NDPF vmware tips

From PDP/Grid Wiki
Jump to navigationJump to search

Assorted tricks and tips for the generation of vmware images

Keeping the clock in sync

If you suffer from a runaway clock in your VMWare guests, check out this page.


Managing Removable Devices for Virtual Machines

(from http://kb.vmware.com/selfservice/viewContent.do?externalId=1042#devices)

Normal (non-root or non-administrator) users and processes within virtual machines have the capability to connect or disconnect devices, such as network adapters and CD-ROM drives.

For example, by default, a rogue user within a virtual machine can:

  • Connect a disconnected CD-ROM drive and access sensitive information on the media left in the drive.
  • Disconnect a network adapter to isolate the virtual machine from its network, which is a denial of service.

In general, you should use the virtual machine settings editor/Configuration Editor to remove any unneeded or unused hardware devices. However, you may want to use the device again, so removing it is not a good solution. In this case, you can prevent a user or running process in the virtual machine from connecting or disconnecting a device from within the guest operating system by adding the following option to the virtual machine's configuration file (.vmx):

<device name>.allowGuestConnectionControl = "FALSE"

You must specify a device name for <device name> (for example, ethernet0):

Ethernet0.allowGuestConnectionControl = "FALSE"
floppy0.allowGuestConnectionControl = "FALSE"