Locking Down the Oracle VM VirtualBox GUI

Customizing the VirtualBox Manager

There are several advanced customization settings for locking down the VirtualBox Manager. Locking down means removing some features that the user should not see.

VBoxManage setextradata global GUI/Customizations property[,property ...]

property is one of the following properties:

noSelector: Do not allow users to start the VirtualBox Manager. Trying to do so will show a window containing a proper error message.
noMenuBar: VM windows will not contain a menu bar.
noStatusBar: VM windows will not contain a status bar.

To disable any of these VirtualBox Manager customizations use the following command:

$ VBoxManage setextradata global GUI/Customizations

VM Selector Customization

The following per-machine VM extradata settings can be used to change the behavior of the VM selector window in respect of certain VMs:

$ VBoxManage setextradata VM-name property true

property can be any of the following:

GUI/HideDetails: Do not show the VM configuration of a certain VM. The details window will remain just empty if this VM is selected.
GUI/PreventReconfiguration: Do not allow the user to open the Settings dialog for a certain VM.
GUI/PreventSnapshotOperations: Prevent snapshot operations for a VM from the GUI, either at runtime or when the VM is powered off.
GUI/HideFromManager: Hide a certain VM in the VM selector window.
GUI/PreventApplicationUpdate: Disable the automatic update check and hide the corresponding menu item.

Note that these settings do not prevent the user from reconfiguring the VM by using the VBoxManage modifyvm command.

Configure VM Selector Menu Entries

You can disable certain entries in the global settings page of the VM selector:

$ VBoxManage setextradata global GUI/RestrictedGlobalSettingsPages property[,property...]

property is one of the following:

General: Do not show the General settings pane.
Input: Do not show the Input settings pane.
Update: Do not show the Update settings pane.
Language: Do not show the Language settings pane.
Display: Do not show the Display settings pane.
Network: Do not show the Network settings pane.
Extensions: Do not show the Extensions settings pane.
Proxy: Do not show the Proxy settings pane.

This is a global setting. You can specify any combination of properties. To restore the default behavior, use the following command:

$ VBoxManage setextradata global GUI/RestrictedGlobalSettingsPages

Configure VM Window Menu Entries

You can disable certain menu actions in the VM window:

VBoxManage setextradata "VM name"|global GUI/RestrictedRuntimeMenus OPTION[,OPTION...]

where OPTION is one of the following keywords:

All: Do not show any menu in the VM window.
Application: Do not show Application/File menu in the VM window.
Machine: Do not show the Machine menu in the VM window.
View: Do not show the View menu in the VM window.
Input: Do not show Input menu in the VM window.
Devices: Do not show the Devices menu in the VM window.
Help: Do not show the Help menu in the VM window.
Debug: Do not show the Debug menu in the VM window. The Debug menu is only visible if the GUI was started with special command line parameters or environment variable settings.

This is a per-VM or global setting. Any combination of the above is allowed. To restore the default behavior, use the following command:

VBoxManage setextradata "VM name"|global GUI/RestrictedRuntimeMenus

You can also disable certain menu actions of certain menus. Use the following command to disable certain actions of the Application menu. This is only available on Mac OS X hosts.

VBoxManage setextradata "VM name"|global GUI/RestrictedRuntimeApplicationMenuActions OPTION[,OPTION...]

where OPTION is one of the following keywords:

All: Do not show any menu item in this menu.
About: Do not show the About menu item in this menu.
Preferences: Do not show the Preferences menu item in this menu.
NetworkAccessManager: Do not show the Network Operations Manager menu item in this menu.
ResetWarnings: Do not show the Reset All Warnings menu item in this menu.
Close: Do not show the Close menu item in this menu.

This is a per-VM or global setting. Any combination of the above is allowed. To restore the default behavior, use the following command:

VBoxManage setextradata "VM name"|global GUI/RestrictedRuntimeMenus

Use the following command to disable certain actions of the Machine menu:

VBoxManage setextradata "VM name"|global GUI/RestrictedRuntimeMachineMenuActions OPTION[,OPTION...]

where OPTION is one of the following keywords:

All: Do not show any menu item in this menu.
SettingsDialog: Do not show the Settings menu item in this menu.
TakeSnapshot: Do not show the Take Snapshot... menu item in this menu.
InformationDialog: Do not show the Session Information... menu item in this menu.
FileManagerDialog: Do not show the File Manager... menu item in this menu.
Pause: Do not show the Pause menu item in this menu.
Reset: Do not show the Reset menu item in this menu.
Shutdown: Do not show the ACPI Shutdown menu item in this menu.

This is a per-VM or global setting. Any combination of the above is allowed. To restore the default behavior, use

VBoxManage setextradata "VM name"|global GUI/RestrictedRuntimeMachineMenuActions

Use the following command to disable certain actions of the View menu:

VBoxManage setextradata "VM name"|global GUI/RestrictedRuntimeViewMenuActions OPTION[,OPTION...]

where OPTION is one of the following keywords:

All: Do not show any menu item in this menu.
Fullscreen: Do not show the Full-screen Mode menu item in this menu.
Seamless: Do not show the Seamless Mode menu item in this menu.
Scale: Do not show the Scaled Mode menu item in this menu.
GuestAutoresize: Do not show the Auto-resize Guest Display menu item in this menu.
AdjustWindow: Do not show the Adjust Window Size menu item in this menu.
TakeScreenshot: Do not show the Take Screenshot... menu item in this menu.
Recording: Do not show the Recording menu item in this menu.
VRDEServer: Do not show the Remote Display menu item in this menu.
MenuBar: Do not show the Menu Bar menu item in this menu.
MenuBarSettings: Do not show the Menu Bar Settings... menu item in this menu.
StatusBar: Do not show the Status Bar menu item in this menu.
StatusbarSettings: Do not show the Statusbar Settings... menu item in this menu.

This is a per-VM or global setting. Any combination of the above is allowed. To restore the default behavior, use

VBoxManage setextradata "VM name"|global GUI/RestrictedRuntimeViewMenuActions

Use the following command to disable certain actions of the Input menu:

VBoxManage setextradata "VM name"|global GUI/RestrictedRuntimeInputMenuActions OPTION[,OPTION...]

where OPTION is one of the following keywords:

All: Do not show any menu item in this menu.
Keyboard: Do not show the Keyboard menu item in this menu.
KeyboardSettings: Do not show the Keyboard Settings... menu item in this menu.
SoftKeyboard: Do not show the Soft Keyboard... menu item in this menu.
TypeCAD: Do not show the Insert Ctrl-Alt-Del menu item in this menu.
TypeCABS: Do not show the Insert Ctrl-Alt-Backspace menu item in this menu.
TypeCtrlBreak: Do not show the Insert Ctrl-Break menu item in this menu.
TypeInsert: Do not show the Insert Insert menu item in this menu.
TypePrintScreen: Do not show the Insert Print Screen menu item in this menu.
TypeAltPrintScreen: Do not show the Insert Alt Print Screen menu item in this menu.
TypeHostKeyCombo: Do not show the Insert Host Key Combo menu item in this menu.
MouseIntegration: Do not show the MouseIntegration menu item in this menu.

This is a per-VM or global setting. Any combination of the above is allowed. To restore the default behavior, use

VBoxManage setextradata "VM name"|global GUI/RestrictedRuntimeInputMenuActions

Use the following command to disable certain actions of the Devices menu:

VBoxManage setextradata "VM name"|global GUI/RestrictedRuntimeDevicesMenuActions OPTION[,OPTION...]

where OPTION is one of the following keywords to disable actions in the Devices menu:

All: Do not show any menu item in this menu.
HardDrives: Do not show the Hard Disks menu item in this menu.
OpticalDevices: Do not show the Optical Devices menu item in this menu.
FloppyDevices: Do not show the Floppy Drives menu item in this menu.
Audio: Do not show the Audio menu item in this menu.
Network: Do not show the Network menu item in this menu.
NetworkSettings: Do not show the Network Settings menu item in this menu.
USBDevices: Do not show the USB menu item in this menu.
WebCams: Do not show the WebCams menu item in this menu.
SharedFolders: Do not show the Shared Folders menu item in this menu.
SharedFoldersSettings: Do not show the Shared Folders Settings... menu item in this menu.
SharedClipboard: Do not show the Shared Clipboard menu item in this menu.
DragAndDrop: Do not show the Drag and Drop menu item in this menu.
InstallGuestTools: Do not show the Insert Guest Additions CD image... menu item in this menu.

This is a per-VM or global or global setting. Any combination of the above is allowed. To restore the default behavior, use

VBoxManage setextradata "VM name"|global GUI/RestrictedRuntimeDevicesMenuActions

Use the following command to disable certain actions of the Debug menu:

VBoxManage setextradata "VM name"|global GUI/RestrictedRuntimeDebuggerMenuActions OPTION[,OPTION...]

where OPTION is one of the following keywords to disable actions in the Debug menu, which is normally completely disabled:

All: Do not show any menu item in this menu.
Statistics: Do not show the Statistics... menu item in this menu.
CommandLine: Do not show the Command Line... menu item in this menu.
Logging: Do not show the Logging... menu item in this menu.
LogDialog: Do not show the Show Log... menu item in this menu.
GuestControlConsole: Do not show the Guest Control Terminal... menu item in this menu.

This is a per-VM or global setting. Any combination of the above is allowed. To restore the default behavior, use

VBoxManage setextradata "VM name"|global GUI/RestrictedRuntimeDebuggerMenuActions

Use the following command to disable certain actions of the View menu:

VBoxManage setextradata "VM name"|global GUI/RestrictedRuntimeHelpMenuActions OPTION[,OPTION...]

where OPTION is one of the following keywords to disable actions in the Help menu, which is normally completely disabled:

All: Do not show any menu item in this menu.
Contents: Do not show the Contents... menu item in this menu.
WebSite: Do not show the VirtualBox Web Site... menu item in this menu.
BugTracker: Do not show the VirtualBox Bug Tracker... menu item in this menu.
Forums: Do not show the VirtualBox Forums... menu item in this menu.
Oracle: Do not show the Oracle Web Site... menu item in this menu.
About: Do not show the About VirtualBox... menu item in this menu. Only for non-Mac OS X hosts.

This is a per-VM or global setting. Any combination of the above is allowed. To restore the default behavior, use

VBoxManage setextradata "VM name"|global GUI/RestrictedRuntimeHelpMenuActions

Configure VM Window Status Bar Entries

You can disable certain status bar items:

VBoxManage setextradata "VM name"|global GUI/RestrictedStatusBarIndicators OPTION[,OPTION...]

where OPTION is one of the following keywords:

HardDisks: Do not show the hard disk icon in the VM window status bar. By default the hard disk icon is only shown if the VM configuration contains one or more hard disks.
OpticalDisks: Do not show the CD icon in the VM window status bar. By default the CD icon is only shown if the VM configuration contains one or more CD drives.
FloppyDisks: Do not show the floppy icon in the VM window status bar. By default the floppy icon is only shown if the VM configuration contains one or more floppy drives.
Network: Do not show the network icon in the VM window status bar. By default the network icon is only shown if the VM configuration contains one or more active network adapters.
USB: Do not show the USB icon in the status bar.
SharedFolders: Do not show the shared folders icon in the status bar.
Capture: Do not show the capture icon in the status bar.
Features: Do not show the CPU features icon in the status bar.
Mouse: Do not show the mouse icon in the status bar.
Keyboard: Do not show the keyboard icon in the status bar.

This is a per-VM or global setting. Any combination of the above is allowed. If all options are specified, no icons are displayed in the status bar of the VM window. To restore the default behavior, use

VBoxManage setextradata "VM name"|global GUI/RestrictedStatusBarIndicators

Configure VM Window Visual Modes

You can disable certain VM visual modes:

$ VBoxManage setextradata VM-name GUI/RestrictedVisualStates property[,property...]

property is one of the following:

Fullscreen: Do not allow to switch the VM into full screen mode.
Seamless: Do not allow to switch the VM into seamless mode.
Scale: Do not allow to switch the VM into scale mode.

This is a per-VM setting. You can specify any combination of properties. To restore the default behavior, use the following command:

$ VBoxManage setextradata VM-name GUI/RestrictedVisualStates

Host Key Customization

To disable all Host key combinations, open the preferences and change the Host key to None. This might be useful when using Oracle VM VirtualBox in a kiosk mode.

To redefine or disable certain Host key actions, use the following command:

$ VBoxManage setextradata global GUI/Input/MachineShortcuts "FullscreenMode=F,...."

The following table shows the possible Host key actions, together with their default Host key shortcut. Setting an action to None will disable that Host key action.

Table 9.1. Host Key Customization

Action	Default Key	Action
`TakeSnapshot`	T	Take a snapshot
`TakeScreenshot`	E	Take a screenshot
`MouseIntegration`	I	Toggle mouse integration
`TypeCAD`	Del	Inject Ctrl+Alt+Del
`TypeCABS`	Backspace	Inject Ctrl+Alt+Backspace
`Pause`	P	Pause the VM
`Reset`	R	Hard reset the guest
`SaveState`		Save the VM state and terminate the VM
`Shutdown`	H	Press the virtual ACPI power button
`PowerOff`		Power off the VM without saving the state
`Close`	Q	Show the Close VM dialog
`FullscreenMode`	F	Switch the VM into full screen mode
`SeamlessMode`	L	Switch the VM into seamless mode
`ScaleMode`	C	Switch the VM into scaled mode
`GuestAutoResize`	G	Automatically resize the guest window
`WindowAdjust`	A	Immediately resize the guest window
`PopupMenu`	Home	Show the popup menu in full screen mode and seamless mode
`SettingsDialog`	S	Open the VM Settings dialog
`InformationDialog`	N	Show the VM Session Information window
`NetworkAdaptersDialog`		Show the VM Network Adapters dialog
`SharedFoldersDialog`		Show the VM Shared Folders dialog
`InstallGuestAdditions`	D	Mount the ISO containing the Guest Additions

To disable full screen mode and seamless mode, use the following command:

$ VBoxManage setextradata global GUI/Input/MachineShortcuts "FullscreenMode=None,SeamlessMode=None"

Action when Terminating the VM

You can disallow certain actions when terminating a VM. To disallow specific actions, use the following command:

$ VBoxManage setextradata VM-name GUI/RestrictedCloseActions property[,property...]

property is one of the following:

SaveState: Do not allow the user to save the VM state when terminating the VM.
Shutdown: Do not allow the user to shutdown the VM by sending the ACPI power-off event to the guest.
PowerOff: Do not allow the user to power off the VM.
PowerOffRestoringSnapshot: Do not allow the user to return to the last snapshot when powering off the VM.
Detach: Do not allow the user to detach from the VM process if the VM was started in separate mode.

This is a per-VM setting. You can specify any combination of properties. If all properties are specified, the VM cannot be shut down.

Default Action when Terminating the VM

You can define a specific action for terminating a VM. In contrast to the setting decribed in the previous section, this setting allows only one action when the user terminates the VM. No exit menu is shown. Use the following command:

$ VBoxManage setextradata VM-name GUI/DefaultCloseAction action

action is one of the following:

SaveState: Save the VM state before terminating the VM process.
Shutdown: The VM is shut down by sending the ACPI power-off event to the guest.
PowerOff: The VM is powered off.
PowerOffRestoringSnapshot: The VM is powered off and the saved state returns to the last snapshot.
Detach: Terminate the frontend but leave the VM process running.

This is a per-VM setting. You can specify any combination of properties. If all properties are specified, the VM cannot be shut down.

Action for Handling a Guru Meditation

A VM runs into a Guru Meditation if there is a problem which cannot be fixed by other means than terminating the process. The default is to show a message window which instructs the user to open a bug report.

This behavior can be configured as follows:

$ VBoxManage setextradata VM-name GUI/GuruMeditationHandler mode

mode is one of the following:

Default: A message window is shown. After the user confirmed, the VM is terminated.
PowerOff: The VM is immediately powered-off without showing any message window. The VM logfile will show information about what happened.
Ignore: The VM is left in stuck mode. Execution is stopped but no message window is shown. The VM has to be powered off manually.

This is a per-VM setting.

Configuring Automatic Mouse Capturing

By default, the mouse is captured if the user clicks on the guest window and the guest expects relative mouse coordinates at this time. This happens if the pointing device is configured as PS/2 mouse and the guest has not yet started the Oracle VM VirtualBox Guest Additions. For instance, the guest is booting or the Guest Additions are not installed, or if the pointing device is configured as a USB tablet but the guest has no USB driver loaded yet. Once the Guest Additions become active or the USB guest driver is started, the mouse capture is automatically released.

The default behavior is sometimes not desired. Therefore it can be configured as follows:

VBoxManage setextradata VM-name GUI/MouseCapturePolicy mode

mode is one of the following:

Default: The default behavior as described above.
HostComboOnly: The mouse is only captured if the Host Key is toggled.
Disabled: The mouse is never captured, also not by toggling the Host Key

This is a per-VM setting.

Requesting Legacy Full-Screen Mode

Oracle VM VirtualBox uses special window manager facilities to switch a multi-screen machine to full-screen on a multi-monitor host system. However, not all window managers provide these facilities correctly. Oracle VM VirtualBox can be configured to use a legacy method of switching to full-screen mode instead, by using the command:

VBoxManage setextradata global GUI/Fullscreen/LegacyMode true

You can go back to the default method by using the following command:

VBoxManage setextradata global GUI/Fullscreen/LegacyMode

This is a global setting.

Removing Certain Modes of Networking From the GUI

It is possible to remove networking modes from Oracle VM VirtualBox GUI. To do this, use the following command:

VBoxManage setextradata global GUI/RestrictedNetworkAttachmentTypes property[,property...]

property is one of the following:

NAT: Remove the NAT option from the GUI.
NATNetwork: Remove the NAT network option from the GUI.
BridgedAdapter: Remove the Bridged networking option from the GUI.
InternalNetwork: Remove the Internal networking option from the GUI.
HostOnlyAdapter: Remove the Host Only networking option from the GUI.
GenericDriver: Remove the Generic networking option from the GUI.

This is a global setting. You can specify any combination of properties. To restore the default behavior, use the following command:

VBoxManage setextradata global GUI/RestrictedNetworkAttachmentTypes