Migration plan: Win7GrpB to Ubuntu & VM

Topic

New Reply

First, I really appreciate everyone on this forum that contributes, this used to be an occasional site but as Windows 7 updates got more challenging this is an almost daily visit.  I’ve read what others are doing with regards to the EOL of Windows 7.  I have decided and started my own.

I have a technical background and am familiar with Unix and have decided to move to Ubuntu 18.04.    I’ve started the process and my web surfing, Word Processing, Spreadsheets, Slides, Printing and Plex Media server needs are all adequately met.   I’ve started to migrate my files to ext4 where this is appropriate, leaving others on cifs mounted ntfs drives during this transition.

I appreciate there is still going to be a need to access Microsoft Windows on occasion and my plan here is to move my Windows 7 system into a VM hosted on Ubuntu and it is with this step that I would like some advice as I have a number of questions.

1. I’d like “image” my current system and use that for my VM.  I am currently a Group B updater and would prefer not to have to build a group B image from scratch. I do plan to abandon my existing Windows 7 system and hope to transfer my existing product key to the VM.   Any suggestions and caveats here would be appreciated.

2. I was hoping Sysprep might be a useful tool in this process, but the listed limitations state that Sysprep can only be used on clean installs, meaning that my group B image is not possible.  Again any pointers to make SysPrep work in my situations or other alternative tools that offer the “generalization” function that Sysprep provides would be appreciated.

3. My plan is to experiment with removing the network support for this VM once Windows has activated to protect the Win 7 image.  Most of the internet access should be done via Firefox on the Ubuntu host image, removing the network on the VM will force this and protect me from being lazy.   While not an “air gap” situation, I am hoping this provides a considerable amount of added protection.  Comments?

4. I need to be able to regularly backup and rebuild the VM.  If anything does infect the Win 7 VM, then my only recovery is to restore a backup.   Any pointers  here would be appreciated.

5. Lastly, I am currently researching using  Xen, VirtualBox, or VMWare and any pointers on preferred choices of VM (and choices for VM hard disk formats) would be appreciated.   I’m most interested in avoiding problems and less concerned on performance as this Win 7 VM will just be for situations where I need an application that I can’t find a Ubuntu alternative.

Thanks for any help, advice or pointers

Reply | Quote

Replies

AJ42 wrote:

1. I’d like “image” my current system and use that for my VM. I am currently a Group B updater and would prefer not to have to build a group B image from scratch. I do plan to abandon my existing Windows 7 system and hope to transfer my existing product key to the VM. Any suggestions and caveats here would be appreciated.

Have a look at this article for comparisons/how to’s re: converting a physical machine to a virtual format.

(I use VMWare Workstation. It’s not a recommendation – just what I’ve been familiar with for years, well before VirtualBox and Hyper-V matured so I don’t have any experience to compare the latter.)

Hope this helps…

1 user thanked author for this post.

jburk07

Reply | Quote

Thanks for the link.  Great read and exactly the info I needed to better understand.

Reply | Quote

AJ42 wrote:

4. I need to be able to regularly backup and rebuild the VM. If anything does infect the Win 7 VM, then my only recovery is to restore a backup. Any pointers here would be appreciated.

This one is easy.  Just copy the image file.

 

Mark

Win 10 home - 22H2
Attitude is a choice...Choose wisely

Reply | Quote

If your Windows 7 uses an OEM license, it’s bound to the hardware.  The VM shows as different hardware than the actual machine it runs on, so it won’t remain activated.  If it’s a retail version of Windows 7, you may be able to make it work.  I’ve never tried moving an existing Windows installation into a VM myself!

As far as backing up, mledman said it first.  I use Virtualbox (Linux host, Win 7 guest), and the Win 7 VM consists of only two files… Win7.vbox, an .xml file that holds the various configuration options for the VM, and Win7.vdi, which is the virtual device image, containing the VM itself.  If you perform normal backups of the Linux host, it will be backed up right along with it… or else you can simply copy the files somewhere.

The VM itself is a lot more flexible than an actual installation of Windows.  Each time you are finished using the VM, you can choose to save all of the changes that have occurred during that session, or you can simply throw out everything that’s changed and have the next session start again from the same point.  If you do save, it becomes/replaces a snapshot  “current state,” which you can instantly start any time you wish.  You could also choose to restore the baseline machine state, or any other snapshots that are there.  You can go forwards or backwards in time as you see fit.  You can create a snapshot at any time, or delete any you’ve created.

If any given snapshot picked up malware, you could simply delete that snapshot and restore a different one.

I don’t know much about VM software other than VirtualBox.

Dell XPS 13/9310, i5-1135G7/16GB, KDE Neon 6.2
XPG Xenia 15, i7-9750H/32GB & GTX1660ti, Kubuntu 24.04
Acer Swift Go 14, i5-1335U/16GB, Kubuntu 24.04 (and Win 11)

2 users thanked author for this post.

jburk07, Elly

Reply | Quote

Thanks for this information!   Is there a way to determine if my license is an OEM license?  I have 2 custom built systems and one off the shelf system with product keys to choose from.

Reply | Quote

Moving an existing machine to VM is very easy. VMware has a converter but MS Disk2VHD is easiest.

Don’t use sysprep, it’s for new installations as a template.

Protect your W7 image by backing it up or snapshotting.

Any of the VM products are good, but you really need virtualization in your CPU to be effective. What CPU are you going to use?

Storing the VM image on an SSD will provide maximum performance, but a cost of space. I would store it on HDD and make sure you have plenty of RAM to allocate to the VM – 8 to 16GB in your machine. RAM is always the best way to gain speed.

cheers, Paul

1 user thanked author for this post.

jburk07

Reply | Quote

Thanks, Disk2VHD looks promising. Do all the VMs support the VHD disk format?  It looks like I’m leaning towards VirtualBox.  My CPU is Intel i54250U with 8G of Ram.

Reply | Quote

Nevermind, Looks like the link that mledman posted above covers that nicely.  Thx.

Reply | Quote

That CPU supports virtualization, but you may need to turn it on in the BIOS.

cheers, Paul

Reply | Quote

One thing, depending on what kind of hardware you’re on… moving the installation to a virtual disk isn’t strictly required. It is quite possible technically to keep its own whole physical disk or just a raw partition or two for the VM, it’s just that there’s very rarely any advantage to this compared to a virtual disk, and always significant disadvantages.

 

Of the various VM engines… I suppose they’ll mostly work but they do have slightly different feature sets.

VirtualBox has some performance disadvantages but has the seamless mode and easy file sharing if you enable all extensions, for a very smooth user experience. However, the extensions will need licensing – if it’ll be used by anyone other than yourself or for anything that might generate revenue, you’ll need to buy the commercial license for it from Oracle. Which wouldn’t be all that bad if you could just buy one, but they only sell in bundles…

KVM/QEMU has graphics acceleration, dynamic memory allocation (“balloon”), and all kinds of useful things, but is a bit tricky to configure. (The settings GUI doesn’t have all the options, last time I did this I the memory balloon feature for example had to be enabled using other methods.)

Xen… is thought to lag a bit behind for Windows guests, until recently didn’t have working free paravirtualization drivers but apparently now has, don’t know how good the current packages are. Excellent for Linux guests on a Linux host though.

VmWare… well which one? Notably some of the shortcomings in the free Player version would be sidestepped by storing the VM on a filesystem that does copy-on-write and snapshots already (btrfs or zfs)…

Reply | Quote

I am following up on my own post as I have just recently completed the above migration.  I wanted to again thank those that provided help as well as pass on further information for those that are thinking of a similar migration plan.

1. Ubuntu 18.04.2 is very solid and a good choice for those that have some knowledge of Unix.
2. My biggest problem was in disc management, moving terabytes of data from NTFS to ext4.  One of my drives failed in the conversion and I learned the hard way that you really need to take advantage of e2fsck -c -c.  While this check will take time, it will potentially save weeks and as a benefit prepare your drives.
3. Preparing my C: drive before Disk2VHD was very important.  Get your boot drive down to the smallest size possible.  Converting from VHD to VDI with VboxManage worked fine, but the above instructions missed the “–format vdi” parameter which was required on my Ubuntu system.
4. Increasing the size of my RAM and purchasing a larger SSD to host my Host Ubuntu and Guest PC images did significantly speed things up.  Both were fairly inexpensive.
5. My virtual box has a network connection for now which I plan to disable once windows 7 is no longer supported.  I have configured a host-only adapter to share the HP printer through “cups” which worked well.
6. Snapshotting VirtualBox, “Clonezilla” and incremental backups with rsync all work well and saved me more than once.  Clonezilla provided great support to take my original Ubuntu boot image and restore it onto a much larger updated mSATA boot drive.  Other than the above mentioned loss of a drive (and not being as prepared as I should) the process went smoothly, but was time consuming.
7. Thanks again for all those that provided pointers.  I didn’t know anything about Disk2VHD when I started and this was the key to making this all happen.

1 user thanked author for this post.

Elly

Reply | Quote

AJ42: I m curious about your point No. 5: I have understood and, please, someone correct me if I am wrong, that the connection to networks, including the Internet/Web, is via the communication’s layer of the host system, in your case Ubuntu Linux, so it should be as protected as the host itself from malware, unauthorized connections to external sites and the possibility of malware infections.

One thing explained here that I find very interesting is that, at the end of a VM session, one can save, not only the files and updates to pre-existing applications, or any new ones installed during the session, but the state of the virtualized system as well. Does this mean that, if ever, in some way, the VM version of Windows 7 actually gets infected, that unfortunate situation can be reversed by reinstalling a session saved before the infection occurred? And if so, does making an ISO back up offer extra protection?

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

So wrt #5, it is more to do with the attack surface.  Yes the Ubuntu host is the most outer defense, but if malware is installed because of a zero day bug in windows, it will be the windows virtual machine that gets attacked.  My plan was to move all internet traffic (surfing, mail, etc) to be accessed from Ubuntu and only keep the Windows 7 environment around for some specific Windows apps with internet access disabled (for example iTunes which I use for local backups, or Photoshop which while slow is usable).  In general I would disable the Windows 7 internet via virtualbox so those using the system could not be lazy, they would have to use the Ubuntu solutions.

I was able to configure a network connection between the Windows 7 Guest and the Ubuntu Host (without allowing access to the internet from Windows) to share a printer (as sharing USB devices is not possible).  So I can print from both environments.

The last question about machine state is part of my defenses.  You can both “snapshot” a running virtual machine and “image” the PC partition.  These get placed on a separate USB drive that is only powered on during a backup or recovery.  These certainly could be written to ISOs if you wanted.  Any infection can be cured simply by restoring a previous (prior to infection) snapshot or image.

I know my approach has weaknesses.  I am relying now on Ubuntu to be maintained and updated for security patches.  I also know that attacks to and from the Win 7 Guest VM are still possible, but I have eliminated some of the potential attack vectors by limiting network traffic to only be on the Ubuntu side.  Lastly with good backup/imaging procedures on both the Ubuntu host and Win 7 Guest VM I feel I have some way to manage my risk.

1 user thanked author for this post.

OscarCP

Reply | Quote

OscarCP wrote:

I have understood and, please, someone correct me if I am wrong, that the connection to networks, including the Internet/Web, is via the communication’s layer of the host system, in your case Ubuntu Linux, so it should be as protected as the host itself from malware, unauthorized connections to external sites and the possibility of malware infections.

There are several ways to do this in a VM.

1) You can have the VM completely disconnected from everything, of course. This means no network-based file sharing, so you’re relying on the VM product-specific file transfer methods.

2) You can have a local virtual network that isn’t on any actual hardware. Only the host and guest can be on this network, naturally. Very secure if you don’t route any other traffic into it.

3) You can have the host behave as a router to the internal virtual network – typically with NAT enabled so outside devices don’t see what’s on the inside. You can easily have firewalls on both the host AND on the guest, and guest traffic will have to pass through both…

4) You can have the guest “piggyback” as a second address on a NIC. You know, “alias” style, except the alias is the guest. Still have host do the majority of the work. Not available in all VM products.

5) You can have a dedicated NIC for the VM. Not available in all VM products, possibly requires hardware virtualization support, host doesn’t know what the guest does, don’t have to be on any same networks.

These aren’t mutually exclusive, well, except the first one…
If you do BOTH 5 and 3, you can run a locked-down OpenBSD in the VM and have that be your edge router, heh.

OscarCP wrote:

One thing explained here that I find very interesting is that, at the end of a VM session, one can save, not only the files and updates to pre-existing applications, or any new ones installed during the session, but the state of the virtualized system as well. Does this mean that, if ever, in some way, the VM version of Windows 7 actually gets infected, that unfortunate situation can be reversed by reinstalling a session saved before the infection occurred? And if so, does making an ISO back up offer extra protection?

Well usually, by default the VM state is direct to virtual disk, so you default to saving all changes on disk. As in, the entire guest disk is a single file on the host disk, and you don’t even get direct access to individual guest files.

You can force-hibernate the guest, saving guest RAM to disk as well. May need to mind the guest system clock if you do that though…

Some virtual disk file types have builtin support for incremental changes so you can save multiple sessions in a single file, depending on the VM product.

You can backup and restore the virtual disk file as a normal file, though mind that while the VM is running, the file is held open for writing by the hypervisor… well unless the guest is running off a read-only disk. (The locked-down OpenBSD VM from a previous example might be.)

Reply | Quote

mn- : ” You can backup and restore the virtual disk file as a normal file, though mind that while the VM is running, the file is held open for writing by the hypervisor ”

Could one simply restore to the host’s HD a backup to an external HD of the VM file from an early session, before the guest system got into trouble, and do this when the VM is not running, to keep the hypervisor out of it? In other words, using the backed up VM session  file as sort of “super restore point” (data + OS), only one that is kept in external storage? Not being able to get individual files back from the saved VM session file is not an issue. This is not meant to be a regular data backup.

My question was also about any comparative advantage of doing this over doing a regular Macrium restore.

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

OscarCP wrote:

Could one simply restore to the host’s HD a backup to an external HD of the VM file from an early session

Yes. The entire machine, hardware, files etc are contained in the VM file and you can copy it to different physical machines and fire up the VM.
VM snapshots are just a way to easily revert to a point in time quickly, without having to restore a multi GB file.

cheers, Paul

Reply | Quote

[Ascaris]

OscarCP wrote:

I have understood and, please, someone correct me if I am wrong, that the connection to networks, including the Internet/Web, is via the communication’s layer of the host system, in your case Ubuntu Linux, so it should be as protected as the host itself from malware, unauthorized connections to external sites and the possibility of malware infections.

Not as protected as with Linux, but more than you would be with bare Windows.  It depends on the attack vector of the malware in question.  If the person is tricked into running a tainted .exe, the VM will be infected as easily as a physical machine… maybe.  Some malware detects if it is running on a VM and disables itself it it is, so that security researchers have a harder time getting it to do its thing and find out how it works.  The VM software I use, VirtualBox, does not attempt to hide that it is a virtualized environment… the virtual video card is called VirtualBox VGA adapter, or something like that, for my system at least.

If the malware is like some of the recent ones we’ve heard of that send requests for various protocols across the internet and hope from a reply from someone running the vulnerable version of Windows, the request hits the Linux networking stack, and if it’s a Windows vulnerability, it stops at that point.  The VM is not exposed on the net itself, a lot like being behind a NAT router, which you may also be.

OscarCP wrote:

One thing explained here that I find very interesting is that, at the end of a VM session, one can save, not only the files and updates to pre-existing applications, or any new ones installed during the session, but the state of the virtualized system as well.

You can suspend the VM, so that everything restores just as you had it, like hibernating a system natively.  In this mode, it takes only a few seconds to start the VM and start using it.  That’s a full save state, including the state of the RAM in the VM.

The other option is to shut down the VM when you’re done.  The next time, you will have to boot the VM as from a cold start, which takes longer than the suspend save state.  When it starts, the virtual hard drive will be in the same state as when you shut it down, but it would be like booting any other computer… anything in RAM that had not been saved would be lost.  Any new programs you had installed, changes you made to the configuration within the VM, etc., would be just as you left it.  There is no option to “just” save the state of your files, though you can easily accomplish that too by adding a step, described below.

Those are the same options you get when shutting down a physical PC.

Does this mean that, if ever, in some way, the VM version of Windows 7 actually gets infected, that unfortunate situation can be reversed by reinstalling a session saved before the infection occurred? And if so, does making an ISO back up offer extra protection?

You would not have to reinstall anything– when it comes time to start the VM, just choose a snapshot earlier than the one where you think you got the malware.  If you got the malware just a minute ago, you could easily roll back to the same snapshot you used to start that VM session, and the malware would be gone.

The way that I use Windows VMs (Windows guest, Linux host) is to first get Windows installed the way I want it, with all of the programs I expect to use and all of the settings I wish to have applied, then take a snapshot of that state (full snapshot, including memory state).  I call it something clever like “Win7 initial install.”

Every time I want to use the VM, I select “Win7 initial install” and have it restore the full state of the guest.  I use it for whatever I wish, then think about whether I downloaded or wrote anything I want to save.  If so, I put that on a USB stick or a network share, then shut down the VM and tick the box for “restore initial machine state” or whatever it is that it says.  That means it will throw out all I have done for that session and roll back to the same way it was when I started.  If I made a mistake and messed up the configuration, picked up malware, etc., that corrects it, possibly before I knew anything was wrong.

If I discover that there is a program I want to install and be part of the VM state, I will first do the above shutdown procedure if the VM is already in use, then restart it from the same point as before (“Win7 initial install,” in this example).  I then install whatever it is I need, reboot if necessary, which it probably is, and then take another snapshot to use from that point on.  It would be called something like “Win7 with New Program,” where New Program is the name of the new program.

I don’t use VMs very much, though, and when I do, I seldom need to save anything locally.  Depending on what you are doing in Windows, that may not be true for you, so a constant persistent machine state may be what you want.  In that case, you can simply take a snapshot each time you want to preserve that VM’s state.  Each snapshot is a point you can roll back to if you need, and you can think of it as being like a Macrium Reflect image, except that you can also have it save what is in the RAM, your open programs and what not.  Creating a new snapshot is as quick and easy as creating a new restore point in Windows, and certainly that is a lot faster than doing a full disk image.

This way offers the same protection as using Windows 7 natively and doing lots of backups.  You would have to discover the malware in order to take action, and all of the stuff it may have done from the time you got infected to the time you discovered it may be significant.

By contrast, if you roll back to the same point you started from at the end of each session, any malware is removed whether or not you knew it was there.  It will only have had the time between infection and when you shut down the VM to do its bad stuff, which in my case is generally less than an hour.  It only takes a few seconds to open a VM and be ready to go, so I just shut it down and open it again later if I need it again.

On top of that, I know that I am going to wipe the session when I am done, so I don’t save data in the VM’s virtual hard drive.  If I knew I was going to let the state persist, I would be tempted to save things there, and that means if I ever picked up malware, there would be more stuff for it to steal.  My Windows 7 VM has nothing but a few programs in it, and the version of Firefox installed into it has one saved password, itself protected by a strong master password.  Ransomware would be useless; there’s nothing of value for it to ransom.

Ok, the site randomly decided to exit the edit mode and post that message.  I’m not done just because it’s really long, WP!

Keyloggers would not have much to record, as I don’t do any browsing or typing in the VM except for that one site that requires Windows for the Java applet to work.  All it could get would be my Firefox master password, which is not used anywhere but in that VM, and if it grabs that, it would have to have the ability to use that password to unlock my password store (Firefox encrypts the password list if you use a master password).  It is not likely the malware would be written to do that, and the odds would be against it even if it was, as when I am using that site, I start the VM, go right to their site, log in with master password, log in the site, do my thing, close the VM.  There would not be any plausible way for the malware to get into the VM between the start time and me typing the master password… it’s under a minute, and the only site I go to is the one that already knows my password.

It is a barebones FF install in my VM other than the Java plugin and that one saved password.  I don’t even have the background color set to something other than white, which hurts my eyes.  It would make me nuts to try to browse with it that way, which is why it is that way.  I want it to be dead obvious I am in the VM browser, in case I somehow forget.

Botnet malware would only do anything if the bot was set to immediately spring to life and start doing something.  Botnets often lie in wait, with compromised machines giving no sign that anything is wrong, waiting for the signal to be sent by someone, at which time the bots will do what they do… DDOS, whatever.  If it’s for the purpose of spam relaying, it could begin it at once, but it would only last until the VM is shut down.

The gist of this is that even if malware does somehow get into my VM, the odds of it doing harm before it is wiped is not very high.  It’s only a tool for those rare times when I need Windows for something that WINE or Linux can’t do, and there haven’t been many.  WINE is improving at a much faster pace now than it was before, thanks in part to Valve/Steam.

Dell XPS 13/9310, i5-1135G7/16GB, KDE Neon 6.2
XPG Xenia 15, i7-9750H/32GB & GTX1660ti, Kubuntu 24.04
Acer Swift Go 14, i5-1335U/16GB, Kubuntu 24.04 (and Win 11)

• This reply was modified 5 years, 8 months ago by Ascaris.

Reply | Quote

? says:

i’m getting ready to “migrate,” my ubuntu install(s) to overwrite the win7’s when eol comes around. can i do:

dd if=/dev/sdX of /dev/sdY bs=64k conv=noerror,sync

without any other shenanigans?

Reply | Quote

Well, that has some potential for trouble if you’re running off either of the disks… but it’s quite safe if you’re running in read-only mode and are going to remove or wipe the source disk before booting off the new disk.

Most modern Linux distros by default use stored device / filesystem id instead of hardware path, after all, and dd copies those too.

Reply | Quote

? says:

thank you, mn-

i just fscked (sudo badblocks -v /dev/sdaX,Y,Z > errors.txt) the partitions on the linux i am going to clone and the blocks are in order, then i cleaned up the /etc/fstab and the uuid’s are correct, so all i have to do now is wait for the last win7 update then wipe, partiton and dd. all without any third party help (save for your kind reply.) too bad windows is not as user friendly as linux!

Reply | Quote

? says:

got bored so i moved one of my win7 pro’s from a cramped 40 gig ide hdd (windows started life at 4GB and has swelled to over 20GB from updates with nothing else but the stripped down os) to a wd red sata III 750GB spinner. i was going to use dd but made a Clonezilla cd instead (i don’t want to burn down my few remaining win 7’s, yet ’cause i am still in love with 7.) Clonezilla is great! it took a total of 11 minutes to work it’s magic. the only hiccup was the set dirty bit when i fired it up. chkdsk came up clean after it fixed a few mft errors probably from all the machinations i put the wd disk through when it failed after i changed the drive letter (i could still get in through task manager but not into the registry and changing the drive letter back from the recovery disk would not stick.) i ran the clonezilla in expert mode because i wanted the whole space for the 486GB’s of itunes music i have on a 1TB passport without having to jack with partitioning. anyway i wholeheartedly recommend Clonezilla, and yes it is open source (free.)

Reply | Quote

Ascaris, Thank you for the very detailed answer. It pretty much answers my questions in full. I find the answers also very encouraging, as they are what I was hoping they would be.

One thing that has occurred me just now is that, since I already have the install of Windows 8.1 saved on a DVD, I could give that a try in a virtual machine, to see how I like it. This brings up three questions, probably naïve ones, but I think also of interest in the context of this current thread: (1) Could and should one patch a a version of Windows (e.g. 8.1) running on a VM? Probably not all the Security patches would be necessary, but some, for example for Adobe Flash, may still be useful to have, as well as those remedial ones for Windows itself. (2) Could and should one use an AV in a VM? (3) Can one back up to an external disk or other storage media files one creates oneself on a VM? For example, I write software I need and for which there is no commercial or otherwise available alternative, and when this software is meant to be run on Windows machines, with the Windows’ system calls in it, I have to write it when running Windows. Naturally, I would like to save this work, so it does not evaporate when I turn the VM off.

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

Certainly I would update it the same as I would a physical machine.

As Paul T noted, it’s your choice whether you roll back or not.

If you were running my Virtualbox VM (Win 7 guest, Linux host), and you clicked the X to close the guest window, this is the dialog you would see:

The first option saves the full machine state, so you can pick up exactly where you left off next time you run the VM, like hibernating a physical PC.  The second one triggers a Windows shutdown, and the VM will close as soon as the shutdown finishes, like shutting down a physical PC.  The hard drive state will still be retained seeing this option, also like shutting down a physical PC.  You’ll have to boot a new session when using that option, but it won’t roll back.

The third option is like pulling the plug from the PC, which you would not usually do unless the PC has locked up and will not shut down normally.  Now, if you check the “Restore Current Snapshot” box before you use the third option, it will restore the VM to the same state it was in when you started it.  It remembers the last option you use, so in my use case, all I have to do is click the X to shut down the VM window, then hit “Ok,” and it will shut down in a few seconds.  It’s terrifically convenient to get to a known clean state each time if that is your wish.  If you want to save the machine state, make sure the top option is selected and hit Ok, and the next time you go to shut down the VM, it will have that as your preselected option.

Note that if you save the machine state each time you shut it down, it makes Windows 7 a more iffy proposition after it goes EOL than it would be if you rolled back each time.  You may wish to use 8.1 or even 10 in the VM if you need to have a persistent state, since it’s the rollback that makes the VM such a neat thing for security on an unsupported OS.

Dell XPS 13/9310, i5-1135G7/16GB, KDE Neon 6.2
XPG Xenia 15, i7-9750H/32GB & GTX1660ti, Kubuntu 24.04
Acer Swift Go 14, i5-1335U/16GB, Kubuntu 24.04 (and Win 11)

1 user thanked author for this post.

sveldkamp

Reply | Quote

1. You should always update the software on your VM, unless you are testing something.
2. AV is also a must. Windows defender is free.
3. VMs can access external devices or possibly share space on the host. Depends on the VM software.

Turning off your VM does not remove any changes / files you’ve written unless you have set it to do so. The default is work like a normal machine and save everything to the VM image.

As a software developer you should always have a VM for testing at a minimum.

cheers, Paul

1 user thanked author for this post.

OscarCP

Reply | Quote

Thanks Ascaris and Paul T.

I am particularly interested in the creation of incremental backups of my present VM OS state together with my data (files that I’ve created, or copied from elsewhere) in an external drive, regardless of whether this has to be done in one or in two steps, so I can later roll the VM back to how things were at an earlier time, as far as he OS itself is concerned. And to a time not necessarily that of my last session, because  a problem might develop in one session, but not be noticed until several sessions later. For example, every time I patch Windows I create a restore point, to go back to the previous “unpatched” state of the system, if a problem caused by a bad patch revealed itself later on. That removes any changes to the OS, including any software installed after the creation of that restore point, with entries in the Registry. But when doing things like this, I still retain also all of the data files added by me after the patching, something that might not be possible to do in such a simple way when running Windows on a VM. So I might need to make a separate incremental backup to an external device of my data, perhaps using the backup utility of Windows.

Assuming the following could also be done, a less safe, but more convenient alternative to the above procedures might be to create Windows proper “restore points” in the VM itself, and have them saved, somehow, on the PC’s hard disk, from where they can, also somehow, be used to refresh the Windows OS and it alone, on the VM.

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

Sorry, I need to correct the first paragraph above, but it is now too late to edit it, from “I am particularly interested in the creation of incremental backups of my present VM OS state together with my data (files that I’ve created, or copied from elsewhere)” to “I am particularly interested in the creation of backups of my present VM OS state as well as of my current data  on it (i.e. all of my own data files, including those I’ve created recently, or copied from elsewhere).”

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

Save your data files outside the VM, but away from your normal data.
Now you can have a steady state VM for consistency.

If you want to save a VM at a particular point – for a reference perhaps – then take a snapshot at that point. The snapshot will be available to roll back until you delete it.
Note: snapshots consume disk space, so make sure you have plenty spare.

cheers, Paul

1 user thanked author for this post.

OscarCP

Reply | Quote