Arch-VMs.md

Setting Up Virtual Machines on Arch Linux with Hyprland

Running virtual machines (VMs) on Arch Linux, especially with the Wayland compositor Hyprland, is straightforward and supports both GUI and CLI workflows. Here’s a step-by-step guide focused on KVM/QEMU/libvirt, which is well-supported and integrates cleanly with both X11 and Wayland compositors like Hyprland.

1. Check Virtualization Support

Before proceeding, make sure your CPU supports virtualization and it's enabled in your BIOS/UEFI.

lscpu | grep -i virtualization

Look for VT-x (Intel) or AMD-V (AMD). If you see no output, enable virtualization in your BIOS.

2. Install Virtualization Packages

Use the following command to install everything you need, including a GUI manager (virt-manager), on Arch Linux:

sudo pacman -S qemu-full qemu-img libvirt virt-install virt-manager virt-viewer edk2-ovmf dnsmasq swtpm guestfs-tools libosinfo tuned

• qemu-full: Core emulator
• libvirt: Management layer
• virt-manager: Graphical management interface
• edk2-ovmf: UEFI support for VMs
• dnsmasq: Network, DNS and DHCP
• swtpm: TPM emulation (for modern OSes)
• guestfs-tools/libosinfo/tuned: Additional helpers/tools

3. Enable and Start Required Services

Enable and start the libvirt daemon:

sudo systemctl enable --now libvirtd

Add your user to the libvirt group (replace yourusername):

sudo usermod -aG libvirt yourusername

Logout and log back in for group changes to take effect

4. Configure Networking (Optional)

Setting Up Isolated (Host-Only) Networks for VMs on Arch Linux with Libvirt/KVM

Creating an isolated network with libvirt provides functionality similar to VMware's host-only network: your VMs can communicate with each other (and optionally with the host) but are completely cut off from external networks, giving you a safe environment for malware analysis or experiments.

What Is an Isolated Network?

• Only the host and VMs on the same network can communicate.
• No access to LAN or Internet.
• Perfect for malware analysis: malicious code can't escape and affect other systems[1][2][3].

Step-by-Step: Create an Isolated (Host-Only) Network

1. Prepare a Network XML File

Libvirt uses XML files to define virtual networks. Here is a template for an isolated, DHCP-enabled network:

<network>
  <name>isolated-net</name>
  <bridge name='virbr2' stp='on' delay='0'/>
  <ip address='192.168.110.1' netmask='255.255.255.0'>
    <dhcp>
      <range start='192.168.110.10' end='192.168.110.254'/>
    </dhcp>
  </ip>
</network>

• Change name, bridge name, ip address, and DHCP range if needed.
• Save this as isolated-net.xml[4][2].

2. Define the Virtual Network with Libvirt

From the terminal, run:

sudo virsh net-define isolated-net.xml
sudo virsh net-autostart isolated-net
sudo virsh net-start isolated-net

• net-define registers your new network.
• net-autostart ensures it activates at boot.
• net-start brings it up immediately[2].

3. Attach VMs to the Isolated Network

When creating or editing a virtual machine (with Virt-Manager or via XML/CLI):

• Assign the VM's network interface to isolated-net (as seen in the XML above).
• In Virt-Manager:
• Go to the VM's "NIC" settings.
• Set "Network source" to isolated-net (the name you defined).

4. Verify Network Isolation

• VMs attached to this network can talk to each other and the host (via the virbr2 IP).
• They cannot communicate with your external network or the Internet. Test by pinging an outside address; it should fail.
• Host access to VMs (optional): If you need the host to talk to the VMs, use the network bridge IP (e.g., 192.168.110.1). If you want full isolation (even from the host), do not assign an IP on the host-side bridge and use only static addresses in guests[5][3].

5. Advanced: Multiple Isolated Networks

You can create several isolated networks (e.g., one for malware, one for clean analysis) with different bridge name and subnet settings—helpful for controlling malware spread or simulating multi-segment labs[6][7].

GUI Option (Virt-Manager)

• Open Edit → Connection Details → Virtual Networks → + (plus sign).
• Select "Isolated network" when prompted.
• Assign a subnet and DHCP range, or disable DHCP for full control.
• Apply and then attach VMs to it as described above[7].

Commands Reference

5. Create a Virtual Machine

You can use virt-manager (GUI) or virt-install (CLI):

Using Virt-Manager (Recommended for most users)

1. Launch Virt-Manager: bash virt-manager
2. Click the Monitor+Star icon to create a new VM.
3. Follow the wizard to:
4. Select ISO media for OS installation.
5. Choose RAM and CPU settings.
6. Set storage size.
7. Name your VM and pick networking options[4].

Using CLI (virt-install)

For advanced users, you can use the CLI tool:

virt-install --name vmname --ram 4096 --vcpus 2 --disk size=40 --cdrom /path/to/installer.iso --os-variant detect=on,name_of_os

6. Hyprland Compatibility Notes

• 3D Acceleration: If you plan to run a graphical guest (like another Linux with a desktop), especially with Wayland compositors like Hyprland, ensure "3D acceleration" is enabled in the VM configuration.
• For Virt-Manager VMs: Open VM settings → "Video" → Enable 3D acceleration.
• Performance: Performance may be lower than bare metal, especially for wayland compositors inside VMs
• Wayland quirks: For seamless clipboard and file sharing, install spice-vdagent inside your guest.

7. Alternatives: VirtualBox and VMware

• VirtualBox: Popular, beginner-friendly. Install with: bash sudo pacman -S virtualbox virtualbox-host-modules-arch Install the matching extension pack and add your user to the vboxusers group. Enable 3D acceleration in settings for Wayland guests
• VMware: Also supported on Arch but may require more setup and manual kernel module management

Quick Tips for Hyprland VMs

• Make sure to enable 3D acceleration for Hyprland-based guests—otherwise, the graphical environment may fail to start

Further reading and troubleshooting: The Arch Wiki and the Hyprland documentation are excellent resources for deep dives, tips, and advanced VM features