Hacker News new | past | comments | ask | show | jobs | submit login
How to Virtualise Linux (linuxuser.co.uk)
27 points by 0x4542 on March 6, 2016 | hide | past | favorite | 10 comments



I use virt-manager as UI.

https://virt-manager.org/

And libguestfs/guestfish to manipulate VMs:

http://libguestfs.org/guestfish.1.html

I did a small toolchain with bash files to cross-compile for Windows (with mingw32-w64). After the build the Windows binary is injected in a VM and launched with guestfish. It works!


It also works nice with GNOME Boxes and containers with systemd machinectl


I used a bit Boxes and the UI is quite beautiful.

Thanks for "systemd machinectl".

https://www.freedesktop.org/software/systemd/man/machinectl....

The man page suggests it's a superset or replacement of libvirt but according to other pages it's mostly used for containers (as you said).


I think the article kind of misses a bit about qemu-kvm + libvirt and the tools. You can administer a guest and view it's display output via qemu+ssh protocol and ssh keys for a very easy way to run vms on multiple hosts via an easy graphical interface ( and the command line.

With the graphical tool it is also very easy to setup and run local virtual machines like VirtualBox.


I wish there was a tutorial like this that included starting an X server in every one of the linux VMs and connecting them some how to your desktop. That way you can open windows in them and segregate different applications to VMs (Web Browsers, Untrusted Applications,etc.. )


Not a tutorial but there's a distro which does this.

https://www.qubes-os.org/doc/architecture/


I didn't think qube-os did this since I don't think this would be very secure. There are, from what I understand, many vectors for privilege escalation from the XServer. Didn't think Qube os would use it since it is security concerned.


Qube OS is made by quite good security researchers, who where first to break into Intel SMM, as far as I know.

Qube OS separates domain as virtual machines on top of Xen and you need to do privilege escalation in the sandbox first, then to break Xen somehow. Sure, Xen is still a lot of code to attack, but it's much smaller than Linux kernel or XWindow.


> You can use these techniques to create a virtual version of an old operating system so that you can keep using some specific software, or for a more private online environment.

If kernel version is not in the way...:

For command line software, I find it much easier and faster to do debootstrap and chroot with simple script that can call particular sandboxed command and return resulted output, like for exemple publican for fop based PDF conversion from docbook.

I do the same for wine based games for the kids, like WOT.

It has instant start, then during exit, I clean up and umount all the /proc , /dev /sys...


The kernel itself has stayed highly backwards-compatible. You can even load a module that lets you run a.out executables (the executable format Linux was using before ELF), assuming you have the libraries those executables need.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: