On Linux, VirtualBox has always been my go-to solution for running VMs, which I mostly use to run Kali and/or ParrotSec nowadays. However, with the latest VirtualBox (6.1.34-4) and Kernel update (5.15.48-1), something seems to have broken VirtualBox. When starting any VM, old or new, there is intense flickering and apps like Firefox crash either instantly or after some 30 seconds of use. Googling online, this seems to be an active issue, with the only potential workaround being a kernel downgrade (at the time of writing).

Update 16. Sep 2022: These issues seem to have been fixed with VirtualBox update 6.1.36, but I haven’t verified this myself.

Since I use Manjaro as my day-to-day driver, a kernel downgrade was off the table for me. I needed an alternative to VirtualBox, at least until the issue could be fixed, so I could keep working on HackTheBox and other platforms. Enter QEmu.

Prerequisites

Operating System

This post is aimed at Manjaro, but should be applicable to ArchLinux as well, or other distros that are based off of Arch. Both 32-bit and 64-bit versions of Manjaro should work.

Hardware Virtualization support

Most CPUs should have this by now, but we can double check by executing lscpu | grep Virtualization and looking at the given value. Either VT-x (Intel) or AMD-V (AMD) is fine.

User group for libvirt

Per default, only root is allowed to create and manage virtual machines. We’ll change this in a moment, but we can already add our main user to the libvirt group by executing sudo usermod -aG libvirt user.

Installing QEmu

QEmu requires quite a lot of packages, and on Manjaro, there will be some conflicts. To get started, we install the following:

sudo pacman -S qemu virt-manager libvirt virt-viewer dnsmasq vde2 bridge-utils openbsd-netcat ebtables libguestfs

On my system, there’s a conflict between iptables-nft and iptables, as well as exfatprogs and exfat-utils. I simply replaced the packages if prompted; it works fine. As an additional precaution, I wrote down all conflicts in case I needed to revert later.

virt-manager and virt-viewer are GUI packages to work with qemu, since that doesn’t provide a GUI per default. libvirt provides an API to work with qemu, and we’ll work with that more closely in the next few steps. The rest of the packages are utilities needed for QEmu and Virt-Manager.

Enabling libvirt and setting user group

Next up is enabling the libvirtd service on startup and setting the user group, so users other than root can create and manage virtual machines.

First, we enable the service by executing systemctl enable --now libvirtd, which will start libvirtd immediately as well as enable it on startup in the future. Next, we set the socket group ownership by editing /etc/libvirt/libvirtd.conf using vi or vim. Here, we simply need to uncomment the lines unix_sock_group = "libvirt" and unix_sock_rw_perms = "0770".

Now, we just need to restart libvirtd by executing systemctl restart libvirtd and the changes should be applied.

Creating a new virtual machine

For this example, I’m using ParrotSec, which provides an .iso file with which to create a virtual machine.

Before creating a new VM, it’s a good idea to double-check some default settings. All of these can be found under Edit > Connection Details.

The libvirt URI should be qemu:///system by default. Under the Virtual Networks tab, there should already be a default network configured, but inactive. Virt-Manager will prompt to activate this network before starting the first VM, but Autostart On Boot should be ticked. Finally, a new storage pool needs to be set up in the Storage tab. I named my pool ISO and kept the default location, which should be /var/lib/libvirt/images/pool. This is where .iso files need to be stored for virt-manager to find them, so I moved the ParrotSec .iso to this folder.

Once the configuration is done, we can create a new VM by clicking on the icon with the star (left-most) or navigating to File > New Virtual Machine. Local install media (ISO) is selected by default, which is what we want. The ParrotSec .iso should show up in the list of volumes inside the ISO pool, so we simply select that. I chose Generic Linux 2020 as the Operating System, since I wasn’t sure what ParrotSec is based off. I believe it’s Debian, similar to Kali, so that may be a better choice. Either way, I recommend giving the VM at least 4096 MB (4 GB) of RAM as well as 4 cores (this is limited by the amount of physical cores the system has). The last step is creating storage for the VM, which should default to 25GB. This was fine for my purposes.

Note that in the case of ParrotSec, we’ll have to actually install it after spinning up the VM, since it boots into a sort of live mode after setting it up the first time.

Conclusion

Personally, I actually see quite the performance gain from using QEmu along with virt-manager in comparison to VirtualBox. Unfortunately, the window does not scale as nicely as with VirtualBox/VMWare, even when ticking View > Scale Display > Auto resize VM with window. As a workaround, I’ve set the resolution inside the VM to native (1920x1080) and started using Fullscreen, which gives me a crisp display and a good base to work with.

Overall, I was pleasantly surprised with how easy it is to set up QEmu; here’s to hoping there’s no random issues like with VirtualBox that require me to switch back.