDK mentioned above (again, see chapter 11, VirtualBox programming interfaces, page\n228).\n\n10.3 Hardware vs. software virtualization\nVirtualBox allows software in the virtual machine to run directly on the processor of the host,\nbut an array of complex techniques is employed to intercept operations that would interfere with\nyour host. Whenever the guest attempts to do something that could be harmful to your computer\nand its data, VirtualBox steps in and takes action. In particular, for lots of hardware that the\nguest believes to be accessing, VirtualBox simulates a certain “virtual” environment according to\nhow you have configured a virtual machine. For example, when the guest attempts to access a\nhard disk, VirtualBox redirects these requests to whatever you have configured to be the virtual\nmachine’s virtual hard disk – normally, an image file on your host.\nUnfortunately, the x86 platform was never designed to be virtualized. Detecting situations in\nwhich VirtualBox needs to take control over the guest code that is executing, as described above,\nis difficult. There are two ways in which to achieve this:\n• Since 2006, Intel and AMD processors have had support for so-called “hardware virtualization”. This means that these processors can help VirtualBox to intercept potentially\ndangerous operations that a guest operating system may be attempting and also makes it\neasier to present virtual hardware to a virtual machine.\n\n222\n\n\f10 Technical background\nThese hardware features differ between Intel and AMD processors. Intel named its technology VT-x; AMD calls theirs AMD-V. The Intel and AMD support for virtualization is very\ndifferent in detail, but not very different in principle.\nNote: On many systems, the hardware virtualization features first need to be enabled\nin the BIOS before VirtualBox can use them.\n\n• As opposed to other virtualization software, for many usage scenarios, VirtualBox does not\nrequire hardware virtualization features to be present. Through sophisticated techniques,\nVirtualBox virtualizes many guest operating systems entirely in software. This means that\nyou can run virtual machines even on older processors which do not support hardware\nvirtualization.\nEven though VirtualBox does not always require hardware virtualization, enabling it is required\nin the following scenarios:\n• Certain rare guest operating systems like OS/2 make use of very esoteric processor instructions that are not supported with our software virtualization. For virtual machines that\nare configured to contain such an operating system, hardware virtualization is enabled\nautomatically.\n• VirtualBox’s 64-bit guest support (added with version 2.0) and multiprocessing (SMP,\nadded with version 3.0) both require hardware virtualization to be enabled. (This is not\nmuch of a limitation since the vast majority of today’s 64-bit and multicore CPUs ship with\nhardware virtualization anyway; the exceptions to this rule are e.g. older Intel Celeron and\nAMD Opteron CPUs.)\n\nWarning: Do not run other hypervisors (open-source or commercial virtualization\nproducts) together with VirtualBox! While several hypervisors can normally be installed\nin parallel, do not attempt to run several virtual machines from competing hypervisors\nat the same time. VirtualBox cannot track what another hypervisor is currently attempting to do on the same host, and especially if several products attempt to use\nhardware virtualization features such as VT-x, this can crash the entire host. Also,\nwithin VirtualBox, you can mix software and hardware virtualization when running\nmultiple VMs. In certain cases a small performance penalty will be unavoidable when\nmixing VT-x and software virtualization VMs. We recommend not mixing virtualization\nmodes if maximum performance and low overhead are essential. This does not apply\nto AMD-V.\n\n10.4 Paravirtualization providers\nVirtualBox allows exposing a paravirtualization interface to facilitate accurate and efficient execution of software within a virtual machine. These interfaces require the guest operating system\nto recognize their presence and make use of them in order to leverage the benefits of communicating with the VirtualBox hypervisor.\nMost mainstream, modern guest operating systems, including Windows and Linux, ship with\nsupport for one or more paravirtualization interfaces. Hence, there is typically no need to install additional software in the guest (including VirtualBox Guest Additions) to make use of this\nfeature.\n\n223\n\n\f10 Technical background\nExposing a paravirtualization provider to the guest operating system does not rely on the\nchoice of host platforms. For example, the Hyper-V paravirtualization provider can be used for\nVMs to run on any host platform (supported by VirtualBox) and not just Windows.\nVirtualBox provides the following interfaces:\n• Minimal: Announces the presence of a virtualized environment. Additionally, reports the\nTSC and APIC frequency to the guest operating system. This provider is mandatory for\nrunning any Mac OS X guests.\n• KVM: Presents a Linux KVM hypervisor interface which is recognized by Linux kernels\nstarting with version 2.6.25. VirtualBox’s implementation currently supports paravirtualized clocks and SMP spinlocks. This provider is recommended for Linux guests.\n• Hyper-V: Presents a Microsoft Hyper-V hypervisor interface which is recognized by Windows 7 and newer operating systems. VirtualBox’s implementation currently supports\nparavirtualized clocks, APIC frequency reporting, guest crash reporting and relaxed timer\nchecks. This provider is recommended for Windows guests.\n\n10.5 Details about software virtualization\nImplementing virtualization on x86 CPUs with no hardware virtualization support is an extraordinarily complex task because the CPU architecture was not designed to be virtualized. The\nproblems can usually be solved, but at the cost of reduced performance. Thus, there is a constant clash between virtualization performance and accuracy.\nThe x86 instruction set was originally designed in the 1970s and underwent significant\nchanges with the addition of protected mode in the 1980s with the 286 CPU architecture and\nthen again with the Intel 386 and its 32-bit architecture. Whereas the 386 did have limited virtualization support for real mode operation (V86 mode, as used by the “DOS Box” of Windows\n3.x and OS/2 2.x), no support was provided for virtualizing the entire architecture.\nIn theory, software virtualization is not overly complex. In addition to the four privilege levels\n(“rings”) provided by the hardware (of which typically only two are used: ring 0 for kernel mode\nand ring 3 for user mode), one needs to differentiate between “host context” and “guest context”.\nIn “host context”, everything is as if no hypervisor was active. This might be the active mode if\nanother application on your host has been scheduled CPU time; in that case, there is a host ring\n3 mode and a host ring 0 mode. The hypervisor is not involved.\nIn “guest context”, however, a virtual machine is active. So long as the guest code is running\nin ring 3, this is not much of a problem since a hypervisor can set up the page tables properly\nand run that code natively on the processor. The problems mostly lie in how to intercept what\nthe guest’s kernel does.\nThere are several possible solutions to these problems. One approach is full software emulation, usually involving recompilation. That is, all code to be run by the guest is analyzed,\ntransformed into a form which will not allow the guest to either modify or see the true state of\nthe CPU, and only then executed. This process is obviously highly complex and costly in terms\nof performance. (VirtualBox contains a recompiler based on QEMU which can be used for pure\nsoftware emulation, but the recompiler is only activated in special situations, described below.)\nAnother possible solution is paravirtualization, in which only specially modified guest OSes\nare allowed to run. This way, most of the hardware access is abstracted and any functions which\nwould normally access the hardware or privileged CPU state are passed on to the hypervisor\ninstead. Paravirtualization can achieve good functionality and performance on standard x86\nCPUs, but it can only work if the guest OS can actually be modified, which is obviously not\nalways the case.\nVirtualBox chooses a different approach. When starting a virtual machine, through its ring-0\nsupport kernel driver, VirtualBox has set up the host system so that it can run most of the guest\ncode natively, but it has inserted itself at the “bottom” of the picture. It can then assume control\n\n224\n\n\f10 Technical background\nwhen needed – if a privileged instruction is executed, the guest traps (in particular because\nan I/O register was accessed and a device needs to be virtualized) or external interrupts occur.\nVirtualBox may then handle this and either route a request to a virtual device or possibly delegate\nhandling such things to the guest or host OS. In guest context, VirtualBox can therefore be in\none of three states:\n• Guest ring 3 code is run unmodified, at full speed, as much as possible. The number of\nfaults will generally be low (unless the guest allows port I/O from ring 3, something we\ncannot do as we don’t want the guest to be able to access real ports). This is also referred\nto as “raw mode”, as the guest ring-3 code runs unmodified.\n• For guest code in ring 0, VirtualBox employs a nasty trick: it actually reconfigures the guest\nso that its ring-0 code is run in ring 1 instead (which is normally not used in x86 operating\nsystems). As a result, when guest ring-0 code (actually running in ring 1) such as a guest\ndevice driver attempts to write to an I/O register or execute a privileged instruction, the\nVirtualBox hypervisor in “real” ring 0 can take over.\n• The hypervisor (VMM) can be active. Every time a fault occurs, VirtualBox looks at the\noffending instruction and can relegate it to a virtual device or the host OS or the guest OS\nor run it in the recompiler.\nIn particular, the recompiler is used when guest code disables interrupts and VirtualBox\ncannot figure out when they will be switched back on (in these situations, VirtualBox actually analyzes the guest code using its own disassembler). Also, certain privileged instructions such as LIDT need to be handled specially. Finally, any real-mode or protected-mode\ncode (e.g. BIOS code, a DOS guest, or any operating system startup) is run in the recompiler entirely.\nUnfortunately this only works to a degree. Among others, the following situations require\nspecial handling:\n1. Running ring 0 code in ring 1 causes a lot of additional instruction faults, as ring 1 is not\nallowed to execute any privileged instructions (of which guest’s ring-0 contains plenty).\nWith each of these faults, the VMM must step in and emulate the code to achieve the\ndesired behavior. While this works, emulating thousands of these faults is very expensive\nand severely hurts the performance of the virtualized guest.\n2. There are certain flaws in the implementation of ring 1 in the x86 architecture that were\nnever fixed. Certain instructions that should trap in ring 1 don’t. This affects, for example,\nthe LGDT/SGDT, LIDT/SIDT, or POPF/PUSHF instruction pairs. Whereas the “load” operation is privileged and can therefore be trapped, the “store” instruction always succeed. If\nthe guest is allowed to execute these, it will see the true state of the CPU, not the virtualized\nstate. The CPUID instruction also has the same problem.\n3. A hypervisor typically needs to reserve some portion of the guest’s address space (both\nlinear address space and selectors) for its own use. This is not entirely transparent to the\nguest OS and may cause clashes.\n4. The SYSENTER instruction (used for system calls) executed by an application running in a\nguest OS always transitions to ring 0. But that is where the hypervisor runs, not the guest\nOS. In this case, the hypervisor must trap and emulate the instruction even when it is not\ndesirable.\n5. The CPU segment registers contain a “hidden” descriptor cache which is not softwareaccessible. The hypervisor cannot read, save, or restore this state, but the guest OS may\nuse it.\n\n225\n\n\f10 Technical background\n6. Some resources must (and can) be trapped by the hypervisor, but the access is so frequent\nthat this creates a significant performance overhead. An example is the TPR (Task Priority)\nregister in 32-bit mode. Accesses to this register must be trapped by the hypervisor, but\ncertain guest operating systems (notably Windows and Solaris) write this register very\noften, which adversely affects virtualization performance.\nTo fix these performance and security issues, VirtualBox contains a Code Scanning and Analysis\nManager (CSAM), which disassembles guest code, and the Patch Manager (PATM), which can\nreplace it at runtime.\nBefore executing ring 0 code, CSAM scans it recursively to discover problematic instructions.\nPATM then performs in-situ patching, i.e. it replaces the instruction with a jump to hypervisor\nmemory where an integrated code generator has placed a more suitable implementation. In\nreality, this is a very complex task as there are lots of odd situations to be discovered and handled\ncorrectly. So, with its current complexity, one could argue that PATM is an advanced in-situ\nrecompiler.\nIn addition, every time a fault occurs, VirtualBox analyzes the offending code to determine if it\nis possible to patch it in order to prevent it from causing more faults in the future. This approach\nworks well in practice and dramatically improves software virtualization performance.\n\n10.6 Details about hardware virtualization\nWith Intel VT-x, there are two distinct modes of CPU operation: VMX root mode and non-root\nmode.\n• In root mode, the CPU operates much like older generations of processors without VT-x\nsupport. There are four privilege levels (“rings”), and the same instruction set is supported,\nwith the addition of several virtualization specific instruction. Root mode is what a host\noperating system without virtualization uses, and it is also used by a hypervisor when\nvirtualization is active.\n• In non-root mode, CPU operation is significantly different. There are still four privilege\nrings and the same instruction set, but a new structure called VMCS (Virtual Machine Control Structure) now controls the CPU operation and determines how certain instructions\nbehave. Non-root mode is where guest systems run.\nSwitching from root mode to non-root mode is called “VM entry”, the switch back is “VM exit”.\nThe VMCS includes a guest and host state area which is saved/restored at VM entry and exit.\nMost importantly, the VMCS controls which guest operations will cause VM exits.\nThe VMCS provides fairly fine-grained control over what the guests can and can’t do. For\nexample, a hypervisor can allow a guest to write certain bits in shadowed control registers, but\nnot others. This enables efficient virtualization in cases where guests can be allowed to write\ncontrol bits without disrupting the hypervisor, while preventing them from altering control bits\nover which the hypervisor needs to retain full control. The VMCS also provides control over\ninterrupt delivery and exceptions.\nWhenever an instruction or event causes a VM exit, the VMCS contains information about\nthe exit reason, often with accompanying detail. For example, if a write to the CR0 register\ncauses an exit, the offending instruction is recorded, along with the fact that a write access to\na control register caused the exit, and information about source and destination register. Thus\nthe hypervisor can efficiently handle the condition without needing advanced techniques such as\nCSAM and PATM described above.\nVT-x inherently avoids several of the problems which software virtualization faces. The guest\nhas its own completely separate address space not shared with the hypervisor, which eliminates\npotential clashes. Additionally, guest OS kernel code runs at privilege ring 0 in VMX non-root\nmode, obviating the problems by running ring 0 code at less privileged levels. For example the\n\n226\n\n\f10 Technical background\nSYSENTER instruction can transition to ring 0 without causing problems. Naturally, even at ring\n0 in VMX non-root mode, any I/O access by guest code still causes a VM exit, allowing for device\nemulation.\nThe biggest difference between VT-x and AMD-V is that AMD-V provides a more complete\nvirtualization environment. VT-x requires the VMX non-root code to run with paging enabled,\nwhich precludes hardware virtualization of real-mode code and non-paged protected-mode software. This typically only includes firmware and OS loaders, but nevertheless complicates VT-x\nhypervisor implementation. AMD-V does not have this restriction.\nOf course hardware virtualization is not perfect. Compared to software virtualization, the\noverhead of VM exits is relatively high. This causes problems for devices whose emulation requires high number of traps. One example is the VGA device in 16-color modes, where not only\nevery I/O port access but also every access to the framebuffer memory must be trapped.\n\n10.7 Nested paging and VPIDs\nIn addition to “plain” hardware virtualization, your processor may also support additional sophisticated techniques:2\n• A newer feature called “nested paging” implements some memory management in hardware, which can greatly accelerate hardware virtualization since these tasks no longer need\nto be performed by the virtualization software.\nWith nested paging, the hardware provides another level of indirection when translating\nlinear to physical addresses. Page tables function as before, but linear addresses are now\ntranslated to “guest physical” addresses first and not physical addresses directly. A new set\nof paging registers now exists under the traditional paging mechanism and translates from\nguest physical addresses to host physical addresses, which are used to access memory.\nNested paging eliminates the overhead caused by VM exits and page table accesses. In\nessence, with nested page tables the guest can handle paging without intervention from\nthe hypervisor. Nested paging thus significantly improves virtualization performance.\nOn AMD processors, nested paging has been available starting with the Barcelona (K10)\narchitecture – they call it now “rapid virtualization indexing” (RVI). Intel added support for\nnested paging, which they call “extended page tables” (EPT), with their Core i7 (Nehalem)\nprocessors.\nIf nested paging is enabled, the VirtualBox hypervisor can also use large pages to reduce\nTLB usage and overhead. This can yield a performance improvement of up to 5%. To\nenable this feature for a VM, you need to use the VBoxManage modifyvm --largepages\ncommand; see chapter 8.8, VBoxManage modifyvm, page 131.\n• On Intel CPUs, another hardware feature called “Virtual Processor Identifiers” (VPIDs)\ncan greatly accelerate context switching by reducing the need for expensive flushing of the\nprocessor’s Translation Lookaside Buffers (TLBs).\nTo enable these features for a VM, you need to use the VBoxManage modifyvm --vtxvpid\nand --largepages commands; see chapter 8.8, VBoxManage modifyvm, page 131.\n\n2 VirtualBox\n\n2.0 added support for AMD’s nested paging; support for Intel’s EPT and VPIDs was added with version 2.1.\n\n227\n\n\f11 VirtualBox programming interfaces\nVirtualBox comes with comprehensive support for third-party developers. The so-called “Main\nAPI” of VirtualBox exposes the entire feature set of the virtualization engine. It is completely\ndocumented and available to anyone who wishes to control VirtualBox programmatically.\nThe Main API is made available to C++ clients through COM (on Windows hosts) or XPCOM\n(on other hosts). Bridges also exist for SOAP, Java and Python.\nAll programming information (documentation, reference information, header and other interface files as well as samples) have been split out to a separate Software Development Kit\n(SDK), which is available for download from http://www.virtualbox.org. In particular, the\nSDK comes with a “Programming Guide and Reference” in PDF format, which contains, among\nother things, the information that was previously in this chapter of the User Manual.\n\n228\n\n\f12 Troubleshooting\nThis chapter provides answers to commonly asked questions. In order to improve your user\nexperience with VirtualBox, it is recommended to read this section to learn more about common\npitfalls and get recommendations on how to use the product.\n\n12.1 Procedures and tools\n12.1.1 Categorizing and isolating problems\nMore often than not, a virtualized guest behaves like a physical system. Any problems that a\nphysical machine would encounter, a virtual machine will encounter as well. If, for example,\nInternet connectivity is lost due to external issues, virtual machines will be affected just as much\nas physical ones.\nIf a true VirtualBox problem is encountered, it helps to categorize and isolate the problem first.\nHere are some of the questions that should be answered before reporting a problem:\n1. Is the problem specific to a certain guest OS? Specific release of a guest OS? Especially\nwith Linux guest related problems, the issue may be specific to a certain distribution and\nversion of Linux.\n2. Is the problem specific to a certain host OS? Problems are usually not host OS specific\n(because most of the VirtualBox code base is shared across all supported platforms), but\nespecially in the areas of networking and USB support, there are significant differences\nbetween host platforms. Some GUI related issues are also host specific.\n3. Is the problem specific to certain host hardware? This category of issues is typically related\nto the host CPU. Because of significant differences between VT-x and AMD-V, problems may\nbe specific to one or the other technology. The exact CPU model may also make a difference\n(even for software virtualization) because different CPUs support different features, which\nmay affect certain aspects of guest CPU operation.\n4. Is the problem specific to a certain virtualization mode? Some problems may only occur in\nsoftware virtualization mode, others may be specific to hardware virtualization.\n5. Is the problem specific to guest SMP? That is, is it related to the number of virtual CPUs\n(VCPUs) in the guest? Using more than one CPU usually significantly affects the internal\noperation of a guest OS.\n6. Is the problem specific to the Guest Additions? In some cases, this is a given (e.g., a shared\nfolders problem), in other cases it may be less obvious (for example, display problems).\nAnd if the problem is Guest Additions specific, is it also specific to a certain version of the\nAdditions?\n7. Is the problem specific to a certain environment? Some problems are related to a particular\nenvironment external to the VM; this usually involves network setup. Certain configurations of external servers such as DHCP or PXE may expose problems which do not occur\nwith other, similar servers.\n8. Is the problem a regression? Knowing that an issue is a regression usually makes it significantly easier to find the solution. In this case, it is crucial to know which version is affected\nand which is not.\n\n229\n\n\f12 Troubleshooting\n\n12.1.2 Collecting debugging information\nFor problem determination, it is often important to collect debugging information which can be\nanalyzed by VirtualBox support. This section contains information about what kind of information can be obtained.\nEvery time VirtualBox starts up a VM, a so-called “release log file” is created containing lots\nof information about the VM configuration and runtime events. The log file is called VBox.log\nand resides in the VM log file folder. Typically this will be a directory like this:\n$HOME/VirtualBox VMs/{machinename}/Logs\n\nWhen starting a VM, the configuration file of the last run will be renamed to .1, up to .3.\nSometimes when there is a problem, it is useful to have a look at the logs. Also when requesting\nsupport for VirtualBox, supplying the corresponding log file is mandatory.\nFor convenience, for each virtual machine, the VirtualBox main window can show these logs in\na window. To access it, select a virtual machine from the list on the left and select “Show logs...“\nfrom the “Machine” window.\nThe release log file (VBox.log) contains a wealth of diagnostic information, such as Host OS\ntype and version, VirtualBox version and build (32-bit or 64-bit), a complete dump of the guest’s\nconfiguration (CFGM), detailed information about the host CPU type and supported features,\nwhether hardware virtualization is enabled, information about VT-x/AMD-V setup, state transitions (creating, running, paused, stopping, etc.), guest BIOS messages, Guest Additions messages, device-specific log entries and, at the end of execution, final guest state and condensed\nstatistics.\nIn case of crashes, it is very important to collect crash dumps. This is true for both host and\nguest crashes. For information about enabling core dumps on Linux, Solaris, and OS X systems,\nrefer to the core dump article on the VirtualBox website.1\nYou can also use VBoxManage debugvm to create a dump of a complete virtual machine; see\nchapter 8.35, VBoxManage debugvm, page 165.\nFor network related problems, it is often helpful to capture a trace of network traffic. If the\ntraffic is routed through an adapter on the host, it is possible to use Wireshark or a similar tool\nto capture the traffic there. However, this often also includes a lot of traffic unrelated to the VM.\nVirtualBox provides an ability to capture network traffic only on a specific VM’s network\nadapter. Refer to the network tracing article on the VirtualBox website2 for information on\nenabling this capture. The trace files created by VirtualBox are in .pcap format and can be easily\nanalyzed with Wireshark.\n\n12.1.3 The built-in VM debugger\nVirtualBox includes a built-in VM debugger, which advanced users may find useful. This debugger allows for examining and, to some extent, controlling the VM state.\nWarning: Use the VM debugger at your own risk. There is no support for it, and the\nfollowing documentation is only made available for advanced users with a very high\nlevel of familiarity with the x86/AMD64 machine instruction set, as well as detailed\nknowledge of the PC architecture. A degree of familiarity with the internals of the\nguest OS in question may also be very helpful.\nThe VM debugger is available in all regular production versions of VirtualBox, but it is disabled\nby default because the average user will have little use for it. There are two ways to access the\ndebugger:\n1 http://www.virtualbox.org/wiki/Core_dump.\n2 http://www.virtualbox.org/wiki/Network_tips.\n\n230\n\n\f12 Troubleshooting\n• A debugger console window displayed alongside the VM\n• Via the telnet protocol at port 5000\nThe debugger can be enabled in three ways:\n• Start the VM directly using VirtualBox --startvm, with an additional --dbg, --debug,\nor --debug-command-line argument. See the VirtualBox usage help for details.\n• Set the VBOX_GUI_DBG_ENABLED or VBOX_GUI_DBG_AUTO_SHOW environment variable to\ntrue before launching the VirtualBox process. Setting these variables (only their presence\nis checked) is effective even when the first VirtualBox process is the VM selector window.\nVMs subsequently launched from the selector will have the debugger enabled.\n• Set the GUI/Dbg/Enabled extra data item to true before launching the VM. This can be\nset globally or on a per VM basis.\nA new ’Debug’ menu entry will be added to the VirtualBox application. This menu allows the\nuser to open the debugger console.\nThe VM debugger command syntax is loosely modeled on Microsoft and IBM debuggers used\non DOS, OS/2 and Windows. Users familiar with symdeb, CodeView, or the OS/2 kernel debugger will find the VirtualBox VM debugger familiar.\nThe most important command is help. This will print brief usage help for all debugger commands. The set of commands supported by the VM debugger changes frequently and the help\ncommand is always up-to-date.\nA brief summary of frequently used commands follows:\n• stop – stops the VM execution and enables single stepping\n• g – continue VM execution\n• t – single step an instruction\n• rg/rh/r – print the guest/hypervisor/current registers\n• kg/kh/k – print the guest/hypervisor/current call stack\n• da/db/dw/dd/dq – print memory contents as ASCII/bytes/words/dwords/qwords\n• u – unassemble memory\n• dg – print the guest’s GDT\n• di – print the guest’s IDT\n• dl – print the guest’s LDT\n• dt – print the guest’s TSS\n• dp* – print the guest’s page table structures\n• bp/br – set a normal/recompiler breakpoint\n• bl – list breakpoints\n• bc – clear a breakpoint\n• writecore – writes a VM core file to disk, refer chapter 12.1.4, VM core format, page 232\n\n231\n\n\f12 Troubleshooting\nSee the built-in help for other available commands.\nThe VM debugger supports symbolic debugging, although symbols for guest code are often\nnot available. For Solaris guests, the detect command automatically determines the guest OS\nversion and locates kernel symbols in guest’s memory. Symbolic debugging is then available.\nFor Linux guests, the detect commands also determines the guest OS version, but there are\nno symbols in the guest’s memory. Kernel symbols are available in the file /proc/kallsyms\non Linux guests. This file must be copied to the host, for example using scp. The loadmap\ndebugger command can be used to make the symbol information available to the VM debugger.\nNote that the kallsyms file contains the symbols for the currently loaded modules; if the guest’s\nconfiguration changes, the symbols will change as well and must be updated.\nFor all guests, a simple way to verify that the correct symbols are loaded is the k command.\nThe guest is normally idling and it should be clear from the symbolic information that the guest\noperating system’s idle loop is being executed.\nAnother group of debugger commands is the set of info commands. Running info help\nprovides complete usage information. The information commands provide ad-hoc data pertinent\nto various emulated devices and aspects of the VMM. There is no general guideline for using the\ninfo commands, the right command to use depends entirely on the problem being investigated.\nSome of the info commands are:\n• cfgm – print a branch of the configuration tree\n• cpuid – display the guest CPUID leaves\n• ioport – print registered I/O port ranges\n• mmio – print registered MMIO ranges\n• mode – print the current paging mode\n• pit – print the i8254 PIT state\n• pic – print the i8259A PIC state\n• ohci/ehci/xhci – print a subset of the OHCI/EHCI/xHCI USB controller state\n• pcnet0 – print the PCnet state\n• vgatext – print the contents of the VGA framebuffer formatted as standard text mode\n• timers – print all VM timers\nThe output of the info commands generally requires in-depth knowledge of the emulated device and/or VirtualBox VMM internals. However, when used properly, the information provided\ncan be invaluable.\n\n12.1.4 VM core format\nVirtualBox uses the 64-bit ELF format for its VM core files created by VBoxManage debugvm;\nsee chapter 8.35, VBoxManage debugvm, page 165. The VM core file contain the memory and\nCPU dumps of the VM and can be useful for debugging your guest OS. The 64-bit ELF object\nformat specficiation can be obtained here: http://downloads.openwatcom.org/ftp/devel/\ndocs/elf-64-gen.pdf.\nThe overall layout of the VM core format is as follows:\n[ ELF 64 Header]\n[ Program Header, type PT_NOTE ]\n-> offset to COREDESCRIPTOR\n[ Program Header, type PT_LOAD ] - one for each contiguous physical memory range\n-> Memory offset of range\n\n232\n\n\f12 Troubleshooting\n-> File offset\n[ Note Header, type NT_VBOXCORE ]\n[ COREDESCRIPTOR ]\n-> Magic\n-> VM core file version\n-> VBox version\n-> Number of vCPUs etc.\n[ Note Header, type NT_VBOXCPU ] - one for each vCPU\n[ vCPU 1 Note Header ]\n[ DBGFCORECPU - vCPU 1 dump ]\n[ Additional Notes + Data ] - currently unused\n[ Memory dump ]\n\nThe memory descriptors contain physical addresses relative to the guest and not virtual addresses. Regions of memory such as MMIO regions are not included in the core file.\nThe relevant data structures and definitions can be found in the VirtualBox sources under the following header files: include/VBox/dbgfcorefmt.h, include/iprt/x86.h and\nsrc/VBox/Runtime/include/internal/ldrELFCommon.h.\nThe VM core file can be inspected using elfdump and GNU readelf or other similar utilities.\n\n12.2 General\n12.2.1 Guest shows IDE/SATA errors for file-based images on slow host\nfile system\nOccasionally, some host file systems provide very poor writing performance and as a consequence\ncause the guest to time out IDE/SATA commands. This is normal behavior and should normally\ncause no real problems, as the guest should repeat commands that have timed out. However,\nsome guests (e.g. some Linux versions) have severe problems if a write to an image file takes\nlonger than about 15 seconds. Some file systems however require more than a minute to complete a single write, if the host cache contains a large amount of data that needs to be written.\nThe symptom for this problem is that the guest can no longer access its files during large write\nor copying operations, usually leading to an immediate hang of the guest.\nIn order to work around this problem (the true fix is to use a faster file system that doesn’t\nexhibit such unacceptable write performance), it is possible to flush the image file after a certain amount of data has been written. This interval is normally infinite, but can be configured\nindividually for each disk of a VM.\nFor IDE disks use the following command:\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/piix3ide/0/LUN#[x]/Config/FlushInterval\" [b]\n\nFor SATA disks use the following command:\nVBoxManage setextradata \"VM name\"\n\"VBoxInternal/Devices/ahci/0/LUN#[x]/Config/FlushInterval\" [b]\n\nThe value [x] that selects the disk for IDE is 0 for the master device on the first channel, 1 for\nthe slave device on the first channel, 2 for the master device on the second channel or 3 for the\nmaster device on the second channel. For SATA use values between 0 and 29. Only disks support\nthis configuration option; it must not be set for CD/DVD drives.\nThe unit of the interval [b] is the number of bytes written since the last flush. The value for it\nmust be selected so that the occasional long write delays do not occur. Since the proper flush interval depends on the performance of the host and the host filesystem, finding the optimal value\nthat makes the problem disappear requires some experimentation. Values between 1000000 and\n10000000 (1 to 10 megabytes) are a good starting point. Decreasing the interval both decreases\nthe probability of the problem and the write performance of the guest. Setting the value unnecessarily low will cost performance without providing any benefits. An interval of 1 will cause a\n\n233\n\n\f12 Troubleshooting\nflush for each write operation and should solve the problem in any case, but has a severe write\nperformance penalty.\nProviding a value of 0 for [b] is treated as an infinite flush interval, effectively disabling this\nworkaround. Removing the extra data key by specifying no value for [b] has the same effect.\n\n12.2.2 Responding to guest IDE/SATA flush requests\nIf desired, the virtual disk images can be flushed when the guest issues the IDE FLUSH CACHE\ncommand. Normally these requests are ignored for improved performance. The parameters\nbelow are only accepted for disk drives. They must not be set for DVD drives.\nTo enable flushing for IDE disks, issue the following command:\nVBoxManage setextradata \"VM name\" \"VBoxInternal/Devices/piix3ide/0/LUN#[x]/Config/IgnoreFlush\" 0\n\nThe value [x] that selects the disk is 0 for the master device on the first channel, 1 for the slave\ndevice on the first channel, 2 for the master device on the second channel or 3 for the master\ndevice on the second channel.\nTo enable flushing for SATA disks, issue the following command:\nVBoxManage setextradata \"VM name\" \"VBoxInternal/Devices/ahci/0/LUN#[x]/Config/IgnoreFlush\" 0\n\nThe value [x] that selects the disk can be a value between 0 and 29.\nNote that this doesn’t affect the flushes performed according to the configuration described in\nchapter 12.2.1, Guest shows IDE/SATA errors for file-based images on slow host file system, page\n233. Restoring the default of ignoring flush commands is possible by setting the value to 1 or by\nremoving the key.\n\n12.2.3 Performance variation with frequency boosting\nMany newer multi-core processors support some form of frequency boosting, which means that if\nonly one core is utilized, it can run faster (possibly 50% faster or even more) than the rated CPU\nfrequency. This causes measured performance to vary somewhat as a function of the momentary\noverall system load. The exact behavior depends strongly on the specific processor model.\nAs a consequence, benchmarking on systems which utilize frequency boosting may produce\nunstable and non-repeatable results, especially if benchmark runs are short (on the order of\nseconds). To obtain stable results, benchmarks must be run over longer periods of time and with\na constant system load apart from the VM being tested.\n\n12.2.4 Frequency scaling effect on CPU usage\nOn some hardware platforms and operating systems, CPU frequency scaling may cause CPU\nusage reporting to be highly misleading. This happens in situations when the host CPU load is\nsignificant but not heavy, such as 15-30% of the maximum.\nMost operating systems determine CPU usage in terms of time spent, measuring for example\nhow many nanoseconds the systems or a process was active within one second. However, in\norder to save energy, modern systems can significantly scale down CPU speed when the system\nis not fully loaded. Naturally, when the CPU is running at (for example) one half of its maximum\nspeed, the same number of instructions will take roughly twice as long to execute compared to\nrunning at full speed.\nDepending on the specific hardware and host OS, this effect can very significantly skew the\nCPU usage reported by the OS; the reported CPU usage can be several times higher than what\nit would have been had the CPU been running at full speed. The effect can be observed both on\nthe host OS and in a guest OS.\n\n234\n\n\f12 Troubleshooting\n\n12.2.5 Inaccurate Windows CPU usage reporting\nCPU usage reporting tools which come with Windows (Task Manager, Resource Monitor) do not\ntake the time spent processing hardware interrupts into account. If the interrupt load is heavy\n(thousands of interrupts per second), CPU usage may be significantly underreported.\nThis problem affects Windows as both host and guest OS. Sysinternals tools (e.g. Process\nExplorer) do not suffer from this problem.\n\n12.2.6 Poor performance caused by host power management\nOn some hardware platforms and operating systems, virtualization performance is negatively\naffected by host CPU power management. The symptoms may be choppy audio in the guest or\nerratic guest clock behavior.\nSome of the problems may be caused by firmware and/or host operating system bugs. Therefore, updating the firmware and applying operating systems fixes is recommended.\nFor optimal virtualization performance, the C1E power state support in the system’s BIOS\nshould be disabled, if such a setting is available (not all systems support the C1E power state). On\nIntel systems the Intel C State setting should be disabled. Disabling other power management\nsettings may also improve performance. However, a balance between performance and power\nconsumption must always be considered.\n\n12.2.7 GUI: 2D Video Acceleration option is grayed out\nTo use 2D Video Acceleration within VirtualBox, your host’s video card should support certain\nOpenGL extensions. On startup, VirtualBox checks for those extensions, and, if the test fails, this\noption is silently grayed out.\nTo find out why it has failed, you can manually execute the following command:\nVBoxTestOGL --log \"log_file_name\" --test 2D\n\nIt will list the required OpenGL extensions one by one and will show you which one failed the\ntest. This usually means that you are running an outdated or misconfigured OpenGL driver on\nyour host. It can also mean that your video chip is lacking required functionality.\n\n12.3 Windows guests\n12.3.1 Windows bluescreens after changing VM configuration\nChanging certain virtual machine settings can cause Windows guests to fail during start up with\na bluescreen. This may happen if you change VM settings after installing Windows, or if you\ncopy a disk image with an already installed Windows to a newly created VM which has settings\nthat differ from the original machine.\nThis applies in particular to the following settings:\n• The ACPI and I/O APIC settings should never be changed after installing Windows. Depending on the presence of these hardware features, the Windows installation program\nchooses special kernel and device driver versions and will fail to startup should these hardware features be removed. (Enabling them for a Windows VM which was installed without\nthem does not cause any harm. However, Windows will not use these features in this case.)\n• Changing the storage controller hardware will cause bootup failures as well. This might\nalso apply to you if you copy a disk image from an older version of VirtualBox to a virtual\nmachine created with a newer VirtualBox version; the default subtype of IDE controller\nhardware was changed from PIIX3 to PIIX4 with VirtualBox 2.2. Make sure these settings\nare identical.\n\n235\n\n\f12 Troubleshooting\n\n12.3.2 Windows 0x101 bluescreens with SMP enabled (IPI timeout)\nIf a VM is configured to have more than one processor (symmetrical multiprocessing, SMP), some\nconfigurations of Windows guests crash with an 0x101 error message, indicating a timeout for\ninter-processor interrupts (IPIs). These interrupts synchronize memory management between\nprocessors.\nAccording to Microsoft, this is due to a race condition in Windows. A hotfix is available.3 If\nthis does not help, please reduce the number of virtual processors to 1.\n\n12.3.3 Windows 2000 installation failures\nWhen installing Windows 2000 guests, you might run into one of the following issues:\n• Installation reboots, usually during component registration.\n• Installation fills the whole hard disk with empty log files.\n• Installation complains about a failure installing msgina.dll.\nThese problems are all caused by a bug in the hard disk driver of Windows 2000. After issuing a\nhard disk request, there is a race condition in the Windows driver code which leads to corruption\nif the operation completes too fast, i.e. the hardware interrupt from the IDE controller arrives\ntoo soon. With physical hardware, there is a guaranteed delay in most systems so the problem\nis usually hidden there (however it should be possible to reproduce it on physical hardware as\nwell). In a virtual environment, it is possible for the operation to be done immediately (especially\non very fast systems with multiple CPUs) and the interrupt is signaled sooner than on a physical\nsystem. The solution is to introduce an artificial delay before delivering such interrupts. This\ndelay can be configured for a VM using the following command:\nVBoxManage setextradata \"VM name\" \"VBoxInternal/Devices/piix3ide/0/Config/IRQDelay\" 1\n\nThis sets the delay to one millisecond. In case this doesn’t help, increase it to a value between\n1 and 5 milliseconds. Please note that this slows down disk performance. After installation, you\nshould be able to remove the key (or set it to 0).\n\n12.3.4 How to record bluescreen information from Windows guests\nWhen Windows guests run into a kernel crash, they display the infamous bluescreen. Depending\non how Windows is configured, the information will remain on the screen until the machine\nis restarted or it will reboot automatically. During installation, Windows is usually configured\nto reboot automatically. With automatic reboots, there is no chance to record the bluescreen\ninformation which might be important for problem determination.\nVirtualBox provides a method of halting a guest when it wants to perform a reset. In order to\nenable this feature, issue the following command:\nVBoxManage setextradata \"VM name\" \"VBoxInternal/PDM/HaltOnReset\" 1\n\n12.3.5 PCnet driver failure in 32-bit Windows Server 2003 guests\nCertain editions of Windows 2000 and 2003 servers support more than 4 GB RAM on 32-bit\nsystems. The AMD PCnet network driver shipped with Windows Server 2003 fails to load if the\n32-bit guest OS uses paging extensions (which will occur with more than approximately 3.5 GB\nRAM assigned to the VM).\nThis problem is known to occur with version 4.38.0.0 of the PCnet driver. The issue was\nfixed in version 4.51.0.0 of the driver, which is available as a separate download. An alternative\nsolution may be changing the emulated NIC type to Intel PRO/1000 MT Desktop (82540EM), or\nreducing the RAM assigned to the VM to approximately 3.5 GB or less.\n3 See http://support.microsoft.com/kb/955076.\n\n236\n\n\f12 Troubleshooting\n\n12.3.6 No networking in Windows Vista guests\nWith Windows Vista, Microsoft dropped support for the AMD PCNet card that VirtualBox used\nto provide as the default virtual network card before version 1.6.0. For Windows Vista guests,\nVirtualBox now uses an Intel E1000 card by default.\nIf, for some reason, you still want to use the AMD card, you need to download the PCNet\ndriver from the AMD website (available for 32-bit Windows only). You can transfer it into the\nvirtual machine using a shared folder, see (see chapter 4.3, Shared folders, page 71).\n\n12.3.7 Windows guests may cause a high CPU load\nSeveral background applications of Windows guests, especially virus scanners, are known to\nincreases the CPU load notably even if the guest appears to be idle. We recommend to deactivate\nvirus scanners within virtualized guests if possible.\n\n12.3.8 Long delays when accessing shared folders\nThe performance for accesses to shared folders from a Windows guest might be decreased due\nto delays during the resolution of the VirtualBox shared folders name service. To fix these delays, add the following entries to the file \\windows\\system32\\drivers\\etc\\lmhosts of the\nWindows guest:\n255.255.255.255\n255.255.255.255\n\nVBOXSVR #PRE\nVBOXSRV #PRE\n\nAfter doing this change, a reboot of the guest is required.\n\n12.3.9 USB tablet coordinates wrong in Windows 98 guests\nIf a Windows 98 VM is configured to use the emulated USB tablet (absolute pointing device), the\ncoordinate translation may be incorrect and the pointer is restricted to the upper left quarter of\nthe guest’s screen.\nThe USB HID (Human Interface Device) drivers in Windows 98 are very old and do not handle\ntablets the same way all more recent operating systems do (Windows 2000 and later, Mac OS X,\nSolaris). To work around the problem, issue the following command:\nVBoxManage setextradata \"VM name\" \"VBoxInternal/USB/HidMouse/0/Config/CoordShift\" 0\n\nTo restore the default behavior, remove the key or set its value to 1.\n\n12.3.10 Windows guests are removed from an Active Directory domain\nafter restoring a snapshot\nIf a Windows guest is a member of an Active Directory domain and the snapshot feature of\nVirtualBox is used, it could happen it loses this status after you restore an older snapshot.\nThe reason is the automatic machine password changing performed by Windows in regular\nintervals for security purposes. You can disable this feature by following the instruction of this\nhttp://support.microsoft.com/kb/154501 article from Microsoft.\n\n12.3.11 Restoring d3d8.dll and d3d9.dll\nVirtualBox Guest Additions for Windows prior to 4.1.8 did not properly back up the original\nd3d8.dll and d3d9.dll system files when selecting and installing the experimental Direct3D support. This process replaces both system files with files from the VirtualBox Guest Additions so\n\n237\n\n\f12 Troubleshooting\nthat Direct3D calls can be handled correctly. Although this issue was fixed with VirtualBox 4.1.8,\nthere is no way the Windows Guest Additions installer can repair these files.\nCorruption of these files has no implications in case 3D acceleration is enabled and basic Direct3D support is installed, that is, without WDDM (on Windows Vista or higher) or on older Windows systems like Windows XP. With the basic Direct3D support all Direct3D 8.0 and Direct3D\n9.0 applications will utilize VirtualBox Direct3D files directly and thus will run as expected.\nFor WDDM Direct3D support however, the originally shipped d3d8.dll and d3d9.dll files are\nrequired in order to run Direct3D 8.0 and Direct3D 9.0 applications. As a result of the above\nmentioned system files corruption these applications will not work anymore. See below for\na step-by-step guide for restoring the original d3d8.dll and d3d9.dll system files in case the\nVirtualBox Guest Additions installer warned about those incorrect files or when having trouble\nrunning Direct3D applications.\nNote: Starting at Windows 7 the 3D desktop (aka Aero) uses DirectX 10 for rendering\nso that corrupted d3d8.dll and d3d9.dll system files will have no effect on the actual\nrendering.\nThis is why such a detected file corruption is not considered as fatal for the basic Direct3D\ninstallation on all supported Windows guests, and for WDDM Direct3D installation on Windows\n7 and later guests.\nExtracting d3d8 and d3d9.dll from a Windows XP installation CD:\n1. Download and install the latest version of 7-Zip File Manager http//www.7-zip.org\n2. Browse into the installation CD for example E:\\i386 (or amd64 for the 64-bit version)\n3. Locate file d3d8.dl_ and d3d9.dl_, double click on it and Extract d3d8.dll and d3d9.dll\n4. Reboot Windows in Safe mode\n5. Copy extracted d3d8.dll and d3d9.dll to C:\\Windows\\system32 and C:\\Windows\\system32\\dllcache\n6. Reboot\nExtracting d3d8 and d3d9.dll from Windows XP Service pack\n1. 1, 3-6 Same as installation CD\n2. Use ’Open inside’ to open WindowsXP-KB936929-SP3-x86.exe as archive and browse i386\ndirectory.\nExtracting d3d8 and d3d9.dll from Vista/Windows7 installation CD or Service Pack iso\n1. Download and install the latest version of 7-Zip File Manager http//www.7-zip.org\n2. Browse into installation CD for example E:\\sources\n3. Locate file install.wim and double click it. After 7-Zip utility opens the file, you’ll get a\nfew numbered folders. Each numeric subfolder represents a different version of Windows\n(Starter, Home Basic, and so on)\n4. After entering into the one of the numeric folders, browse into Windows\\System32 (or\nC:\\Windows\\SysWOW64 for the 64-bit version) directory locate d3d8.dll and d3d9.dll and\nextract\n5. Copy extracted d3d8.dll and d3d9.dll to C:\\Windows\\system32 or C:\\Windows\\SysWOW64\n(files from system32 should go to system32, from SysWOW64 to SysWOW64)\n6. Reboot\n\n238\n\n\f12 Troubleshooting\n\n12.3.12 Windows 3.x limited to 64 MB RAM\nWindows 3.x guests are typically limited to 64 MB RAM, even if a VM is assigned much more\nmemory. While Windows 3.1 is theoretically capable of using up to 512 MB RAM, it only uses\nmemory available through the XMS interface. Versions of HIMEM.SYS (the Microsoft XMS manager) shipped with MS-DOS and Microsoft Windows 3.x can only use up to 64 MB on standard\nPCs.\nThis is a HIMEM.SYS limitation documented by Microsoft in Knowledge base article KB\n116256. Windows 3.1 memory limits are described in detail in Microsoft Knowledge base article KB 84388.\nIt is possible for Windows 3.x guests to utilize more than 64 MB RAM if a different XMS\nprovider is used. That could be a newer HIMEM.SYS version (such as that shipped with Windows\n98), or a more capable third-party memory manager (such as QEMM).\n\n12.4 Linux and X11 guests\n12.4.1 Linux guests may cause a high CPU load\nSome Linux guests may cause a high CPU load even if the guest system appears to be idle.\nThis can be caused by a high timer frequency of the guest kernel. Some Linux distributions,\nfor example Fedora, ship a Linux kernel configured for a timer frequency of 1000Hz. We\nrecommend to recompile the guest kernel and to select a timer frequency of 100Hz.\nLinux kernels shipped with Red Hat Enterprise Linux (RHEL) as of release 4.7 and 5.1 as\nwell as kernels of related Linux distributions (for instance CentOS and Oracle Linux) support\na kernel parameter divider=N. Hence, such kernels support a lower timer frequency without\nrecompilation. We suggest to add the kernel parameter divider=10 to select a guest kernel timer\nfrequency of 100Hz.\n\n12.4.2 AMD Barcelona CPUs\nMost Linux-based guests will fail with AMD Phenoms or Barcelona-level Opterons due to a bug\nin the Linux kernel. Enable the I/O-APIC to work around the problem (see chapter 3.4, System\nsettings, page 49).\n\n12.4.3 Buggy Linux 2.6 kernel versions\nThe following bugs in Linux kernels prevent them from executing correctly in VirtualBox, causing\nVM boot crashes:\n• The Linux kernel version 2.6.18 (and some 2.6.17 versions) introduced a race condition\nthat can cause boot crashes in VirtualBox. Please use a kernel version 2.6.19 or later.\n• With hardware virtualization and the I/O APIC enabled, kernels before 2.6.24-rc6 may\npanic on boot with the following message:\nKernel panic - not syncing: IO-APIC + timer doesn’t work! Boot with\napic=debug and send a report. Then try booting with the ’noapic’ option\n\nIf you see this message, either disable hardware virtualization or the I/O APIC (see chapter\n3.4, System settings, page 49), or upgrade the guest to a newer kernel.4\n\n4 See http://www.mail-archive.com/[email protected]/msg30813.html\n\nkernel fix.\n\n239\n\nfor details about the\n\n\f12 Troubleshooting\n\n12.4.4 Shared clipboard, auto-resizing and seamless desktop in X11\nguests\nGuest desktop services in guests running the X11 window system (Solaris, Linux and others) are\nprovided by a guest service called VBoxClient, which runs under the ID of the user who started\nthe desktop session and is automatically started using the following command lines\nVBoxClient --clipboard\nVBoxClient --display\nVBoxClient --seamless\n\nwhen your X11 user session is started if you are using a common desktop environment (Gnome,\nKDE and others). If a particular desktop service is not working correctly, it is worth checking\nwhether the process which should provide it is running.\nThe VBoxClient processes create files in the user’s home directory with names of the form\n.vboxclient-*.pid when they are running in order to prevent a given service from being\nstarted twice. It can happen due to misconfiguration that these files are created owned by root\nand not deleted when the services are stopped, which will prevent them from being started in\nfuture sessions. If the services cannot be started, you may wish to check whether these files still\nexist.\n\n12.5 Solaris guests\n12.5.1 Older Solaris 10 releases crash in 64-bit mode\nSolaris 10 releases up to and including Solaris 10 8/07 (“S10U4”) incorrectly detect newer Intel\nprocessors produced since 2007. This problem leads to the 64-bit Solaris kernel crashing (and\nusually causing a triple fault) almost immediately during startup, in both virtualized and physical\nenvironments.\nThe recommended solution is upgrading to at least Solaris 10 5/08 (“S10U5”). Alternative\nsolutions include forcing Solaris to always boot the 32-bit kernel or applying a patch for bug\n6574102 (while Solaris is using the 32-bit kernel).\n\n12.5.2 Solaris 8 5/01 and earlier may crash on startup\nSolaris 2.6, 7 and 8 releases up to and including Solaris 8 4/01 (“S8U4”) incorrectly set up\nMachine Check Exception (MCE) MSRs on Pentium 4 and somene later Intel CPUs. The problem\nleads to the Solaris kernel crashing (and usually causing a triple fault) almost immediately during\nstartup, in both virtualized and physical environments. Solaris 9 and later releases are not\naffected by this problem, and neither is Solaris 2.5.1 and earlier.\nThe recommended solution is upgrading to at least Solaris 8 7/01 (“S8U5”). Alternative solutions include applying a patch for bugs 4408508 and 4414557 (on an unaffected system).\n\n12.6 FreeBSD guests\n12.6.1 FreeBSD 10.0 may hang with xHCI\nIf xHCI (USB 3.0) emulation is enabled for FreeBSD 10.0 guests, the guest OS will hang. This is\ncaused by the guest OS incorrectly handling systems where MSIs (Message Signaled Interrupts)\nare not used with the xHCI device.\nThe problem does not exist in earlier FreeBSD releases and was fixed in FreeBSD 10.1.\n\n240\n\n\f12 Troubleshooting\n\n12.7 Windows hosts\n12.7.1 VBoxSVC out-of-process COM server issues\nVirtualBox makes use of the Microsoft Component Object Model (COM) for inter- and intraprocess communication. This allows VirtualBox to share a common configuration among different virtual machine processes and provide several user interface options based on a common architecture. All global status information and configuration is maintained by the process\nVBoxSVC.exe, which is an out-of-process COM server. Whenever a VirtualBox process is started,\nit requests access to the COM server and Windows automatically starts the process. Note that it\nshould never be started by the end user.\nWhen the last process disconnects from the COM server, it will terminate itself after some\nseconds. The VirtualBox configuration (XML files) is maintained and owned by the COM server\nand the files are locked whenever the server runs.\nIn some cases - such as when a virtual machine is terminated unexpectedly - the COM server\nwill not notice that the client is disconnected and stay active for a longer period (10 minutes or\nso) keeping the configuration files locked. In other rare cases the COM server might experience\nan internal error and subsequently other processes fail to initialize it. In these situations, it is\nrecommended to use the Windows task manager to kill the process VBoxSVC.exe.\n\n12.7.2 CD/DVD changes not recognized\nIn case you have assigned a physical CD/DVD drive to a guest and the guest does not notice when\nthe medium changes, make sure that the Windows media change notification (MCN) feature is\nnot turned off. This is represented by the following key in the Windows registry:\nHKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Services\\Cdrom\\Autorun\n\nCertain applications may disable this key against Microsoft’s advice. If it is set to 0, change it to\n1 and reboot your system. VirtualBox relies on Windows notifying it of media changes.\n\n12.7.3 Sluggish response when using Microsoft RDP client\nIf connecting to a Virtual Machine via the Microsoft RDP client (called Remote Desktop Connection), there can be large delays between input (moving the mouse over a menu is the most\nobvious situation) and output. This is because this RDP client collects input for a certain time\nbefore sending it to the RDP server.\nThe interval can be decreased by setting a Windows registry key to smaller values than the\ndefault of 100. The key does not exist initially and must be of type DWORD. The unit for its\nvalues is milliseconds. Values around 20 are suitable for low-bandwidth connections between the\nRDP client and server. Values around 4 can be used for a gigabit Ethernet connection. Generally\nvalues below 10 achieve a performance that is very close to that of the local input devices and\nscreen of the host on which the Virtual Machine is running.\nDepending whether the setting should be changed for an individual user or for the system,\neither\nHKEY_CURRENT_USER\\Software\\Microsoft\\Terminal Server Client\\Min Send Interval\n\nor\nHKEY_LOCAL_MACHINE\\Software\\Microsoft\\Terminal Server Client\\Min Send Interval\n\ncan be set appropriately.\n\n241\n\n\f12 Troubleshooting\n\n12.7.4 Running an iSCSI initiator and target on a single system\nDeadlocks can occur on a Windows host when attempting to access an iSCSI target running in\na guest virtual machine with an iSCSI initiator (e.g. Microsoft iSCSI Initiator) that is running\non the host. This is caused by a flaw in the Windows cache manager component, and causes\nsluggish host system response for several minutes, followed by a “Delayed Write Failed” error\nmessage in the system tray or in a separate message window. The guest is blocked during that\nperiod and may show error messages or become unstable.\nSetting the environment variable VBOX_DISABLE_HOST_DISK_CACHE to 1 will enable a\nworkaround for this problem until Microsoft addresses the issue. For example, open a command\nprompt window and start VirtualBox like this:\nset VBOX_DISABLE_HOST_DISK_CACHE=1\nVirtualBox\n\nWhile this will decrease guest disk performance (especially writes), it does not affect the performance of other applications running on the host.\n\n12.7.5 Bridged networking adapters missing\nIf no bridged adapters show up in the “Networking” section of the VM settings, this typically\nmeans that the bridged networking driver was not installed properly on your host. This could be\ndue to the following reasons:\n• The maximum allowed filter count was reached on the host. In this case, the MSI log would\nmention the 0x8004a029 error code returned on NetFlt network component install:\nVBoxNetCfgWinInstallComponent: Install failed, hr (0x8004a029)\n\nYou can try to increase the maximum filter count in the Windows registry at the following\nkey:\nHKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\Network\\MaxNumFilters\n\nThe maximum number allowed is 14. After a reboot, try to re-install VirtualBox.\n• The INF cache is corrupt. In this case, the install log (%windir%\\inf\\setupapi.log\non XP or %windir%\\inf\\setupapi.dev.log on Vista or later) would typically mention the failure to find a suitable driver package for either the sun_VBoxNetFlt or\nsun_VBoxNetFltmp components. The solution then is to uninstall VirtualBox, remove the\nINF cache (%windir%\\inf\\INFCACHE.1), reboot and try to re-install VirtualBox\n\n12.7.6 Host-only networking adapters cannot be created\nIf host-only adapter cannot be created (either via the Manager or VBoxManage), then the INF\ncache is probably corrupt. In this case, the install log (%windir%\\inf\\setupapi.log on XP\nor %windir%\\inf\\setupapi.dev.log on Vista or later) would typically mention the failure to\nfind a suitable driver package for the sun_VBoxNetAdp component. Again, as with the bridged\nnetworking problem described above, the solution is to uninstall VirtualBox, remove the INF\ncache (%windir%\\inf\\INFCACHE.1), reboot and try to re-install VirtualBox.\n\n12.8 Linux hosts\n12.8.1 Linux kernel module refuses to load\nIf the VirtualBox kernel module (vboxdrv) refuses to load, i.e. you get an “Error inserting\nvboxdrv: Invalid argument”, check (as root) the output of the dmesg command to find out why\nthe load failed. Most probably the kernel disagrees with the version of the gcc used to compile\nthe module. Make sure that you use the same compiler as used to build the kernel.\n\n242\n\n\f12 Troubleshooting\n\n12.8.2 Linux host CD/DVD drive not found\nIf you have configured a virtual machine to use the host’s CD/DVD drive, but this does not appear\nto work, make sure that the current user has permission to access the corresponding Linux device\nfile (/dev/hdc or /dev/scd0 or /dev/cdrom or similar). On most distributions, the user must\nbe added to a corresponding group (usually called cdrom or cdrw).\n\n12.8.3 Linux host CD/DVD drive not found (older distributions)\nOn older Linux distributions, if your CD/DVD device has a different name, VirtualBox may be\nunable to find it. On older Linux hosts, VirtualBox performs the following steps to locate your\nCD/DVD drives:\n1. VirtualBox examines if the environment variable VBOX_CDROM is defined (see below). If so,\nVirtualBox omits all the following checks.\n2. VirtualBox tests if /dev/cdrom works.\n3. In addition, VirtualBox checks if any CD/DVD drives are currently mounted by checking\n/etc/mtab.\n4. In addition, VirtualBox checks if any of the entries in /etc/fstab point to CD/DVD devices.\nIn other words, you can try to set VBOX_CDROM to contain a list of your CD/DVD devices,\nseparated by colons, for example as follows:\nexport VBOX_CDROM=’/dev/cdrom0:/dev/cdrom1’\n\nOn modern Linux distributions, VirtualBox uses the hardware abstraction layer (hal) to locate\nCD and DVD hardware.\n\n12.8.4 Linux host floppy not found\nThe previous instructions (for CD and DVD drives) apply accordingly to floppy disks, except\nthat on older distributions VirtualBox tests for /dev/fd* devices by default, and this can be\noverridden with the VBOX_FLOPPY environment variable.\n\n12.8.5 Strange guest IDE error messages when writing to CD/DVD\nIf the experimental CD/DVD writer support is enabled with an incorrect VirtualBox, host or guest\nconfiguration, it is possible that any attempt to access the CD/DVD writer fails and simply results\nin guest kernel error messages (for Linux guests) or application error messages (for Windows\nguests). VirtualBox performs the usual consistency checks when a VM is powered up (in particular it aborts with an error message if the device for the CD/DVD writer is not writable by the\nuser starting the VM), but it cannot detect all misconfigurations. The necessary host and guest\nOS configuration is not specific for VirtualBox, but a few frequent problems are listed here which\noccurred in connection with VirtualBox.\nSpecial care must be taken to use the correct device. The configured host CD/DVD device file\nname (in most cases /dev/cdrom) must point to the device that allows writing to the CD/DVD\nunit. For CD/DVD writer units connected to a SCSI controller or to a IDE controller that interfaces to the Linux SCSI subsystem (common for some SATA controllers), this must refer to the\nSCSI device node (e.g. /dev/scd0). Even for IDE CD/DVD writer units this must refer to the\nappropriate SCSI CD-ROM device node (e.g. /dev/scd0) if the ide-scsi kernel module is loaded.\nThis module is required for CD/DVD writer support with all Linux 2.4 kernels and some early\n2.6 kernels. Many Linux distributions load this module whenever a CD/DVD writer is detected\nin the system, even if the kernel would support CD/DVD writers without the module. VirtualBox\n\n243\n\n\f12 Troubleshooting\nsupports the use of IDE device files (e.g. /dev/hdc), provided the kernel supports this and the\nide-scsi module is not loaded.\nSimilar rules (except that within the guest the CD/DVD writer is always an IDE device) apply to\nthe guest configuration. Since this setup is very common, it is likely that the default configuration\nof the guest works as expected.\n\n12.8.6 VBoxSVC IPC issues\nOn Linux, VirtualBox makes use of a custom version of Mozilla XPCOM (cross platform component object model) for inter- and intra-process communication (IPC). The process VBoxSVC\nserves as a communication hub between different VirtualBox processes and maintains the global\nconfiguration, i.e. the XML database. When starting a VirtualBox component, the processes\nVBoxSVC and VBoxXPCOMIPCD are started automatically. They are only accessible from the user\naccount they are running under. VBoxSVC owns the VirtualBox configuration database which\nnormally resides in ~/.config/VirtualBox, or the appropriate configuration directory for your\noperating system. While it is running, the configuration files are locked. Communication between the various VirtualBox components and VBoxSVC is performed through a local domain\nsocket residing in /tmp/.vbox-<username>-ipc. In case there are communication problems\n(i.e. a VirtualBox application cannot communicate with VBoxSVC), terminate the daemons and\nremove the local domain socket directory.\n\n12.8.7 USB not working\nIf USB is not working on your Linux host, make sure that the current user is a member of the\nvboxusers group. On older hosts, you need to make sure that the user has permission to access\nthe USB filesystem (usbfs), which VirtualBox relies on to retrieve valid information about your\nhost’s USB devices. The rest of this section only applies to those older systems.\nAs usbfs is a virtual filesystem, a chmod on /proc/bus/usb has no effect. The permissions\nfor usbfs can therefore only be changed by editing the /etc/fstab file.\nFor example, most Linux distributions have a user group called usb or similar, of which the\ncurrent user must be a member. To give all users of that group access to usbfs, make sure the\nfollowing line is present:\n# 85 is the USB group\nnone\n/proc/bus/usb\n\nusbfs\n\ndevgid=85,devmode=664\n\n0\n\n0\n\nReplace 85 with the group ID that matches your system (search /etc/group for “usb” or similar).\nAlternatively, if you don’t mind the security hole, give all users access to USB by changing “664”\nto “666”.\nThe various distributions are very creative from which script the usbfs filesystem is mounted.\nSometimes the command is hidden in unexpected places. For SuSE 10.0 the mount command\nis part of the udev configuration file /etc/udev/rules.d/50-udev.rules. As this distribution\nhas no user group called usb, you may e.g. use the vboxusers group which was created by\nthe VirtualBox installer. Since group numbers are allocated dynamically, the following example\nuses 85 as a placeholder. Modify the line containing (a linebreak has been inserted to improve\nreadability)\nDEVPATH=\"/module/usbcore\", ACTION==\"add\",\nRUN+=\"/bin/mount -t usbfs usbfs /proc/bus/usb\"\n\nand add the necessary options (make sure that everything is in a single line):\nDEVPATH=\"/module/usbcore\", ACTION==\"add\",\nRUN+=\"/bin/mount -t usbfs usbfs /proc/bus/usb -o devgid=85,devmode=664\"\n\n244\n\n\f12 Troubleshooting\nDebian Etch has the mount command in /etc/init.d/mountkernfs.sh. Since that distribution has no group usb, it is also the easiest solution to allow all members of the group vboxusers\nto access the USB subsystem. Modify the line\ndomount usbfs usbdevfs /proc/bus/usb -onoexec,nosuid,nodev\n\nso that it contains\ndomount usbfs usbdevfs /proc/bus/usb -onoexec,nosuid,nodev,devgid=85,devmode=664\n\nAs usual, replace the 85 with the actual group number which should get access to USB devices.\nOther distributions do similar operations in scripts stored in the /etc/init.d directory.\n\n12.8.8 PAX/grsec kernels\nLinux kernels including the grsec patch (see http://www.grsecurity.net/) and derivates have\nto disable PAX_MPROTECT for the VBox binaries to be able to start a VM. The reason is that VBox\nhas to create executable code on anonymous memory.\n\n12.8.9 Linux kernel vmalloc pool exhausted\nWhen running a large number of VMs with a lot of RAM on a Linux system (say 20 VMs with 1 GB\nof RAM each), additional VMs might fail to start with a kernel error saying that the vmalloc pool\nis exhausted and should be extended. The error message also tells you to specify vmalloc=256MB\nin your kernel parameter list. If adding this parameter to your GRUB or LILO configuration makes\nthe kernel fail to boot (with a weird error message such as “failed to mount the root partition”),\nthen you have probably run into a memory conflict of your kernel and initial RAM disk. This can\nbe solved by adding the following parameter to your GRUB configuration:\nuppermem 524288\n\n12.9 Solaris hosts\n12.9.1 Cannot start VM, not enough contiguous memory\nThe ZFS file system is known to use nearly all available RAM as cache if the default system\nsettings are not changed. This may lead to a heavy fragmentation of the host memory preventing\nVirtualBox VMs from being started. We recommend to limit the ZFS cache by adding a line\nset zfs:zfs_arc_max = xxxx\n\nto /etc/system where xxxx bytes is the amount of memory usable for the ZFS cache.\n\n12.9.2 VM aborts with out of memory errors on Solaris 10 hosts\n32-bit Solaris 10 hosts (bug 1225025) require swap space equal to, or greater than the host’s\nphysical memory size. For example, 8 GB physical memory would require at least 8 GB swap.\nThis can be configured during a Solaris 10 install by choosing a ’custom install’ and changing the\ndefault partitions.\nNote: This restriction applies only to 32-bit Solaris hosts, 64-bit hosts are not affected!\nFor existing Solaris 10 installs, an additional swap image needs to be mounted and used as\nswap. Hence if you have 1 GB swap and 8 GB of physical memory, you require to add 7 GB more\nswap. This can be done as follows:\nFor ZFS (as root user):\n\n245\n\n\f12 Troubleshooting\nzfs create -V 8gb /_<ZFS volume>_/swap\nswap -a /dev/zvol/dsk/_<ZFS volume>_/swap\n\nTo mount if after reboot, add the following line to /etc/vfstab:\n/dev/zvol/dsk/_<ZFS volume>_/swap - - swap - no -\n\nAlternatively, you could grow the existing swap using:\nzfs set volsize=8G rpool/swap\n\nAnd reboot the system for the changes to take effect.\nFor UFS (as root user):\nmkfile 7g /path/to/swapfile.img\nswap -a /path/to/swapfile.img\n\nTo mount it after reboot, add the following line to /etc/vfstab:\n/path/to/swap.img - - swap - no -\n\n246\n\n\f13 Security guide\n13.1 General Security Principles\nThe following principles are fundamental to using any application securely.\nKeep Software Up To Date One of the principles of good security practise is to keep all software versions and patches up to date. Activate the VirtualBox update notification to get\nnotified when a new VirtualBox release is available. When updating VirtualBox, do not\nforget to update the Guest Additions. Keep the host operating system as well as the guest\noperating system up to date.\nRestrict Network Access to Critical Services Use proper means, for instance a firewall, to\nprotect your computer and your guest(s) from accesses from the outside. Choosing the\nproper networking mode for VMs helps to separate host networking from the guest and\nvice versa.\nFollow the Principle of Least Privilege The principle of least privilege states that users should\nbe given the least amount of privilege necessary to perform their jobs. Always execute\nVirtualBox as a regular user. We strongly discourage anyone from executing VirtualBox\nwith system privileges.\nChoose restrictive permissions when creating configuration files, for instance when creating\n/etc/default/virtualbox, see chapter 2.3.3.7, Automatic installation options, page 41. Mode\n0600 would be preferred.\nMonitor System Activity System security builds on three pillars: good security protocols,\nproper system configuration and system monitoring. Auditing and reviewing audit records\naddress the third requirement. Each component within a system has some degree of monitoring capability. Follow audit advice in this document and regularly monitor audit records.\nKeep Up To Date on Latest Security Information Oracle continually improves its software\nand documentation. Check this note note yearly for revisions.\n\n13.2 Secure Installation and Configuration\n13.2.1 Installation Overview\nThe VirtualBox base package should be downloaded only from a trusted source, for instance the\nofficial website http://www.virtualbox.org. The integrity of the package should be verified\nwith the provided SHA256 checksum which can be found on the official website.\nGeneral VirtualBox installation instructions for the supported hosts can be found in chapter 2,\nInstallation details, page 34.\nOn Windows hosts, the installer allows for disabling USB support, support for bridged networking, support for host-only networking and the Python language bindings, see chapter 2.1,\nInstalling on Windows hosts, page 34. All these features are enabled by default but disabling\nsome of them could be appropriate if the corresponding functionality is not required by any virtual machine. The Python language bindings are only required if the VirtualBox API is to be used\nby external Python applications. In particular USB support and support for the two networking\nmodes require the installation of Windows kernel drivers on the host. Therefore disabling those\n\n247\n\n\f13 Security guide\nselected features can not only be used to restrict the user to certain functionality but also to\nminimize the surface provided to a potential attacker.\nThe general case is to install the complete VirtualBox package. The installation must be done\nwith system privileges. All VirtualBox binaries should be executed as a regular user and never as\na privileged user.\nThe Oracle VM VirtualBox extension pack provides additional features and must be downloaded and installed separately, see chapter 1.5, Installing VirtualBox and extension packs, page\n16. As for the base package, the SHA256 checksum of the extension pack should be verified. As\nthe installation requires system privileges, VirtualBox will ask for the system password during\nthe installation of the extension pack.\n\n13.2.2 Post Installation Configuration\nNormally there is no post installation configuration of VirtualBox components required. However, on Solaris and Linux hosts it is necessary to configure the proper permissions for users\nexecuting VMs and who should be able to access certain host resources. For instance, Linux\nusers must be member of the vboxusers group to be able to pass USB devices to a guest. If a serial\nhost interface should be accessed from a VM, the proper permissions must be granted to the user\nto be able to access that device. The same applies to other resources like raw partitions, DVD/CD\ndrives and sound devices.\n\n13.3 Security Features\nThis section outlines the specific security mechanisms offered by VirtualBox.\n\n13.3.1 The Security Model\nOne property of virtual machine monitors (VMMs) like VirtualBox is to encapsulate a guest by\nexecuting it in a protected environment, a virtual machine, running as a user process on the host\noperating system. The guest cannot communicate directly with the hardware or other computers\nbut only through the VMM. The VMM provides emulated physical resources and devices to the\nguest which are accessed by the guest operating system to perform the required tasks. The VM\nsettings control the resources provided to the guest, for example the amount of guest memory\nor the number of guest processors, (see chapter 3.3, General settings, page 48) and the enabled\nfeatures for that guest (for example remote control, certain screen settings and others).\n\n13.3.2 Secure Configuration of Virtual Machines\nSeveral aspects of a virtual machine configuration are subject to security considerations.\n13.3.2.1 Networking\nThe default networking mode for VMs is NAT which means that the VM acts like a computer\nbehind a router, see chapter 6.3, Network Address Translation (NAT), page 98. The guest is part\nof a private subnet belonging to this VM and the guest IP is not visible from the outside. This\nnetworking mode works without any additional setup and is sufficient for many purposes.\nIf bridged networking is used, the VM acts like a computer inside the same network as the\nhost, see chapter 6.5, Bridged networking, page 101. In this case, the guest has the same network\naccess as the host and a firewall might be necessary to protect other computers on the subnet\nfrom a potential malicious guest as well as to protect the guest from a direct access from other\ncomputers. In some cases it is worth considering using a forwarding rule for a specific port in\nNAT mode instead of using bridged networking.\n\n248\n\n\f13 Security guide\nSome setups do not require a VM to be connected to the public network at all. Internal networking (see chapter 6.6, Internal networking, page 102) or host-only networking (see chapter\n6.7, Host-only networking, page 103) are often sufficient to connect VMs among each other or to\nconnect VMs only with the host but not with the public network.\n13.3.2.2 VRDP remote desktop authentication\nWhen using the VirtualBox extension pack provided by Oracle for VRDP remote desktop support,\nyou can optionally use various methods to configure RDP authentication. The “null” method is\nvery insecure and should be avoided in a public network. See chapter 7.1.5, RDP authentication,\npage 111 for details.\n13.3.2.3 Clipboard\nThe shared clipboard allows users to share data between the host and the guest. Enabling the\nclipboard in “Bidirectional” mode allows the guest to read and write the host clipboard. The\n“Host to guest” mode and the “Guest to host” mode limit the access to one direction. If the guest\nis able to access the host clipboard it can also potentially access sensitive data from the host\nwhich is shared over the clipboard.\nIf the guest is able to read from and/or write to the host clipboard then a remote user connecting to the guest over the network will also gain this ability, which may not be desirable. As\na consequence, the shared clipboard is disabled for new machines.\n13.3.2.4 Shared folders\nIf any host folder is shared with the guest then a remote user connected to the guest over the\nnetwork can access these files too as the folder sharing mechanism cannot be selectively disabled\nfor remote users.\n13.3.2.5 3D graphics acceleration\nEnabling 3D graphics via the Guest Additions exposes the host to additional security risks; see\nchapter 4.5.1, Hardware 3D acceleration (OpenGL and Direct3D 8/9), page 75.\n13.3.2.6 CD/DVD passthrough\nEnabling CD/DVD passthrough allows the guest to perform advanced operations on the CD/DVD\ndrive, see chapter 5.9, CD/DVD support, page 94. This could induce a security risk as a guest\ncould overwrite data on a CD/DVD medium.\n13.3.2.7 USB passthrough\nPassing USB devices to the guest provides the guest full access to these devices, see chapter\n3.10.1, USB settings, page 57. For instance, in addition to reading and writing the content of the\npartitions of an external USB disk the guest will be also able to read and write the partition table\nand hardware data of that disk.\n\n13.3.3 Configuring and Using Authentication\nThe following components of VirtualBox can use passwords for authentication:\n• When using remote iSCSI storage and the storage server requires authentication, an initiator secret can optionally be supplied with the VBoxManage storageattach command. As\nlong as no settings password is provided (command line option\n\n249\n\n\f13 Security guide\n--settingspwfile\n\n, this secret is stored unencrypted in the machine configuration and is therefore potentially readable on the host. See chapter 5.10, iSCSI servers, page 94 and chapter 8.18,\nVBoxManage storageattach, page 146.\n• When using the VirtualBox web service to control a VirtualBox host remotely, connections\nto the web service are authenticated in various ways. This is described in detail in the\nVirtualBox Software Development Kit (SDK) reference; please see chapter 11, VirtualBox\nprogramming interfaces, page 228.\n\n13.3.4 Potentially insecure operations\nThe following features of VirtualBox can present security problems:\n• Enabling 3D graphics via the Guest Additions exposes the host to additional security risks;\nsee chapter 4.5.1, Hardware 3D acceleration (OpenGL and Direct3D 8/9), page 75.\n• When teleporting a machine, the data stream through which the machine’s memory contents are transferred from one host to another is not encrypted. A third party with access\nto the network through which the data is transferred could therefore intercept that data.\nAn SSH tunnel could be used to secure the connection between the two hosts. But when\nconsidering teleporting a VM over an untrusted network the first question to answer is\nhow both VMs can securely access the same virtual disk image(s) with a reasonable performance.\n• When Page Fusion (see chapter 4.9.2, Page Fusion, page 81) is enabled, it is possible that a\nside-channel opens up that allows a malicious guest to determin the address space layout\n(i.e. where DLLs are typically loaded) of one other VM running on the same host. This\ninformation leak in it self is harmless, however the malicious guest may use it to optimize\nattack against that VM via unrelated attack vectors. It is recommended to only enable Page\nFusion if you do not think this is a concern in your setup.\n• When using the VirtualBox web service to control a VirtualBox host remotely, connections\nto the web service (through which the API calls are transferred via SOAP XML) are not\nencrypted, but use plain HTTP by default. This is a potential security risk! For details\nabout the web service, please see chapter 11, VirtualBox programming interfaces, page 228.\nThe web services are not started by default. Please refer to chapter 9.21, Starting the\nVirtualBox web service automatically, page 206 to find out how to start this service and how\nto enable SSL/TLS support. It has to be started as a regular user and only the VMs of that\nuser can be controlled. By default, the service binds to localhost preventing any remote\nconnection.\n• Traffic sent over a UDP Tunnel network attachment is not encrypted. You can either encrypt\nit on the host network level (with IPsec), or use encrypted protocols in the guest network\n(such as SSH). The security properties are similar to bridged Ethernet.\n• Because of shortcomings in older Windows versions, using VirtualBox on Windows versions\nolder than Vista with Service Pack 1 is not recommended.\n\n13.3.5 Encryption\nThe following components of VirtualBox use encryption to protect sensitive data:\n\n250\n\n\f13 Security guide\n• When using the VirtualBox extension pack provided by Oracle for VRDP remote desktop\nsupport, RDP data can optionally be encrypted. See chapter 7.1.6, RDP encryption, page\n112 for details. Only the Enhanced RDP Security method (RDP5.2) with TLS protocol\nprovides a secure connection. Standard RDP Security (RDP4 and RDP5.1) is vulnerable to\na man-in-the-middle attack.\n\n251\n\n\f14 Known limitations\n14.1 Experimental Features\nSome VirtualBox features are labeled as experimental. Such features are provided on an “as-is”\nbasis and are not formally supported. However, feedback and suggestions about such features\nare welcome. A comprehensive list of experimental features follows:\n• WDDM Direct3D video driver for Windows guests\n• Hardware 3D acceleration support for Windows, Linux, and Solaris guests\n• Hardware 2D video playback acceleration support for Windows guests\n• PCI pass-through (Linux hosts only)\n• Mac OS X guests (Mac hosts only)\n• ICH9 chipset emulation\n• EFI firmware\n• Host CD/DVD drive pass-through\n• Support of iSCSI via internal networking\n• Synthetic CPU reporting\n\n14.2 Known Issues\nThe following section describes known problems with VirtualBox 5.0.16_Debian. Unless marked\notherwise, these issues are planned to be fixed in later releases.\n• The following Guest SMP (multiprocessor) limitations exist:\n– Poor performance with 32-bit guests on AMD CPUs. This affects mainly Windows\nand Solaris guests, but possibly also some Linux kernel revisions. Partially solved in\n3.0.6 for 32 bits Windows NT, 2000, XP and 2003 guests. Requires 3.0.6 or higher\nGuest Additions to be installed.\n– Poor performance with 32-bit guests on certain Intel CPU models that do not include\nvirtual APIC hardware optimization support. This affects mainly Windows and Solaris\nguests, but possibly also some Linux kernel revisions. Partially solved in 3.0.12 for\n32 bits Windows NT, 2000, XP and 2003 guests. Requires 3.0.12 or higher Guest\nAdditions to be installed.\n• NX (no execute, data execution prevention) only works for guests running on 64-bit\nhosts or guests running on 32-bit hosts with PAE enabled and requires that hardware virtualization be enabled.\n\n252\n\n\f14 Known limitations\n• For basic Direct3D support in Windows guests to work, the Guest Additions must be\ninstalled in Windows “safe mode”. Press F8 when the Windows guest is booting and select\n“Safe mode”, then install the Guest Additions. Otherwise Windows’ file protection mechanism will interfere with the replacement DLLs installed by VirtualBox and keep restoring\nthe original Windows system DLLs.\nNote: This does not apply to the experimental WDDM Direct3D video driver available\nfor Vista and Windows 7 guests shipped with VirtualBox 4.1.\n\n• Guest control. On Windows guests, a process lauched via the guest control execute support\nwill not be able to display a graphical user interface unless the user account under which it\nis running is currently logged in and has a desktop session.\nAlso, to use accounts without or with an empty password, the guest’s group policy must\nbe changed. To do so, open the group policy editor on the command line by typing gpedit.msc, open the key Computer Configuration\\Windows Settings\\Security Settings\\Local Policies\\Security Options and change the value of Accounts: Limit local account\nuse of blank passwords to console logon only to Disabled.\n• Compacting virtual disk images is limited to VDI files. The VBoxManage modifyhd\n--compact command is currently only implemented for VDI files. At the moment the only\nway to optimize the size of a virtual disk images in other formats (VMDK, VHD) is to clone\nthe image and then use the cloned image in the VM configuration.\n• OVF import/export:\n– OVF localization (multiple languages in one OVF file) is not yet supported.\n– Some OVF sections like StartupSection, DeploymentOptionSection and InstallSection\nare ignored.\n– OVF environment documents, including their property sections and appliance configuration with ISO images, are not yet supported.\n– Remote files via HTTP or other mechanisms are not yet supported.\n• Neither scale mode nor seamless mode work correctly with guests using OpenGL 3D\nfeatures (such as with compiz-enabled window managers).\n• The RDP server in the VirtualBox extension pack supports only audio streams in format\n22.05kHz stereo 16 bit. If the RDP client requests any other audio format there will be no\naudio.\n• Preserving the aspect ratio in scale mode works only on Windows hosts and on Mac OS X\nhosts.\n• On Mac OS X hosts, the following features are not yet implemented:\n– Numlock emulation\n– CPU frequency metric\n– Memory ballooning\n• Mac OS X guests:\n– Mac OS X guests can only run on a certain host hardware. For details about license\nand host hardware limitations, please see chapter 3.1.1, Mac OS X guests, page 46 and\ncheck the Apple software license conditions.\n– VirtualBox does not provide Guest Additions for Mac OS X at this time.\n\n253\n\n\f14 Known limitations\n– The graphics resolution currently defaults to 1024x768 as Mac OS X falls back to the\nbuilt-in EFI display support. See chapter 3.12.1, Video modes in EFI, page 59 for more\ninformation on how to change EFI video modes.\n– Mac OS X guests only work with one CPU assigned to the VM. Support for SMP will\nbe provided in a future release.\n– Depending on your system and version of Mac OS X, you might experience guest\nhangs after some time. This can be fixed by turning off energy saving (set timeout to\n“Never”) in the system preferences.\n– By default, the VirtualBox EFI enables debug output of the Mac OS X kernel to help\nyou diagnose boot problems. Note that there is a lot of output and not all errors are\nfatal (they would also show on your physical Mac). You can turn off these messages\nby issuing this command:\nVBoxManage setextradata \"VM name\" \"VBoxInternal2/EfiBootArgs\" \"\n\n\"\n\nTo revert to the previous behavior, use:\nVBoxManage setextradata \"VM name\" \"VBoxInternal2/EfiBootArgs\" \"\"\n\n– It is currently not possible to start a Mac OS X guest in safe mode by specifying “-x”\noption in “VBoxInternal2/EfiBootArgs” extradata.\n• Solaris hosts:\n– There is no support for USB devices connected to Solaris 10 hosts.\n– USB support on Solaris hosts requires Solaris 11 version snv_124 or higher. Webcams\nand other isochronous devices are known to have poor performance.\n– Host Webcam passthrough is restricted to 640x480 frames at 20 frames per second\ndue to limitations in the Solaris V4L2 API. This may be addressed in a future Solaris\nrelease.\n– No ACPI information (battery status, power source) is reported to the guest.\n– No support for using wireless adapters with bridged networking.\n– Crossbow-based bridged networking on Solaris 11 hosts does not work directly with\naggregate links. However, you can manually create a VNIC (using dladm) over the\naggregate link and use that with a VM. This limitation does not exist in Solaris 11u1\nbuild 17 and newer.\n• Guest Additions of version 4.1, 4.1.2 and 4.1.4 for Windows Thus VirtualBox WDDM\nVideo driver may be installed and kept in guest system if Guest additions uninstallation is\nperformed. This is caused by a bug in Guest Additions uninstaller.\nNote: This does not apply to Guest Additions update, i.e. installing a one version of\nGuest Additions on top of another works correctly.\nTo solve this problem, one should uninstall the VirtualBox WDDM Video driver manually. To do that open Device Manager, and check whether the Display Adapter is named\n“VirtualBox Graphics Adapter ..“. If no - there is nothing to be done. If yes - right-click the\nVirtualBox Graphics Adapter in Device Manager, select “Uninstall”, check “Delete the driver\nsoftware for this device” and click “OK”. Once uninstallation is done - in Device Manager go\nto menu “Action” and select “Scan for hardware changes” to make the propper (Windows\ndefault) driver be picked up for the Graphics adapter.\n• Neither virtio nor Intel PRO/1000 drivers for Windows XP guests support segmentation\noffloading. Therefore Windows XP guests have slower transmission rates comparing to\nother guest types. Refer to MS Knowledge base article 842264 for additional information.\n\n254\n\n\f14 Known limitations\n• Guest Additions for OS/2. Shared folders are not yet supported with OS/2 guests. In addition, seamless windows and automatic guest resizing will probably never be implemented\ndue to inherent limitations of the OS/2 graphics system.\n\n255\n\n\f15 Change log\nThis section summarizes the changes between VirtualBox versions. Note that this change log is\nnot exhaustive; not all changes are listed.\nVirtualBox version numbers consist of three numbers separated by dots where the first and\nsecond number represent the major version and the 3rd number the minor version. Minor version\nnumbers of official releases are always even. An odd minor version number represents an internal\ndevelopment or test build. In addition, each build contains a revision number.\n\n15.1 Version 5.0.16 (2016-03-04)\nThis is a maintenance release. The following items were fixed and/or added:\n• VMM: fixed a problem which could lead to a wrong guest behavior on AMD CPUs (tickets\n#14831 and #15186)\n• GUI: don’t try to synchronize the HID LEDs if the VM window is not active or if it’s minimized (Windows / Mac OS X hosts only; bug #14302)\n• GUI: prevent a crash during startup under rare conditions\n• GUI: sub-menu option to disable the guest-OS type overlay in the application dock icon on\nMac OS X\n• GUI: position off-screen windows to be fully visible again on relaunch\n• GUI: hide the VT-x/AMD-V checkbox if raw-mode is not supported (usually Mac OS X hosts;\nbug #15178)\n• PC speaker passthrough: new experimental feature, available on Linux host only\n• Audio: several fixes for Mac OS X hosts + guests\n• Audio: properly handle default audio device changes (Windows hosts)\n• USB: serveral fixes for the xHCI controller (e.g. for webcam passthrough)\n• BIOS: fixed int15/AH=83/AL=00 function (4.2.0 regression)\n• iPXE: enable the HTTP download protocol on non-Linux hosts (bug #13628)\n• Shared folders: fixed a failure to load the saved state under certain circumstances (bug\n#6314)\n• Guest Control: added support for (cached) Active Directory authentication in case the\ndomain controller is not reachable (anymore)\n• Serial ports: raised the number of serial ports per VM from 2 to 4 (bug #9109)\n• Serial ports: fix for the TCP/IP backend (Windows hosts only; bug #15188)\n• SDK: make the Python webservice API binding work again (5.0 regression)\n• Seamless mode: fixed a crash under certain circumstances (bug #15106)\n\n256\n\n\f15 Change log\n• Linux hosts: fixed the /sbin/rcvboxdrv script as well as the missing shebang in two scripts\n(bugs #15055 and #15057)\n• Linux hosts: properly uninstall Python files installed by the .run installer\n• Windows hosts: hardening fix required for recent Windows insider builds (bug #14052)\n• Windows hosts: fixed Python installation path (bug #13131)\n• Windows hosts: support MTU larger than 2 KB with bridged networking (bug #15140)\n• Windows hosts / guests: properly sign binaries using a sha-256 certificate (bug #15054)\n• Windows Additions: fixed guest property enumeration of logged-in users\n• Windows Additions: fixed sporadical failure of the graphics driver in Windows 10 guests\n(bug #14409)\n• Windows Additions: under rare circumstances no mouse movement events were delivered\nto the guest\n\n15.2 Version 5.0.14 (2016-01-19)\nThis is a maintenance release. The following items were fixed and/or added:\n• GUI: properly limit the number of VCPUs to the number of physical cores on Mac OS X\n(bug #15018)\n• Audio: fixed a bug which prevented loading a saved state of a saved guests with HDA\nemulation (5.0.12 regression; bug #14981)\n• Audio: don’t crash if the backend is unable to initialize (bug #14960)\n• Audio: fixed audio capture on Mac OS X (bug #14386)\n• Storage: fixed a possible crash when attaching the same ISO image multiple times to the\nsame VM (bug #14951)\n• BIOS: properly report if two floppy drives are attached\n• USB: fixed a problem with filters which would not capture the device under certain circumstances (5.0.10 regression; bug #15042)\n• ExtPack: black-list Extension Packs older than 4.3.30 due to incompatible changes not\nbeing properly handled in the past\n• Windows hosts: fixed a regression which caused robocopy to fail (bug #14958)\n• Linux hosts: properly create the /sbin/rcvboxdrv symbolic link (5.0.12 regression; bug\n#14989)\n• Mac OS X hosts: several fixes for USB on El Capitan (bug #14677)\n• Linux Additions: fixes for Linux 4.5 (bug #15032)\n\n257\n\n\f15 Change log\n\n15.3 Version 5.0.12 (2015-12-18)\nThis is a maintenance release. The following items were fixed and/or added:\n• GUI: fixed wrong scrolling behaviour in the VM selector window when a VM item is\ndragged out of the chooser-pane area\n• GUI: fixed the validation of IPv6 port-forwarding rules\n• GUI: suppress the first-run wizard if a CD/DVD medium is inserted using the selector UI\n• GUI: fixed the Ctrl+Break key sequence scan codes (bug #14927)\n• GUI: improved handling of text selection mouse pointer (bug #750)\n• Host services: fixed a crash during VM shutdown under rare conditions (5.0.6 regression;\nbug #14841)\n• Shared folders: fixed a sharing violation if a file is opened to check the attributes (Windows\nhosts only; bug #14450)\n• Webcam: passthrough fix for certain devices (Mac OS X hosts only)\n• XHCI: fixed broken emulation if software virtualization is used\n• XHCI: several fixes\n• 3D: fixed state handling under certain conditions (bug #13487)\n• Audio: several fixes\n• BIOS: added LBA64 support for being able to boot from huge hard disks(bug #7415)\n• EFI: fix for Windows 10 guests\n• ExtPack: before installing an Extension Pack check if there are VMs running to prevent file\nsystem locking issues\n• rdesktop-vrdp: source code tarball fixes\n• Windows hosts: fixed hang when using VBoxAuthSimple library for VRDP external authentication (bug #14931)\n• Windows hosts: fixed a regression which prevented it to attach to a physical network\nadapter having TCP/IP disabled (bug #14578)\n• Windows hosts: fixed a regression which caused multi-port adapters to be shown as a\nsingle adapter (bugs #14558, #14622)\n• Windows hosts: fixed a regression which caused created host-only adapters to not appear\nin the list (bug #14437)\n• Windows hosts: fixed host-only adapter creation issues related to Windows 10 (bugs\n#14040, #14545)\n• Linux hosts: .desktop file compatibility issue (bug #14808)\n• Linux hosts / guests: fixes for RHEL 7.2 (bug #14866)\n• Linux hosts: the command for recompiling the host kernel modules was changed again, to\n/sbin/rcvboxdrv setup (bug #14723)\n\n258\n\n\f15 Change log\n• Linux hosts: some fixes for PCI passthrough (still highly experimental)\n• Linux/Mac OS X hosts: fixed a VM hang during startup under certain circumstances (bug\n#14933)\n• Solaris hosts: added Python 2.7 bindings\n• Mac OS X hosts: fixed a possible crash when the default input or output audio device\nchanges\n• Mac OS X hosts: fixed a panic under certain conditions\n• Linux Additions: prevent the compiler from doing dead-code elemination on vital code in\nguest / host communication (bug #14497)\n• Linux Additions: when mounting a shared folder, explicitly pass the share name so that\n/proc/mounts contains this name instead of ’none’\n• Linux Additions: workaround for a systemd problem in conjunction with SELinux which\nprevented to properly enable the ’vboxadd’ service during while upgrading the Additions\n\n15.4 Version 5.0.10 (2015-11-10)\nThis is a maintenance release. The following items were fixed and/or added:\n• VMM: improved support for certain Intel Atom CPUs (bug #14773)\n• VMM: system register emulation fix (5.0 regression; bug #14515)\n• GUI: fixed immediate screenshot issue (bug #14108)\n• GUI: fixed another 3D overlay window reparenting issue when the VM is switched to\nfullscreen mode on X11 hosts\n• GUI: fixed help index (bug #14722)\n• GUI: fixed state synchronization issue in the VM manager window when VM was paused\nfrom its runtime window\n• Audio: fixed suspending/resuming audio streams on VM pause/unpause (bug #14784)\n• Audio: properly reset AC97 audio streams, otherwise there is silence until a non-48 kHz\nstream is played\n• Audio: fixed a small emulation quirk of the AD1980 codec of the HDA device to make\nrecent linux guests work (bug #14653)\n• USB: serveral fixes for the xHCI controller\n• USB: fixed a crash under certain conditions on hosts with Linux kernels older than version\n3.3\n• USB: better identification of certain USB devices\n• NAT: support TCP in DNS proxy (bug #14736)\n• NAT Network: fixed sporadic crashes on Windows hosts (bug #13899)\n• API: when creating differencing images (e.g. as part of a snapshot or cloning a VM) use\nthe same disk image variant as the parent image if possible, which means that e.g. a diff\nimage for a VMDK image split into 2 GB files will also be split (bug #14764)\n\n259\n\n\f15 Change log\n• API: event queue handling fixes preventing loss of certain events at runtime (e.g. new\nwebcam attached), particularly important on Mac OS X hosts\n• Webcam: passthrough fix for certain devices (Windows hosts only)\n• VBoxManage: don’t crash on snapshot restorecurrent / edit if the VM has no snapshots\n• VBoxManage: don’t crash on controlvm addencpassword (bug #14729)\n• Mac OS X hosts: use the correct kernel on certain hosts\n• Windows hosts: fixed VRDP external authentication\n• Windows hosts: allow to use a shared folder path with extended-length path prefix (5.0\nregression; bug #14651)\n• Windows hosts: fix a crash in the netfilter host driver under certain conditions (bug\n#14799)\n• Windows host installer: documented and fixed public properties which can be used to\ncontrol the installation to some extent\n• Windows host installer: fixed not starting the actual installation when showing the version\ninformation or help dialogs\n• X11 Additions: added basic support for X.Org Server 1.18 (3D requires additional fixes)\n\n15.5 Version 5.0.8 (2015-10-20)\nThis is a maintenance release. The following items were fixed and/or added:\n• GUI: Mac OS X: Restore green zoom button for VM windows (it was hidden in previous\nrelease to avoid native full-screen issues). For Yosemite and El Capitan this button should\nwork accordingly to the Apple HIG: Full-screen by default, maximize if the user holds the\nOption key.\n• Serial ports: fixed wrong IRQ number for the first serial port in the ACPI tables (5.0.6\nregression; bug #14659)\n• API: fixed a 5.0 regression in VBoxManage setproperty defaultfrontend (bug #14696)\n• VBoxManage/vbox-img: conversion to RAW images could result in a disk image containing\nall zeroes\n• Linux hosts: several fixes for systemd integration in .deb / .rpm packages (e.g. bug\n#14665). The command for recompiling the host kernel modules was changed to\n/sbin/vboxconfig\n• Linux hosts: make host-only interfaces report operstate UP only when they have VMs attached (bug #14526)\n• Mac OS X hosts: fix bpf capture and accounting of traffic on bridged and host-only interfaces (bug #14553)\n• Windows guests: fixed 3D rendering issues on high resolution displays\n• Windows Additions: fixed problems with 3D acceleration on Windows hosts with Intel HD\ngraphics (bug #14670)\n• Linux Additions: fix service starting on Debian systems with systemd installed but not in\nuse (bug #14683)\n\n260\n\n\f15 Change log\n\n15.6 Version 5.0.6 (2015-10-02)\nThis is a maintenance release. The following items were fixed and/or added:\n• GUI: the update check now uses the HTTP system proxy settings by default\n• GUI: About dialog improvements. Copyable version text, do not close dialog on mouseclicks and focus losing, explicit close button at the bottom of dialog and disabled close\nbutton fix on OS X. (bugs #9912, #12749)\n• GUI: fixed bug when re-assigning shortcuts (bug #14565)\n• GUI: fixed default focus button in message-box dialogs (bug #14486)\n• GUI: fixed settings dialog which is opened if the network settings need to be changed at\nVM startup (5.0 regression; bug #14601)\n• GUI: fixed crash during VM start if an early error message needs to be shown, for example\nLinux kernel modules not present (bug #14646)\n• Bridged Networking: fixed handling of guest DHCP requests without UDP checksum when\nbridging to a wireless interface (bug #14615).\n• Audio: latency fixes (Windows hosts only; bug #4088)\n• Guest Control: correctly set USERNAME and USERPROFILE environment variables (Windows guests only)\n• Guest Control: several fixes\n• API: properly restore NAT port forwarding rules when reverting to a snapshot\n• Parallel ports: Several fixes allowing to enable two parallel ports for a VM\n• VBoxManage: fixed wrong output of debugvm show command\n• VBoxManage: fixed hang when specifying logging groups with debugvm log starting with\nh, for example hex\n• Windows hosts: renamed VBoxStartup.log to VBoxHardening.log and provide this log file in\nthe GUI log viewer\n• Windows hosts: fixed a small memory leak in the Windows host interface driver (VBoxNetAdp) which caused a BSOD if the driver verifier is enabled (bug #14562)\n• Windows hosts: fixed a failure to start VMs on hosts where dsound.dll is not available (bug\n#14574)\n• Windows hosts: another fix for VERR_LDR_MISMATCH_NATIVE errors (bug #14579)\n• Windows hosts: fixed host-to-guest communication with bridged networking (bugs\n#14326, #14457)\n• Windows hosts: fixed broken data receiving from the serial device with the named pipe\nbackend if Kaspersky AV is installed\n• Linux hosts: Linux 4.3 compile fixes\n• Linux hosts: installer fix for certain systems (bug #14627)\n\n261\n\n\f15 Change log\n• Linux hosts / guests: native systemd support for the host/guest installer scripts. The\nscripts for re-compiling the kernel modules are now located at /sbin/rcvboxdrv (host) and\n/sbin/rcvboxadd (Guest Additions)\n• Mac OS X hosts: GUI-related fixes for El Capitan\n• Mac OS X hosts: fixed a problem with capturing USB devices under El Capitan\n• Mac OS X hosts: allow colon character on shared folders (bug #14554)\n• Linux Additions: properly set the VBoxService process ID in the PID file (bug #14571)\n• Linux Additions: Guest Control fixes (bug #14573)\n• Windows Additions: fixed shutting down VBoxTray when running with older VirtualBox\nhost versions\n• Windows Additions: fixed video playback with VLC and Windows Media Player when the\nWDDM driver is used and 3D is not used\n• Windows Additions: prevent a possible VLC crash when the WDDM driver is used and 3D\nis enabled by implementing YV12 surfaces\n\n15.7 Version 5.0.4 (2015-09-08)\nThis is a maintenance release. The following items were fixed and/or added:\n• VMM: fixed an issue with Windows 10 guest kernel debugging over the network for HyperV paravirtualized VMs\n• VMM: fixed a bug which prevented reading the saved state of the ’PATM’ unit from\nVirtualBox 4.3.x (bug #14512)\n• GUI: changed default OS type for Windows from Windows XP to Windows 7\n• GUI: added another pre-defined guest screen resolution (bug #14384)\n• GUI: fixed update check which was broken due to changing the location of the root certificates (bug #13096)\n• GUI: fixed issues with synchronization of Caps lock / Num lock / Scroll lock on Windows\nhosts (bug #14302)\n• GUI: don’t crash during VM shutdown if 2D video acceleration and 3D support are enabled\n(Mac OS X hosts only)\n• GUI: several seamless fixes for certain X11 window managers, also when used in multiscreen setups\n• GUI: Log window size, position and cursor-position fixes\n• Audio: fixed playing leftover/deprecated audio samples\n• Audio: fixed playing audio after suspending the host (5.0 regression; Linux hosts using the\nALSA backend)\n• Audio: fixed playing short audio samples which were chopped off formerly\n• Audio: fixed distortions on OS X when the sample rate of the guest stream and host device\ndon’t match\n\n262\n\n\f15 Change log\n• Storage: fixed raw disk access and flat VMDK image access which would be always opened\nreadonly (5.0.2 regression; bugs #14425, #14461)\n• Storage: fixed initial encryption of VDI images after they were compacted (bug #14496)\n• VGA: fix for certain graphics modes (bug #14516)\n• NAT: don’t freeze while the VM is paused if the network attachment mode is changed\nfrom/to NAT with activated port forwarding\n• OVF: fixed duplicate USB controller entries in exported OVA/OVF (bug #14462)\n• Shared Folders: fixed a path separator issue (bug #14434)\n• Drag and drop: fixed crashes on OS X hosts when doing host-to-guest transfers\n• VBoxManage: another attempt to not deny changing the network adapter type at VM\nruntime (5.0 regression; bug #14308)\n• VBoxManage: fixed broken guestcontrol <VM-Name> list command (5.0 regression)\n• VBoxManage: fixed broken Guest Control stdout/stderr output (5.0 regression)\n• Mac OS X hosts: fixed remaining problems with activated SMAP (Broadwell and later; bug\n#14412)\n• Mac OS X hosts: fixed broken 3D support (5.0.2 regression; bug #14476)\n• Linux hosts: Linux 4.2 fix\n• Linux hosts: don’t crash on older Linux distributions if the DBus service isn’t running (bug\n#14543)\n• Windows hosts: fixed the VERR_LDR_MISMATCH_NATIVE error message (bug #14420)\n• Windows hosts: fix for Windows 10 build 10525 and later (bug #14502)\n• Windows hosts: fixed network adapter enumeration on Windows 10 (bug #14437)\n• Windows hosts: prevent intermittent host network disconnects during VM start/shutdown\nwith bridged networking (bug #14500)\n• Windows Additions: fixed the call to the memory allocation function (bug #14415)\n• Linux Additions: be more forgiving if the compilation of the vboxvideo module fails (bug\n#14547)\n• X11 Additions: fixed a number of small issues with dynamic resizing and full-screen and\nseamless modes.\n\n15.8 Version 5.0.2 (2015-08-13)\nThis is a maintenance release. The following items were fixed and/or added:\n• VMM: added support for guest crash report MSRs with Hyper-V paravirtualization\n• VMM: fixed an issue causing artificially high load averages on Linux hosts\n• VMM: fixed a kernel panic with thread-context hooks caused by incompatible changes\nmade to Linux 4.2 kernels\n\n263\n\n\f15 Change log\n• VMM: fixed a saved state issue with VT-x/AMD-V disabled (5.0 regression; bug #14304)\n• VMM: fixed VERR_SUPDRV_TSC_DELTA_MEASUREMENT_FAILED Guru Meditations on certain AMD CPUs (5.0 regression; bug #14370)\n• VMM: fixed a crash while creating a guest core dumps via the VM debug facility (5.0\nregression)\n• VMM: This release has AVX2 passthrough disabled on every host and AVX passthrough\ndisabled for 64-bit VMs on 32-bit hosts. This will be properly fixed in a future 5.0.x maintenance release (see e.g. bug #14262).\n• GUI: fixed rare hang and crash on VM shutdown/poweroff\n• GUI: X11: fixed few crashes caused by the Qt alien widgets feature\n• GUI: X11: fixed various mini-toolbar geometry quirks like positioning, z-order, transparency issues on certain window managers (bug #14257)\n• GUI: X11: fixed mini-toolbar minimize button issue under certain window managers (bug\n#14284)\n• GUI: VM menu actions availability should now be properly updated on full-screen/seamless/scaled\nmode switches\n• GUI: disk encryption password validation should be performed when user confirmed the\npassword, not after each entered symbol\n• GUI: do not change the VM/group selection in the VM Manager to the newly created VM\nif it was created by another client (e.g. VBoxManage)\n• GUI: Mac OS X: do not treat ’almost maximized’ VM windows as ’maximized’, watch for\nthe strict window geometry instead\n• GUI: improve the quality in scaled mode under some circumstances (5.0 regression; bug\n#14303)\n• VBoxManage: do not deny changing the network adapter type at VM runtime (5.0 regression; bug #14308)\n• VRDP: allow Windows 10 RDP clients (bug #14216)\n• Audio: fix a possible crash on VM process termination (5.0 regression)\n• Storage: improved raw disk access on OS X by unmounting any accessed volume before\nfirst use and prevent any mount attempt by the host (bug #14219)\n• 3D: basic support for saving/restoring display lists\n• Drag and drop: fixed guest to host transfers on OS X hosts\n• Drag and drop: fixed memory leak on Windows guests\n• Shared Folders: fixed a problem with accessing CIFS shares (bug #14252)\n• Shared Folders: improved path conversion between hosts and guests with different path\nseparators (bug #14153)\n• API: skip resetting of immutable media when the VM in saved state is started (bug #13957)\n• API: fixed method for setting medium IDs which used zero (invalid) UUIDs instead random\n(valid) UUIDs if no UUIDs were passed (bug #14350)\n\n264\n\n\f15 Change log\n• API: for Windows host fix detection of API client crashes which have a session open\n• OVF: properly export all VBox features including the setting for paravirtualization (bug\n#14390)\n• Mac OS X hosts: El Capitan USB fixes\n• Windows hosts: fixed crash when opening Windows dialogs from the VM process on Windows 10 (bug #14351)\n• Windows hosts: fixed host-only adapter creation issues on Windows 10 (bug #14040)\n• Windows hosts: fixed audio on Windows 10 (bug #14432)\n• Linux hosts: more fixes for activated SMAP on Linux 3.19 and newer (Broadwell and later;\nbug #13961)\n• Linux hosts: check then name space before attaching to a host network interface (bug\n#13795)\n• Linux Additions: Linux 4.2 fixes (bug #14227)\n• Linux Additions: improved the performance of stat() to speed up certain file operations on\nshared folders\n• Windows Additions: fixed a potential crash in the WDDM driver with Windows 10 (bug\n#14190)\n• Solaris Additions: added support for X.Org Server 1.17\n• X11 Additions: various seamless mode fixes, including invisible windows under LXDE.\n\n15.9 Version 5.0.0 (2015-07-09)\nThis is a major update. The following major new features were added:\n• Paravirtualization support for Windows and Linux guests to improve time-keeping accuracy\nand performance (see chapter 10.4, Paravirtualization providers, page 223)\n• Make more instruction set extensions available to the guest when running with hardwareassisted virtualization and nested paging. Among others this includes: SSE 4.1, SSE4.2,\nAVX, AVX-2, AES-NI, POPCNT, RDRAND and RDSEED\n• xHCI Controller to support USB 3 devices (see chapter 3.10.1, USB settings, page 57)\n• Drag and drop support (bidirectional) for Windows, Linux and Solaris guests\n• Disk image encryption (see chapter 9.31, Encryption of disk images, page 214)\n• VMs can now be started in separate mode. The VM process is started headless while the\nfrontend runs as a separate process which can be terminated without stopping the VM.\n• GUI: VM guest-content scaling support (including 3D acceleration)\n• GUI: New User Interface settings page for customizing status-bar, menu-bar and guestcontent scaling\n• GUI: New Encryption settings tab for customizing encryption options for disk images\n• GUI: HiDPI support including application icons and optional unscaled HiDPI output on Mac\nOS X (including 3D acceleration)\n\n265\n\n\f15 Change log\n• GUI: Hotplugging support for SATA disks\n• New, modular audio architecture for providing a better abstraction of the host audio backends\n• Support for the NDIS6 networking framework on Windows (default on Vista and later)\nIn addition, the following items were fixed and/or added:\n• VMM: improved timing on Solaris hosts with older VT-x hosts without preemption timers\n• VMM: further improvements for TSC frequency measurements and guest timekeeping\n• VMM: debug facility now includes the guest CPU’s FPU/SSE/extended state in the core\ndump\n• VMM: fixed a hang under rare conditions on 32-bit hosts\n• VMM: several fixes\n• GUI: improved HID LEDs synchronization for Mac and Windows hosts. The physical LEDs\nstate now restored together with the VM state.\n• GUI: take the guest screen aspect ratio into account for the preview window\n• GUI: provide direct access to storage media in the VM selector\n• GUI: allow to save the VM state from the selector even if the VM is already paused\n• VBoxManage: when exporting an appliance, support the suppression of MAC addresses,\nwhich means they will be always recreated on import, avoiding duplicate MAC addresses\nfor VMs which are imported several times\n• VBoxManage: now supports renaming storage controllers and USB controllers\n• Guest Control: major overhaul, for example fixing wrong parameter quoting (bug #13157)\n• USB: added USB traffic capturing (see chapter 9.29, Capturing USB traffic for selected devices, page 214)\n• Made resizing X11 guests work more reliably\n• API: block the removal of the current snapshot if it has child snapshots (only relevant for\nVMs without snapshottable hard disks, their presence always prevented removal), which\nresulted in VM config corruption\n• API: mark VM configs with snapshots but without current snapshot as inaccessible, as this\ncombination is nonsense\n• API: fix information for some automatically generated events (only with XPCOM, Windows\nhost was not affected), which caused errors when getting some of the attributes over the\nwebservice (bug #12379)\n• API: fix crashes in Java API clients using the XPCOM binding, happened with output parameters only (bug #11232)\n• API: a number of settings (e.g. network settings) can now also be changed when the VM is\nin saved state\n• API: fixed incorrect resuming of VMs on host-resume unless they were previously paused\ndue to a host-suspend\n\n266\n\n\f15 Change log\n• API: don’t lose the saved state and “current state changed” flag during cloning of a VM\n• API: OS type description consistency fix (bug #14162)\n• VBoxSVC: don’t keep the support driver permanently open\n• Main/Properties: properly drop transient guest properties when the VM is powered off\n• VRDP: fixed a couple of races which may cause a crash during VM poweroff\n• ExtPack: don’t fail if the TMP directory contains non-latin1 characters (bug #14159)\n• 3D: fix potential race in which might cause a crash on VM termination\n• 3D: fixed a possible memory leak in the host service\n• Serial ports: new TCP/IP backend (see chapter 3.9, Serial ports, page 55)\n• Storage: added USB mass storage device class (see chapter 5.1, Hard disk controllers: IDE,\nSATA (AHCI), SCSI, SAS, USB MSC, page 83)\n• Storage: added vbox-img standalone tool for direct manipulation of virtual hard disk images without VBoxManage\n• Storage: fixed crash as a result of I/O errors in certain conditions (bug #13105)\n• NAT: fixed several potential crashes\n• NAT: don’t forcibly reset/drop all connections when the link goes down\n• Netsniffer: properly handle changing of the trace file name at VM runtime\n• Audio: fixed audio output and input when changing the default audio device more than\nonce on OS X\n• Audio: fixed audio input on OS X under certain circumstances\n• ICH9: fixed the interrupt disable logic for MSI interrupts; should fix old Linux guests with\nAHCI\n• USB: improve playback with USB sound devices attached to the emulated OHCI controller\n• Audio: provide Linux guests a different AC97 audio codec type so Linux ALSA does not\nmis-detect the link speed (default for new VMs)\n• BIOS: fix for booting from SCSI CD/DVD media\n• BIOS: fix for reads partially beyond end of disk (bug #14021)\n• VRDP: fixed listening for IPv6 on some systems (bug #14038)\n• rdesktop-vrdp: upgraded to version 1.8.3\n• Linux hosts: fixed a bug which made the netfilter driver ignore certain events (bug\n#12264)\n• Mac OS X hosts: El Capitan fixes\n• Mac OS X hosts: fixed a bug which might trigger a host kernel panic if a VM is started and\nanother hypervisor is active\n• Solaris hosts: Solaris 12 installer fix\n\n267\n\n\f15 Change log\n• Guest Additions: added a heartbeat service (see chapter 9.30, Configuring the heartbeat\nservice, page 214)\n• Linux hosts / guests: support for Linux distributions using systemd without sysv emulation\n(e.g. ArchLinux)\n• Windows Additions/WDDM: improved video memory utilization and allow more/bigger\nguest screens with large resolutions (including HiDPI)\n• Linux Additions: added -s parameter to mount.vboxsf to be sloppy with invalid parameters\n• X11 Additions: fixed wrong DPI value (bug #14151)\n• Mac OS X guests: limit the CPU family for legacy guests\n• Solaris Additions: added quiesce support to co-operate with Solaris’ fast-reboot feature\n\n15.10 Version 4.3.28 (2015-05-13)\nThis is a maintenance release. The following items were fixed and/or added:\n• VMM: fixed a Guru Meditation when rebooting certain guests (for example Solaris doing\nfast reboot) by fixing the implementation for INIT IPI\n• VMM: added some information for diagnosing rare VERR_VMX_INVALID_VMXON_PTR\nGuru Meditations (VT-x only)\n• GUI: HID LEDs sync: prevent synchronization if VM window has no focus (Windows and\nMac OS X hosts only)\n• GUI: fixed drag and drop moving the cursor between guest screens on certain hosts\n• 3D: fixed a crash on restoring the VM state on X11 hosts (bug #12737)\n• 3D: fixed a crash on restoring the VM state\n• 3D: fixed a crash on Linux guest shutdown (bug #12772)\n• VRDP: fixed incompatibility with rdesktop 1.8.3\n• VRDP: fixed listening for IPv6 on some systems (bug #14038)\n• Storage: don’t crash if creating an asynchronous I/O context fails (e.g. when starting many\nVMs) and show a proper error message\n• Floppy: several fixes\n• Audio: improved the behavior of the volume control for the HD audio device emulation\n• USB: increase the number of supported drivers from 3 to 5 (Windows hosts only)\n• PS/2 keyboard: synchronize the LED state on VM restore (Windows and Mac OS X hosts\nonly)\n• NAT Network: when running multiple NAT networks with multiple VMs, only stop the\nrespective services when stopping VMs (bug #14090)\n• NAT: don’t kill UDP bindings on ICMP errors (bug #13475)\n• NAT: bandwidth limit now works properly with NAT (bug #11485)\n\n268\n\n\f15 Change log\n• BIOS: fixed the returned size value of the VBE 2.0 PMI function 0Ah (4.2.0 regression; bug\n#14096)\n• Guest Control: fixed parameter quoting in Windows guests (bug #13157)\n• Webcam passthrough improvements for Linux (V4L2) hosts to support more webcam models\n• API: don’t fail starting a VM with VBOX_E_INVALID_OBJECT_STATE under certain conditions (bug #13617)\n• API: be more verbose on VBOX_E_INVALID_OBJECT_STATE if a medium is attached to a\nrunning VM (bug #13560)\n• API: fixed a bug which could result in losing certain screen resize events with multi-monitor\nguests\n• rdesktop-vrdp: fixed path to the keymaps (bug #12066)\n• rdesktop-vrdp: switch to version 1.8.3\n• Windows hosts: more hardening fixes (e.g. bugs #14051, #14052)\n• Linux hosts: another fix for activated SMAP on Linux 3.19 and newer (Broadwell and later;\nbug #13961)\n• Linux hosts: Linux 4.1 compile fix (bug #14081)\n• Solaris hosts: fixed using of VNIC templates with Crossbow based bridged networking to\nbe compatible with vanity interface names\n• Mac OS X hosts: fixed crash during VM termination under rare circumstances\n• Windows Additions/WDDM: improved video memory utilization and allow more/bigger\nguest screens with large resolutions (including HiDPI)\n• X11 Additions: prevent flickering when updating mouse cursor\n• Solaris Additions: fixed incorrect usage of ’prtconf’ while installing Guest Additions (Solaris\n10 only)\n\n15.11 Version 4.3.26 (2015-03-16)\nThis is a maintenance release. The following items were fixed and/or added:\n• GUI: in the snapshots pane, protect the age of snapshots against wrong host time (bug\n#13955)\n• NAT Network: fixed a bug which prevented to propagate any DNS name server / domain /\nsearch string information to the NAT network (4.3.24 regression; bugs #13915, #13918)\n• NAT Network: don’t delay the shutdown of VBoxSVC on Windows hosts\n• Mouse support: the mouse could not be moved under rare conditions if no Guest Additions\nare installed (4.3.24 regression; bug #13935)\n• Storage: if the guest ejects a virtual CD/DVD medium, make the change permanent (bugs\n#9858, #12885)\n• VGA: made saving secondary screen sizes possible in X11 guests\n\n269\n\n\f15 Change log\n• SDK: fixed the VirtualBox.tlb file (4.3.20 regression; bug #13943)\n• rdesktop-vrdp: make it work with USB devices again (4.3.14 regression; bug #13901)\n• USB: fixed a possible BSOD on Windows hosts under rare conditions\n• iPXE: enable the HTTP download protocol on non-Linux hosts (bug #13628)\n• Mac OS X hosts: don’t panic on hosts with activated SMAP (Broadwell and later; bug\n#13951)\n• Linux hosts: don’t crash Linux 4.0 hosts (bug #13835)\n\n15.12 Version 4.3.24 (2015-03-02)\nThis is a maintenance release. The following items were fixed and/or added:\n• VMM: emulation fix for the ENTER instruction under certain conditions; fixes Solaris 10\nguests (VT-x without unrestricted guest execution)\n• VMM: fix for handling NMIs on Linux hosts with X2APIC enabled\n• NAT/NAT Network: fix connection drops when the host’s DHCP lease was renewed (4.3.22\nregression; Windows hosts only; bug #13839)\n• NAT: don’t crash on an empty domain list when switching the DNS host configuration\n(4.3.22 regression; Mac OS X hosts only; bug #13874)\n• PXE: re-enable it on Windows hosts (4.3.22 regression; Windows hosts only; bug #13842)\n• Shared Folders: fixed a problem with Windows guests (4.3.22 regression; bug #13786)\n• Audio: improved record quality when using the DirectSound audio backend\n• VBoxManage: when executing the controlvm command take care that the corresponding\nVM runtime changes are saved permanently (bug #13892)\n• Windows Installer: properly install the 32-bit version of VBoxRes.dll on 32-bit hosts (bug\n#13876)\n• Linux hosts / guests: Linux 4.0 fixes (bug #13835)\n• OS/2 Additions: fixed mouse integration (4.3.22 regression; bug #13825)\n\n15.13 Version 4.3.22 (2015-02-12)\nThis is a maintenance release. The following items were fixed and/or added:\n• VMM: refined measurement of TSC frequency on the host, improves timekeeping for guests\n• VMM: decreased CPU load resulting from guest MMIO writes to the virtual APIC\n• VMM: fixed interception of debug exceptions, observed while using the dbx debugger on\nSolaris guests (VT-x only)\n• GUI: 3D overlay window positioning code improved, fixed potential misplacement of 3D\naccelerated guest graphics content\n• GUI: fixed accident SSL authentication failures during update check on Windows hosts\n(bug #12969)\n\n270\n\n\f15 Change log\n• GUI: never send the “ACPI power” keyboard scancode to the guest, we have the ACPI power\nbutton for that\n• GUI: was unable to properly restore seamless mode VM from snapshot/saved-state under\nsome circumstances\n• VBoxHeadless: don’t crash if 3D is enabled in the VM settings (bug #10250)\n• ATA: fixed several passthrough issues (bugs #12310, #1360)\n• Audio: fixed DirectSound failure when the the host has no audio input device (Windows\nhosts only; bug #9205)\n• SB16: fixed compatibility issue (bug #13769)\n• Storage: fixed broken CD/DVD passthrough when using the IDE controller (bug #12310)\n• NAT: new ping proxy for Windows hosts (bug #11871)\n• NAT: Properly report outbound connect(2) failures to guest with TCP RST or ICMP (bug\n#10525)\n• NAT Network: no need for frequent wakeups in VBoxNetDHCP and VBoxNetNAT (bug\n#11681)\n• Host-only adapter: prevent Windows from creating an “Unidentified network” (bug\n#9688)\n• Bridged Networking: don’t leak host-to-guest traffic to the wireless network when bridging\nto a wireless interface (bug #13714)\n• Main: fixed a possible race when changing the medium leading to a deadlock under rare\nconditions (bug #13722)\n• VBoxManage: fixed return code if starting a VM failed (bug #13773)\n• Settings: on Windows host, do not use environment variable HOME at all, the settings\nlocation is derived from the user profile directory (bug #7689)\n• API: fixed 2 deadlock opportunities related to medium handling (bugs #13789, #13801,\nthank you Alexander Urakov)\n• API: fixed bug in XPCOM which created too few worker threads, sporadically resulting in\na deadlock (bug #13802, thank you Alexander Urakov)\n• SDK: fixed a garbage collection leak in the Python VirtualBox webservice API binding (bug\n#13817)\n• Linux hosts: fixes for activated SMAP (Broadwell and later, bug #13820)\n• X11 guests: prevent unwanted hiding of guest screens on multi-monitor guests (bug\n#13287)\n• X11 guests: added support for X.Org Server 1.17\n• X11 Additions: fixed a memory leak in VBoxService if libdbus is available but dbus-daemon\nisn’t running (bug #13770)\n• Windows Additions: prevent VBox WDDM driver from loading if host reports weak OpenGL\ncapabilities. 3D content now can be shown over Remote Desktop connection.\n• Winodws Additions: some fixes for recent Windows 10 Previews\n\n271\n\n\f15 Change log\n• Linux Additions: fixed a compatibility issue with 64-bit Linux 2.4 kernels\n• Linux Additions: fixed a potential use-after-free when unloading the VBoxGuest module\n• Linux Additions: Linux 3.19 fixes (bug #13741)\n\n15.14 Version 4.3.20 (2014-11-21)\nThis is a maintenance release. The following items were fixed and/or added:\n• VMM: fixed reboot hang of 32-bit Windows SMP guests (bugs #13319, #13462)\n• VMM: proper Math Fault handling with certain legacy guests (bug #9042, AMD hosts)\n• VMM: fixed a Guru Meditation VINF_EM_TRIPLE_FAULT on older CPUs that don’t support\nMSR-bitmaps (VT-x only; bugs #13034, #13125, #13311, #13425, #13426, #13463,\n#13585)\n• GUI: fix 3D overlay window reparenting issue when VM goes to fullscreen mode on X11\nhosts\n• GUI: fix occasional loss of focus in full-screen mode on X11 host systems (4.3.16 regression)\n• GUI: Mac OS X: wizards should have Cancel button (bug #12541)\n• GUI: added a global option to prevent automatic raising of the new window by mouse\nmove with multi-screen guests (bug #8878)\n• API: accept remote display port 0 as the default RDP port (bug #8534)\n• VBoxManage: fixed crash when executing showvminfo command under certain circumstances (bug #13190)\n• ACPI: fixed occassional Guru Meditations in ACPI timer code (4.3.18 regression; bug\n#13521)\n• EFI: improved performance of IDE disk access\n• EFI: fixed a bug in the EFI video driver which prevented Windows to boot in UEFI mode\n(bug #12022)\n• EFI: properly announce the amount of RAM for big VMs (bugs #11103 and #13211)\n• Storage: fixed a crash under certain cicrumstances when a medium was ejected from a\ndrive attached to the SATA controller without inserting a new medium before pausing or\nclosing the VM (4.3.16 regression)\n• Storage: fixed an interrupt acknowledge issue causing hanging guests or slower I/O (4.3.18\nregression)\n• Storage: fixed broken resume after the VM was suspended due to a full disk if host I/O\ncaching is used\n• Storage: fixed a Guru Meditation under certain conditions when using the DevLsiLogic\ncontroller with VMs running in raw mode (4.3 regression; bugs #12254, #12655, #12709,\n#12774, #12886)\n• Guest Control: fixed a bug which might lead to a crash during recursive copy\n• SDK: Java COM bindings fixes\n\n272\n\n\f15 Change log\n• iPXE: enable the HTTP download protocol (bug #13628)\n• Runtime: do not use a fixed stack size creating temporary threads during initialization (bug\n#13038)\n• Windows hosts: fixed more startup problems on certain Windows hosts due to conflicts\nwith anti-virus software; better error reporting (4.3.14 regression; bug #13187)\n• Windows hosts: fixed DirectSound host audio failure under certain conditions (bug\n#13418)\n• Windows hosts: fixed additional cases of 4.3.14 regression whereby AltGr stopped working\nfor some people (bug #13216)\n• Windows Additions: preserve guest monitor layout when resizing Windows 7 or newer\nguests\n• Linux Additions: Linux 3.18 compile fixes (bug #13515)\n\n15.15 Version 4.3.18 (2014-10-10)\nThis is a maintenance release. The following items were fixed and/or added:\n• VMM: fixed a potential misbehavior after restoring the A20 state from a saved state\n• GUI: fixed full-screen mode mini-toolbar related regressions for different platforms and\nwindow managers (bug #13369)\n• GUI: X11: fixed full-screen mode Unity panels quirk caused by mini-toolbar code changes\nin last release (bug #13365)\n• GUI: X11: added possibility to use legacy full-screen mode as the new one can cause multiscreen issues under Unity, see chapter 9.20.12, Requesting legacy full-screen mode, page 206\n(bug #13365)\n• GUI: Mac OS X: fixed full-screen mode artifact causing black screen when 3D acceleration\nwas enabled on 10.10 Yosemite hosts (bug #13448)\n• GUI: Mac OS X: fixed regression in user-space swiping from/to VBox in full-screen mode\n• GUI: Mac OS X: fixed issue with switching to VBox in full-screen mode through Alt+Tab\nand Mission Control\n• Storage: fixed data corruption when resizing huge VHD images under certain circumstances (bug #11960)\n• Storage: fixed a rare hang during startup when the BIOS enumerates the storage devices\nattached to the SATA controller\n• Storage: follow the spec with AHCI interrupt acknowledge (bug #13474)\n• Storage: fixed broken iSCSI authentication (4.3.14 regression; bugs #13386, #13435)\n• NAT Network: properly parse port forwarding rules to allow UDP rules\n• USB: fixed a crash on Linux hosts with older Linux kernels (bug #13400) and several other\nfixes\n• ACPI: fixed ACPI timer anomalies (bug #12076)\n\n273\n\n\f15 Change log\n• Guest Control: fixed a memory leak (bug #13434)\n• Main: when removing a VM, do also remove the VBoxStartup.log file which might exist on\nWindows hosts (bug #13478)\n• Windows hosts: fixed more startup problems on certain Windows hosts due to conflicts\nwith anti-virus software; better error reporting (4.3.14 regression; bug #13187)\n• Windows hosts: propagate the process startup information to the child process (4.3.14\nregression; bug #13243)\n• Mac OS X hosts: don’t force using the discrete GPU (bug #11111)\n• Windows Additions: some Windows 10 tweaks\n• X11 guests: fix a bug handling video driver display properties which prevented GNOME\nShell on Fedora 21 from starting\n• Linux hosts / guests: fixed a few remaining warnings in the kernel log if memory allocation\nfails (bug #11171)\n\n15.16 Version 4.3.16 (2014-09-09)\nThis is a maintenance release. The following items were fixed and/or added:\n• VMM: fixed restoring 32-bit FPU state on 64-bit capable VMs and restoring guest FPU in\nraw-mode VMs (bug #12646; 4.3 regression)\n• GUI: properly restore normal/scale mode guest-screen size after exiting full-screen/seamless\nmode\n• GUI: mini-toolbar should provoke less artifacts/conflicts with 3D guest rendering\n• GUI: Mac OS X: Native full-screen multi-screen transition was able to blackout host-screens\nfor nearly minute\n• GUI: X11: Modern window managers should now use native full-screen multi-screen mapping API\n• GUI: added extradata item for configuring the mouse capture behavior, see chapter 9.20.11,\nConfiguring automatic mouse capturing, page 205 (bug #3506)\n• Storage: fixed a VBoxSVC crash when querying an iSCSI target with authentication configured (4.3.14 regression)\n• Storage: fixed a rare data corruption during reads if another allocating write is running\nconcurrently and accesses the same range\n• Storage: fixed a rare crash for certain VHD images from other products\n• Storage: fixed a rare release assertion when using the AHCI controller\n• Floppy: fixed read errors and guest memory corruption when running under control of\nQEMM\n• 3D: added experimental support for rendering on offline GPUs for Mac OS X host\n• 3D: fixed white window appearing on entering FullScreen mode on Mac OS X host\n• 3D: fixed video recording support for 3D data regression (bug #13073)\n\n274\n\n\f15 Change log\n• 3D: fixes for MS Office 2013 support\n• 3D: several fixes\n• Bridged Networking: improved IPv6 support when bridging to a wireless interface\n• NAT: prevent internal DNS service from stuck in host-resolver mode when host was\nswitched from one network to another one while host was sleeping (Mac OS X hosts)\n• NAT: preserve DF (if possible) and TOS when proxying outbound UDP datagrams (bugs\n#9440, #12309)\n• NAT: don’t let multicast datagrams out (bug #7338)\n• NAT: fixed handling of large incoming UDP datagrams on Windows hosts (bug #12136)\n• NAT: fixed handling of the RFC 1533 DHCP PAD option\n• NAT Network: fixed inbound half-close on Windows hosts\n• NAT Network: preserve IPv4 DF (if possible), TTL, TOS and IPv6 Hop Limit when proxying\noutbound UDP datagrams\n• VRDP: fixed a rare crash when using remote audio input\n• USB: fixed several regressions from 4.3.14 (bug #13320)\n• Audio: made the HDA sound emulation work with certain Mac OS X guests (e.g. Mountain\nLion)\n• Windows hosts: fixed startup problems on certain Windows hosts due to conflicts with\nanti-virus software (4.3.14 regression; bug #13187)\n• Windows hosts: fixed 4.3.14 regression whereby AltGr stopped working for some people\n(bug #13216)\n• X11 hosts: made the extra key on Brazilian Thinkpads work (bug #8745)\n• X11 hosts: fixed a problem of input focus cycles and immediately released key presses in\nfull screen mode (bug #13238)\n• Linux hosts: fixed flooding the kernel log with USB related messages when passing through\ncertain USB devices to a VM (bug #13085)\n• Linux guests: stop applications crashing when drm_wait_vblank is called (bug #13265)\n• Linux guests: fix a crash in gnome-session (bug #13335)\n• X11 guests: do not start VBoxClient over an SSH connection (bug #13107)\n• X11 guests: added support for X.Org Server 1.16 (bug #13207)\n• X11 guests: fixed a wrong parameter in the video driver which caused problems with fullscreen X11 clients (bug #2748)\n• VirtualKD: introduced stub/loader device for speeding up Windows kernel debugging, details see http://virtualkd.sysprogs.org/\n\n275\n\n\f15 Change log\n\n15.17 Version 4.3.14 (2014-07-15)\nThis is a maintenance release. The following items were fixed and/or added:\n• VMM: more fixes for MSR emulation on certain hardware (bugs #12784, #12949,\n#13034)\n• VMM: improve MSI handling under rare circumstances (only relevant for the ICH9 chipset)\n• VMM: fixed #UD exception for 64-bit guests with the EFER.SCE bit and the SYSCALL instruction (VT-x only; 4.3 regression; bug #13008)\n• VMM: fixed timekeeping after resuming SMP guests\n• VMM: properly wake up a halted VCPU on NMI/SMI\n• GUI: fixed a potential crash\n• GUI: fixed stuck AltGr key on Windows hosts (bug #2537)\n• GUI: fixed a potential error during the version check\n• GUI: shortcut change should not require Enter/Return (or other trigger) to confirm (bugs\n#12828, #12847, #12937, #13087)\n• GUI: fixed update check which was broken due to changing the location of the root certificates (bug #13096)\n• VBoxManage: fixed typo in showvminfo –machinereadable (bug #13176)\n• NAT: fixed inbound half-close (bug #13116)\n• NAT: fixed slow upload speed under certain conditions (bug #10034)\n• NAT Network: fixed potential loss of inbound TCP data\n• NAT Network: fixed potential infinite stalls of TCP connections over IPv6\n• NAT Network: fixed resets of TCP connections on Windows hosts\n• NAT Network: fixed inbound half-close on Mac OS X hosts\n• NAT Network: fixed socket leak on Solaris hosts\n• NAT Network: fixed ping of mapped host loopback on Mac OS X and Solaris hosts, fixed\nproxying of IMCP errors on Mac OS X\n• Host-Only Network: fixed SNMP ifConnectorPresent value on Windows (bug #13143)\n• Storage: fixed a possible crash with CD/DVD passthrough under certain circumstances\n• Storage: fixed a crash when trying to open an inaccessible QED or QCOW image (bug\n#12613)\n• Storage: fixed data corruption or read errors under rare circumstances\n• AHCI: fixed a crash under rare circumstances\n• USB: performance fixes\n• ICH9: properly reset MSI capability on reset\n• Keyboard: active modifier keys during suspend were stuck after resuming the host\n\n276\n\n\f15 Change log\n• 3D: fixed misbehavior with huge guests (i.e. guest more than 4GB guest memory\n• 3D: several fixes\n• API: properly detect the Windows 8.1 guest OS type (bug #13090)\n• ExtPack: cleanup of dangling uninstallation directories\n• Linux hosts / guests: compile fix for EL7 (bug #12638)\n• Linux Additions: made 3D pass-through work with recent versions of Mesa in the guest\n(bug #12941)\n• Linux Additions: Linux 3.16 fixes (bug #13123)\n• Mac OS X hosts: when scanning for host CD/DVD devices also consider BlueRay devices\n• Mac OS X hosts: fixed host shutdown and reboot delay caused by running VBoxSVC process\nin some cases\n• OS/2 Additions: fixed gengradd.dll library name (bug #12785)\n• Solaris Additions: fixed permissions of files and directories located on shared folders\n• Windows host installer: fixed the need for rebooting Windows after installation or upgrade,\nextended logging for NetFlt/NetAdp (un)installation\n\n15.18 Version 4.3.12 (2014-05-16)\nThis is a maintenance release. The following items were fixed and/or added:\n• VMM: fixed an occasional Guru Meditation (Mac OS X hosts only; bugs #12727, #12954)\n• VMM: fixed a rare condition that would fail to invalidate guest TLB entries or would invalidate them when not required (Windows hosts only)\n• VMM: fixed a VERR_NOT_SUPPORTED Guru Meditation seen with certain guests, e.g.\nOpenServer 5.0.7\n• VMM: more fixes for MSR emulation on certain hardware (bugs #12240, #12875)\n• GUI: fixed mouse positioning with mouse integration disabled and multiple guest screens\n(Windows hosts only; bug #9059)\n• GUI: fixed crash in VM manager (bug #12878)\n• GUI: fixed crash under rare conditions on entering/exiting full-screen/seamless mode\n• Shared Clipboard: don’t stop working after taking a snapshot (bug #12700)\n• AHCI: fixed a crash under rare circumstances\n• API: fixed a hang during VM shutdown under rare conditions\n• NAT: fixed generation of malformed ICMP error datagrams (4.3.10 regression)\n• NAT: fixed potential crash in DNS proxy\n• NAT Network: don’t drop port forwarding rules after some time\n• NAT: fixed ARP cache corruption and network loss in Windows guest caused by iSCSI\nservice activity\n\n277\n\n\f15 Change log\n• USB: improved check if a storage device is currently mounted to the host when the device\nis about to be attached to the VM (Mac OS X hosts only; #11038)\n• 3D support: several fixes, including better support for Ubuntu 14.04\n• VRDP: fixed a potential crash on client disconnect (bug #12858)\n• VBoxSVC: fixed a race when a new client is started a few seconds after the last client\nterminated (Windows hosts only; bugs #11309, #12509)\n• VBoxSVC: fixed VirtualBox.xml registry corruption after VM renaming\n• VBoxSVC: fixed a potential crash caused by incorrect USB device filter (Mac OS X hosts\nonly; #11038)\n• Windows hosts: partly support 32-bit COM on 64-bit systems\n• Windows host installer: implemented merge module (msm) support\n• Linux hosts: fixed dependency of boot script on older Debian systems (bug #12262)\n• Linux guests: fix symbolic link to shared folder helper (bug #12879)\n• Linux Additions: don’t crash VBoxService during guest execute for users without a password (bug #12994)\n• Linux Additions: fixed a bug in guest execution where the guest process terminated with\nVERR_INTERRUPTED to the host\n\n15.19 Version 4.3.10 (2014-03-26)\nThis is a maintenance release. The following items were fixed and/or added:\n• VMM: more work on improving the emulation of certain MSR registers on certain host\nCPUs (e.g. bugs #12734, #12736, #12744, #12748, #12686, #12770)\n• VMM: fixed single-stepping for real-mode guests (VT-x without unrestricted guest execution) and some I/O instructions (bug #12636)\n• VMM: fixed a potential problem with COW pages if nested paging is not available\n• GUI: Mac OS X: experimental native full screen support for Mountain Lion and Mavericks\n(bug #12292)\n• GUI: Mac OS X: removed the mini-toolbar minimize button which doesn’t work under Mac\nOS X full screen mode anyway\n• GUI: experimental HID LEDs synchronization for Windows and Mac OS X hosts: fixed\nkeyboard re-synchronization if the feature is disabled (as done by default; bug #12758)\n• GUI: fixed a potential crash when opening the preferences menu (bug #12862)\n• OVF: fixed a crash of the VirtualBox Manager when re-starting guest export (bug #12586)\n• 3D support: several fixes\n• HGCM: fixed a problem with saved states which could cause several guest misbehavior\nafter a VM was started from a saved state\n• Storage: fixed a bug preventing to compact differential snapshots under certain conditions\n\n278\n\n\f15 Change log\n• VBoxSVC: fixed a segmentation fault on Linux hosts if a very long path exists under /dev\n(bug #12760)\n• API: fixed guest misbehavior under certain conditions if a storage medium was attached or\nremoved at VM runtime\n• Windows installer: make the –silent parameter work again (bug #12764)\n• Mac OS X Networking: prevent local traffic (VM-to/from-host) from leaking to wire (bug\n#12750)\n• Windows Additions: fixed the environment for guest processes (4.3.8 regression; bug\n#12782)\n• Windows Additions/WDDM: fixed divide by zero exception with multiple guest screens\nunder certain conditions\n• Windows Additions/WDDM: fixed crashes with 2D video acceleration enabled (4.3.8 regression; bug #12745)\n• Linux Additions: install correctly on Ubuntu guest systems with a /usr/lib64 directory (bug\n#12513)\n• X11 Additions: fix for the VBoxClient process not exiting correctly (bug #12348) and\nconsuming too much processor time\n\n15.20 Version 4.3.8 (2014-02-25)\nThis is a maintenance release. The following items were fixed and/or added:\n• VMM: more work on improving the emulation of certain MSR registers (e.g. bugs #12224,\n#12544)\n• VMM: fixed a VERR_INVALID_RPL Guru Meditation when booting certain guests (bug\n#11350)\n• VMM: experimental support for SSE 4.1 / SSE 4.2 passthrough, see the user manual how\nto enable it (bug #8651)\n• VMM: fix for recent Linux kernels with software virtualization\n• GUI: experimental HID LEDs synchronization for Windows hosts, see chapter 9.28, Support\nfor keyboard indicators synchronization, page 213\n• GUI: warn the user if the Oracle Extension Pack is not installed and the user tries to activate\nthe remote display feature (bug #9104)\n• GUI: make sure that a minimized guest (using mini toolbar in full screen / seamless mode)\nkeeps the minimized state (bug #12199)\n• GUI: popup banner’s “do not show this message again” check-box replaced with corresponding button\n• GUI: network adapter cables can now be connected/disconnected directly through the running virtual machine Devices / Network menu a Network status-bar indicator\n• GUI: the new VM wizard now proposes 64-bit guests on 64-bit hosts by default; better\ndistinction between 32-bit OS types 64-bit OS types (bug #12533)\n\n279\n\n\f15 Change log\n• GUI: better error message if appliance import fails (bug #12657)\n• GUI: allow to set host-combination to ’None’ using the Global settings / Input page (bug\n#12730)\n• GUI: don’t switch the guest to a black screen during online snapshot merge (4.3 regression)\n• VBoxManage: when exporting an appliance, support the suppression of MAC addresses,\nwhich means they will be always recreated on import, avoiding duplicate MAC addresses\nfor VMs which are imported several times\n• AHCI: fixed a VM hang during suspend under certain circumstances\n• AHCI: fixed a VM hang during online snapshot merge under certain circumstances\n• AHCI: fixed a bug which resulted in Windows XP guest hangs if a SATA CDROM is attached\n(bug #12417)\n• AHCI: fixed a Guru Meditation under certain conditions\n• AHCI: ejecting a CD/DVD medium failed under certain conditions\n• AHCI: disk hotplugging fixes\n• NAT: transparent handling of host sleep/resume and network configuration changes if the\ndnsproxy is enabled or if the hostresolver is used (bug #12441)\n• NAT: fixed crash and misbehaviour under some circumstances with ICMP packets having\nTTL=1\n• NAT Network: fixed IPv6 reassembly\n• NAT Network: ping proxy implemented\n• OVF: fixed reading of the OVF 0.9 section element (4.3 regression; bug #12345)\n• OVF: several fixes\n• 3D support: several fixes, multiscreen fixes (e.g. bug #9124)\n• 3D support: include 3D content in captured videos (bug #12666)\n• 3D support: include 3D content in captured screenshot (bug #11758)\n• VGA: proper handling of legacy graphics modes if the Guest Additions are active (bug\n#6649)\n• USB: fixed crash during isochronous transfer under rare circumstances\n• BIOS: better disk geometry handling of SCSI drives\n• API: fix crashes in Java API clients using the XPCOM binding, happened with output parameters only (bug #11232)\n• VBoxSVC: documented the handling of host power management events (see chapter 9.26,\nHandling of host power management events, page 213) and added an extradata item for\nconfiguring the handling of the battery-low event (bug #9925)\n• VBoxSVC: fixed a bug which could trigger a crash if a VM snapshot was restored the second\ntime and the VM has associated bandwidth groups (bug #12569)\n• VBoxSVC: properly detect ifconfig if located in /bin (bug #12713)\n\n280\n\n\f15 Change log\n• Shared Folders: fixed a failure to restore transient shared folders when starting a VM from\na saved state (bug #12578)\n• Mac OS X hosts: fixed issue when the application icon was frozen in the dock if the bridging\ninterface was not connected to a network (bug #12241)\n• Linux hosts: also consider the physical package ID when determining the number of physical CPU cores\n• Linux hosts / guests: don’t warn in kernel log if memory allocation fails (bug #11171)\n• Solaris hosts: fixed the autostart SMF script (bug #11720)\n• Windows hosts: fixes for non-ANSI code page user names and similar environment contents\n(bug #12596)\n• Windows hosts / guests: fixed setting and using a guest user’s process environment variables (relevant for Guest Control)\n• Windows Additions: fixed handle leaks in VBoxTray (bug #12563)\n• Windows Additions: fixed a crash while detecting active guest users\n• Windows Additions: fixed restoring backed up D3D files on XPDM -> WDDM upgrade\n• Guest Control: fixed setting and using a guest user’s process environment variables\n• Linux Additions: support Enterprise Linux 6.5 kernels (bug #12505)\n• Linux Additions: fixed CPU hot-remove on newer Linux kernels\n• Linux / Solaris Additions: don’t automount a shared folder which is already mounted\n• X11 Additions: support X.Org Server 1.15 (bug #12623)\n\n15.21 Version 4.3.6 (2013-12-18)\nThis is a maintenance release. The following items were fixed and/or added:\n• VMM: fixed a Guru Meditation VINF_EM_TRIPLE_FAULT caused by VMCB caching with\nnested paging on certain AMD CPUs (bug #12451)\n• VMM: fixed a Guru Meditation VERR_VMX_UNEXPECTED_INTERRUPTION_EXIT_TYPE\nwhile intercepting debug exceptions (VT-x only; bug #12410)\n• VMM: fixed a Guru Meditation VERR_SVM_UNEXPECTED_EXIT while intercepting debug\nregister accesses (AMD-V only; bug #12481)\n• VMM: fixed a VERR_SSM_STRUCTURE_MAGIC error when trying to load a saved state\nmade with VBox 4.3.4 when VT-x/AMD-V is disabled. Unfortunately, VBox 4.3.4 produced\nbroken saved states for this configuration so you have to discard these states (bug #12414)\n• VMM: added a few more MSRs to the whitelist required by certain guests (bug #12245)\n• GUI: fixed deleting of inaccessible VMs (4.3 regression; bug #12205)\n• GUI: fixed warnings in VM settings / number of guest processors (bug #12480)\n• Main: don’t automatically enable 64-bit guests on 64-bit hosts if VT-x/AMD-V is not available (bug #12424)\n\n281\n\n\f15 Change log\n• Main: always expose the DMI memory information to Windows 2012 guests (bug #12017)\n• Main: fixed occasional crashes on guest display resolution change (bug #7063)\n• Main: fixed reporting back temporary name when calling IGuestSession::DirectoryCreateTemp()\n(bug #12498)\n• API: fix for a hang when launching a GUI VM through the API, which crashes due to GUI\nunavailability\n• Storage: fix for BLKCACHE_IOERR runtime errors under rare circumstances (bug #11030)\n• Network: allow to start more than 5 PCNet instances (bug #12426)\n• E1000: if the cable was disconnected before the guest initialized the device, the link status\nwas not properly set to ’down’ after the initialization completed despite the fact that there\nwas no connection\n• 3D support: fixed offset of guest 3D image elements (Mac OS X Retina hosts only; bug\n#11021)\n• Solaris hosts: fixed accessing the host driver from non-global zones (4.3 regression; bug\n#12271)\n\n15.22 Version 4.3.4 (2013-11-29)\nThis is a maintenance release. The following items were fixed and/or added:\n• VMM: fix for a bug in the Local APIC emulation causing a BSOD when booting certain\nguests (4.3.0 regression; bug #12240)\n• VMM: fixed loading of saved states if VT-x/AMD-V was disabled (4.3.2 regression; bug\n#12291)\n• VMM: fixed single-stepping inside the guest for certain instructions (VT-x only; bug\n#10947)\n• VMM: fixed a performance issue involving APIC accesses after rebooting a VM (4.3.0 regression; VT-x only; bug #12296)\n• VMM: fixed TPR patching to be enabled for 32-bit guests even when the chosen guest type\nis 64-bit (4.3.0 regression; AMD-V only)\n• VMM: fixed occasional VINF_EM_TRIPLE_FAULT errors on hosts without the unrestricted\nguest execution feature (bug #12198)\n• GUI: don’t bother the user with the BPP warning if no Guest Additions are installed\n• GUI: fixed machine-window paint artifacts on VM reboot / guest-screen resize\n• GUI: make sure the assigned license and description are attached to the exported appliance\n• GUI: fixed bugs in close VM action restrictions handling (bug #12333)\n• GUI: fixed incorrect wizards text colors for some unusual look and feel styles (bug #11743)\n• GUI: should restore seamless mode as soon as possible after VM reboot or shutdown\n• GUI: fixes for medium enumeration\n\n282\n\n\f15 Change log\n• GUI: the OS X hot corners were not accessible while a VirtualBox VM is running (Mac OS\nX hosts only; bug #4139)\n• GUI: fixed an old bug which bared the host from cleanly shutdown / reboot if the VM\nselector window is open (Mac OS X hosts only; bug #8254)\n• Host-only Networking: fixed creating of host-only network interfaces (4.3.0 regression;\nbug #12182)\n• NAT: don’t run into an infinite loop in case the host cannot access any DNS server (4.3.0\nregression; bug #12300)\n• NAT: don’t re-connect the cable if the DNS information changes and the cable was disconnected before (4.3.0 regression; bug #12225)\n• NAT: fixed several issues with automatically starting / terminating of NAT networks on VM\nstart / stop and configuration changes\n• VBoxNetDHCP: don’t block prevent VBoxSVC from terminating (bug #12264)\n• 2D Video acceleration: fix crashes on presentation mode switches (bug #9194)\n• BusLogic: allow to run VMs with more than one BusLogic SCSI controller enabled\n• Keyboard: fixed a VM crash if a VM was resumed from a saved state where at least one key\nwas pressed (bug #11289)\n• VBoxSVC: fixed a heap corruption under certain conditions (4.3.0 regression)\n• VBoxSVC: fixed a race leading to a hang during initialization (bug #12349)\n• OVF: fixed import logic for OVF appliances containing multiple VMs\n• OVF: improved logic for finding an appropriate image format during OVF import\n• API: block the removal of the current snapshot if it has child snapshots (only relevant for\nVMs without snapshottable hard disks, their presence always prevented removal), which\nresulted in VM config corruption\n• API: mark VM configs with snapshots but without current snapshot as inaccessible, as this\ncombination is nonsense\n• API: fixed information for some automatically generated events (only with XPCOM, Windows host was not affected), which caused errors when getting some of the attributes over\nthe webservice (bug #12379)\n• SDK: extended the functionality coverage for the C bindings\n• Guest Control: various bugfixes and improved VBoxManage help (bugs #8072, #11044,\n#12336, #12338, #12346, #12371)\n• Windows hosts: another attempt to fix the massive DPC latency (bug #6242)\n• Windows host installer: make registering file extensions optional, contributed by Tal Aloni\n(bug #8009)\n• Mac OS X hosts: properly sign the kernel extensions for Mavericks hosts (bug #12256)\n• Mac OS X hosts: fixed a bug where the VirtualBox dock icon was not properly removed\nfrom the dock after a VM terminated preventing Mavericks hosts from shutting down (bug\n#12241)\n\n283\n\n\f15 Change log\n• Mac OS X hosts: fixed minor installer issue (bug #12275)\n• Linux hosts / guests: Linux 3.13 compile fixes (bug #12358)\n• Linux guests: build the vboxvideo kernel module correctly on OL/RHEL 6.1 guests (bug\n#11996)\n• Linux guests: make 3D work on Slackware 14.1 (bug #12320 comments 3 and 4)\n• Guest Additions/3D: fixed an occasional dead-lock (bug #12319)\n• Windows Additions/3D: fixed possible memory leaking (bug #12228)\n• Windows Additions/XPDM: use separate tables containing valid video modes for each virtual monitor\n• Windows Additions: fixed automatic logins for Vista and newer Windows guests (bug\n#12332)\n\n15.23 Version 4.3.2 (2013-11-01)\nThis is a maintenance release. The following items were fixed and/or added:\n• VMM: fixed restoring of the auxiliary TSC MSR in VT-x that caused host BSODs on Windows\n8.1 hosts and unpredictable behavior on other hosts (bug #12237)\n• VMM: provide fake values for a couple of MSRs to make more guests happy on certain\nhosts\n• VMM: fixed detection of VT-x on certain machines where the BIOS would not set the VMX\nLOCK feature bit, which affected the VM settings in the GUI\n• VMM: fixed TPR threshold which caused BSODs on Windows XP guests that use the I/O\nAPIC (VT-x only; bug #12227)\n• VMM: fixed PATM saved state incompatibility for software virtualized VMs (bug #12222)\n• VMM: don’t fail if AMD-V isn’t available if the VM is configured to use software virtualization\n• GUI: fixed guest resize breakage on visual representation mode change (when switching\nfrom normal to full screen etc)\n• GUI: make sure the guest screen is resized after restoring a VM from a saved state if the\nhost screen size changed\n• GUI: disabled SCROLL LED sync from HID LEDs synchronization (Mac OS X hosts only)\n• Webcam passthrough improvements including GUI support (see chapter 9.7.1, Using a host\nwebcam in the guest, page 183)\n• Guest Control: implemented more IGuestSession methods\n• Guest Control: added support for deleting and renaming guest files + directories in VBoxManage\n• Guest Control: various bugfixes\n• API: incorrect handling of hardware UUID default value, resulting in an all zero\nDMI/SMBIOS UUID, which leads to Windows requesting re-activation (4.3 regression;\nbug #12244)\n\n284\n\n\f15 Change log\n• 3D support: fixed crash on shutdown if 2D video acceleration is enabled (Mac OS X hosts\nonly)\n• 3D support: miscellaneous fixes\n• Storage: fixed detection of CD/DVD media when switching from an empty to a host drive\nwith passthrough enabled\n• Storage: fixed hang of the VM process when the disk is full under certain circumstances\n• NAT: listen for changes of NAT Network setting at runtime\n• NAT: NAT Network DHCP server now saves leases to a persistent storage\n• Main: monitor changes in host DNS configuration\n• Mac OS X host: reworked a mechanism of adding a VM desktop alias from the VM selector\n• Mac OS X installer: remove old kernel extensions during upgrade (bug #12258)\n• Linux Additions: correctly set umask before installing (bug #12166)\n• X11 Additions/3D: fix freezes starting 3D desktop (bug #11503, thank you Sam Spilsbury)\n• X11 Additions/3D: fix depth buffer support (bug #11905)\n• X11 Additions/3D: fix Age Of Empires 3 rendering (bug #11331)\n• Windows Additions/3D: fix Google Earth plugin rendering\n• Windows Additions/WDDM: autoresize fixes\n\n15.24 Version 4.3.0 (2013-10-15)\nThis is a major update. The following major new features were added:\n• VMM: major rewrite of the VT-x code and the AMD-V code including many bug fixes and\nperformance improvements (for example bug #9659)\n• VMM: introduced a lightweight instruction interpreter for situations not handled by hardware virtualization\n• GUI: extended messaging mechanism (new non-modal popup overlays used to show noncritical warnings and provide user with additional information)\n• GUI: keyboard shortcuts management (input page of global preferences extended with\npossibility to edit general keyboard shortcuts for VirtualBox Manager and Virtual Machine)\n• GUI: video capturing support (bug #4766)\n• Added USB touch device emulation\n• Added experimental support for webcam passthrough complementing USB passthrough\n(see chapter 9.7.1, Using a host webcam in the guest, page 183)\n• Added SCSI CD-ROM emulation, including boot support\n• VRDP: support for IPv6\n• Guest Control: guest sessions now are running in dedicated, impersonated session processes (needs at least Guest Additions 4.3 installed)\n\n285\n\n\f15 Change log\n• Guest Control: implemented IGuestFile support\n• NAT: experimental virtual router mode: several VMs are attached to the same internal\nnetwork and share one NAT service (see chapter 6.4, Network Address Translation Service\n(experimental), page 100)\nIn addition, the following items were fixed and/or added:\n• VMM: significantly improved performance of NetWare 5.x/6.x guests on host systems without nested paging support\n• VMM: fixed losing host NMIs while in VT-x guest-context\n• VMM: changed order of actions in emulated task switch (bug #10532)\n• VMM: allow to activate VT-x while in SMX mode and provide more information if that is\nnot possible\n• GUI: update check uses https\n• GUI: numerous minor internal cleanups and bug fixes\n• GUI: HID LEDs synchronization when switching between guest window(s) and host (Mac\nOS X hosts only)\n• GUI, VBoxManage: when unregistering a VM, also unregister the hard disk images which\nare used exclusively (bug #10311)\n• GUI: use the number of physical presented processor cores instead of the number of logical\nprocessor cores to check if the users assigned too many virtual CPUs to the guest\n• Snapshots: made live snapshots work again (bug #9255)\n• Teleportation: made it work again (bug #9455)\n• Storage: implemented AHA-154x compatibility mode in the emulated BusLogic SCSI HBA\n• Storage: significantly improved performance of large ATAPI PIO transfers (BeOS, Minix 3\nguests affected)\n• Storage: added floppy formatting emulation (NB: cannot be used to change existing media\ngeometry)\n• Settings: global and per-VM default frontend configuration, useful to select the use of\nalternative VM frontends\n• Settings: limit depth of snapshot tree to 250 levels, as more will lead to decreased performance and may trigger crashes\n• Settings: the per-VM hwvirtextexcl setting has been replaced by a global hwvirtexclusive\nproperty\n• Main: new event queue implementation which does not use the host’s native event queue\nfor processing VirtualBox events anymore\n• Main: eliminate the use of SysV semaphores on all host OSes other than Windows, namely\nLinux, Solaris and Mac OS X, with the consequence that no system reconfiguration is\nneeded to run more than approximately 100 VMs\n• Main: use the XDG standard configuration folder instead of .VirtualBox on systems where\nit is appropriate (bug #5099)\n\n286\n\n\f15 Change log\n• Main: extension pack framework can now support loading HGCM modules, contributed by\nJeff Westphal\n• VBoxManage: list more information about hard disk/DVD/floppy media, and support the\n--long option to show really all available details\n• VBoxManage: added support for optional command line parameters for the automatic\nGuest Additions update\n• VBoxManage: added support for listing active guest sessions, guest processes and/or guest\nfiles via guestcontrol list <all|sessions|processes|files>\n• VBoxManage: added support for closing active guest sessions via guestcontrol session\nclose --session-id <ID>| --session-name <name or pattern>|--all\n\n• VBoxManage: added support for terminating active guest processes via guestcontrol\nprocess kill|close|terminate --session-id <ID>| --session-name <name or\npattern> <PID> ... <PID n> or guestcontrol [p[s]]kill --session-id <ID>|\n--session-name <name or pattern> <PID> ... <PID n>\n\n• VBoxManage: added support for watching guest sessions via guestcontrol watch\n• VBoxManage: added modifyvm --triplefaultreset to make the VM reset on triple fault\ninstead of triggering a Guru Meditation (see chapter 8.8, VBoxManage modifyvm, page 131)\n• 3D support: several fixes\n• 3D support: several fixes for Mac OS X hosts\n• OVF: several fixes\n• Extpack Installer: make it work if the file is located in a folder with special characters\n• Keyboard: fix for reporting key sequences like Ctrl+Alt+Del for the USB keyboard emulation\n• Shared Clipboard/X11: support for BMP-format images, contributed by François Revol\n• Mac OS X hosts: limited support for Mac OS X 10.9 (Mavericks)\n• Mac OS X hosts: use a launchd script instead of the deprecated StartupItem mechanism\n(bug #8940)\n• Windows hosts: don’t cause massive DPC latency (only on certain hosts; still needs improving; bug #6242)\n• Windows hosts: consider symlinks when retrieving volume information (bug #11962)\n• Windows hosts: fixed an issue with USB2 devices being inaccessible when plugged into\nUSB 3.0 ports\n• Windows Additions: fixed misbehavior with guest display power management (WDDM\ndriver only; bug #11170)\n• Windows Additions: fixed memory leak caused by WTSQuerySessionInformation() on Windows 2000 guests (bug #12072)\n• Windows Additions: ability to track guest user idle times through the newly introduced\nevent IGuestUserStateChangedEvent\n• Linux Additions: fixed udev detection in the init script with Linux 3.x kernels\n\n287\n\n\f15 Change log\n\n15.25 Older Change log details\nWith VirtualBox 5.0, changelog information for versions before 4.3 was removed in order to save\nspace. To access this information, please consult the User Manual of VirtualBox version 4.3 or\nearlier.\n\n288\n\n\f16 Third-party materials and licenses\nVirtualBox incorporates materials from several Open Source software projects. Therefore the use\nof these materials by VirtualBox is governed by different Open Source licenses. This document\nreproduces these licenses and provides a list of the materials used and their respective licensing\nconditions. Section 1 contains a list of the materials used. Section 2 reproduces the applicable\nOpen Source licenses. For each material, a reference to its license is provided.\nThe source code for the materials listed below as well as the rest of the VirtualBox code which\nis released as open source are available at http://www.virtualbox.org, both as tarballs for\nparticular releases and as a live SVN repository.\n\n16.1 Materials\n• VirtualBox contains portions of QEMU which is governed by the licenses in chapter 16.2.5,\nX Consortium License (X11), page 307 and chapter 16.2.2, GNU Lesser General Public License\n(LGPL), page 296 and\n(C) 2003-2005 Fabrice Bellard; Copyright (C) 2004-2005 Vassili Karpov (malc); Copyright\n(c) 2004 Antony T Curtis; Copyright (C) 2003 Jocelyn Mayer\n• VirtualBox contains code which is governed by the license in chapter 16.2.5, X Consortium\nLicense (X11), page 307 and\nCopyright 2004 by the Massachusetts Institute of Technology.\n• VirtualBox contains code of the BOCHS VGA BIOS which is governed by the license in\nchapter 16.2.2, GNU Lesser General Public License (LGPL), page 296 and\nCopyright (C) 2001, 2002 the LGPL VGABios developers Team.\n• VirtualBox contains code of the BOCHS ROM BIOS which is governed by the license in\nchapter 16.2.2, GNU Lesser General Public License (LGPL), page 296 and\nCopyright (C) 2002 MandrakeSoft S.A.; Copyright (C) 2004 Fabrice Bellard; Copyright (C)\n2005 Struan Bartlett.\n• VirtualBox contains the zlib library which is governed by the license in chapter 16.2.6, zlib\nlicense, page 307 and\nCopyright (C) 1995-2003 Jean-loup Gailly and Mark Adler.\n• VirtualBox may contain OpenSSL which is governed by the license in chapter 16.2.7,\nOpenSSL license, page 307 and\nCopyright (C) 1995-1998 Eric Young ([email protected]). This product includes software\nwritten by Tim Hudson ([email protected]).\n• VirtualBox may contain NSPR and XPCOM which is governed by the license in chapter\n16.2.3, Mozilla Public License (MPL), page 301 and\nCopyright (C) The Authors.\n• VirtualBox contains Slirp which is governed by the license in chapter 16.2.8, Slirp license,\npage 308 and was written by Danny Gasparovski.\nCopyright (C) 1995, 1996 All Rights Reserved.\n\n289\n\n\f16 Third-party materials and licenses\n• VirtualBox contains liblzf which is governed by the license in chapter 16.2.9, liblzf license,\npage 309 and\nCopyright (C) 2000-2005 Marc Alexander Lehmann <[email protected]>\n• VirtualBox may ship with a modified copy of rdesktop which is governed by the license in\nchapter 16.2.1, GNU General Public License (GPL), page 292 and\nCopyright (C) Matthew Chapman and others.\n• VirtualBox may ship with a copy of kchmviewer which is governed by the license in chapter\n16.2.1, GNU General Public License (GPL), page 292 and\nCopyright (C) George Yunaev and others.\n• VirtualBox may contain Etherboot which is governed by the license in chapter 16.2.1, GNU\nGeneral Public License (GPL), page 292 with the exception that aggregating Etherboot with\nanother work does not require the other work to be released under the same license (see\nhttp://etherboot.sourceforge.net/clinks.html). Etherboot is\nCopyright (C) Etherboot team.\n• VirtualBox may contain iPXE which is governed by the license in chapter 16.2.1, GNU\nGeneral Public License (GPL), page 292 and\nCopyright (C) Michael Brown <[email protected]> and others.\n• VirtualBox contains code from Wine which is governed by the license in chapter 16.2.2,\nGNU Lesser General Public License (LGPL), page 296 and\nCopyright 1993 Bob Amstadt, Copyright 1996 Albrecht Kleine, Copyright 1997 David\nFaure, Copyright 1998 Morten Welinder, Copyright 1998 Ulrich Weigand, Copyright 1999\nOve Koven\n• VirtualBox contains code from lwIP which is governed by the license in chapter 16.2.11,\nlwIP license, page 309 and\nCopyright (C) 2001, 2002 Swedish Institute of Computer Science.\n• VirtualBox contains libxml which is governed by the license in chapter 16.2.12, libxml\nlicense, page 310 and\nCopyright (C) 1998-2003 Daniel Veillard.\n• VirtualBox contains libxslt which is governed by the license in chapter 16.2.13, libxslt licenses, page 310 and\nCopyright (C) 2001-2002 Daniel Veillard and Copyright (C) 2001-2002 Thomas Broyer,\nCharlie Bozeman and Daniel Veillard.\n• VirtualBox contains code from the gSOAP XML web services tools, which are licensed under\nthe license in chapter 16.2.14, gSOAP Public License Version 1.3a, page 311 and\nCopyright (C) 2000-2007, Robert van Engelen, Genivia Inc., and others.\n• VirtualBox ships with the application tunctl (shipped as VBoxTunctl) from the User-mode\nLinux suite which is governed by the license in chapter 16.2.1, GNU General Public License\n(GPL), page 292 and\nCopyright (C) 2002 Jeff Dike.\n• VirtualBox contains code from Chromium, an OpenGL implementation, which is goverened\nby the licenses in chapter 16.2.15, Chromium licenses, page 316 and\nCopyright (C) Stanford University, The Regents of the University of California, Red Hat,\nand others.\n\n290\n\n\f16 Third-party materials and licenses\n• VirtualBox contains libcurl which is governed by the license in chapter 16.2.16, curl license,\npage 318 and\nCopyright (C) 1996-2009, Daniel Stenberg.\n• VirtualBox contains dnsproxy which is governed by the license in chapter 16.2.4, MIT License, page 307 and\nCopyright (c) 2003, 2004, 2005 Armin Wolfermann.\n• VirtualBox may contain iniparser which is governed by the license in chapter 16.2.4, MIT\nLicense, page 307 and\nCopyright (c) 2000-2008 by Nicolas Devillard.\n• VirtualBox contains some code from libgd which is governed by the license in chapter\n16.2.17, libgd license, page 318 and\nCopyright 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007 Pierre-Alain Joye\n([email protected]).\n• VirtualBox contains code from the EFI Development Kit II which is governed by the license\nin chapter 16.2.18, BSD license from Intel, page 319 and\nCopyright (c) 2004-2008, Intel Corporation.\n• VirtualBox contains libjpeg which is governed by the license in chapter 16.2.19, libjpeg\nLicense, page 319 and\nCopyright (C) 1991-2010, Thomas G. Lane, Guido Vollbeding.\n• VirtualBox may contain x86 SIMD extension for IJG JPEG library which is governed by the\nlicense in chapter 16.2.20, x86 SIMD extension for IJG JPEG library license, page 320 and\nCopyright 2009 Pierre Ossman <[email protected]> for Cendio AB; Copyright 2010 D.\nR. Commander; Copyright (C) 1999-2006, MIYASAKA Masaru.\n• VirtualBox may ship a copy of Qt which is governed by the license in chapter 16.2.2, GNU\nLesser General Public License (LGPL), page 296 and\nCopyright (C) 2010, 2011 Nokia Corporation and/or its subsidiary(-ies).\n• VirtualBox contains parts of the FreeBSD kernel which is governed by the license in chapter\n16.2.21, FreeBSD license, page 320.\n• VirtualBox contains parts of the NetBSD kernel which is governed by the license in chapter\n16.2.22, NetBSD license, page 321.\n• VirtualBox contains portions of liblightdm-gobject which is governed by the license in chapter 16.2.2, GNU Lesser General Public License (LGPL), page 296 and\nCopyright (C) 2010-2013 Canonical Ltd.; Copyright (C) 2010-2011 Robert Ancell.\n• VirtualBox contains portions of glib which is governed by the license in chapter 16.2.2,\nGNU Lesser General Public License (LGPL), page 296 and\nCopyright (C) 1995-2011 The Glib team\n• VirtualBox contains portions of PCRE which is governed by the license in chapter 16.2.23,\nPCRE license, page 321 and\nCopyright (c) 1997-2012 University of Cambridge; Copyright(c) 2009-2012 Zoltan Herczeg; Copyright (c) 2007-2012, Google Inc.\n\n291\n\n\f16 Third-party materials and licenses\n• VirtualBox contains portions of libffi which is governed by the license in chapter 16.2.24,\nlibffi license, page 322 and\nCopyright (c) 1996-2012 Anthony Green, Red Hat, Inc and others. See source files for\ndetails.\n• VirtualBox contains portions of FLTK which is governed by the licenses in chapter 16.2.25,\nFLTK license, page 323 and chapter 16.2.2, GNU Lesser General Public License (LGPL), page\n296 and\nCopyright (C) 1991-2012 The FLTK team\n• VirtualBox contains portions of Expat which is governed by the license in chapter 16.2.26,\nExpat license, page 323 and\nCopyright (c) 1998, 1999, 2000 Thai Open Source Software Center Ltd and Clark Cooper;\nCopyright (c) 2001, 2002, 2003, 2004, 2005, 2006 Expat maintainers.\n• VirtualBox contains portions of Fontconfig which is governed by the license in chapter\n16.2.27, Fontconfig license, page 323 and\nCopyright (C) 2001, 2003 Keith Packard\n• VirtualBox contains portions of Freetype which is governed by the license in chapter\n16.2.28, Freetype license, page 324 and\nCopyright 2012 The FreeType Project (www.freetype.org). All rights reserved.\n• VirtualBox may contain code from the WebM VP8 Codec SDK which is governed by the\nlicense in chapter 16.2.29, VPX License, page 326 and\nCopyright (c) 2010, The WebM Project authors. All rights reserved.\n\n16.2 Licenses\n16.2.1 GNU General Public License (GPL)\nGNU GENERAL PUBLIC LICENSE Version 2, June 1991\nCopyright (C) 1989, 1991 Free Software Foundation, Inc.\n51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\nEveryone is permitted to copy and distribute verbatim copies of this license document, but\nchanging it is not allowed.\nPreamble\nThe licenses for most software are designed to take away your freedom to share and change\nit. By contrast, the GNU General Public License is intended to guarantee your freedom to share\nand change free software–to make sure the software is free for all its users. This General Public\nLicense applies to most of the Free Software Foundation’s software and to any other program\nwhose authors commit to using it. (Some other Free Software Foundation software is covered by\nthe GNU Library General Public License instead.) You can apply it to your programs, too.\nWhen we speak of free software, we are referring to freedom, not price. Our General Public\nLicenses are designed to make sure that you have the freedom to distribute copies of free software\n(and charge for this service if you wish), that you receive source code or can get it if you want\nit, that you can change the software or use pieces of it in new free programs; and that you know\nyou can do these things.\nTo protect your rights, we need to make restrictions that forbid anyone to deny you these\nrights or to ask you to surrender the rights. These restrictions translate to certain responsibilities\nfor you if you distribute copies of the software, or if you modify it.\n\n292\n\n\f16 Third-party materials and licenses\nFor example, if you distribute copies of such a program, whether gratis or for a fee, you must\ngive the recipients all the rights that you have. You must make sure that they, too, receive or can\nget the source code. And you must show them these terms so they know their rights.\nWe protect your rights with two steps: (1) copyright the software, and (2) offer you this license\nwhich gives you legal permission to copy, distribute and/or modify the software.\nAlso, for each author’s protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone\nelse and passed on, we want its recipients to know that what they have is not the original, so\nthat any problems introduced by others will not reflect on the original authors’ reputations.\nFinally, any free program is threatened constantly by software patents. We wish to avoid the\ndanger that redistributors of a free program will individually obtain patent licenses, in effect\nmaking the program proprietary. To prevent this, we have made it clear that any patent must be\nlicensed for everyone’s free use or not licensed at all.\nThe precise terms and conditions for copying, distribution and modification follow.\nGNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION\nAND MODIFICATION\n0. This License applies to any program or other work which contains a notice placed by the\ncopyright holder saying it may be distributed under the terms of this General Public License.\nThe “Program”, below, refers to any such program or work, and a “work based on the Program”\nmeans either the Program or any derivative work under copyright law: that is to say, a work\ncontaining the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term\n“modification”.) Each licensee is addressed as “you”.\nActivities other than copying, distribution and modification are not covered by this License;\nthey are outside its scope. The act of running the Program is not restricted, and the output from\nthe Program is covered only if its contents constitute a work based on the Program (independent\nof having been made by running the Program). Whether that is true depends on what the\nProgram does.\n1. You may copy and distribute verbatim copies of the Program’s source code as you receive\nit, in any medium, provided that you conspicuously and appropriately publish on each copy an\nappropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to\nthis License and to the absence of any warranty; and give any other recipients of the Program a\ncopy of this License along with the Program.\nYou may charge a fee for the physical act of transferring a copy, and you may at your option\noffer warranty protection in exchange for a fee.\n2. You may modify your copy or copies of the Program or any portion of it, thus forming a\nwork based on the Program, and copy and distribute such modifications or work under the terms\nof Section 1 above, provided that you also meet all of these conditions:\na) You must cause the modified files to carry prominent notices stating that you changed the\nfiles and the date of any change.\nb) You must cause any work that you distribute or publish, that in whole or in part contains\nor is derived from the Program or any part thereof, to be licensed as a whole at no charge to all\nthird parties under the terms of this License.\nc) If the modified program normally reads commands interactively when run, you must cause\nit, when started running for such interactive use in the most ordinary way, to print or display an\nannouncement including an appropriate copyright notice and a notice that there is no warranty\n(or else, saying that you provide a warranty) and that users may redistribute the program under\nthese conditions, and telling the user how to view a copy of this License. (Exception: if the\nProgram itself is interactive but does not normally print such an announcement, your work\nbased on the Program is not required to print an announcement.)\nThese requirements apply to the modified work as a whole. If identifiable sections of that work\nare not derived from the Program, and can be reasonably considered independent and separate\nworks in themselves, then this License, and its terms, do not apply to those sections when you\n\n293\n\n\f16 Third-party materials and licenses\ndistribute them as separate works. But when you distribute the same sections as part of a whole\nwhich is a work based on the Program, the distribution of the whole must be on the terms of this\nLicense, whose permissions for other licensees extend to the entire whole, and thus to each and\nevery part regardless of who wrote it.\nThus, it is not the intent of this section to claim rights or contest your rights to work written\nentirely by you; rather, the intent is to exercise the right to control the distribution of derivative\nor collective works based on the Program.\nIn addition, mere aggregation of another work not based on the Program with the Program\n(or with a work based on the Program) on a volume of a storage or distribution medium does\nnot bring the other work under the scope of this License.\n3. You may copy and distribute the Program (or a work based on it, under Section 2) in object\ncode or executable form under the terms of Sections 1 and 2 above provided that you also do\none of the following:\na) Accompany it with the complete corresponding machine-readable source code, which must\nbe distributed under the terms of Sections 1 and 2 above on a medium customarily used for\nsoftware interchange; or,\nb) Accompany it with a written offer, valid for at least three years, to give any third party,\nfor a charge no more than your cost of physically performing source distribution, a complete\nmachine-readable copy of the corresponding source code, to be distributed under the terms of\nSections 1 and 2 above on a medium customarily used for software interchange; or,\nc) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if\nyou received the program in object code or executable form with such an offer, in accord with\nSubsection b above.)\nThe source code for a work means the preferred form of the work for making modifications to\nit. For an executable work, complete source code means all the source code for all modules it\ncontains, plus any associated interface definition files, plus the scripts used to control compilation\nand installation of the executable. However, as a special exception, the source code distributed\nneed not include anything that is normally distributed (in either source or binary form) with the\nmajor components (compiler, kernel, and so on) of the operating system on which the executable\nruns, unless that component itself accompanies the executable.\nIf distribution of executable or object code is made by offering access to copy from a designated\nplace, then offering equivalent access to copy the source code from the same place counts as\ndistribution of the source code, even though third parties are not compelled to copy the source\nalong with the object code.\n4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided\nunder this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is\nvoid, and will automatically terminate your rights under this License. However, parties who have\nreceived copies, or rights, from you under this License will not have their licenses terminated so\nlong as such parties remain in full compliance.\n5. You are not required to accept this License, since you have not signed it. However, nothing\nelse grants you permission to modify or distribute the Program or its derivative works. These\nactions are prohibited by law if you do not accept this License. Therefore, by modifying or\ndistributing the Program (or any work based on the Program), you indicate your acceptance of\nthis License to do so, and all its terms and conditions for copying, distributing or modifying the\nProgram or works based on it.\n6. Each time you redistribute the Program (or any work based on the Program), the recipient\nautomatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the\nrecipients’ exercise of the rights granted herein. You are not responsible for enforcing compliance\nby third parties to this License.\n7. If, as a consequence of a court judgment or allegation of patent infringement or for any\nother reason (not limited to patent issues), conditions are imposed on you (whether by court\n\n294\n\n\f16 Third-party materials and licenses\norder, agreement or otherwise) that contradict the conditions of this License, they do not excuse\nyou from the conditions of this License. If you cannot distribute so as to satisfy simultaneously\nyour obligations under this License and any other pertinent obligations, then as a consequence\nyou may not distribute the Program at all. For example, if a patent license would not permit\nroyalty-free redistribution of the Program by all those who receive copies directly or indirectly\nthrough you, then the only way you could satisfy both it and this License would be to refrain\nentirely from distribution of the Program.\nIf any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to\napply in other circumstances.\nIt is not the purpose of this section to induce you to infringe any patents or other property\nright claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public\nlicense practices. Many people have made generous contributions to the wide range of software\ndistributed through that system in reliance on consistent application of that system; it is up to\nthe author/donor to decide if he or she is willing to distribute software through any other system\nand a licensee cannot impose that choice.\nThis section is intended to make thoroughly clear what is believed to be a consequence of the\nrest of this License.\n8. If the distribution and/or use of the Program is restricted in certain countries either by\npatents or by copyrighted interfaces, the original copyright holder who places the Program under\nthis License may add an explicit geographical distribution limitation excluding those countries,\nso that distribution is permitted only in or among countries not thus excluded. In such case, this\nLicense incorporates the limitation as if written in the body of this License.\n9. The Free Software Foundation may publish revised and/or new versions of the General\nPublic License from time to time. Such new versions will be similar in spirit to the present\nversion, but may differ in detail to address new problems or concerns.\nEach version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and “any later version”, you have the option of following\nthe terms and conditions either of that version or of any later version published by the Free\nSoftware Foundation. If the Program does not specify a version number of this License, you may\nchoose any version ever published by the Free Software Foundation.\n10. If you wish to incorporate parts of the Program into other free programs whose distribution\nconditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes\nmake exceptions for this. Our decision will be guided by the two goals of preserving the free\nstatus of all derivatives of our free software and of promoting the sharing and reuse of software\ngenerally.\nNO WARRANTY\n11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY\nFOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE\nTHE PROGRAM “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND\nPERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.\n12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING\nWILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,\nINCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING\nOUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO\nLOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU\n\n295\n\n\f16 Third-party materials and licenses\nOR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY\nOF SUCH DAMAGES.\nEND OF TERMS AND CONDITIONS\n\n16.2.2 GNU Lesser General Public License (LGPL)\nGNU LESSER GENERAL PUBLIC LICENSE Version 2.1, February 1999\nCopyright (C) 1991, 1999 Free Software Foundation, Inc. 59 Temple Place, Suite 330, Boston,\nMA 02111-1307 USA Everyone is permitted to copy and distribute verbatim copies of this license\ndocument, but changing it is not allowed.\n[This is the first released version of the Lesser GPL. It also counts as the successor of the GNU\nLibrary Public License, version 2, hence the version number 2.1.]\nPreamble\nThe licenses for most software are designed to take away your freedom to share and change it.\nBy contrast, the GNU General Public Licenses are intended to guarantee your freedom to share\nand change free software–to make sure the software is free for all its users.\nThis license, the Lesser General Public License, applies to some specially designated software\npackages–typically libraries–of the Free Software Foundation and other authors who decide to\nuse it. You can use it too, but we suggest you first think carefully about whether this license or\nthe ordinary General Public License is the better strategy to use in any particular case, based on\nthe explanations below.\nWhen we speak of free software, we are referring to freedom of use, not price. Our General\nPublic Licenses are designed to make sure that you have the freedom to distribute copies of free\nsoftware (and charge for this service if you wish); that you receive source code or can get it if\nyou want it; that you can change the software and use pieces of it in new free programs; and\nthat you are informed that you can do these things.\nTo protect your rights, we need to make restrictions that forbid distributors to deny you these\nrights or to ask you to surrender these rights. These restrictions translate to certain responsibilities for you if you distribute copies of the library or if you modify it.\nFor example, if you distribute copies of the library, whether gratis or for a fee, you must give\nthe recipients all the rights that we gave you. You must make sure that they, too, receive or can\nget the source code. If you link other code with the library, you must provide complete object\nfiles to the recipients, so that they can relink them with the library after making changes to the\nlibrary and recompiling it. And you must show them these terms so they know their rights.\nWe protect your rights with a two-step method: (1) we copyright the library, and (2) we offer\nyou this license, which gives you legal permission to copy, distribute and/or modify the library.\nTo protect each distributor, we want to make it very clear that there is no warranty for the\nfree library. Also, if the library is modified by someone else and passed on, the recipients should\nknow that what they have is not the original version, so that the original author’s reputation will\nnot be affected by problems that might be introduced by others.\nFinally, software patents pose a constant threat to the existence of any free program. We wish\nto make sure that a company cannot effectively restrict the users of a free program by obtaining a\nrestrictive license from a patent holder. Therefore, we insist that any patent license obtained for\na version of the library must be consistent with the full freedom of use specified in this license.\nMost GNU software, including some libraries, is covered by the ordinary GNU General Public\nLicense. This license, the GNU Lesser General Public License, applies to certain designated libraries, and is quite different from the ordinary General Public License. We use this license for\ncertain libraries in order to permit linking those libraries into non-free programs.\nWhen a program is linked with a library, whether statically or using a shared library, the\ncombination of the two is legally speaking a combined work, a derivative of the original library.\nThe ordinary General Public License therefore permits such linking only if the entire combination\n\n296\n\n\f16 Third-party materials and licenses\nfits its criteria of freedom. The Lesser General Public License permits more lax criteria for linking\nother code with the library.\nWe call this license the “Lesser” General Public License because it does Less to protect the\nuser’s freedom than the ordinary General Public License. It also provides other free software\ndevelopers Less of an advantage over competing non-free programs. These disadvantages are\nthe reason we use the ordinary General Public License for many libraries. However, the Lesser\nlicense provides advantages in certain special circumstances.\nFor example, on rare occasions, there may be a special need to encourage the widest possible\nuse of a certain library, so that it becomes a de-facto standard. To achieve this, non-free programs\nmust be allowed to use the library. A more frequent case is that a free library does the same job\nas widely used non-free libraries. In this case, there is little to gain by limiting the free library to\nfree software only, so we use the Lesser General Public License.\nIn other cases, permission to use a particular library in non-free programs enables a greater\nnumber of people to use a large body of free software. For example, permission to use the GNU C\nLibrary in non-free programs enables many more people to use the whole GNU operating system,\nas well as its variant, the GNU/Linux operating system.\nAlthough the Lesser General Public License is Less protective of the users’ freedom, it does\nensure that the user of a program that is linked with the Library has the freedom and the wherewithal to run that program using a modified version of the Library.\nThe precise terms and conditions for copying, distribution and modification follow. Pay close\nattention to the difference between a “work based on the library” and a “work that uses the\nlibrary”. The former contains code derived from the library, whereas the latter must be combined\nwith the library in order to run.\nGNU LESSER GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION\n0. This License Agreement applies to any software library or other program which contains\na notice placed by the copyright holder or other authorized party saying it may be distributed\nunder the terms of this Lesser General Public License (also called “this License”). Each licensee\nis addressed as “you”.\nA “library” means a collection of software functions and/or data prepared so as to be conveniently linked with application programs (which use some of those functions and data) to form\nexecutables.\nThe “Library”, below, refers to any such software library or work which has been distributed\nunder these terms. A “work based on the Library” means either the Library or any derivative\nwork under copyright law: that is to say, a work containing the Library or a portion of it, either verbatim or with modifications and/or translated straightforwardly into another language.\n(Hereinafter, translation is included without limitation in the term “modification”.)\n“Source code” for a work means the preferred form of the work for making modifications to it.\nFor a library, complete source code means all the source code for all modules it contains, plus any\nassociated interface definition files, plus the scripts used to control compilation and installation\nof the library.\nActivities other than copying, distribution and modification are not covered by this License;\nthey are outside its scope. The act of running a program using the Library is not restricted, and\noutput from such a program is covered only if its contents constitute a work based on the Library\n(independent of the use of the Library in a tool for writing it). Whether that is true depends on\nwhat the Library does and what the program that uses the Library does.\n1. You may copy and distribute verbatim copies of the Library’s complete source code as you\nreceive it, in any medium, provided that you conspicuously and appropriately publish on each\ncopy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that\nrefer to this License and to the absence of any warranty; and distribute a copy of this License\nalong with the Library.\nYou may charge a fee for the physical act of transferring a copy, and you may at your option\noffer warranty protection in exchange for a fee.\n\n297\n\n\f16 Third-party materials and licenses\n2. You may modify your copy or copies of the Library or any portion of it, thus forming a\nwork based on the Library, and copy and distribute such modifications or work under the terms\nof Section 1 above, provided that you also meet all of these conditions:\na) The modified work must itself be a software library.\nb) You must cause the files modified to carry prominent notices stating that you changed the\nfiles and the date of any change.\nc) You must cause the whole of the work to be licensed at no charge to all third parties under\nthe terms of this License.\nd) If a facility in the modified Library refers to a function or a table of data to be supplied by\nan application program that uses the facility, other than as an argument passed when the facility\nis invoked, then you must make a good faith effort to ensure that, in the event an application\ndoes not supply such function or table, the facility still operates, and performs whatever part of\nits purpose remains meaningful.\n(For example, a function in a library to compute square roots has a purpose that is entirely welldefined independent of the application. Therefore, Subsection 2d requires that any applicationsupplied function or table used by this function must be optional: if the application does not\nsupply it, the square root function must still compute square roots.)\nThese requirements apply to the modified work as a whole. If identifiable sections of that work\nare not derived from the Library, and can be reasonably considered independent and separate\nworks in themselves, then this License, and its terms, do not apply to those sections when you\ndistribute them as separate works. But when you distribute the same sections as part of a whole\nwhich is a work based on the Library, the distribution of the whole must be on the terms of this\nLicense, whose permissions for other licensees extend to the entire whole, and thus to each and\nevery part regardless of who wrote it.\nThus, it is not the intent of this section to claim rights or contest your rights to work written\nentirely by you; rather, the intent is to exercise the right to control the distribution of derivative\nor collective works based on the Library.\nIn addition, mere aggregation of another work not based on the Library with the Library (or\nwith a work based on the Library) on a volume of a storage or distribution medium does not\nbring the other work under the scope of this License.\n3. You may opt to apply the terms of the ordinary GNU General Public License instead of this\nLicense to a given copy of the Library. To do this, you must alter all the notices that refer to this\nLicense, so that they refer to the ordinary GNU General Public License, version 2, instead of to\nthis License. (If a newer version than version 2 of the ordinary GNU General Public License has\nappeared, then you can specify that version instead if you wish.) Do not make any other change\nin these notices.\nOnce this change is made in a given copy, it is irreversible for that copy, so the ordinary GNU\nGeneral Public License applies to all subsequent copies and derivative works made from that\ncopy.\nThis option is useful when you wish to copy part of the code of the Library into a program that\nis not a library.\n4. You may copy and distribute the Library (or a portion or derivative of it, under Section\n2) in object code or executable form under the terms of Sections 1 and 2 above provided that\nyou accompany it with the complete corresponding machine-readable source code, which must\nbe distributed under the terms of Sections 1 and 2 above on a medium customarily used for\nsoftware interchange.\nIf distribution of object code is made by offering access to copy from a designated place, then\noffering equivalent access to copy the source code from the same place satisfies the requirement\nto distribute the source code, even though third parties are not compelled to copy the source\nalong with the object code.\n5. A program that contains no derivative of any portion of the Library, but is designed to work\nwith the Library by being compiled or linked with it, is called a “work that uses the Library”.\n\n298\n\n\f16 Third-party materials and licenses\nSuch a work, in isolation, is not a derivative work of the Library, and therefore falls outside the\nscope of this License.\nHowever, linking a “work that uses the Library” with the Library creates an executable that is\na derivative of the Library (because it contains portions of the Library), rather than a “work that\nuses the library”. The executable is therefore covered by this License. Section 6 states terms for\ndistribution of such executables.\nWhen a “work that uses the Library” uses material from a header file that is part of the Library,\nthe object code for the work may be a derivative work of the Library even though the source code\nis not. Whether this is true is especially significant if the work can be linked without the Library,\nor if the work is itself a library. The threshold for this to be true is not precisely defined by law.\nIf such an object file uses only numerical parameters, data structure layouts and accessors, and\nsmall macros and small inline functions (ten lines or less in length), then the use of the object\nfile is unrestricted, regardless of whether it is legally a derivative work. (Executables containing\nthis object code plus portions of the Library will still fall under Section 6.) Otherwise, if the work\nis a derivative of the Library, you may distribute the object code for the work under the terms of\nSection 6. Any executables containing that work also fall under Section 6, whether or not they\nare linked directly with the Library itself.\n6. As an exception to the Sections above, you may also combine or link a “work that uses the\nLibrary” with the Library to produce a work containing portions of the Library, and distribute\nthat work under terms of your choice, provided that the terms permit modification of the work\nfor the customer’s own use and reverse engineering for debugging such modifications.\nYou must give prominent notice with each copy of the work that the Library is used in it and\nthat the Library and its use are covered by this License. You must supply a copy of this License.\nIf the work during execution displays copyright notices, you must include the copyright notice\nfor the Library among them, as well as a reference directing the user to the copy of this License.\nAlso, you must do one of these things:\na) Accompany the work with the complete corresponding machine-readable source code for\nthe Library including whatever changes were used in the work (which must be distributed under\nSections 1 and 2 above); and, if the work is an executable linked with the Library, with the\ncomplete machine-readable “work that uses the Library”, as object code and/or source code, so\nthat the user can modify the Library and then relink to produce a modified executable containing\nthe modified Library. (It is understood that the user who changes the contents of definitions\nfiles in the Library will not necessarily be able to recompile the application to use the modified\ndefinitions.)\nb) Use a suitable shared library mechanism for linking with the Library. A suitable mechanism\nis one that (1) uses at run time a copy of the library already present on the user’s computer\nsystem, rather than copying library functions into the executable, and (2) will operate properly\nwith a modified version of the library, if the user installs one, as long as the modified version is\ninterface-compatible with the version that the work was made with.\nc) Accompany the work with a written offer, valid for at least three years, to give the same user\nthe materials specified in Subsection 6a, above, for a charge no more than the cost of performing\nthis distribution.\nd) If distribution of the work is made by offering access to copy from a designated place, offer\nequivalent access to copy the above specified materials from the same place.\ne) Verify that the user has already received a copy of these materials or that you have already\nsent this user a copy.\nFor an executable, the required form of the “work that uses the Library” must include any\ndata and utility programs needed for reproducing the executable from it. However, as a special\nexception, the materials to be distributed need not include anything that is normally distributed\n(in either source or binary form) with the major components (compiler, kernel, and so on) of the\noperating system on which the executable runs, unless that component itself accompanies the\nexecutable.\n\n299\n\n\f16 Third-party materials and licenses\nIt may happen that this requirement contradicts the license restrictions of other proprietary\nlibraries that do not normally accompany the operating system. Such a contradiction means you\ncannot use both them and the Library together in an executable that you distribute.\n7. You may place library facilities that are a work based on the Library side-by-side in a single\nlibrary together with other library facilities not covered by this License, and distribute such a\ncombined library, provided that the separate distribution of the work based on the Library and\nof the other library facilities is otherwise permitted, and provided that you do these two things:\na) Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities. This must be distributed under the terms of the Sections\nabove.\nb) Give prominent notice with the combined library of the fact that part of it is a work based\non the Library, and explaining where to find the accompanying uncombined form of the same\nwork.\n8. You may not copy, modify, sublicense, link with, or distribute the Library except as expressly\nprovided under this License. Any attempt otherwise to copy, modify, sublicense, link with, or\ndistribute the Library is void, and will automatically terminate your rights under this License.\nHowever, parties who have received copies, or rights, from you under this License will not have\ntheir licenses terminated so long as such parties remain in full compliance.\n9. You are not required to accept this License, since you have not signed it. However, nothing\nelse grants you permission to modify or distribute the Library or its derivative works. These\nactions are prohibited by law if you do not accept this License. Therefore, by modifying or\ndistributing the Library (or any work based on the Library), you indicate your acceptance of\nthis License to do so, and all its terms and conditions for copying, distributing or modifying the\nLibrary or works based on it.\n10. Each time you redistribute the Library (or any work based on the Library), the recipient\nautomatically receives a license from the original licensor to copy, distribute, link with or modify\nthe Library subject to these terms and conditions. You may not impose any further restrictions\non the recipients’ exercise of the rights granted herein. You are not responsible for enforcing\ncompliance by third parties with this License.\n11. If, as a consequence of a court judgment or allegation of patent infringement or for any\nother reason (not limited to patent issues), conditions are imposed on you (whether by court\norder, agreement or otherwise) that contradict the conditions of this License, they do not excuse\nyou from the conditions of this License. If you cannot distribute so as to satisfy simultaneously\nyour obligations under this License and any other pertinent obligations, then as a consequence\nyou may not distribute the Library at all. For example, if a patent license would not permit\nroyalty-free redistribution of the Library by all those who receive copies directly or indirectly\nthrough you, then the only way you could satisfy both it and this License would be to refrain\nentirely from distribution of the Library.\nIf any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply, and the section as a whole is intended to\napply in other circumstances.\nIt is not the purpose of this section to induce you to infringe any patents or other property\nright claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system which is implemented by public license\npractices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the\nauthor/donor to decide if he or she is willing to distribute software through any other system\nand a licensee cannot impose that choice.\nThis section is intended to make thoroughly clear what is believed to be a consequence of the\nrest of this License.\n12. If the distribution and/or use of the Library is restricted in certain countries either by\npatents or by copyrighted interfaces, the original copyright holder who places the Library under\nthis License may add an explicit geographical distribution limitation excluding those countries,\n\n300\n\n\f16 Third-party materials and licenses\nso that distribution is permitted only in or among countries not thus excluded. In such case, this\nLicense incorporates the limitation as if written in the body of this License.\n13. The Free Software Foundation may publish revised and/or new versions of the Lesser\nGeneral Public License from time to time. Such new versions will be similar in spirit to the\npresent version, but may differ in detail to address new problems or concerns.\nEach version is given a distinguishing version number. If the Library specifies a version number\nof this License which applies to it and “any later version”, you have the option of following the\nterms and conditions either of that version or of any later version published by the Free Software\nFoundation. If the Library does not specify a license version number, you may choose any version\never published by the Free Software Foundation.\n14. If you wish to incorporate parts of the Library into other free programs whose distribution\nconditions are incompatible with these, write to the author to ask for permission. For software\nwhich is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we\nsometimes make exceptions for this. Our decision will be guided by the two goals of preserving\nthe free status of all derivatives of our free software and of promoting the sharing and reuse of\nsoftware generally.\nNO WARRANTY\n15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR\nTHE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE\nTHE LIBRARY “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED,\nINCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND\nFITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU\nASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.\n16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING\nWILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF\nTHE USE OR INABILITY TO USE THE LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF\nDATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD\nPARTIES OR A FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN\nIF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH\nDAMAGES.\nEND OF TERMS AND CONDITIONS\n\n16.2.3 Mozilla Public License (MPL)\nMOZILLA PUBLIC LICENSE Version 1.1\n1. Definitions.\n1.0.1. “Commercial Use” means distribution or otherwise making the Covered Code available\nto a third party.\n1.1. “Contributor” means each entity that creates or contributes to the creation of Modifications.\n1.2. “Contributor Version” means the combination of the Original Code, prior Modifications\nused by a Contributor, and the Modifications made by that particular Contributor.\n1.3. “Covered Code” means the Original Code or Modifications or the combination of the\nOriginal Code and Modifications, in each case including portions thereof.\n1.4. “Electronic Distribution Mechanism” means a mechanism generally accepted in the software development community for the electronic transfer of data.\n1.5. “Executable” means Covered Code in any form other than Source Code.\n1.6. “Initial Developer” means the individual or entity identified as the Initial Developer in the\nSource Code notice required by Exhibit A.\n\n301\n\n\f16 Third-party materials and licenses\n1.7. “Larger Work” means a work which combines Covered Code or portions thereof with code\nnot governed by the terms of this License.\n1.8. “License” means this document.\n1.8.1. “Licensable” means having the right to grant, to the maximum extent possible, whether\nat the time of the initial grant or subsequently acquired, any and all of the rights conveyed herein.\n1.9. “Modifications” means any addition to or deletion from the substance or structure of\neither the Original Code or any previous Modifications. When Covered Code is released as a\nseries of files, a Modification is:\nA. Any addition to or deletion from the contents of a file containing Original Code or previous\nModifications.\nB. Any new file that contains any part of the Original Code or previous Modifications.\n1.10. “Original Code” means Source Code of computer software code which is described in the\nSource Code notice required by Exhibit A as Original Code, and which, at the time of its release\nunder this License is not already Covered Code governed by this License.\n1.10.1. “Patent Claims” means any patent claim(s), now owned or hereafter acquired, including without limitation, method, process, and apparatus claims, in any patent Licensable by\ngrantor.\n1.11. “Source Code” means the preferred form of the Covered Code for making modifications\nto it, including all modules it contains, plus any associated interface definition files, scripts used\nto control compilation and installation of an Executable, or source code differential comparisons\nagainst either the Original Code or another well known, available Covered Code of the Contributor’s choice. The Source Code can be in a compressed or archival form, provided the appropriate\ndecompression or de-archiving software is widely available for no charge.\n1.12. “You” (or “Your”) means an individual or a legal entity exercising rights under, and\ncomplying with all of the terms of, this License or a future version of this License issued under\nSection 6.1. For legal entities, “You” includes any entity which controls, is controlled by, or is\nunder common control with You. For purposes of this definition, “control” means (a) the power,\ndirect or indirect, to cause the direction or management of such entity, whether by contract\nor otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or\nbeneficial ownership of such entity.\n2. Source Code License.\n2.1. The Initial Developer Grant. The Initial Developer hereby grants You a world-wide,\nroyalty-free, non-exclusive license, subject to third party intellectual property claims:\n(a) under intellectual property rights (other than patent or trademark) Licensable by Initial\nDeveloper to use, reproduce, modify, display, perform, sublicense and distribute the Original\nCode (or portions thereof) with or without Modifications, and/or as part of a Larger Work; and\n(b) under Patents Claims infringed by the making, using or selling of Original Code, to make,\nhave made, use, practice, sell, and offer for sale, and/or otherwise dispose of the Original Code\n(or portions thereof).\n(c) the licenses granted in this Section 2.1(a) and (b) are effective on the date Initial Developer\nfirst distributes Original Code under the terms of this License.\n(d) Notwithstanding Section 2.1(b) above, no patent license is granted: 1) for code that You\ndelete from the Original Code; 2) separate from the Original Code; or 3) for infringements\ncaused by: i) the modification of the Original Code or ii) the combination of the Original Code\nwith other software or devices.\n2.2. Contributor Grant. Subject to third party intellectual property claims, each Contributor\nhereby grants You a world-wide, royalty-free, non-exclusive license\n(a) under intellectual property rights (other than patent or trademark) Licensable by Contributor, to use, reproduce, modify, display, perform, sublicense and distribute the Modifications\ncreated by such Contributor (or portions thereof) either on an unmodified basis, with other\nModifications, as Covered Code and/or as part of a Larger Work; and\n(b) under Patent Claims infringed by the making, using, or selling of Modifications made by\nthat Contributor either alone and/or in combination with its Contributor Version (or portions\n\n302\n\n\f16 Third-party materials and licenses\nof such combination), to make, use, sell, offer for sale, have made, and/or otherwise dispose\nof: 1) Modifications made by that Contributor (or portions thereof); and 2) the combination\nof Modifications made by that Contributor with its Contributor Version (or portions of such\ncombination).\n(c) the licenses granted in Sections 2.2(a) and 2.2(b) are effective on the date Contributor first\nmakes Commercial Use of the Covered Code.\n(d) Notwithstanding Section 2.2(b) above, no patent license is granted: 1) for any code that\nContributor has deleted from the Contributor Version; 2) separate from the Contributor Version;\n3) for infringements caused by: i) third party modifications of Contributor Version or ii) the\ncombination of Modifications made by that Contributor with other software (except as part of\nthe Contributor Version) or other devices; or 4) under Patent Claims infringed by Covered Code\nin the absence of Modifications made by that Contributor.\n3. Distribution Obligations.\n3.1. Application of License. The Modifications which You create or to which You contribute\nare governed by the terms of this License, including without limitation Section 2.2. The Source\nCode version of Covered Code may be distributed only under the terms of this License or a\nfuture version of this License released under Section 6.1, and You must include a copy of this\nLicense with every copy of the Source Code You distribute. You may not offer or impose any\nterms on any Source Code version that alters or restricts the applicable version of this License or\nthe recipients’ rights hereunder. However, You may include an additional document offering the\nadditional rights described in Section 3.5.\n3.2. Availability of Source Code. Any Modification which You create or to which You contribute must be made available in Source Code form under the terms of this License either on the\nsame media as an Executable version or via an accepted Electronic Distribution Mechanism to\nanyone to whom you made an Executable version available; and if made available via Electronic\nDistribution Mechanism, must remain available for at least twelve (12) months after the date it\ninitially became available, or at least six (6) months after a subsequent version of that particular Modification has been made available to such recipients. You are responsible for ensuring\nthat the Source Code version remains available even if the Electronic Distribution Mechanism is\nmaintained by a third party.\n3.3. Description of Modifications. You must cause all Covered Code to which You contribute\nto contain a file documenting the changes You made to create that Covered Code and the date of\nany change. You must include a prominent statement that the Modification is derived, directly\nor indirectly, from Original Code provided by the Initial Developer and including the name of\nthe Initial Developer in (a) the Source Code, and (b) in any notice in an Executable version or\nrelated documentation in which You describe the origin or ownership of the Covered Code.\n3.4. Intellectual Property Matters\n(a) Third Party Claims. If Contributor has knowledge that a license under a third party’s intellectual property rights is required to exercise the rights granted by such Contributor under\nSections 2.1 or 2.2, Contributor must include a text file with the Source Code distribution titled\n“LEGAL” which describes the claim and the party making the claim in sufficient detail that a recipient will know whom to contact. If Contributor obtains such knowledge after the Modification\nis made available as described in Section 3.2, Contributor shall promptly modify the LEGAL file\nin all copies Contributor makes available thereafter and shall take other steps (such as notifying\nappropriate mailing lists or newsgroups) reasonably calculated to inform those who received the\nCovered Code that new knowledge has been obtained.\n(b) Contributor APIs. If Contributor’s Modifications include an application programming interface and Contributor has knowledge of patent licenses which are reasonably necessary to\nimplement that API, Contributor must also include this information in the LEGAL file.\n3.5. Required Notices. You must duplicate the notice in Exhibit A in each file of the Source\nCode. If it is not possible to put such notice in a particular Source Code file due to its structure,\nthen You must include such notice in a location (such as a relevant directory) where a user would\nbe likely to look for such a notice. If You created one or more Modification(s) You may add your\n\n303\n\n\f16 Third-party materials and licenses\nname as a Contributor to the notice described in Exhibit A. You must also duplicate this License in\nany documentation for the Source Code where You describe recipients’ rights or ownership rights\nrelating to Covered Code. You may choose to offer, and to charge a fee for, warranty, support,\nindemnity or liability obligations to one or more recipients of Covered Code. However, You may\ndo so only on Your own behalf, and not on behalf of the Initial Developer or any Contributor. You\nmust make it absolutely clear than any such warranty, support, indemnity or liability obligation\nis offered by You alone, and You hereby agree to indemnify the Initial Developer and every\nContributor for any liability incurred by the Initial Developer or such Contributor as a result of\nwarranty, support, indemnity or liability terms You offer.\n3.6. Distribution of Executable Versions. You may distribute Covered Code in Executable\nform only if the requirements of Section 3.1-3.5 have been met for that Covered Code, and\nif You include a notice stating that the Source Code version of the Covered Code is available\nunder the terms of this License, including a description of how and where You have fulfilled\nthe obligations of Section 3.2. The notice must be conspicuously included in any notice in an\nExecutable version, related documentation or collateral in which You describe recipients’ rights\nrelating to the Covered Code. You may distribute the Executable version of Covered Code or\nownership rights under a license of Your choice, which may contain terms different from this\nLicense, provided that You are in compliance with the terms of this License and that the license\nfor the Executable version does not attempt to limit or alter the recipient’s rights in the Source\nCode version from the rights set forth in this License. If You distribute the Executable version\nunder a different license You must make it absolutely clear that any terms which differ from this\nLicense are offered by You alone, not by the Initial Developer or any Contributor. You hereby\nagree to indemnify the Initial Developer and every Contributor for any liability incurred by the\nInitial Developer or such Contributor as a result of any such terms You offer.\n3.7. Larger Works. You may create a Larger Work by combining Covered Code with other code\nnot governed by the terms of this License and distribute the Larger Work as a single product. In\nsuch a case, You must make sure the requirements of this License are fulfilled for the Covered\nCode.\n4. Inability to Comply Due to Statute or Regulation.If it is impossible for You to comply with\nany of the terms of this License with respect to some or all of the Covered Code due to statute,\njudicial order, or regulation then You must: (a) comply with the terms of this License to the maximum extent possible; and (b) describe the limitations and the code they affect. Such description\nmust be included in the LEGAL file described in Section 3.4 and must be included with all distributions of the Source Code. Except to the extent prohibited by statute or regulation, such\ndescription must be sufficiently detailed for a recipient of ordinary skill to be able to understand\nit.\n5. Application of this License. This License applies to code to which the Initial Developer has\nattached the notice in Exhibit A and to related Covered Code.\n6. Versions of the License.\n6.1. New Versions. Netscape Communications Corporation (“Netscape”) may publish revised\nand/or new versions of the License from time to time. Each version will be given a distinguishing\nversion number.\n6.2. Effect of New Versions. Once Covered Code has been published under a particular version\nof the License, You may always continue to use it under the terms of that version. You may\nalso choose to use such Covered Code under the terms of any subsequent version of the License\npublished by Netscape. No one other than Netscape has the right to modify the terms applicable\nto Covered Code created under this License.\n6.3. Derivative Works. If You create or use a modified version of this License (which you\nmay only do in order to apply it to code which is not already Covered Code governed by this License), You must (a) rename Your license so that the phrases “Mozilla”, “MOZILLAPL”, “MOZPL”,\n“Netscape”, “MPL”, “NPL” or any confusingly similar phrase do not appear in your license (except to note that your license differs from this License) and (b) otherwise make it clear that Your\nversion of the license contains terms which differ from the Mozilla Public License and Netscape\n\n304\n\n\f16 Third-party materials and licenses\nPublic License. (Filling in the name of the Initial Developer, Original Code or Contributor in\nthe notice described in Exhibit A shall not of themselves be deemed to be modifications of this\nLicense.)\n7. DISCLAIMER OF WARRANTY.\nCOVERED CODE IS PROVIDED UNDER THIS LICENSE ON AN “AS IS” BASIS, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION,\nWARRANTIES THAT THE COVERED CODE IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A\nPARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE RISK AS TO THE QUALITY AND\nPERFORMANCE OF THE COVERED CODE IS WITH YOU. SHOULD ANY COVERED CODE PROVE\nDEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL DEVELOPER OR ANY OTHER CONTRIBUTOR) ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS\nDISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE\nOF ANY COVERED CODE IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER.\n8. TERMINATION.\n8.1. This License and the rights granted hereunder will terminate automatically if You fail\nto comply with terms herein and fail to cure such breach within 30 days of becoming aware of\nthe breach. All sublicenses to the Covered Code which are properly granted shall survive any\ntermination of this License. Provisions which, by their nature, must remain in effect beyond the\ntermination of this License shall survive.\n8.2. If You initiate litigation by asserting a patent infringement claim (excluding declaratory\njudgment actions) against Initial Developer or a Contributor (the Initial Developer or Contributor\nagainst whom You file such action is referred to as “Participant”) alleging that:\n(a) such Participant’s Contributor Version directly or indirectly infringes any patent, then any\nand all rights granted by such Participant to You under Sections 2.1 and/or 2.2 of this License\nshall, upon 60 days notice from Participant terminate prospectively, unless if within 60 days\nafter receipt of notice You either: (i) agree in writing to pay Participant a mutually agreeable\nreasonable royalty for Your past and future use of Modifications made by such Participant, or (ii)\nwithdraw Your litigation claim with respect to the Contributor Version against such Participant.\nIf within 60 days of notice, a reasonable royalty and payment arrangement are not mutually\nagreed upon in writing by the parties or the litigation claim is not withdrawn, the rights granted\nby Participant to You under Sections 2.1 and/or 2.2 automatically terminate at the expiration of\nthe 60 day notice period specified above.\n(b) any software, hardware, or device, other than such Participant’s Contributor Version, directly or indirectly infringes any patent, then any rights granted to You by such Participant under\nSections 2.1(b) and 2.2(b) are revoked effective as of the date You first made, used, sold, distributed, or had made, Modifications made by that Participant.\n8.3. If You assert a patent infringement claim against Participant alleging that such Participant’s Contributor Version directly or indirectly infringes any patent where such claim is resolved\n(such as by license or settlement) prior to the initiation of patent infringement litigation, then\nthe reasonable value of the licenses granted by such Participant under Sections 2.1 or 2.2 shall\nbe taken into account in determining the amount or value of any payment or license.\n8.4. In the event of termination under Sections 8.1 or 8.2 above, all end user license agreements (excluding distributors and resellers) which have been validly granted by You or any\ndistributor hereunder prior to termination shall survive termination.\n9. LIMITATION OF LIABILITY. UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER TORT (INCLUDING NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL YOU,\nTHE INITIAL DEVELOPER, ANY OTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF COVERED\nCODE, OR ANY SUPPLIER OF ANY OF SUCH PARTIES, BE LIABLE TO ANY PERSON FOR ANY\nINDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF GOODWILL, WORK STOPPAGE,\nCOMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER COMMERCIAL DAMAGES OR LOSSES, EVEN IF SUCH PARTY SHALL HAVE BEEN INFORMED OF THE POSSIBILITY\nOF SUCH DAMAGES. THIS LIMITATION OF LIABILITY SHALL NOT APPLY TO LIABILITY FOR\n\n305\n\n\f16 Third-party materials and licenses\nDEATH OR PERSONAL INJURY RESULTING FROM SUCH PARTY’S NEGLIGENCE TO THE EXTENT APPLICABLE LAW PROHIBITS SUCH LIMITATION. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO\nTHIS EXCLUSION AND LIMITATION MAY NOT APPLY TO YOU.\n10. U.S. GOVERNMENT END USERS. The Covered Code is a “commercial item,“ as that term\nis defined in 48 C.F.R. 2.101 (Oct. 1995), consisting of “commercial computer software” and\n“commercial computer software documentation,“ as such terms are used in 48 C.F.R. 12.212\n(Sept. 1995). Consistent with 48 C.F.R. 12.212 and 48 C.F.R. 227.7202-1 through 227.7202-4\n(June 1995), all U.S. Government End Users acquire Covered Code with only those rights set\nforth herein.\n11. MISCELLANEOUS. This License represents the complete agreement concerning subject\nmatter hereof. If any provision of this License is held to be unenforceable, such provision shall\nbe reformed only to the extent necessary to make it enforceable. This License shall be governed\nby California law provisions (except to the extent applicable law, if any, provides otherwise),\nexcluding its conflict-of-law provisions. With respect to disputes in which at least one party is\na citizen of, or an entity chartered or registered to do business in the United States of America,\nany litigation relating to this License shall be subject to the jurisdiction of the Federal Courts\nof the Northern District of California, with venue lying in Santa Clara County, California, with\nthe losing party responsible for costs, including without limitation, court costs and reasonable\nattorneys’ fees and expenses. The application of the United Nations Convention on Contracts for\nthe International Sale of Goods is expressly excluded. Any law or regulation which provides that\nthe language of a contract shall be construed against the drafter shall not apply to this License.\n12. RESPONSIBILITY FOR CLAIMS. As between Initial Developer and the Contributors, each\nparty is responsible for claims and damages arising, directly or indirectly, out of its utilization of\nrights under this License and You agree to work with Initial Developer and Contributors to distribute such responsibility on an equitable basis. Nothing herein is intended or shall be deemed\nto constitute any admission of liability.\n13. MULTIPLE-LICENSED CODE. Initial Developer may designate portions of the Covered\nCode as “Multiple-Licensed”. “Multiple-Licensed” means that the Initial Developer permits you\nto utilize portions of the Covered Code under Your choice of the NPL or the alternative licenses,\nif any, specified by the Initial Developer in the file described in Exhibit A.\nEXHIBIT A -Mozilla Public License.\n“The contents of this file are subject to the Mozilla Public License Version 1.1 (the “License”);\nyou may not use this file except in compliance with the License. You may obtain a copy of the\nLicense at http://www.mozilla.org/MPL/\nSoftware distributed under the License is distributed on an “AS IS” basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License for the specific language governing rights and limitations under the License.\nThe Original Code is ______________________________________.\nThe Initial Developer of the Original Code is ________________________. Portions created\nby ______________________ are Copyright (C) ______ _______________________. All Rights\nReserved.\nContributor(s): ______________________________________.\nAlternatively, the contents of this file may be used under the terms of the _____ license (the\n“[___] License”), in which case the provisions of [______] License are applicable instead of those\nabove. If you wish to allow use of your version of this file only under the terms of the [____]\nLicense and not to allow others to use your version of this file under the MPL, indicate your\ndecision by deleting the provisions above and replace them with the notice and other provisions\nrequired by the [___] License. If you do not delete the provisions above, a recipient may use\nyour version of this file under either the MPL or the [___] License.“\n[NOTE: The text of this Exhibit A may differ slightly from the text of the notices in the Source\nCode files of the Original Code. You should use the text of this Exhibit A rather than the text\nfound in the Original Code Source Code for Your Modifications.]\n\n306\n\n\f16 Third-party materials and licenses\n\n16.2.4 MIT License\nPermission is hereby granted, free of charge, to any person obtaining a copy of this software and\nassociated documentation files (the “Software”), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense,\nand/or sell copies of the Software, and to permit persons to whom the Software is furnished to\ndo so, subject to the following conditions:\nThe above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.\nTHE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nAUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\nOUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN\nTHE SOFTWARE.\n\n16.2.5 X Consortium License (X11)\nPermission is hereby granted, free of charge, to any person obtaining a copy of this software and\nassociated documentation files (the “Software”), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense,\nand/or sell copies of the Software, and to permit persons to whom the Software is furnished to\ndo so, subject to the following conditions:\nThe above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.\nTHE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nAUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\nOUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN\nTHE SOFTWARE.\n\n16.2.6 zlib license\nThis software is provided ’as-is’, without any express or implied warranty. In no event will the\nauthors be held liable for any damages arising from the use of this software.\nPermission is granted to anyone to use this software for any purpose, including commercial\napplications, and to alter it and redistribute it freely, subject to the following restrictions:\n1. The origin of this software must not be misrepresented; you must not claim that you wrote\nthe original software. If you use this software in a product, an acknowledgment in the product\ndocumentation would be appreciated but is not required.\n2. Altered source versions must be plainly marked as such, and must not be misrepresented as\nbeing the original software.\n3. This notice may not be removed or altered from any source distribution.\nJean-loup Gailly\[email protected]\n\nMark Adler\[email protected]\n\n16.2.7 OpenSSL license\nThis package is an SSL implementation written by Eric Young ([email protected]). The implementation was written so as to conform with Netscape’s SSL.\n\n307\n\n\f16 Third-party materials and licenses\nThis library is free for commercial and non-commercial use as long as the following conditions\nare adhered to. The following conditions apply to all code found in this distribution, be it the\nRC4, RSA, lhash, DES, etc., code; not just the SSL code. The SSL documentation included with\nthis distribution is covered by the same copyright terms except that the holder is Tim Hudson\n([email protected]).\nCopyright remains Eric Young’s, and as such any Copyright notices in the code are not to be\nremoved. If this package is used in a product, Eric Young should be given attribution as the\nauthor of the parts of the library used. This can be in the form of a textual message at program\nstartup or in documentation (online or textual) provided with the package.\nRedistribution and use in source and binary forms, with or without modification, are permitted\nprovided that the following conditions are met:\n1. Redistributions of source code must retain the copyright notice, this list of conditions and\nthe following disclaimer.\n2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with\nthe distribution.\n3. All advertising materials mentioning features or use of this software must display the following acknowledgement: “This product includes cryptographic software written by Eric Young\n([email protected])“ The word ’cryptographic’ can be left out if the routines from the library\nbeing used are not cryptographic related :-).\n4. If you include any Windows specific code (or a derivative thereof) from the apps directory (application code) you must include an acknowledgement: “This product includes software\nwritten by Tim Hudson ([email protected])“\nTHIS SOFTWARE IS PROVIDED BY ERIC YOUNG “AS IS” AND ANY EXPRESS OR IMPLIED\nWARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT\nSHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED\nTO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\nWHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF\nTHE POSSIBILITY OF SUCH DAMAGE.\nThe licence and distribution terms for any publicly available version or derivative of this code\ncannot be changed. i.e. this code cannot simply be copied and put under another distribution\nlicence [including the GNU Public Licence.]\n\n16.2.8 Slirp license\nCopyright (c) 1995,1996 Danny Gasparovski. All rights reserved.\nRedistribution and use in source and binary forms, with or without modification, are permitted\nprovided that the following conditions are met:\n1. Redistributions of source code must retain the above copyright notice, this list of conditions\nand the following disclaimer.\n2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with\nthe distribution.\n3. All advertising materials mentioning features or use of this software must display the following acknowledgment: This product includes software developed by Danny Gasparovski.\nTHIS SOFTWARE IS PROVIDED “AS IS” AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND\nFITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL DANNY GASPAROVSKI OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPE-\n\n308\n\n\f16 Third-party materials and licenses\nCIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,\nPROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;\nOR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\nWHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF\nTHE POSSIBILITY OF SUCH DAMAGE.\n\n16.2.9 liblzf license\nRedistribution and use in source and binary forms, with or without modification, are permitted\nprovided that the following conditions are met:\n1. Redistributions of source code must retain the above copyright notice, this list of conditions\nand the following disclaimer.\n2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with\nthe distribution.\n3. The name of the author may not be used to endorse or promote products derived from this\nsoftware without specific prior written permission.\nTHIS SOFTWARE IS PROVIDED BY THE AUTHOR “AS IS” AND ANY EXPRESS OR IMPLIED\nWARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT\nSHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\nOF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN\nANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF\nSUCH DAMAGE.\n\n16.2.10 libpng license\nThe PNG Reference Library is supplied “AS IS”. The Contributing Authors and Group 42, Inc.\ndisclaim all warranties, expressed or implied, including, without limitation, the warranties of\nmerchantability and of fitness for any purpose. The Contributing Authors and Group 42, Inc.\nassume no liability for direct, indirect, incidental, special, exemplary, or consequential damages,\nwhich may result from the use of the PNG Reference Library, even if advised of the possibility of\nsuch damage.\nPermission is hereby granted to use, copy, modify, and distribute this source code, or portions\nhereof, for any purpose, without fee, subject to the following restrictions:\n1. The origin of this source code must not be misrepresented.\n2. Altered versions must be plainly marked as such and must not be misrepresented as being\nthe original source.\n3. This Copyright notice may not be removed or altered from any source or altered source\ndistribution.\nThe Contributing Authors and Group 42, Inc. specifically permit, without fee, and encourage\nthe use of this source code as a component to supporting the PNG file format in commercial\nproducts. If you use this source code in a product, acknowledgment is not required but would\nbe appreciated.\n\n16.2.11 lwIP license\nRedistribution and use in source and binary forms, with or without modification, are permitted\nprovided that the following conditions are met:\n\n309\n\n\f16 Third-party materials and licenses\n1. Redistributions of source code must retain the above copyright notice, this list of conditions\nand the following disclaimer.\n2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with\nthe distribution.\n3. The name of the author may not be used to endorse or promote products derived from this\nsoftware without specific prior written permission.\nTHIS SOFTWARE IS PROVIDED BY THE AUTHOR “AS IS” AND ANY EXPRESS OR IMPLIED\nWARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT\nSHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\nOF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN\nANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF\nSUCH DAMAGE.\n\n16.2.12 libxml license\nExcept where otherwise noted in the source code (e.g. the files hash.c, list.c and the trio files,\nwhich are covered by a similar licence but with different Copyright notices) all the files are:\nCopyright (C) 1998-2003 Daniel Veillard. All Rights Reserved.\nPermission is hereby granted, free of charge, to any person obtaining a copy of this software\nand associated documentation files (the “Software”), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute,\nsublicense, and/or sell copies of the Software, and to permit persons to whom the Software is\nfurnished to do so, subject to the following conditions:\nThe above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.\nTHE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nDANIEL VEILLARD BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER\nIN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\nExcept as contained in this notice, the name of Daniel Veillard shall not be used in advertising\nor otherwise to promote the sale, use or other dealings in this Software without prior written\nauthorization from him.\n\n16.2.13 libxslt licenses\nLicence for libxslt except libexslt:\nCopyright (C) 2001-2002 Daniel Veillard. All Rights Reserved.\nPermission is hereby granted, free of charge, to any person obtaining a copy of this software\nand associated documentation files (the “Software”), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute,\nsublicense, and/or sell copies of the Software, and to permit persons to whom the Software is\nfurnished to do so, subject to the following conditions:\nThe above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.\nTHE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\n\n310\n\n\f16 Third-party materials and licenses\nDANIEL VEILLARD BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER\nIN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\nExcept as contained in this notice, the name of Daniel Veillard shall not be used in advertising\nor otherwise to promote the sale, use or other dealings in this Software without prior written\nauthorization from him.\nLicence for libexslt:\nCopyright (C) 2001-2002 Thomas Broyer, Charlie Bozeman and Daniel Veillard. All Rights\nReserved.\nPermission is hereby granted, free of charge, to any person obtaining a copy of this software\nand associated documentation files (the “Software”), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute,\nsublicense, and/or sell copies of the Software, and to permit persons to whom the Software is\nfurnished to do so, subject to the following conditions:\nThe above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.\nTHE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nAUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN\nACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\nExcept as contained in this notice, the name of the authors shall not be used in advertising\nor otherwise to promote the sale, use or other dealings in this Software without prior written\nauthorization from him.\n\n16.2.14 gSOAP Public License Version 1.3a\nThe gSOAP public license is derived from the Mozilla Public License (MPL1.1). The sections\nthat were deleted from the original MPL1.1 text are 1.0.1, 2.1.(c),(d), 2.2.(c),(d), 8.2.(b), 10,\nand 11. Section 3.8 was added. The modified sections are 2.1.(b), 2.2.(b), 3.2 (simplified), 3.5\n(deleted the last sentence), and 3.6 (simplified).\n1 DEFINITIONS\n1.1. “Contributor” means each entity that creates or contributes to the creation of Modifications.\n1.2. “Contributor Version” means the combination of the Original Code, prior Modifications\nused by a Contributor, and the Modifications made by that particular Contributor.\n1.3. “Covered Code” means the Original Code, or Modifications or the combination of the\nOriginal Code, and Modifications, in each case including portions thereof.\n1.4. “Electronic Distribution Mechanism” means a mechanism generally accepted in the software development community for the electronic transfer of data.\n1.5. “Executable” means Covered Code in any form other than Source Code.\n1.6. “Initial Developer” means the individual or entity identified as the Initial Developer in the\nSource Code notice required by Exhibit A.\n1.7. “Larger Work” means a work which combines Covered Code or portions thereof with code\nnot governed by the terms of this License.\n1.8. “License” means this document.\n1.8.1. “Licensable” means having the right to grant, to the maximum extent possible, whether\nat the time of the initial grant or subsequently acquired, any and all of the rights conveyed herein.\n1.9. “Modifications” means any addition to or deletion from the substance or structure of\neither the Original Code or any previous Modifications. When Covered Code is released as a\nseries of files, a Modification is:\n\n311\n\n\f16 Third-party materials and licenses\nA. Any addition to or deletion from the contents of a file containing Original Code or previous\nModifications.\nB. Any new file that contains any part of the Original Code, or previous Modifications.\n1.10. “Original Code” means Source Code of computer software code which is described in the\nSource Code notice required by Exhibit A as Original Code, and which, at the time of its release\nunder this License is not already Covered Code governed by this License.\n1.10.1. “Patent Claims” means any patent claim(s), now owned or hereafter acquired, including without limitation, method, process, and apparatus claims, in any patent Licensable by\ngrantor.\n1.11. “Source Code” means the preferred form of the Covered Code for making modifications\nto it, including all modules it contains, plus any associated interface definition files, scripts used\nto control compilation and installation of an Executable, or source code differential comparisons\nagainst either the Original Code or another well known, available Covered Code of the Contributor’s choice. The Source Code can be in a compressed or archival form, provided the appropriate\ndecompression or de-archiving software is widely available for no charge.\n1.12. “You” (or “Your”) means an individual or a legal entity exercising rights under, and\ncomplying with all of the terms of, this License or a future version of this License issued under\nSection 6.1. For legal entities, “You” includes any entity which controls, is controlled by, or is\nunder common control with You. For purposes of this definition, “control” means (a) the power,\ndirect or indirect, to cause the direction or management of such entity, whether by contract\nor otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or\nbeneficial ownership of such entity.\n2 SOURCE CODE LICENSE.\n2.1. The Initial Developer Grant.\nThe Initial Developer hereby grants You a world-wide, royalty-free, non-exclusive license, subject to third party intellectual property claims:\n(a) under intellectual property rights (other than patent or trademark) Licensable by Initial\nDeveloper to use, reproduce, modify, display, perform, sublicense and distribute the Original\nCode (or portions thereof) with or without Modifications, and/or as part of a Larger Work; and\n(b) under patents now or hereafter owned or controlled by Initial Developer, to make, have\nmade, use and sell (“offer to sell and import”) the Original Code, Modifications, or portions\nthereof, but solely to the extent that any such patent is reasonably necessary to enable You to\nutilize, alone or in combination with other software, the Original Code, Modifications, or any\ncombination or portions thereof.\n(c)\n(d)\n2.2. Contributor Grant.\nSubject to third party intellectual property claims, each Contributor hereby grants You a worldwide, royalty-free, non-exclusive license\n(a) under intellectual property rights (other than patent or trademark) Licensable by Contributor, to use, reproduce, modify, display, perform, sublicense and distribute the Modifications\ncreated by such Contributor (or portions thereof) either on an unmodified basis, with other\nModifications, as Covered Code and/or as part of a Larger Work; and\n(b) under patents now or hereafter owned or controlled by Contributor, to make, have made,\nuse and sell (“offer to sell and import”) the Contributor Version (or portions thereof), but solely\nto the extent that any such patent is reasonably necessary to enable You to utilize, alone or in\ncombination with other software, the Contributor Version (or portions thereof).\n(c)\n(d)\n3 DISTRIBUTION OBLIGATIONS.\n3.1. Application of License.\nThe Modifications which You create or to which You contribute are governed by the terms\nof this License, including without limitation Section 2.2. The Source Code version of Covered\n\n312\n\n\f16 Third-party materials and licenses\nCode may be distributed only under the terms of this License or a future version of this License\nreleased under Section 6.1, and You must include a copy of this License with every copy of the\nSource Code You distribute. You may not offer or impose any terms on any Source Code version\nthat alters or restricts the applicable version of this License or the recipients’ rights hereunder.\nHowever, You may include an additional document offering the additional rights described in\nSection 3.5.\n3.2. Availability of Source Code.\nAny Modification created by You will be provided to the Initial Developer in Source Code form\nand are subject to the terms of the License. 3.3. Description of Modifications.\nYou must cause all Covered Code to which You contribute to contain a file documenting the\nchanges You made to create that Covered Code and the date of any change. You must include a\nprominent statement that the Modification is derived, directly or indirectly, from Original Code\nprovided by the Initial Developer and including the name of the Initial Developer in (a) the\nSource Code, and (b) in any notice in an Executable version or related documentation in which\nYou describe the origin or ownership of the Covered Code.\n3.4. Intellectual Property Matters.\n(a) Third Party Claims. If Contributor has knowledge that a license under a third party’s intellectual property rights is required to exercise the rights granted by such Contributor under\nSections 2.1 or 2.2, Contributor must include a text file with the Source Code distribution titled\n“LEGAL” which describes the claim and the party making the claim in sufficient detail that a recipient will know whom to contact. If Contributor obtains such knowledge after the Modification\nis made available as described in Section 3.2, Contributor shall promptly modify the LEGAL file\nin all copies Contributor makes available thereafter and shall take other steps (such as notifying\nappropriate mailing lists or newsgroups) reasonably calculated to inform those who received the\nCovered Code that new knowledge has been obtained.\n(b) Contributor APIs. If Contributor’s Modifications include an application programming interface and Contributor has knowledge of patent licenses which are reasonably necessary to\nimplement that API, Contributor must also include this information in the LEGAL file.\n(c) Representations. Contributor represents that, except as disclosed pursuant to Section\n3.4(a) above, Contributor believes that Contributor’s Modifications are Contributor’s original\ncreation(s) and/or Contributor has sufficient rights to grant the rights conveyed by this License.\n3.5. Required Notices. You must duplicate the notice in Exhibit A in each file of the Source\nCode. If it is not possible to put such notice in a particular Source Code file due to its structure,\nthen You must include such notice in a location (such as a relevant directory) where a user would\nbe likely to look for such a notice. If You created one or more Modification(s) You may add your\nname as a Contributor to the notice described in Exhibit A. You must also duplicate this License in\nany documentation for the Source Code where You describe recipients’ rights or ownership rights\nrelating to Covered Code. You may choose to offer, and to charge a fee for, warranty, support,\nindemnity or liability obligations to one or more recipients of Covered Code. However, You may\ndo so only on Your own behalf, and not on behalf of the Initial Developer or any Contributor.\n3.6. Distribution of Executable Versions. You may distribute Covered Code in Executable form\nonly if the requirements of Section 3.1-3.5 have been met for that Covered Code. You may\ndistribute the Executable version of Covered Code or ownership rights under a license of Your\nchoice, which may contain terms different from this License, provided that You are in compliance\nwith the terms of this License and that the license for the Executable version does not attempt\nto limit or alter the recipient’s rights in the Source Code version from the rights set forth in\nthis License. If You distribute the Executable version under a different license You must make it\nabsolutely clear that any terms which differ from this License are offered by You alone, not by the\nInitial Developer or any Contributor. If you distribute executable versions containing Covered\nCode as part of a product, you must reproduce the notice in Exhibit B in the documentation\nand/or other materials provided with the product.\n3.7. Larger Works. You may create a Larger Work by combining Covered Code with other code\nnot governed by the terms of this License and distribute the Larger Work as a single product. In\n\n313\n\n\f16 Third-party materials and licenses\nsuch a case, You must make sure the requirements of this License are fulfilled for the Covered\nCode.\n3.8. Restrictions. You may not remove any product identification, copyright, proprietary notices or labels from gSOAP.\n4 INABILITY TO COMPLY DUE TO STATUTE OR REGULATION.\nIf it is impossible for You to comply with any of the terms of this License with respect to some\nor all of the Covered Code due to statute, judicial order, or regulation then You must: (a) comply\nwith the terms of this License to the maximum extent possible; and (b) describe the limitations\nand the code they affect. Such description must be included in the LEGAL file described in\nSection 3.4 and must be included with all distributions of the Source Code. Except to the extent\nprohibited by statute or regulation, such description must be sufficiently detailed for a recipient\nof ordinary skill to be able to understand it.\n5 APPLICATION OF THIS LICENSE.\nThis License applies to code to which the Initial Developer has attached the notice in Exhibit\nA and to related Covered Code.\n6 VERSIONS OF THE LICENSE.\n6.1. New Versions.\nGrantor may publish revised and/or new versions of the License from time to time. Each\nversion will be given a distinguishing version number.\n6.2. Effect of New Versions.\nOnce Covered Code has been published under a particular version of the License, You may\nalways continue to use it under the terms of that version. You may also choose to use such\nCovered Code under the terms of any subsequent version of the License.\n6.3. Derivative Works.\nIf You create or use a modified version of this License (which you may only do in order to apply\nit to code which is not already Covered Code governed by this License), You must (a) rename\nYour license so that the phrase “gSOAP” or any confusingly similar phrase do not appear in your\nlicense (except to note that your license differs from this License) and (b) otherwise make it\nclear that Your version of the license contains terms which differ from the gSOAP Public License.\n(Filling in the name of the Initial Developer, Original Code or Contributor in the notice described\nin Exhibit A shall not of themselves be deemed to be modifications of this License.)\n7 DISCLAIMER OF WARRANTY.\nCOVERED CODE IS PROVIDED UNDER THIS LICENSE ON AN “AS IS” BASIS, WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED OR STATUTORY, INCLUDING, WITHOUT\nLIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY, OF FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT OF THIRD PARTY INTELLECTUAL PROPERTY RIGHTS,\nAND ANY WARRANTY THAT MAY ARISE BY REASON OF TRADE USAGE, CUSTOM, OR COURSE\nOF DEALING. WITHOUT LIMITING THE FOREGOING, YOU ACKNOWLEDGE THAT THE SOFTWARE IS PROVIDED “AS IS” AND THAT THE AUTHORS DO NOT WARRANT THE SOFTWARE\nWILL RUN UNINTERRUPTED OR ERROR FREE. LIMITED LIABILITY THE ENTIRE RISK AS\nTO RESULTS AND PERFORMANCE OF THE SOFTWARE IS ASSUMED BY YOU. UNDER NO\nCIRCUMSTANCES WILL THE AUTHORS BE LIABLE FOR ANY SPECIAL, INDIRECT, INCIDENTAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES OF ANY KIND OR NATURE WHATSOEVER,\nWHETHER BASED ON CONTRACT, WARRANTY, TORT (INCLUDING NEGLIGENCE), STRICT\nLIABILITY OR OTHERWISE, ARISING OUT OF OR IN ANY WAY RELATED TO THE SOFTWARE,\nEVEN IF THE AUTHORS HAVE BEEN ADVISED ON THE POSSIBILITY OF SUCH DAMAGE OR\nIF SUCH DAMAGE COULD HAVE BEEN REASONABLY FORESEEN, AND NOTWITHSTANDING\nANY FAILURE OF ESSENTIAL PURPOSE OF ANY EXCLUSIVE REMEDY PROVIDED. SUCH LIMITATION ON DAMAGES INCLUDES, BUT IS NOT LIMITED TO, DAMAGES FOR LOSS OF GOODWILL, LOST PROFITS, LOSS OF DATA OR SOFTWARE, WORK STOPPAGE, COMPUTER FAILURE\nOR MALFUNCTION OR IMPAIRMENT OF OTHER GOODS. IN NO EVENT WILL THE AUTHORS\nBE LIABLE FOR THE COSTS OF PROCUREMENT OF SUBSTITUTE SOFTWARE OR SERVICES.\nYOU ACKNOWLEDGE THAT THIS SOFTWARE IS NOT DESIGNED FOR USE IN ON-LINE EQUIP-\n\n314\n\n\f16 Third-party materials and licenses\nMENT IN HAZARDOUS ENVIRONMENTS SUCH AS OPERATION OF NUCLEAR FACILITIES, AIRCRAFT NAVIGATION OR CONTROL, OR LIFE-CRITICAL APPLICATIONS. THE AUTHORS EXPRESSLY DISCLAIM ANY LIABILITY RESULTING FROM USE OF THE SOFTWARE IN ANY SUCH\nON-LINE EQUIPMENT IN HAZARDOUS ENVIRONMENTS AND ACCEPTS NO LIABILITY IN RESPECT OF ANY ACTIONS OR CLAIMS BASED ON THE USE OF THE SOFTWARE IN ANY SUCH\nON-LINE EQUIPMENT IN HAZARDOUS ENVIRONMENTS BY YOU. FOR PURPOSES OF THIS\nPARAGRAPH, THE TERM “LIFE-CRITICAL APPLICATION” MEANS AN APPLICATION IN WHICH\nTHE FUNCTIONING OR MALFUNCTIONING OF THE SOFTWARE MAY RESULT DIRECTLY OR\nINDIRECTLY IN PHYSICAL INJURY OR LOSS OF HUMAN LIFE. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY COVERED\nCODE IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER.\n8 TERMINATION.\n8.1.\nThis License and the rights granted hereunder will terminate automatically if You fail to comply\nwith terms herein and fail to cure such breach within 30 days of becoming aware of the breach.\nAll sublicenses to the Covered Code which are properly granted shall survive any termination of\nthis License. Provisions which, by their nature, must remain in effect beyond the termination of\nthis License shall survive.\n8.2.\n8.3.\nIf You assert a patent infringement claim against Participant alleging that such Participant’s\nContributor Version directly or indirectly infringes any patent where such claim is resolved (such\nas by license or settlement) prior to the initiation of patent infringement litigation, then the\nreasonable value of the licenses granted by such Participant under Sections 2.1 or 2.2 shall be\ntaken into account in determining the amount or value of any payment or license.\n8.4. In the event of termination under Sections 8.1 or 8.2 above, all end user license agreements (excluding distributors and resellers) which have been validly granted by You or any\ndistributor hereunder prior to termination shall survive termination.\n9 LIMITATION OF LIABILITY.\nUNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER TORT (INCLUDING NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL YOU, THE INITIAL DEVELOPER, ANY\nOTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF COVERED CODE, OR ANY SUPPLIER OF\nANY OF SUCH PARTIES, BE LIABLE TO ANY PERSON FOR ANY INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF GOODWILL, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER COMMERCIAL DAMAGES OR LOSSES, EVEN IF SUCH\nPARTY SHALL HAVE BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. THIS LIMITATION OF LIABILITY SHALL NOT APPLY TO LIABILITY FOR DEATH OR PERSONAL INJURY RESULTING FROM SUCH PARTY’S NEGLIGENCE TO THE EXTENT APPLICABLE LAW PROHIBITS\nSUCH LIMITATION. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION\nOF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THIS EXCLUSION AND LIMITATION MAY\nNOT APPLY TO YOU.\n10 U.S. GOVERNMENT END USERS.\n11 MISCELLANEOUS.\n12 RESPONSIBILITY FOR CLAIMS.\nAs between Initial Developer and the Contributors, each party is responsible for claims and\ndamages arising, directly or indirectly, out of its utilization of rights under this License and You\nagree to work with Initial Developer and Contributors to distribute such responsibility on an\nequitable basis. Nothing herein is intended or shall be deemed to constitute any admission of\nliability.\nEXHIBIT A.\n“The contents of this file are subject to the gSOAP Public License Version 1.3 (the “License”);\nyou may not use this file except in compliance with the License. You may obtain a copy of\n\n315\n\n\f16 Third-party materials and licenses\nthe License at http://www.cs.fsu.edu/~engelen/soaplicense.html. Software distributed\nunder the License is distributed on an “AS IS” basis, WITHOUT WARRANTY OF ANY KIND, either\nexpress or implied. See the License for the specific language governing rights and limitations\nunder the License.\nThe Original Code of the gSOAP Software is: stdsoap.h, stdsoap2.h, stdsoap.c, stdsoap2.c,\nstdsoap.cpp, stdsoap2.cpp, soapcpp2.h, soapcpp2.c, soapcpp2_lex.l, soapcpp2_yacc.y, error2.h,\nerror2.c, symbol2.c, init2.c, soapdoc2.html, and soapdoc2.pdf, httpget.h, httpget.c, stl.h, stldeque.h, stllist.h, stlvector.h, stlset.h.\nThe Initial Developer of the Original Code is Robert A. van Engelen. Portions created by\nRobert A. van Engelen are Copyright (C) 2001-2004 Robert A. van Engelen, Genivia inc. All\nRights Reserved.\nContributor(s): “________________________.“ [Note: The text of this Exhibit A may differ\nslightly form the text of the notices in the Source Code files of the Original code. You should use\nthe text of this Exhibit A rather than the text found in the Original Code Source Code for Your\nModifications.]\nEXHIBIT B.\n“Part of the software embedded in this product is gSOAP software. Portions created by gSOAP\nare Copyright (C) 2001-2004 Robert A. van Engelen, Genivia inc. All Rights Reserved. THE\nSOFTWARE IN THIS PRODUCT WAS IN PART PROVIDED BY GENIVIA INC AND ANY EXPRESS\nOR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES\nOF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO\nEVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,\nEXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN\nCONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.“\n\n16.2.15 Chromium licenses\n16.2.15.1 Main license\nCopyright (c) 2002, Stanford University All rights reserved.\nSome portions of Chromium are copyrighted by individiual organizations. Please see the files\nCOPYRIGHT.LLNL and COPYRIGHT.REDHAT for more information.\nRedistribution and use in source and binary forms, with or without modification, are permitted\nprovided that the following conditions are met:\n• Redistributions of source code must retain the above copyright notice, this list of conditions\nand the following disclaimer.\n• Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided\nwith the distribution.\n• Neither the name of Stanford University nor the names of its contributors may be used\nto endorse or promote products derived from this software without specific prior written\npermission.\nTHIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS “AS\nIS” AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE\nIMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE\nARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL\n\n316\n\n\f16 Third-party materials and licenses\nDAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS\nOR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER\nCAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,\nOR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE\nUSE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n16.2.15.2 COPYRIGHT.LLNL file\nThis Chromium distribution contains information and code which is covered under the following\nnotice:\nCopyright (c) 2002, The Regents of the University of California. Produced at the Lawrence\nLivermore National Laboratory For details, contact: Randall Frank ([email protected]). UCRLCODE-2002-058 All rights reserved.\nThis file is part of Chromium. For details, see accompanying documentation.\nRedistribution and use in source and binary forms, with or without modification, are permitted\nprovided that the following conditions are met:\nRedistributions of source code must retain the above copyright notice, this list of conditions\nand the disclaimer below.\nRedistributions in binary form must reproduce the above copyright notice, this list of conditions and the disclaimer (as noted below) in the documentation and/or other materials provided\nwith the distribution.\nNeither the name of the UC/LLNL nor the names of its contributors may be used to endorse or\npromote products derived from this software without specific prior written permission.\nTHIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS “AS\nIS” AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE\nIMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE\nARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OF THE UNIVERSITY OF CALIFORNIA, THE U.S. DEPARTMENT OF ENERGY OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,\nINDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF\nUSE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\nTHEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING\nNEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,\nEVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\nAdditional BSD Notice\n1. This notice is required to be provided under our contract with the U.S. Department of\nEnergy (DOE). This work was produced at the University of California, Lawrence Livermore\nNational Laboratory under Contract No. W-7405-ENG-48 with the DOE.\n2. Neither the United States Government nor the University of California nor any of their\nemployees, makes any warranty, express or implied, or assumes any liability or responsibility\nfor the accuracy, completeness, or usefulness of any information, apparatus, product, or process\ndisclosed, or represents that its use would not infringe privately-owned rights.\n3. Also, reference herein to any specific commercial products, process, or services by trade\nname, trademark, manufacturer or otherwise does not necessarily constitute or imply its endorsement, recommendation, or favoring by the United States Government or the University of\nCalifornia. The views and opinions of authors expressed herein do not necessarily state or reflect\nthose of the United States Government or the University of California, and shall not be used for\nadvertising or product endorsement purposes.\n16.2.15.3 COPYRIGHT.REDHAT file\nThis Chromium distribution contains information and code which is covered under the following\nnotice:\nCopyright 2001,2002 Red Hat Inc., Durham, North Carolina.\n\n317\n\n\f16 Third-party materials and licenses\nAll Rights Reserved.\nPermission is hereby granted, free of charge, to any person obtaining a copy of this software\nand associated documentation files (the “Software”), to deal in the Software without restriction, including without limitation on the rights to use, copy, modify, merge, publish, distribute,\nsublicense, and/or sell copies of the Software, and to permit persons to whom the Software is\nfurnished to do so, subject to the following conditions:\nThe above copyright notice and this permission notice (including the next paragraph) shall be\nincluded in all copies or substantial portions of the Software.\nTHE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL RED\nHAT AND/OR THEIR SUPPLIERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT\nOF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALI |
View raw
(Sorry about that, but we can’t show files that are this big right now.)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment