virtualbox.org

Hi all,

i have the following problem:
i created a vdi virtual machine with my administrative account (cause else i couldnt install programs locally)
its stored on my D-drive, the system is win7 professional, 32bit, the vbox im using is 5.6.2 (this is only about the host system, the guest system worx fine).

now this account is the only one i can use to start the virtual machine at all, with others (less privileged) i cant even add this machine to the vbox application.

how can i achieve to have the vm availiable for all users on the system?

thx in advance for any answers, if you have questions feel free to ask.
justl

PS: I didnt look through all topics availiable with 500+ pages - perhaps my search parameters were faulty too (so ... plz dont hit me with a phone book )

The Virtualbox manual section 10.1.3 says that if the environment variable VBOX_USER_HOME is set to a particular folder on the host OS, that Virtualbox will look in that folder to find it's configuration and guest list.

Google how to set environment variables on you OS. Set VBOX_USER_HOME to point to a public folder that all accounts can access, and save your guest also in a public folder (see the main Virtualbox window, File menu, Preferences, General, Default Machine Folder, for where to make new guests).

Theoretically, logging in a different PC account, Virtualbox will see the environment variable, look in the public folder for the configuration file, and load up that list of guests.

FWIW, the forum search function is really limited. A better method is to type your search terms in your favorite search engine then add this:

site:forums.virtualbox.org

This forces the search to pull only from this forum (this works for any website btw).

scottgus1 wrote:The Virtualbox manual section 10.1.3 says that if the environment variable VBOX_USER_HOME is set to a particular folder on the host OS, that Virtualbox will look in that folder to find it's configuration and guest list.

Google how to set environment variables on you OS. Set VBOX_USER_HOME to point to a public folder that all accounts can access, and save your guest also in a public folder (see the main Virtualbox window, File menu, Preferences, General, Default Machine Folder, for where to make new guests).

Theoretically, logging in a different PC account, Virtualbox will see the environment variable, look in the public folder for the configuration file, and load up that list of guests.

i did that, but im getting the error, that the machine is not accessible, cause the xml still thinks its in my admin-user-folder (see attachment)

scottgus1 wrote:save your guest also in a public folder

It's probably this part where the problem is. You need to grant access to the folder(s) containing the guest files to any account that you wish to allow to access the guest. See Moving a VM.

Note that whiting out or otherwise obfuscatuing user names, UUIDs etc may remove information needed to help you. Odd characters in a user name have undone Virtualbox before, and there is no way we can hack into your PC if we just knew your username.

the username is only made of numbers and letters, no odd chars there - and yeah, i have habbit of doing that in generell ... next screen ins unobfuscated, promise .
the guest is already on my D-disk, where all common data is stored (never was in my administrative-user-folder) - so i dont know why the system wants to go there.
shall i go edit the xml-file for the right path?

So far the disk file on the D drive doesn't seem to be the issue. The error in your screenshot says the .vbox file in the whited-out-users' Virtualbox VMs\IH_NB_Dyn\ folder is access denied. The whited-out-users' Virtualbox VMs folder and all folders & files need to be opened to all users who will use the guest.

I don't think this is going to work. I remember that even if you put your files in a shared location, VirtualBox at the end will give User:RW, Others:NoAccess. So, whoever opens that .vbox, the next person won't be able to read it.

Socratis, is that when two users try to access the .vbox at the same time? Or is it after the one user logs off then the next user to log on can't access the .vbox?

• Put the whole shebang in "C:\Users\Public\VMs", OK? Give Everyone:RWX.
• Log in as "socratis". Use the VM. When you're done, <VM>.vbox will end up Socratis:RWX, Everyone:NoAccess.
• VirtualBox actively changes the security, bypassing the filesystem set one.

This is what I remember testing, and I was rather amazed to find that behavior. I'm online as I write this with the devs trying to understand why.

The only solution would be to store the VMs in a filesystem that has no permissions; exFAT.

Confirmed. The steps laid out in my previous post is indeed what's taking place. I still have my memory intact!

OK, here's some other data to throw into the mix:

I have a Windows 10 host with Virtualbox 6.0.4 on it, and a "DSL" guest. At the start of this experiment I had Virtualbox's main XML files in the default for the account "C:\Users\Kids\.Virtualbox" and the guests in "C:\Users\Kids\Virtualbox VMs".

I deleted the DSL guest from my present Virtualbox, but kept all the files, and closed Virtualbox.
I moved the guest folder to "C:\Users\Public\Virtualbox VMs".
I set the VBOX_USER_HOME environment variable to "C:\Users\Public\.Virtualbox" and confirmed the variable in a command window.
I then opened Virtualbox and saw no guests. I added the DSL guest. It opened and ran fine from the Public folder.
Then I logged off and went to the SnC account.
I opened Virtualbox and saw the DSL guest. It ran fine without problems.
Then I logged off and went to a third account, SnCadmin.
I opened Virtualbox and again saw and ran the DSL guest. No permission problems.

While in the SnCadmin account I made a new XP guest and installed the OS. The guest ran fine. I then logged out and into each of the other accounts and was able to see the new XP guest in Virtualbox right away without having to add it and run it just fine, no errors. I was even able to change guest seetings (increased memory) in the SnC account and see the change in the Kids and SnCadmin accounts.

I am not seeing permissions issues using VBOX_USER_HOME and public folders for Virtualbox settings on this host.

This is easy for you to see, but difficult for me to "visualize"
• What are the permissions for the .vbox file?
• Is the variable set for the System or PerUser?

.vbox file permissions are:

C:\Users\Public\VirtualBox VMs\XP\XP.vbox
RW BUILTIN\Administrators
RW THINKPAD\Kids
RW NT AUTHORITY\SYSTEM
RW NT AUTHORITY\INTERACTIVE
RW NT AUTHORITY\SERVICE
RW NT AUTHORITY\BATCH

VBOX_USER_HOME is in the System variables: Interestingly, when I log off the "Kids" account to the "SnC" account and run the permissions check again, they still showed "RW THINKPAD\Kids". When I started and shut down the XP guest, the permissions changed to "RW THINKPAD\SnC". On logging out and back into the Kids account, the permissions stayed "RW THINKPAD\SnC". I ran and shut down the guest, then the permissions changed back to "RW THINKPAD\Kids".

I tried "permissioning" a text file made in the Kids account and got "RW THINKPAD\Kids". I then logged off and opened the same document in the SnC account. Permissions remained "RW THINKPAD\Kids". I then edited and saved the text file while still in the SnC account. Permissions remained "RW THINKPAD\Kids". Logging off then back into Kids, permissions remained "RW THINKPAD\Kids".

So Virtualbox does change permissions on the .vbox file to the account the guest is opened under. (Why should it do that? Windows doesn't do it.) But I don't see a block or changing permissions off of RW.

VirtualBox is designed as a user facing application where every user has its own VMs. Therefore it always just takes ownership of the VMs files with the currently working user.
You may have success if you manage to use a user group for additional rw rights.