Debian developers have a habit of writing utilities for maintaining distributions that are also useful for ordinary users. For example, diffoscope [1], which compares binary files, is useful for both version control and comparing – among others – PDF and LibreOffice files. In the past year or so, an equally useful utility called debvm has emerged. As the name suggests, debvm [2] is a tool for the quick and easy creation of virtual machines (VMs) running Debian releases and architectures [3]. While debvm gives developers the ability to test releases and architectures without changing hardware, it can be also be useful to any user as a sandbox for testing scripts or checking the results of mixing repositories. Where traditional virtualization methods such as VMware, VirtualBox, or Gnome Boxes create permanent VMs, often for the purpose of running another operating system, debvm is ideal for creating VMs for specific, limited purposes with a small memory footprint.

You will find the debvm 0.2.12 package in the repository of Debian 12 (Bookworm) and the 0.2.7 package in Ubuntu 23.04 repositories. Undoubtedly, other Debian derivatives will start to carry it as it gets closer to general release, although the current releases are stable enough to be worth exploring. The packages consists of three command-line tools: debvm-create, debvm-run, and debvm-waitssh. All three commands include intelligent defaults that make the bare command usable, as well as a handful of options each.

debvm-create

As a wrapper for mmdebstrap, debvm-create lets you create a chroot jail. Used without any options, debvm-create produces a VM with the host machine's format, files from the repository debvm is taken from, and one gigabyte of memory. No password is required. Instead of user accounts, users are automatically logged in as root. Repositories and apt are installed, as well as basic utilities. Note that if you use the package from Debian Unstable, which as its name implies is constantly changing, you may sometimes be unable to install everything. However, such problems do not always make the resulting VM completely unusable. The VM is a file called rootfs.ext4 in the current working directory.

These defaults can be modified by options. With --architecture=ARCHITECTURE (-a=ARCHITECTURE), you can specify the VM's hardware architecture from Debian's official ports: amd64, arm64, armel, armhf, i386, mipsel, mipsel64el, pp64el, and s90x. If you do not want to use the unstable repository, you can use --release=REPOSITORY (-r=REPOSITORY) to use testing or stable instead. Likely, too, you can use --size=SIZE (-s=SIZE), using the usual abbreviations such as K for kilobye, M for megabyte, and G for gigabyte. When creating multiple VMs, you can also use --output=FILE (-0=FILE) to name each one, using .ext4 as an extension. When experimenting with kernels, the kernel option will create the machine without a kernel.

In addition, options for mmdebstrap can be added. Many of these may be of interest only to advanced users. However, all users might find use for --keyring=FILE|DIRECTORY to change the keyring apt uses when accessing mirrors, and --include=PACKAGE1,PACKAGE2... to install additional packages in the VM. Similarly, with --components= COMPONENT1,COMPONENT2..., the VM's apt can use the contrib and non-free components of a repository, instead of just main. Those worried about dependencies might want to add --simulate (--dryrun) to test their options before creating the VM.

However debvm-create is structured, be aware that the default way to run the resulting VM is from its directory, specifying its name if the directory contains multiple VMs. In order to boot directly to the VM, create a symbolic link to its kernel and initrd in your machine's /boot directory. Often, though, most VMs created by debvm will not be used long enough to make this effort worth your time.

At the beginning, debvm-create shows a list of defaults to set up (Figure 1). Then, apt installs the packages for the VM, and the VM is created (Figure 2). As the command progresses, it periodically summarizes the next operations (Figure 3). How long the process takes depends on the Internet speed and how busy the mirrors used are, but in my experience it is generally less than three minutes.

Figure 1: Upon start-up, debvm-create presents a list of defaults.

Figure 2: After installing packages, debvm-create makes the VM.

Figure 3: As the VM is set up, debvm-create summarizes its actions before executing them.

debvm-run

The easiest place to run a VM is from its directory, specifying its file if necessary. Just as debvm-create is a wrapper for mmdebstrap, so deb-vm-run is a wrapper for the Qemu emulator.

Most of the time, the command can be run without options. The output for the command begins with a summary of its operation (Figure 4), followed by a long list of boot actions (Figure 5), and ends with logging in to the VM (Figure 6).

Figure 4: A summary of debvm-run's boot process.

Figure 5: Boot actions for debvm-run.

Figure 6: Logging in to a VM with debvm-run.

When required, options can be added. When a directory contains multiple VMs, the one to boot must be specified with --image=IMAGE (-i=IMAGE). If a graphical interface is included in the VM, --graphical (-g) opens the VM in a separate window with the mouse enabled. For specific circumstances or hardware, --qemu can be used to add Qemu options, although the most likely ones are available in debvm-create. The debv-run man page suggests that --snapshot=SNAPSHOT can be used to back up the VM. Ordinarily you can log in to a VM with --sshport=SSHPORT (-s SSHPORT) using the hostname 127.0.0.1. If this hostname is not already among your known hosts, you can connect without updating the list with:

ssh -o NoHostAuthenticationForLocalhost=yes
-p $sshport root@127.0.0.1

When you are finished with the VM, simply close the terminal. Similarly, you can delete the file.

debvm-waitssh

The debvm-waitssh command is the equivalent of --sshport=SSHPORT (-s SSHPORT). It is used to connect to a VM with an exposed SSH port and no authentication. If only the basic command is entered, it defaults to a timeout of 60 seconds and a hostname of 127.0.0.1 so that only the port (a number between 1 and 655) needs to be entered. For instance:

debvm-waitssh 600

Otherwise, you can use the following structure to enter parameters:

debvm-waitssh -t SECONDS] HOSTNAME:PORT

If the -q option is entered, no message displays when the timeout is reached.