
How to Virtualise Linux - rayascott
http://www.linuxuser.co.uk/features/how-to-virtualise-linux-part-1
======
vmorgulis
I use virt-manager as UI.

[https://virt-manager.org/](https://virt-manager.org/)

And libguestfs/guestfish to manipulate VMs:

[http://libguestfs.org/guestfish.1.html](http://libguestfs.org/guestfish.1.html)

I did a small toolchain with bash files to cross-compile for Windows (with
mingw32-w64). After the build the Windows binary is injected in a VM and
launched with guestfish. It works!

~~~
Klasiaster
It also works nice with GNOME Boxes and containers with systemd machinectl

~~~
vmorgulis
I used a bit Boxes and the UI is quite beautiful.

Thanks for "systemd machinectl".

[https://www.freedesktop.org/software/systemd/man/machinectl....](https://www.freedesktop.org/software/systemd/man/machinectl.html)

The man page suggests it's a superset or replacement of libvirt but according
to other pages it's mostly used for containers (as you said).

------
tyfon
I think the article kind of misses a bit about qemu-kvm + libvirt and the
tools. You can administer a guest and view it's display output via qemu+ssh
protocol and ssh keys for a very easy way to run vms on multiple hosts via an
easy graphical interface ( and the command line.

With the graphical tool it is also very easy to setup and run local virtual
machines like VirtualBox.

------
gravypod
I wish there was a tutorial like this that included starting an X server in
every one of the linux VMs and connecting them some how to your desktop. That
way you can open windows in them and segregate different applications to VMs
(Web Browsers, Untrusted Applications,etc.. )

~~~
yxlx
Not a tutorial but there's a distro which does this.

[https://www.qubes-os.org/doc/architecture/](https://www.qubes-
os.org/doc/architecture/)

~~~
gravypod
I didn't think qube-os did this since I don't think this would be very secure.
There are, from what I understand, many vectors for privilege escalation from
the XServer. Didn't think Qube os would use it since it is security concerned.

~~~
dmytrish
Qube OS is made by quite good security researchers, who where first to break
into Intel SMM, as far as I know.

Qube OS separates domain as virtual machines on top of Xen and you need to do
privilege escalation in the sandbox first, then to break Xen somehow. Sure,
Xen is still a lot of code to attack, but it's much smaller than Linux kernel
or XWindow.

------
vanous
> You can use these techniques to create a virtual version of an old operating
> system so that you can keep using some specific software, or for a more
> private online environment.

If kernel version is not in the way...:

For command line software, I find it much easier and faster to do debootstrap
and chroot with simple script that can call particular sandboxed command and
return resulted output, like for exemple publican for fop based PDF conversion
from docbook.

I do the same for wine based games for the kids, like WOT.

It has instant start, then during exit, I clean up and umount all the /proc ,
/dev /sys...

~~~
FreeFull
The kernel itself has stayed highly backwards-compatible. You can even load a
module that lets you run a.out executables (the executable format Linux was
using before ELF), assuming you have the libraries those executables need.

