VirtualBox Extension Pack License Redux
At work I use the Oracle repository for VirtualBox. With our desire to abandon the proprietary extension pack, I discovered that the Oracle repository
deb packages do not contain the VNC extension pack. The VNC extension pack is part of the open source code base but is not compiled into the package by Oracle developers.
How clever. How asinine. How immature.
Purposely not compiling the VNC extension pack encourages people — unknowingly — to download the proprietary extension pack. “Will you walk into my parlour?” said the Spider to the Fly.
Not using the proprietary extension pack means using VNC rather than RDP. That is impossible with the Oracle deb packages. For us at work, that means disabling that repository and using the Ubuntu repository package.
The Ubuntu package is frozen at version 5.1.38. That version no longer is supported upstream, with Oracle ending support April 2018. As the time is now past the three-year point of the 16.04 long term support (LTS) cycle, that means no feature updates to that package. Security patches only for the remaining two years of the LTS cycle. There are no guarantees for security patches because the package is from the
The Ubuntu version should have been updated to 5.2 long before the three-year point. This is primary reason I was using the Oracle repository.
To use a supported version of VirtualBox means updating Ubuntu MATE 16.04 to 18.04. That has proven to be a challenge and is unlikely to happen. Or use the upstream Oracle repository.
I installed the Ubuntu 5.1.38 package. The VNC extension pack was included.
The VNC extension pack does not work in Ubuntu 16.04.
Null option should allow connecting without authentication. Nonetheless that option always prompts for a password. Reading the user manual might imply that the
Null option is not supported. I verified the same problem in Slackware.
I added a password:
vboxmanage modifyvm "Ubuntu" --vrdeproperty VNCPassword="test"
Every time I tried to connect the password was rejected.
nmap scan confirms the assigned port is open. The Remmina VNC plugin package is installed. Just to be sure, using
xvnc4viewer results in the same password failure.
No such failure on Slackware, although there I am using version 5.2.28. The same version I was using from the Oracle repositories, but crippled. A version that is not available in the Ubuntu 16.04 repositories.
Using RDP after restoring the Oracle proprietary extension pack works without pain.
I tried the
*.run script from Oracle. Same immature proprietary nonsense. The VNC extension is not installed.
I am not an attorney, but there is a work-around that seems to satisfy consensus opinion around the web — use an extension pack version from before the PUEL changed. That means use the Ubuntu 5.1.38 VirtualBox version but use the 5.1.28 version of the proprietary extension pack.
There is a twist to that solution. The Oracle 5.2.28 kernel module fails to compile with the Ubuntu 4.4.0 kernel, but the Ubuntu 5.1.38 kernel module compiles against the same kernel.