Disposable VMs

Software & Operating Systems Linux
1

Hello,

Is there any software that could let me run a disposable VM to open just a chrome window, browse the internet and destroy itself when I’m done with it?

Right now I’m using virt-manager to run ubuntu live cd, but the live cd booting and etc. just takes too long for me, and I also have to keep an eye on the iso image and update it from time to time.

I looked into ubuntu/canonical multipass but I couldn’t get it to work on my desktop (ArchLinux with KDE), I’m also not really sure if its meant for the desktop flavor of ubuntu.

2

Maybe Tails os is for you?
https://tails.boum.org/install/index.en.html

1 Like
3

Or check out QubesOS

4 Likes
4

Curious as to what will be the use of this…

5

@mixufin
I already know about it, but they are too much about anonymity and etc. All I want is vm with chromium and ublock.

@Trooper_ish
I would have to run it as my main OS… right?

@Automobili3XF
Watching porn

3 Likes
6

Right on mate :rofl:
If you’re serious, i just use DuckDuckGo on my phone for that purpose

7

“porn”

I’ll never get used to people watching video on their phones.

Even the tablet sized monstrosities they do nowadays

1 Like
8

Its doable, i’m not gonna delve into the details, but its doable.
I’ve watched whole movies on my phone on certain occasions, like long bus trips.

1 Like
9

Docker container? Can probably script a ubuntu instance and start chrome.

2 Likes
10

How about snapshots?

Install a distro, setup chromium to autostart, install unlock. Shutdown the VM, take a snapshot. Then you can use the VM, and when you are done, rollback/revert to the snapshot.

11

I’m with @exee. Docker sounds perfect for this use case. Stumbled across a decent guide here

12

@exee @BigBlueHouse
Thanks, I’ll look into it, however the vm still feels a bit more secure since it’s not sharing the same kernel and has no access to the host file system, also the “–privileged” flag for docker flag looks kinda scary : /

@TheCakeIsNaOH
It still requires me to update the system from time to time.

Right now I’m considering scripting some wrapper that would work as a system daemon and would rebuild some custom init ramfs + kernel from time to time and provide some short command to tell virtd to spin up a direct kernel boot VM… however there must be a better solution out there, what I’m thinking about has to be overkill.

13

Boot up the VM, run sudo apt update && sudo apt upgrade, shut down the VM, make a new snapshot. If you enable ssh in the VM so as to run the update, it should be simple to make a shell script so you can do it in one command.

14

This is where something like Deep Freeze works wonders.

Even if it’s in a VM, it still can restore from a known good state or image.

15

Chrome already does a ton of sandboxing and security stuff.

And most of the exploits these days are done by asking the GPU to render something and exploiting a gpu driver bug… which can work even for VMs.

You may want to have a look at a combination of github.com/google/detangle (which automatically opens websites in a correct profile) and uMatrix/uBlock origin for “filthy casual” browsing, and either a separate machine on a separate network or maybe passthrough where you want airgap like security.

16

Borrow a friends computer.

17

I don’t have any friends.

1 Like
18

Ubuntu can be set up to run fully unattended updates.

This is a lot of thought for some pornography though… Surely theres a better way.

19

for

I dare you…

20

Isn’t a full blown VM overkill for running one browser?

https://distrowatch.com/weekly.php?issue=20160222#tips

For those opposed to going to Distrowatch:

Typically, when we want to run an application inside a Firejail sandbox, we can simply run the firejail command and pass it the name of the program we want to run. For example, we can launch Firefox using

firejail firefox
1 Like