Subject:
Debian UML mini-howto
From:
Eric Nelson ####@####.####
Date:
22 Apr 2003 02:58:37 -0000
Message-Id: <20030422024958.GD26506@megahosted.com>
Hello, I just joined this list and am just beginning my journey into the
wonderful world of linux documentation. I have been setting up
user-mode-linux on a debian test machine and have noticed that there is
a very small amount of debian specific documentation on the internet
regarding UML. I have documented the steps involved in getting this running
using the native package management tools, and I would like to submit this
small paper as a start towards working on an official Debian User-Mode-Linux
mini-howto. I started out writing this in MS word and have copied it to
a txt file for submission, so of course the areas I have set up as
symlinks for certain file downloads will be non-functional. Please let
me know if someone else is currently working on a project similar to
this, or mail back feedback or suggestions. I have forwarded this paper
to a few individuals that have expressed interest in UML that are native
debian users and have already recieved much feedback for future revision
of the paper. I am holding out on it however until I can format it
properly according to the LDP.
I have a crude online version of it up at
http://www.megahosted.com/~en/papers/uml-debian-mini.html
and have attached a txt version as well.
Thanks and nice to meet everyone!
--
Eric Nelson ####@####.#### http://www.megahosted.com/~en/
GPG-key: C4AB5707 Fingerprint: 9E50 D5C2 2B02 A944 1A28 5CA5 366A 0294 C4AB 5707
Debian UML (user-mode-linux) mini-howto
Eric Nelson
en @ megahosted.com
I decided to try UML to eliminate the need for some machines at our colocation facility in to make room for more (paying) customers. Why pay for a whole machine when it is only running a few services and not using a whole lot of processor time, memory, or diskspace?
I have set up a test machine running debian (sarge) to learn how uml works and how to administrate it. I configured the system sparsely and made very few changes aside from what I really needed to get down to business. I also am limited by disk space on this particular machine. I chose to write up this mini-howto since there aren't any out on the net right now, and the only source for debian specific documentation is in the supplied docs with the packages, or on the mailing list. I am by no means an expert, but I feel that this information will be useful to those looking to get up and running quickly. Should anyone find anything they feel should be changed, removed, or added, email me.
Here's a few links to the sites and documents that have helped me get set up.
General:
http://user-mode-linux.sourceforge.net/index.html sourceforge homepage for UML
http://user-mode-linux.sourceforge.net/UserModeLinux-HOWTO.html sourceforge HOWTO
http://www.linuxfromscratch.org/~roryo/stuff/uml.txt LFS user mini-howto
debian-centric:
http://packages.debian.org/cgi-bin/search_packages2.pl?keywords=user-mode-linux&searchon=names&version=all&release=all link to uml packages for all releases
http://packages.qa.debian.org/u/user-mode-linux.html latest info for the package
Here's a list of my installed packages at time of this writing.
installed_debs.txt
The main packages needed for uml are:
user-mode-linux - User-mode Linux (kernel)
user-mode-linux-doc - User-mode Linux (Documentation)
kernel-patch-uml - User-mode Linux (kernel patch)
rootstrap - A tool for building complete Linux filesystem images
umlrun - Run commands inside User-Mode Linux
umlrun-uml - Components of umlrun to be installed inside UML
kernel-patch-skas - Separate Kernel Address Space patch
Now if you don't want anything special installed in your uml kernel, you can skip the part here about building or patching, however you should read the part regarding applying the skas patch to the host kernel.
After you have all the packages installed, you can either download a kernel to patch from kernel.org, or get one through apt. I'm running 2.4.20 already and had the source handy, so I chose that. The patchfiles are located in /usr/src/kernel-patches.
Once you got your source, tar -xzf it in a separate dir besides /usr/src and rename the linux-version dir to usermode-version to avoid any mishaps from someone not knowing what you have there (or clobbering your existing kernel source tree!) . Then cd into it and run the patch.
testing:/usr/src/uml-2.4.20# ../kernel-patches/all/apply/uml
Testing whether "User-mode Linux" patch for 2.4.20 applies (dry run):
"User-mode Linux" patch for 2.4.20 succeeded
Removing empty files after patching:
Done.
I chose to sit my uml kernel down in /usr/src after renaming it, but it can be anywhere. Once you've completed the patch process, go ahead and run make menuconfig.
testing:/usr/src uml-2.4.20# make menuconfig ARCH=um
then when you're done, run
testing:/usr/src uml-2.4.20# make modules ARCH=um
and
testing:/usr/src/uml-2.4.20# make linux ARCH=um
when you're done compiling, you should have an executable in the top of the kernel source dir you just compiled in.
I had some problems building 2.4.20 here. I removed the old source and re-patched on a freshly extracted kernel, and also removed module support to try for a successful build. At this point I was only trying for a successful build to test with, and plan on going back and adding more options after I have a workable kernel to see what is bombing the build process. The culprit ended up being that I didn't have m4 installed. This is the error message I got on build.
m4 -DSTART=$((0xc0000000 - ((0 + 1) * 0x20000000))) -DELF_ARCH=i386 \
-DELF_FORMAT=elf32-i386 -DMODE_TT \
-DKERNEL_STACK_SIZE=$(( 4096 * $pages )) arch/um/link.ld.in > arch/um/link.ld
/bin/sh: line 1: m4: command not found
make: *** [arch/um/link.ld] Error 127
Found here I didn't have a package named m4 installed. Simple enough, apt-get install m4 solves this problem promptly =)
Ouch! More problems......
/usr/src/uml-2.4.20/arch/um/kernel/um_arch.c:287: undefined reference to `__uml_postsetup_start'
vmlinux.o(.text.init+0x5596):/usr/src/uml-2.4.20/arch/um/kernel/um_arch.c:288: undefined reference to `__uml_postsetup_end'
vmlinux.o(.text.init+0x55a9):/usr/src/uml-2.4.20/arch/um/kernel/um_arch.c:291: undefined reference to `__uml_postsetup_end'
collect2: ld returned 1 exit status
make: *** [linux] Error 1
Dunno here, I googled around and couldn't find anything resembling my problem. So I tried again and deselected a few options. I noticed by default skas and tt mode are both enabled. Removing tt support and rebuilding got me a successful linux executable =)
Here's my config if anyone wants to build with it. I'm not using it, as debian gives you a precompiled version of the finished linux binary. (rootstrap runs it to build the filesystem for your uml)
*note (I read on the uml page there are some precompiled kernels available for download from the official UML site, but the newest at time of writing is 2.4.18)
Now that we have got our UML kernel built one way or the other, it's a good idea to run the skas patch on your host kernel to be at this time.
Here's the rundown on skas mode from the sourceforge page and why you should patch and enable it.
In short, the changes cause the UML kernel to run in an entirely different host address space from its processes. This solves the security and honeypot fingerprinting problems by making the UML kernel totally inaccessible to UML processes. Their address spaces are identical to what they would be on the host. This also provides a noticable speedup by eliminating the signal delivery that used to happen for every UML system call. <>
Applying the patch:
testing:/usr/src/linux# ../kernel-patches/all/apply/skas
You should see a whole bunch of files being patched and no errors (hopefully). This is also a good time to make sure you have a couple options enabled in your host kernel. Most notably, Loopback Device (CONFIG_BLK_DEV_LOOP) and Ethertap (CONFIG_ETHERTAP) should be set to yes. Then I did a make clean and mrproper before going through the menuconfig, dep, modules, modules_install, and bzImage. After which, I moved over my new kernel, config, and system map to /boot and re-ran lilo. After which, rebooted and continued.
Keep in mind, you CANNOT patch the same kernel source that has already had the uml patch applied. Remember, you don't want to alter your host kernel source from what is used to boot the system. Keep your UML kernel somewhere besides /usr/src/linux and you'll be fine.
Now that the new skas kernel is up and running, and we have the linux executable built, we can go ahead and edit our rootstrap config.
Here's the spots I paid attention to in the config.
# Will be resized to leave this much free space (MB) when building is
# complete. Leave unset or set to 0 to disable resizing.
freespace=0 # I like 0 so the file size is set in stone
[network]
# TUN/TAP configuration
# For proxy ARP, use host=<your host's LAN IP address> and
# uml=<a free LAN IP address for UML's use>
# For a routing configuration, or if the installation process does not
# need to reach anywhere except the host, use a separate RFC1918
# subnet for the virtual network between the host and UML.
interface=eth0
transport=tuntap
host=192.168.0.21
uml=192.168.0.23
netmask=255.255.255.0
# For a preconfigured tap device (see tunctl(1))
host_if=tap0
# Gateway address (optional)
# Note: you must have IP forwarding set up, or use proxy ARP, in order
# to reach external hosts. See the User-Mode Linux documentation.
gateway=192.168.0.1
# DNS configuration
# optional if you are fetching packages through a proxy
domain=home.megahosted.com
nameserver=192.168.0.1 # my nameserver
#
# Debian module
#
[debian]
dist=sarge
# Extra packages to install via apt after initial debootstrap install
install=ssh
--end of config stuff
After you've inserted the appropriate values, run rootstrap to create a new installed system.
testing:/uml# rootstrap root_fs
Checking for the skas3 patch in the host...found
Checking for /proc/mm...found
Linux version 2.4.20-1um (mdz@mizar) (gcc version 3.2.3 20030221 (Debian prerelease)) #1 SMP Fri Feb 28 16:28:07 EST 2003
You'll be waiting a while for this to finish. At the end you will have a base system installed to the file root_fs. Make sure you named this file root_fs as well, as the linux executable looks for that filename on boot and can't be given another via command line switch (like booting a standard kernel)
Now that this is up, you can try calling linux and booting your new system.
testing:/uml# linux
Checking for the skas3 patch in the host...found
Checking for /proc/mm...found
Linux version 2.4.20-1um (mdz@mizar) (gcc version 3.2.3 20030221 (Debian prerelease)) #1 SMP Fri Feb 28 16:28:07 EST 2003
Blah blah blah......
If it appears to hang, don't freak out! Chances are that the system is up and you can access it via the xterms that popped up on the screen of the host (if you're running X on the host the uml lives on) or through the uml_mconsole tool. You're going to have to configure the gettys to bind to different devices so that you can minicom into the new uml host for configuration until your networking is up.
testing:/uml# uml_mconsole /root/.uml/urQJkN/mconsole
Warning: couldn't stat file: /tmp/uml//root/.uml/urQJkN/mconsole/mconsole - No such file or directory
(/root/.uml/) version
OK Linux (none) 2.4.20-1um #1 SMP Fri Feb 28 16:28:07 EST 2003 i686
Okay, it's up....
(/root/.uml/) halt
OK
(/root/.uml/) quit
Okay, now that we have our uml system shut down cleanly, we can change some switches to allow us in. I started the system up like this. I also added the tuntap option
linux con=pty con0=fd:0,fd:1 eth0=tuntap,,,192.168.0.254
This will bind the gettys to /dev/ptyp0-5
If you set up all the networking options correctly in rootstrap.conf, and added ssh to the list of packages to apt after installation you might be able to ssh in right away. I had to painstakingly go through the process after booting my system. If you're like me and you didn't, go ahead and bust out minicom now.
minicom -o -p /dev/ptyp0
Just login as root, and poke around. Hopefully your networking is up and you can start banging away on getting the system set up. I had problems with the console from minicom not displaying files properly with vi, so I got ssh up and got out quickly.
If you don't have networking, then you'll have to set it up manually. We need to do this anyway in order to run our uml's as non-priveleged users. Hopefully when you recompiled the host kernel after the skas patch you also made sure ethertap was set in the config. Since you were a good reader, now you can run the tunctl program to create your device(s) and configure them manually.
testing:/# tunctl -u non-privelegedusername -t tap0
Set 'tap0' persistent and owned by uid 1000
testing:/uml# ifconfig tap0 192.168.0.254 up
testing:/uml# echo 1 > /proc/sys/net/ipv4/ip_forward
testing:/uml# route add -host 192.168.0.22 dev tap0
testing:/uml# echo 1 > /proc/sys/net/ipv4/conf/tap0/proxy_arp
testing:/uml# arp -Ds 192.168.0.22 eth0 pub
testing:/uml# ifconfig
eth0 Link encap:Ethernet HWaddr 00:A0:C9:99:A0:7F
inet addr:192.168.0.21 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:353034 errors:0 dropped:0 overruns:0 frame:0
TX packets:455813 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:196066645 (186.9 MiB) TX bytes:404227877 (385.5 MiB)
Interrupt:11
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:379 errors:0 dropped:0 overruns:0 frame:0
TX packets:379 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:42856 (41.8 KiB) TX bytes:42856 (41.8 KiB)
tap0 Link encap:Ethernet HWaddr 00:FF:23:5D:97:0B
inet addr:192.168.0.254 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
There we go, we need this in an init script for future use as well. Here's mine. I named it uml-ethertap and linked it out of /etc/init.d to execute on boot into runlevel 2. I plan on running a few instances of uml on my hosts so I may rework the way I want to run the tap devices. After you have your device set up, change your linux boot command line to use it directly.
en@testing:~$ linux con=pty con0=fd:0,fd:1 eth0=tuntap,tap0
If it boots with networking then you're done. I made a script to background the process or you could run it with screen. You can edit the inittab on the uml host to remove the gettys as well now that you're not going to need more than one most likely.
Hope this helps clarify a few things about how to get UML running the debian way. I will update this page as I have time and as things arise with my testing of uml and rollout to the datacenter.
The most recent version of this document can always be found here.
--> -->
<type 'exceptions.IOError'> | Python 2.5.2: /usr/bin/python
Sat Jul 6 03:59:09 2024 |
A problem occurred in a Python script. Here is the sequence of
function calls leading up to the error, in the order they occurred.
| /opt/ezmlm-browse-0.20/main.py in main() |
424
|
425 if path is not None:
|
426 main_path(path)
|
427 else:
|
428 main_form()
|
| global main_form = <function main_form at 0xa120c6c> |
| /opt/ezmlm-browse-0.20/main.py in main_form() |
378 except ImportError:
|
379 die(ctxt, "Invalid command")
|
380 module.do(ctxt)
|
381
|
382 def main():
|
| module = <module 'commands.showmsg' from '/opt/ezmlm-browse-0.20/commands/showmsg.pyc'>, module.do = <function do at 0xa12802c>, global ctxt = {'cmd': 'showmsg', 'threadidx': 0, 'HTTP_X_FORWA...HTTP_ACCEPT_ENCODING': 'gzip, br, zstd, deflate'} |
| /opt/ezmlm-browse-0.20/commands/showmsg.py in do(ctxt={'cmd': 'showmsg', 'threadidx': 0, 'HTTP_X_FORWA...HTTP_ACCEPT_ENCODING': 'gzip, br, zstd, deflate'}) |
18 write(html('msg-pager') % ctxt)
|
19 write('<hr>')
|
20 sub_showmsg(ctxt, ctxt[MSGNUM])
|
21 write('<hr>')
|
22 write(html('msg-pager') % ctxt)
|
| global sub_showmsg = <function sub_showmsg at 0xa1201ec>, ctxt = {'cmd': 'showmsg', 'threadidx': 0, 'HTTP_X_FORWA...HTTP_ACCEPT_ENCODING': 'gzip, br, zstd, deflate'}, global MSGNUM = 'msgnum' |
| /opt/ezmlm-browse-0.20/globalfns.py in sub_showmsg(ctxt={'cmd': 'showmsg', 'threadidx': 0, 'HTTP_X_FORWA...HTTP_ACCEPT_ENCODING': 'gzip, br, zstd, deflate'}, msgnum=4266) |
229 format_timestamp(ctxt, ctxt)
|
230 write(html('msg-header') % ctxt)
|
231 rec_showpart(ctxt, msg, 0)
|
232 write(html('msg-footer') % ctxt)
|
233 ctxt.pop()
|
| global rec_showpart = <function rec_showpart at 0xa1201b4>, ctxt = {'cmd': 'showmsg', 'threadidx': 0, 'HTTP_X_FORWA...HTTP_ACCEPT_ENCODING': 'gzip, br, zstd, deflate'}, msg = <email.message.Message instance at 0xa17fdcc> |
| /opt/ezmlm-browse-0.20/globalfns.py in rec_showpart(ctxt={'cmd': 'showmsg', 'threadidx': 0, 'HTTP_X_FORWA...HTTP_ACCEPT_ENCODING': 'gzip, br, zstd, deflate'}, part=<email.message.Message instance at 0xa17fdcc>, partnum=3) |
205 else:
|
206 for p in part.get_payload():
|
207 partnum = rec_showpart(ctxt, p, partnum+1)
|
208 else:
|
209 write(html('msg-sep') % ctxt)
|
| partnum = 3, global rec_showpart = <function rec_showpart at 0xa1201b4>, ctxt = {'cmd': 'showmsg', 'threadidx': 0, 'HTTP_X_FORWA...HTTP_ACCEPT_ENCODING': 'gzip, br, zstd, deflate'}, p = <email.message.Message instance at 0xa1872ec> |
| /opt/ezmlm-browse-0.20/globalfns.py in rec_showpart(ctxt={'cmd': 'showmsg', 'threadidx': 0, 'HTTP_X_FORWA...HTTP_ACCEPT_ENCODING': 'gzip, br, zstd, deflate'}, part=<email.message.Message instance at 0xa1872ec>, partnum=4) |
208 else:
|
209 write(html('msg-sep') % ctxt)
|
210 sub_showpart(ctxt, part)
|
211 return partnum
|
212
|
| global sub_showpart = <function sub_showpart at 0xa120144>, ctxt = {'cmd': 'showmsg', 'threadidx': 0, 'HTTP_X_FORWA...HTTP_ACCEPT_ENCODING': 'gzip, br, zstd, deflate'}, part = <email.message.Message instance at 0xa1872ec> |
| /opt/ezmlm-browse-0.20/globalfns.py in sub_showpart(ctxt={'cmd': 'showmsg', 'threadidx': 0, 'HTTP_X_FORWA...HTTP_ACCEPT_ENCODING': 'gzip, br, zstd, deflate'}, part=<email.message.Message instance at 0xa1872ec>) |
164 type = ctxt[TYPE] = part.get_content_type()
|
165 ctxt[FILENAME] = part.get_filename()
|
166 template = html('msg-' + type.replace('/', '-'))
|
167 if not template:
|
168 template = html('msg-' + type[:type.find('/')])
|
| global template = <function template at 0xa118e9c>, global html = <function html at 0xa118ed4>, type = 'application/pgp-signature', type.replace = <built-in method replace of str object at 0xa183d78> |
| /opt/ezmlm-browse-0.20/globalfns.py in html(name='msg-application-pgp-signature') |
40
|
41 def html(name):
|
42 return template(name + '.html')
|
43
|
44 def xml(name):
|
| global template = <function template at 0xa118e9c>, name = 'msg-application-pgp-signature' |
| /opt/ezmlm-browse-0.20/globalfns.py in template(filename='msg-application-pgp-signature.html') |
31 except IOError:
|
32 if not _template_zipfile:
|
33 _template_zipfile = zipfile.ZipFile(sys.argv[0])
|
34 try:
|
35 f = _template_zipfile.open(n).read()
|
| global _template_zipfile = None, global zipfile = <module 'zipfile' from '/usr/lib/python2.5/zipfile.pyc'>, zipfile.ZipFile = <class zipfile.ZipFile at 0xa0b1a7c>, global sys = <module 'sys' (built-in)>, sys.argv = ['-c', '/opt/ezmlm-browse-0.20'] |
| /usr/lib/python2.5/zipfile.py in __init__(self=<zipfile.ZipFile instance at 0xa12c34c>, file='-c', mode='r', compression=0, allowZip64=False) |
337 self.filename = file
|
338 modeDict = {'r' : 'rb', 'w': 'wb', 'a' : 'r+b'}
|
339 self.fp = open(file, modeDict[mode])
|
340 else:
|
341 self._filePassed = 1
|
| self = <zipfile.ZipFile instance at 0xa12c34c>, self.fp = None, builtin open = <built-in function open>, file = '-c', modeDict = {'a': 'r+b', 'r': 'rb', 'w': 'wb'}, mode = 'r' |
<type 'exceptions.IOError'>: [Errno 2] No such file or directory: '-c'
args =
(2, 'No such file or directory')
errno =
2
filename =
'-c'
message =
''
strerror =
'No such file or directory'
