virtualbox

VirtualBox: Mom please stop getting spyware (Cheap VDI)

While I normally am able to avoid the desktop support role there is one person out there who guilts err.. convinces me to help her out. My mom.

I’m not going to sit here and bash my moms computer skills, in all actuality she is pretty good with a computer. In the past she figured out how to add a printer and print something with Ubuntu by herself.

The problem is my mom is a Windows user and she is the typical user who receives questionable emails and goes to certain sites that promise you win things but only infect your OS with spyware.

The last time I had to clean up her computer I decided to dual boot it with Ubuntu in order to prevent her from getting spyware. That endeavor was thwarted by the hands of Quickbooks, Tax Programs and Facebook games.

The problem I have with fixing my mom’s computer is that every time she needs it fixed either she has to bring it to my house or I have to go to hers. This usually ends up taking a good day or so and honestly while I like visiting my mom I don’t like having to spend the time fixing her computer. This also could mean she is without a working computer for weeks if I am travelling. 

So yet again (several years later) I find myself having to fix my moms computer, but this time I’m getting creative.

The solution to my headache:

My goal is to install a Linux OS and use VirtualBox to create a VM Guest with Windows Vista (it’s what she has..). Since the Windows VM Guest is doomed to be infected with spyware I am going to keep a clean install in a VM Guest powered off and use it as a template. This also has to be setup so that it is easy for my mom to use.

Getting Linux Ready

I’ve decided to use Ubuntu for this exercise because its quick to install, easy, a good OS in general, and my mom has some familiarity with it, in case she ever has to use it she can.

I did a plain default install of Ubuntu, then installed VirtualBox with apt-get.

# apt-get install virtualbox-ose virtualbox-guest-additions

VM Setup

I’ve decided to first create a template VM that I can clone. I am doing this because my mom seems to have a knack at getting spyware/virii/malware on her computer. I plan to use snapshots to create backups but if her Windows system ever gets hosed beyond the backups than I have a quick option of recreating the VM by cloning the template.

To create the template I must create a new virtual machine, the process is no different from any other VM creation. Rather than reinvent the wheel and guide you through installing Windows in a VirtualBox guest I am going to send you to a good tutorial I found Creating a Windows XP guest in VirtualBox for Linux.

*** I didn’t use this tutorial I only skimmed it

Once I had the OS loaded, Guest Additions installed, and connected her external hd to the guest I went ahead and installed some basic applications that I know my mom uses (i.e firefox, ad blockers, windows security). At this point the virtual machine is ready. I could give this to my mom and she can use it, but before that I am going to create a template from this virtual machine in case I ever need to completely re-OS or re-deploy her Windows Desktop.

VM Cloning

To utilize the VM as a template I will first power it off and use cloning to create a VM. My mom will then use the VM as her desktop leaving the original VM Guest powered off ready to be cloned again if need be.

VirtualBox doesn’t have a fancy right click > clone like other (normally higher end) virtualization technologies. Or at least the version that ships with Ubuntu does not. To create a clone you can use the VBoxManage clonevdi command.

# VBoxManage clonevdi Template.vdi WinVista.vdi

The above command will create a new copy of the .vdi file; a vdi file is the Virtual Disk Image file that contains all of the virtual machines configuration and disk storage. Essentially everything about this Virtual Machine is stored in the .vdi file.

After the clone is complete I added a new virtual machine which asks if you want to create a new disk or use an existing. I elected to use WinVista.vdi (the clone vdi). After answering some basic questions I started the new virtual machine and everything was setup just as it was on the template.

Starting the VM on boot

At this point I now have a Windows Desktop that my mom can use running in a VM but before I call this finished I want to have the Windows desktop to appear to my mom without any effort. To do this I added the command VBoxManage startvm “Windows Vista” as a new entry to System Settings > Startup Applications.

# VBoxManage startvm “Windows Vista”

Now when my mom boots the computer up she will see an Ubuntu login screen, once she logs into that system she will get a full screen Windows Desktop. She will still see the VirtualMachine management bar but I don’t mind my mom seeing that as she wont mess with settings she doesn’t understand. 

I’m sure there are other ways to make the full screen VM show up without my mom having to login to Ubuntu but I elected to take the easy/lazy way out. This also gives my mom the option of closing the VM and going into Ubuntu in the off chance she needs to do anything on the host OS.

Tasks for later

Before giving the computer back to my mom I also set openssh-server to start on boot so that I can manage the VirtualBox setup remotely.

# apt-get install openssh-server
# update-rc.d ssh defaults 

I will also remotely setup backups using a script and VBoxManage to create and rotate periodic snapshots of my moms desktop; maybe that will be another post.

The Benefits

After my mom starts using the Windows Desktop I’ve setup for her with VirtualBox; I can now rest easy knowing that if my mom gets her system infected again I can do any of the following.

  • Restore from recent snapshot - 15 minutes
  • Restore from weekly snapshot - 15 minutes
  • Deploy fresh image by cloning the template - 30 minutes

And the best part of this; I can do all of these tasks from anywhere with an internet connection. Not to mention that with snapshots I can upgrade her version of windows and if any of her programs don’t play nice I can revert it in a matter of minutes using snapshots from the comfort a local coffee shop.

How to run VboxWebSrv as a service on Windows 2008

I have recently install Virtualbox on a Windows 2008 Server along with phpvirtualbox web interface.

The installation of phpvirtualbox is straight forward and since IIS 7.0 support PHP you don’t need to do anything acrobatic in order to make it work.

The problem is that the VboxWebSrv, which is actually the Virtualbox Web Service has not any builtin method to run as a service on Windows 2008 (or 2003), so you have to either run it every time you want to manage your VMs with phpvirtualbox or try to run it as a scheduled task as mentioned here.

I thought I might find a way to run it as a service using srvany.exe that is included on the Windows 2000/2003 Resource Kit, but unfortunately Microsoft has not release the Windows 2008 Resource Kit yet (and I don’t think it will do).

So after a little research and some try-and-error I found the NSSM - the Non Sucking Service Manager, which is a great srvany replacement with 64bit support as well.

So considering what someone has mentioned about actually using a bat file for running the vboxwebsrv and not the actual vboxwebsrv I created the following bat file

set HOMEDRIVE=C

set HOMEPATH=\Users\username

"C:\Program Files\Oracle\VirtualBox\vboxwebsrv.exe"

copied it at my Windows folder together with the 64bit nssm executable and I ran nssm install “Virtualbox Web Service”.

The rest is easy enough as hitting "Browse" and finding the bat file on your windows folder and then hitting "Install Service".

That’s it!

After a net start “Virtualbox Web Service” I was able to manage my VMs through phpvirtualbox.

If you also want your VMs to start and stop (or save their state) automatically on boot and shutdown of your Windows 2008 Server host, you should use VBoxVmService. Just follow the instructions and you will have your VMs running seconds after your server boots.

And if you are more of a Linux guy (or girl) you can use VBoxTool for booting and shutting down VMs on host boot and shutdown and builtin vboxweb-service for the Virtualbox Web Service (instructions to correctly settup vboxweb-service for use with phpvirtualbox)

2

i’ve just started to look over this book, data science at the command line, and something really interesting caught my eye… for the examples and tools used in this book the author has created some sort of downloadable virtual environment/image with the use of vagrant. vagrant? a virtualized machine sort of jailshell sort of environment?

via the vagrantup.com website:

Run a single command — “vagrant up” — and sit back as Vagrant puts together your complete development environment. Say goodbye to the “works on my machine” excuse as Vagrant creates identical development environments for everyone on your team.

looks interesting…

Slow text consoles on Ubuntu running on Virtualbox...

Every time I need a new Ubuntu server virtual machine I come across a the nuisance of having slow text consoles.

Many of the posts and solutions found on the internet are misleading and involve changing some GRUB settings and alter some boot parameters but it doesn’t work.

This behaviour is due to a buggy behaviour from a framebuffer driver when running on virtualization software and I’ve seen reports that this also happens under Xen and QEMU.

To solve this problem you just have to blacklist the vga16fb kernel module and reboot.

To do this, you just:

$ sudo su -
<Enter password> 
# echo "blacklist vga16fb" >> /etc/modprobe.d/blacklist-framebuffer.conf
# reboot 

And there you go…no more slowness on your text consoles on Ubuntu.

This happens to me on Ubuntu Server 10.04 LTS but it can also occur on lower versions.

Protecting a Windows laptop with iptables

Background:

One night last week I sat down to tune up the native firewall running on my copy of Windows 7.  I quickly became frustrated with how long it was taking to point-and-click my way through the process of pruning back permissions.  Between the annoyance of finding entries that various installers had entered without my permission and seeing that almost every rule had triplicates to cover each profile (Private, Public, and Domain), I decided that there had to be a better way.

As much as I would love to cut the Microsoft-cord and live in a pure open-source world, some of my frequently used applications don’t come in Linux-flavor (iTunes, Guitar Pro, Visio, etc).  Occasionally, I also like to take my laptop to local LAN parties and get my Unreal Tournament and StarCraft II on.  Because of this, I am reliant on a non-virtualized Window operating system.  After some thought and research, I decided to create a virtual machine to act as a gateway/firewall for my host OS.

Preparation:

  • I first started by downloading and installing an updated version of Oracle’s VirtualBox virtualization environment.
  • I also grabbed the 64-bit version of the Ubuntu Server 11.04 ISO.  Debian or Fedora would have easily taken care of the job as well.

Install the VM:

  1. Create a new VM.

    image



  2. I have 16GB of RAM in my laptop, so I had no problem dishing out 512MB to the VM, but if you need to be more frugal with your memory, you’ll probably be fine with 128MB.
  3. I allocated 4GB to the dynamically-expanding virtual hard drive, but again, you could probably go as low as 2GB without problems.
  4. Removed the floppy device and disabled the audio.
  5. Set up the network adapters as listed below.

    image



    image



  6. Point the CD device at the Ubuntu Server ISO.
  7. Start the VM.
  8. Select “Install Ubuntu Server”.
  9. When Ubuntu asks which network interface to use as the primary, select “eth0”.  That will be Bridged Adapter.

    image



  10. Pick a hostname.
  11. I chose to format the disk using the quick “Guided - Use Entire Disk” method for simplicity sake, but you can partition it up however you want.
  12. When it comes time to set a username and password, note that if you configure the firewall the way I did, there will be no access to the VM’s operating system except through the VirtualBox window.  Because of this, I wouldn’t bother making an uber-secure 16-character password for this.
  13. Disable automatic updates (the VM will not have the ability to connect to the internet).
  14. Don’t select any packages.
  15. Wait for the install to complete.
  16. Answer ‘yes’ to the GRUB question.
  17. Reboot the VM.  Optionally you can shut down instead, remove the CD device, and start back up.

Configure the VM:

  1. Log in to the VM.
  2. Edit the network interfaces configuration file to include the following:
    sudo vim /etc/network/interfaces

    auto lo
    iface lo inet loopback

    auto eth0
    iface eth0 inet dhcp

    auto eth1
    iface eth1 inet static
        address 192.168.56.1
        netmask 255.255.255.0
        network 192.168.56.0
  3. Create the iptables firewall setup script.  Note that all scripts in the ‘if-up.d’ directory will automatically be run when a network interface comes up.  To allow incoming connections to reach your Windows OS, add space-separated port numbers into the FORWARDED_TCP_PORTS or FORWARD_UDP_PORTS arrays.
    For example, allowing a web server: “FORWARDED_TCP_PORTS=( 80 443 )”

    sudo vim /etc/network/if-up.d/iptables

    #!/bin/bash

    IPTABLES=/sbin/iptables
    IF_PUBLIC=eth0
    IF_PRIVATE=eth1
    HOST=192.168.56.2
    FORWARDED_TCP_PORTS=()
    FORWARDED_UDP_PORTS=()

    echo -n "Flushing existing iptables rules... "
    $IPTABLES -F
    $IPTABLES -F -t nat
    $IPTABLES -X
    $IPTABLES -P INPUT DROP
    $IPTABLES -P OUTPUT DROP
    $IPTABLES -P FORWARD DROP
    echo "DONE"

    echo -n "Setting up ingress rules... "
    # No inbound traffic allowed
    echo "DONE"

    echo -n "Setting up egress rules... "
    # No outbound traffic allowed
    echo "DONE"

    echo -n "Setting up the NAT... "
    $IPTABLES -A FORWARD -m state --state INVALID -j DROP
    $IPTABLES -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
    $IPTABLES -A FORWARD -i $IF_PRIVATE -j ACCEPT
    $IPTABLES -t nat -A POSTROUTING -s $HOST -o $IF_PUBLIC -j MASQUERADE
    echo "DONE"

    echo -n "Setting up forwarded ports... "
    for PORT in ${FORWARDED_TCP_PORTS[@]}; do
        $IPTABLES -A FORWARD -p tcp --dport $PORT -i $IF_PUBLIC -j ACCEPT
        $IPTABLES -t nat -A PREROUTING -p tcp --dport $PORT -i $IF_PUBLIC -j DNAT --to $HOST:$PORT
    done
    for PORT in ${FORWARDED_UDP_PORTS[@]}; do
        $IPTABLES -A FORWARD -p udp --dport $PORT -i $IF_PUBLIC -j ACCEPT
        $IPTABLES -t nat -A PREROUTING -p udp --dport $PORT -i $IF_PUBLIC -j DNAT --to $HOST:$PORT
    done
    echo "DONE"

  4. Add execution permissions to the script.
    sudo chmod +x /etc/network/if-up.d/iptables
  5. Configure the kernel to allow IP forwarding by uncommenting the line:
    "net.ipv4.ip_forward=1" in the sysctl configuration file.
    sudo vim /etc/sysctl.conf

  6. Shut down the VM and optionally take a snapshot.

Configure VirtualBox Networking

  1. In the main VirtualBox application, open up the network preferences (found in the File -> Preference window and under the Network section).
  2. Select the Host-Only Adapter and click the edit button on the right-hand side of the pane (looks like a screwdriver).
  3. Verify the IPv4 address is 192.168.56.1.
  4. On the DHCP Server tab, uncheck the “Enable Server” option.

    image



Configure the Windows Host Networking

  1. Open the Windows network adapters control window.  This will be labeled and in different places depending on your version of Windows.
  2. Right-click on your Wireless LAN and/or Wired LAN adapter and click properties.
  3. Uncheck or remove everything except what is shown in the image below.

    image



  4. Select the IPv4 protocol and click the Properties button.  Fill out the values to match the following image below.

    image



  5. Click “OK” twice to return back to the list of network adapters.  Right-click on the “VirtualBox Host-Only” adapter and click properties.
  6. Uncheck or remove everything except what is shown in the image below.

    image



  7. Select the IPv4 protocol and click the Properties button.  Fill out the values to match the following image below.  I have my own DNS server as the preferred server and the OpenDNS servers as two alternate servers (more than two DNS servers can be specified by using the “Advanced…” button).

    image



  8. Optionally, you could disable your native Windows firewall entirely unless you want to maintain application-level firewall rules.
  9. Press “OK” and you’re done.

Done!

With any luck, you should be able to start up your Firewall VM, minimize it, and go about your business on the interwebs.

I am defying the laws of Physics and Computers. I have Windows XP Running iTunes updating my iPad open in a VirtualBox, Running on a Ubuntu Host using Chrome to surf through Tumblr land. All on a 2-3 year old netbook that has three screws holding it together. I am waiting for the explosion. 

Postfix + Dovecot on Fedora 14 under VirtualBox な環境で、メール関連の開発をごにょごにょする

メール関連の開発を行っていると、テストでメールアドレスが必要になってくることがある。

それも、携帯(docomo.ne.jp・ezweb.ne.jp・softbank.ne.jp)の場合は、フリーで取れるわけでもないので、本番まではGmailなどのメールアドレスなどで代用していることが多い。

これでは開発環境と本番環境でプログラムに変更を入れる必要があり、開発側としては十分にテストしたつもりでも、「いきなり本番!」な気持ちでいっぱいになる。

出来れば開発環境と本番環境で同じプログラムを走らせたいもの。

であれば、メールアドレスを仮想的に処理してしまえば、テストアドレスをいくらでも作ることができ、本番までに十分にテストができると思う。

理想的には、以下な感じ。

  1. テストアドレス(test@docomo.ne.jp など)にメールすると、ゲストOSに届く
  2. 届いたメールはゲストOS上のメールアカウントで取得できる(MacのThunderbirdで閲覧できる)

このTipsはメールだけに限らず、メールアドレスをログインIDに使うようなサイト開発などにも役に立つと思う。

インストール

なにはともあれPostfixとDovecotをインストール

$ yum -y install postfix dovecot

Postfix設定

テスト用なので、ちゃんと動けばおけ。より厳密な設定とかは他のページを参考に。

肝はmynetworkで、VirtualBoxのホストオンリーアダプタのネットワークを許容するように設定していること

$ emacs /etc/postfix/main.cf
下記設定値を変更
myhostname = テストホスト名(例:mail.google.com)

mydomain = テストドメイン名(例:google.com)

myorigin = $mydomain

inet_interfaces = all

mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain

mynetworks = 192.168.56.0/24, 127.0.0.0/8

home_mailbox = Maildir/

下記設定値を追加
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_recipient_restrictions = permit_mynetworks
                               permit_sasl_authenticated
                               reject_unauth_destination

message_size_limit = 10485760

新規ユーザー用の対処

のちのちキョドらないように、ユーザーのホームディレクトリのスケルトンに、Maildirを追加しておく

$ mkdir -p /etc/skel/Maildir/{new,cur,tmp}
$ chmod -R 700 /etc/skel/Maildir/

既存ユーザー用の対処

$ mkdir -p /home/ユーザー名/Maildir/{new,cur,tmp}
$ chown -R ユーザー名. /home/ユーザー名/Maildir/

SMTP-Auth設定

$ emacs /etc/sasl2/smtpd.conf
下記行に#をつけてコメントアウト
#mech_list: plain login

SMTP-Auth用ユーザー追加

$ echo “パスワード” | saslpasswd2 -p -u テストホスト名(例:mail.google.com) -c ユーザー名

SMTP-Auth用ユーザー確認

$ sasldblistusers2
以下のように表示されればOK
ユーザー名@テストホスト名(例:mail.google.com): userPassword

SMTP-Auth設定ファイルパーミッション設定

$ chmod 640 /etc/sasldb2
$ chgrp postfix /etc/sasldb2

Dovecot設定

$ emacs /etc/dovecot/conf.d/10-mail.conf
下記行を追加
mail_location = maildir:~/Maildir

sendmail停止

$ service sendmail stop
$ chkconfig sendmail off

デフォルトMTA変更

$ alternatives —config mta
Postfixを選ぶ(初めてMTAをいれたのなら、2を押せばいい)

マシンブート時のサービス起動登録

$ chkconfig postfix on
$ chkconfig saslauthd on
$ chkconfig dovecot on

サービス起動

$ service postfix start
$ service saslauthd start
$ service dovecot start

ログの一時監視

サービスを起動したらちゃんと動いてるか、しばらくtailでログ監視する。

$ tail -f /var/log/maillog

Postfixバーチャル設定

次にPostfixで携帯のメールアドレス(docomo.ne.jp・ezweb.ne.jp・softbank.ne.jp)を受け取れるように、バーチャルホストの設定をする。

バーチャルのエイリアス設定

$ emacs /etc/postfix/main.cf
virtual_alias_maps= hash:/etc/postfix/virtual

$ emacs /etc/postfix/virtual
docomo.ne.jp anything
test1@docomo.ne.jp ユーザー名
test2@docomo.ne.jp ユーザー名
test3@docomo.ne.jp ユーザー名
ezweb.ne.jp anything
test1@ezweb.ne.jp ユーザー名
test2@ezweb.ne.jp ユーザー名
test3@ezweb.ne.jp ユーザー名
softbank.ne.jp anything
test1@softbank.ne.jp ユーザー名
test2@softbank.ne.jp ユーザー名
test3@softbank.ne.jp ユーザー名


$ postmap /etc/postfix/virtual

hostsの追加

$ emacs /etc/hosts
以下を追加
127.0.0.1    docomo.ne.jp
127.0.0.1    ezweb.ne.jp
127.0.0.1    softbank.ne.jp

サービス再起動

$ service postfix restart

Mac側の設定

Macではhostsに「テストホスト名」・「テストドメイン名」をゲストOSのホストオンリーアダプタのIP(ここでは192.168.56.101)で追加する。

ターミナルを立ち上げてhosts編集

$ sudo vi /etc/hosts
192.168.56.101  テストホスト名
192.168.56.101  テストドメイン名

あとはThunderbirdでゲストOSのユーザー名のアカウントを設定すれば、test1@docomo.ne.jpやtest3@ezweb.ne.jp宛のメールを送受信できる。

4

I’m currently installing Gentoo in virtual box. The documentation on their website is very well organized. Despite the extra steps I think it’s actually pretty easy.

This seems like a wonderful alternative to Arch Linux if you want to customize the hell out of your system.

However, the compiling of the Kernel is taking awhile and I’m not sure I want to sit it out to the end only to end up with Gentoo stuck on a limited virtual box. I’ll give it another 15 minutes and see where I’m at.

Update: I skipped a step somewhere prior to the kernel compiling which led to grub not functioning later on when I tried to reboot. I’ll try again tonight. I can see myself potentially ditching Arch Linux if this leads to even more micromanagement of my system :D

OpenBSD and VirtualBox are problematic

When I want to install OpenBSD on VirtualBox, get the following error:

Segmentation Fault

This weird error comes up in OpenBSD’s installation script. To fix this, you should not use VirtualBox GUI. You should run the following command in terminal:

VBoxSDL -norawr0 -vm OpenBSD

This command will run your virtual OpenBSD installation without weird Segmentation Fault errors.

Note that OpenBSD is my virtual machine name. You should change it with your VM name.

Yes, I am trying to port lpms to *BSD platform!

IE9, IE8 et IE7 en machine virtuelle sous Linux

image

La théorie

Amis Linuxiens, vous souhaitez avoir des machines virtuelles avec IE9, IE8 et IE7 ? Bien sûr vous ne comptez pas vous casser le cul pour ce navigateur de m… !

Eh bien ya un script (IEVMS) qui fait tout ça, légalement et automatiquement en récupérant les machines virtuelles fournies par Microsoft et en les convertissant pour pouvoir les faire tourner dans VirtualBox !

Mais ce serait trop beau si ça marchait du premier coup ! (mise à jour)

FATAL: Could not read from the boot medium! System halted

C’est le message d’erreur que vous aurez si vous lancez le script avec VirtualBox OSE 4.04 fourni par la distribution Ubuntu 11.04.

Il y a deux bugs, le premier n’étant pas bloquant. Le deuxième l’étant. Il n’est actuellement pas possible de faire tourner IE9 avec celle-ci.

La solution est donc assez simple : installer la dernière version de Virtualbox tel que présent sur le site officiel.

Lancez ensuite l’application comme décrite sur le site. Cela devrait fonctionner !

Note : j’ai notifié le projet du problème, peut-être le corrigeront-ils, Failing with Ubuntu 11.04 and IE9.

What I've been up to (technically)

Deleting the old XCode 3 and installing the newer XCode 4 freed up nearly 10 gigs of space on my always-full hard drive (I know, I’m a slow adopter of new things). So that meant I had some space for a virtual machine. Now I’ve done Ubuntu, Mint, Puppy, Jolicloud and all the rest of them. It was time for some more hardcore stuff - ArchLinux.

Took me maybe 10 hours in all to get where I needed to me. Everything done from scratch, which meant random errors. What threw me off, mostly, was Xcfe4 which didn’t run for some reason on VirtualBox’s video drivers. At least, I couldn’t get it to work. After a bit of trying (and lots of rebooting), I deleted it and installed LXDE instead. That worked fine. I’m actually not sure whether anything I did (changing the conf files) made any difference, or where the exact problem was, but I’m not going to bother about that anymore.

Then I spent some time trying to install colemak. I did eventually, it’s a layout variant apparently rather than an actual layout. I think it was some added line in the xorg.conf file. Maybe.

One thing I learned was to actually look through the logs carefully if errors pop up. It may sound obvious, but anyway, the specific errors helped greatly in the obligatory google searches.

Of course, I wasn’t satisfied with simply the basic LXDE theme. Downloaded the GTK theme Elegant through packer. Then I messed around with Conky. Downloaded the conky-colors, took me quite a while to understand what was going on. Even so, the background transparency wasn’t there (a visual setting should be set to ‘no’), and the sidebar cut off (changed the minimum size).

So I think I’m done for now. Like my many other computer ventures, I’d probably rarely touch the build again, but it’s all in the fun of the process. Did get to learn quite a bit about linux.

So I finally figured out how to get Grim Fandango to work on my Windows 7 64-bit machine.  It took a bit of work, but it’s worth it.  Here’s what I did (You need a windows xp disc/ISO and the Grim Fandango CDs):

1 - Install Virtualbox

2 - Set up a Windows XP guest with sound (I just gave mine 10 GB of space).  If you haven’t used Virtualbox before, don’t worry.  It’s pretty straight forward.  Just click “New” and follow the instructions.  Any extra stuff like sound is in the “Settings” area.

3 - (This one is optional but very helpful) With the Guest Windows XP machine running, click on Devices -> “Install Guest Additions” so you have better mouse integration etc.

4 - After windows is installed, do any windows updates you might need on it.

5 - I have a USB Xbox 360 controller, so I had to enable usb (I enabled usb 2.0 which requires the Oracle VM VirtualBox Extension Pack) in the Virtualbox settings and add a filter for the device.  Mine showed up as “Controller” in the list.  Also, I had some issues at first but I think restarting the virtual machine/virtualbox fixed them.

6 - Use Grim Fandango Setup to install the game

7 - With the Guest Windows XP machine running, go to Machine -> Switch to Scale Mode

8 - Double click the Grim Fandango shortcut.  Make sure “Run Grim From Hard Drive” is checked in the options before you launch the game.

9 - Maximize the window or go to full screen.

10 - Run Grim Fandango in full screen mode (On my computer, if I resize the virtualbox window it makes everything go black, so make sure you’re happy with the screen size when you start the game).

The reason I went through all this trouble was because Grim Fandango freezes Windows 7 64-bit completely (I had to turn off my pc - pretty frustrating).  It also has some weird sound issues that were extremely annoying.  This method seems to fix all that, and when it’s all set up it runs really nice. 

Enjoy playing this amazing game!