Since I like to run servers from USB sticks and store the server data on harddisks. It is wise to make the root-file system read-only, to extend the life of a USB-stick. However, some programs require extra configuration to do this, since I could not find a post to do this with VirtualBox I’m making this one.
Figuring out which files need to be writeable for Virtualbox
We can use strace, to find the calls an application makes to the OS, (If you’re using Windows, process monitor can do similar, but still different things (including registry access) ).
However, if we’re going to deal with all calls, it: 1. will slow down the application a lot (not really a major concern but still annoying), and 2. produce a lot of output we do not need. Luckily strace has a filter option for this, which usage of regular expressions. Additionally, it has predefined patterns we can use for filtering (nice). Furthermore, it is nice if this is written to disk, so we can read the data afterward. Then we end up with a command similar to:
strace --trace=%file,%fstat,%fstatfs -o ./virtualbox.strace virtualbox
Afterward, we can look into the file virtualbox.strace with less, to see which files are accessed.
less virtualbox.strace
When looking through the output /root/.config/VirtualBox/ seemed like a reasonable candidate location that should be writeable. So to test this, I mounted with bind mounting to the read and writeable storage area:
sudo mount --bind /storage/VirtualBox /root/.config/VirtualBox/
This succeeded, but later on, while creating a new VM (via the web interface) I found out it needed another location for storing the data:
sudo mount --bind /storage/VirtualBoxVMS "/root/VirtualBox VMs"
Permanent fix
After this, no more locations seemed to need write access. Therefore, if you want to make these bind mounts permanent. It is best to add them to /etc/fstab:
/storage/VirtualBox /root/.config/VirtualBox/ none bind 0 0
/storage/VirtualBoxVMS /root/VirtualBox\040VMs none bind 0 0
As you can see, \040
was used in the path which can be used to escape spaces SuperUser post about it.