2 files changed, 4 insertions, 0 deletions

diff --git a/nixos/modules/programs/virtualbox-host.nix b/nixos/modules/programs/virtualbox-host.nix
index f4c6b7587bd..dd6fbad4868 100644
--- a/nixos/modules/programs/virtualbox-host.nix
+++ b/nixos/modules/programs/virtualbox-host.nix
@@ -97,10 +97,13 @@ in
         path = [ virtualbox ];
         serviceConfig.RemainAfterExit = true;
         serviceConfig.Type = "oneshot";
+        serviceConfig.PrivateTmp = true;
+        environment.VBOX_USER_HOME = "/tmp";
         script =
           ''
             if ! [ -e /sys/class/net/vboxnet0 ]; then
               VBoxManage hostonlyif create
+              cat /tmp/VBoxSVC.log >&2
             fi
           '';
         postStop =
diff --git a/nixos/tests/virtualbox.nix b/nixos/tests/virtualbox.nix
index f23f50a2f1c..1c4765e15f1 100644
--- a/nixos/tests/virtualbox.nix
+++ b/nixos/tests/virtualbox.nix
@@ -348,6 +348,7 @@ in {
 
     subtest "privilege-escalation", sub {
       $machine->fail("test -e '/root/VirtualBox VMs'");
+      $machine->fail("test -e '/root/.config/VirtualBox'");
       $machine->succeed("test -e '/home/alice/VirtualBox VMs'");
     };