Ubuntu 8.04 Generic VM
From CSLabsWiki
This page summarizes how the Ubuntu 8.04 Generic VM was created.
Contents |
Install
- Installed Ubuntu 8.04 x64
- Partition Scheme
- 4.5 GB /
- 512 MB swap
- Partition Scheme
Created the Disk Image
- Created the image file
dd if=/dev/zero of=/xen/images/ubuntu-8.04-generic.disk bs=1024k count=1 seek=5120
- Determined a free loopback device to mount the image
losetup -f
losetup /dev/loop0 /xen/images/ubuntu-8.04-generic.disk
- Partitioned the Image
fdisk /dev/loop0(partedcould also be used for this purpose)
Device contains neither a valid DOS partition table, nor Sun, SGI or OSF disklabel
Building a new DOS disklabel. Changes will remain in memory only,
until you decide to write them. After that, of course, the previous
content won't be recoverable.
Warning: invalid flag 0x0000 of partition table 4 will be corrected by w(rite)
Command (m for help): n
Command action
e extended
p primary partition (1-4)
p
Partition number (1-4): 1
First cylinder (1-652, default 1):
Using default value 1
Last cylinder or +size or +sizeM or +sizeK (1-652, default 652): 64
Command (m for help): n
Command action
e extended
p primary partition (1-4)
p
Partition number (1-4): 2
First cylinder (65-652, default 65):
Using default value 65
Last cylinder or +size or +sizeM or +sizeK (65-652, default 652):
Using default value 652
Command (m for help): a
Partition number (1-4): 2
Command (m for help): t
Partition number (1-4): 1
Hex code (type L to list codes): 82
Changed system type of partition 1 to 82 (Linux swap / Solaris)
Command (m for help): w
The partition table has been altered!
Calling ioctl() to re-read partition table.
WARNING: Re-reading the partition table failed with error 22: Invalid argument.
The kernel still uses the old table.
The new table will be used at the next reboot.
Syncing disks.
- Mounted the newly created partitions
kpartx -av /dev/loop0
- Formatted the swap partition
mkswap /dev/mapper/loop0p1
- Formatted the root partition
mkfs.ext3 /dev/mapper/loop0p2
Installed OS
- Mounted the second partition on the image to a temporary directory
mkdir /mnt/generic
mount /dev/mapper/loop0p2 /mnt/generic/
- Used debootstrap to install Ubuntu 8.04 x64
debootstrap --arch amd64 --include=grub hardy /mnt/generic http://mirror.clarkson.edu/ubuntu/
Installed Ubuntu Xen Kernel
apt-get update && apt-get install linux-image-xen
- Ran GRUB update
update-grub -> Chose Replace Current
- Modified new grub config (
/boot/grub/menu.lst)
default 0
timeout 3
### BEGIN AUTOMAGIC KERNELS LIST
## lines between the AUTOMAGIC KERNELS LIST markers will be modified
## by the debian update-grub script except for the default options below
## DO NOT UNCOMMENT THEM, Just edit them to your needs
## ## Start Default Options ##
## default kernel options
## default kernel options for automagic boot options
## If you want special options for specific kernels use kopt_x_y_z
## where x.y.z is kernel version. Minor versions can be omitted.
## e.g. kopt=root=/dev/hda1 ro
## kopt_2_6_8=root=/dev/hdc1 ro
## kopt_2_6_8_2_686=root=/dev/hdc2 ro
# kopt=root=/dev/xvda2 ro
## Setup crashdump menu entries
## e.g. crashdump=1
# crashdump=0
## default grub root device
## e.g. groot=(hd0,0)
# groot=(hd0,1)
## should update-grub create alternative automagic boot options
## e.g. alternative=true
## alternative=false
# alternative=false
## should update-grub lock alternative automagic boot options
## e.g. lockalternative=true
## lockalternative=false
# lockalternative=false
## additional options to use with the default boot option, but not with the
## alternatives
## e.g. defoptions=vga=791 resume=/dev/hda5
# defoptions=console=xvc0
## should update-grub lock old automagic boot options
## e.g. lockold=false
## lockold=true
# lockold=false
## Xen hypervisor options to use with the default Xen boot option
# xenhopt=
## Xen Linux kernel options to use with the default Xen boot option
# xenkopt=console=xvc0
## altoption boot targets option
## multiple altoptions lines are allowed
## e.g. altoptions=(extra menu suffix) extra boot options
## altoptions=(recovery) single
# altoptions=(recovery mode) single
## controls how many kernels should be put into the menu.lst
## only counts the first occurence of a kernel, not the
## alternative kernel options
## e.g. howmany=all
## howmany=7
# howmany=1
## should update-grub create memtest86 boot option
## e.g. memtest86=true
## memtest86=false
# memtest86=false
## should update-grub adjust the value of the default booted system
## can be true or false
# updatedefaultentry=false
## should update-grub add savedefault to the default options
## can be true or false
# savedefault=false
## ## End Default Options ##
title Ubuntu 8.04.3 LTS, kernel 2.6.24-24-xen
root (hd0,1)
kernel /boot/vmlinuz-2.6.24-24-xen root=/dev/xvda2 ro console=xvc0
initrd /boot/initrd.img-2.6.24-24-xen
### END DEBIAN AUTOMAGIC KERNELS LIST
Configured fstab, network, & others
- Chrooted into the directory the VM is mounted at
chroot /mnt/generic
- Exported Lang
export LANG=C
- Configured
/etc/fstab
/dev/xvda2 / ext3 defaults,errors=remount-ro 0 0
/dev/xvda1 swap swap defaults 0 0
proc /proc proc defaults 0 0
devpts /dev/pts devpts gid=5,mode=620 0 0
- Configured console
cd /etc/event.d
cp tty1 xvc0
sed -i -e "s/tty1/xvc0/g" xvc0
- Disabled hardware clock
update-rc.d -f hwclockfirst remove
update-rc.d -f hwclock remove
rm /etc/udev/rules.d/85-hwclock.rules
ln -sf /bin/true /sbin/hwclock
- Removed udev network rules
rm /etc/udev/rules.d/70-persistent-net.rules
rm /etc/udev/rules.d/75-persistent-net-generator
- Configured network
- Edited
/etc/network/interfaces
- Edited
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address 128.153.145.70
netmask 255.255.255.0
gateway 128.153.145.1
- Edited
/etc/hosts
- Edited
127.0.0.1 localhost.localdomain localhost
128.153.145.70 generic-vm.cslabs.clarkson.edu generic-vm.cslabs generic-vm
- Edited
/etc/hostname
- Edited
generic-vm
- Edited DNS Server (
/etc/resolv.conf)
- Edited DNS Server (
search cslabs.clarkson.edu clarkson.edu
nameserver 128.153.145.3
nameserver 128.153.145.4
- Edited
/etc/hosts.allow
- Edited
For security purposes, this information has been intentionally left off.
- Edited
/etc/hosts.deny
- Edited
sshd: ALL
Prepared Image for First Boot
- Exited chroot & unmounted image
exit
umount /mnt/generic/
rmdir /mnt/generic/
kpartx -d /dev/loop0
losetup -d /dev/loop0
- Created xen config file for VM (
/xen/confs/ubuntu-8.04-generic)
name = "ubuntu-8.04-generic"
maxmem = 512
memory = 512
vcpus = 1
bootloader = "/usr/bin/pygrub"
vif = [ 'bridge=xenbr0' ]
disk = [ "tap:aio:/xen/images/ubuntu-8.04-generic.disk,xvda,w" ]
Configuration
- Started VM
xm create -c /xen/confs/ubuntu-8.04-generic
Cannot access the Hardware Clock via any known method.
Use the --debug option to see the details of our search for an access method.
* Unable to set System Clock to: Mon May 18 04:18:37 UTC 2009
* Starting basic networking... [ OK ]
* Starting kernel event manager... [ OK ]
* Loading hardware drivers... modprobe: FATAL: Could not load /lib/modules/2.6.18.8-xenU/modules.dep: No such file or directory
[ OK ]
* Setting the system clock
Cannot access the Hardware Clock via any known method.
Use the --debug option to see the details of our search for an access method.
* Unable to set System Clock to: Mon May 18 04:18:38 UTC 2009
* Loading kernel modules... [ OK ] * Loading manual drivers...
* Setting kernel variables... error: "kernel.maps_protect" is an unknown key
error: "vm.mmap_min_addr" is an unknown key
[fail]
* Activating swap... [ OK ]
* Checking root file system... fsck 1.40.8 (13-Mar-2008)
/dev/xvda2: clean, 10194/590816 files, 102390/1180777 blocks
[ OK ]
* Checking file systems... fsck 1.40.8 (13-Mar-2008)
[ OK ]
* Mounting local filesystems... mount: mount point swap does not exist
[fail]
* Activating swapfile swap... [ OK ]
* Checking minimum space in /tmp... [ OK ]
* Configuring network interfaces... [ OK ]
* Starting system log daemon... [ OK ]
* Starting kernel log daemon... [ OK ]
* Running local boot scripts (/etc/rc.local) [ OK ]
Ubuntu 8.04 generic-vm xvc0
generic-vm login:
- Logged in as
rootw/ no password
Set Root Password
passwd
Updated System
- Modified
/etc/apt/sources.list
# See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to
# newer versions of the distribution.
deb http://mirror.clarkson.edu/ubuntu/ hardy main restricted
deb-src http://mirror.clarkson.edu/ubuntu/ hardy main restricted
## Major bug fix updates produced after the final release of the
## distribution.
deb http://mirror.clarkson.edu/ubuntu/ hardy-updates main restricted
deb-src http://mirror.clarkson.edu/ubuntu/ hardy-updates main restricted
## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team, and may not be under a free licence. Please satisfy yourself as to
## your rights to use the software. Also, please note that software in
## universe WILL NOT receive any review or updates from the Ubuntu security
## team.
deb http://mirror.clarkson.edu/ubuntu/ hardy universe
deb-src http://mirror.clarkson.edu/ubuntu/ hardy universe
deb http://mirror.clarkson.edu/ubuntu/ hardy-updates universe
deb-src http://mirror.clarkson.edu/ubuntu/ hardy-updates universe
## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team, and may not be under a free licence. Please satisfy yourself as to
## your rights to use the software. Also, please note that software in
## multiverse WILL NOT receive any review or updates from the Ubuntu
## security team.
deb http://mirror.clarkson.edu/ubuntu/ hardy multiverse
deb-src http://mirror.clarkson.edu/ubuntu/ hardy multiverse
deb http://mirror.clarkson.edu/ubuntu/ hardy-updates multiverse
deb-src http://mirror.clarkson.edu/ubuntu/ hardy-updates multiverse
## Uncomment the following two lines to add software from the 'backports'
## repository.
## N.B. software from this repository may not have been tested as
## extensively as that contained in the main release, although it includes
## newer versions of some applications which may provide useful features.
## Also, please note that software in backports WILL NOT receive any review
## or updates from the Ubuntu security team.
# deb http://mirror.clarkson.edu/ubuntu/ hardy-backports main restricted universe multiverse
# deb-src http://mirror.clarkson.edu/ubuntu/ hardy-backports main restricted universe multiverse
## Uncomment the following two lines to add software from Canonical's
## 'partner' repository. This software is not part of Ubuntu, but is
## offered by Canonical and the respective vendors as a service to Ubuntu
## users.
# deb http://archive.canonical.com/ubuntu hardy partner
# deb-src http://archive.canonical.com/ubuntu hardy partner
deb http://mirror.clarkson.edu/ubuntu hardy-security main restricted
deb-src http://mirror.clarkson.edu/ubuntu hardy-security main restricted
deb http://mirror.clarkson.edu/ubuntu hardy-security universe
deb-src http://mirror.clarkson.edu/ubuntu hardy-security universe
deb http://mirror.clarkson.edu/ubuntu hardy-security multiverse
deb-src http://mirror.clarkson.edu/ubuntu hardy-security multiverse
- Updated System
apt-get update && apt-get upgrade
- Installed Various Packages
apt-get install emacs22-nox nano vim snmpd logwatch logrotate perl wget language-pack-en cron openssh-server openssh-client man-db finger mailutils screen locate
Configured SSH
- Edited
/etc/ssh/sshd_configto disable root login over ssh
PermitRootLogin no
- Removed ssh keys
rm -f /etc/ssh/ssh_host*
Disabled IP v6
- Modify the following in
/etc/modprobe.d/aliases
alias net-pf-10 off
Configured SNMP
- Edited
/etc/snmp/snmpd.conf
rocommunity <passphrase> 127.0.0.1
rocommunity <passphrase> <ipsallowed>
syslocation Clarkson University Applied CS Labs
#syscontact Admin <Admin@clarkson.edu>
disk / 10%
exec timeskew /usr/local/sbin/ntp_check
exec uptime /usr/bin/uptime
- Copied over
ntp_checkcheck from Isengard to/usr/local/sbin/
- Edited
/etc/default/snmpd
SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid'
Configured Default User Shell
- Edited
/etc/default/useradd
SHELL=/bin/bash
Configured Postfix
- Modified Aliases (
/etc/aliases)
# See man 5 aliases for format
postmaster: root
# Other aliases
root: logwatch@cslabs.clarkson.edu
- Updated Aliases
newaliases
- Modified Postfix config (
/etc/postfix/main.cf)
inet_interfaces = localhost
Configured Time Zone
dpkg-reconfigure tzdata- Chose
Americas -> New_York
- Chose
Configured Logwatch Reports
- Set detail level to be high and changed MailFrom
sed -i "s/MailFrom = root/MailFrom = logwatch/g" /usr/share/logwatch/dist.conf/logwatch.conf
sed -i "s/Detail = Med/Detail = High/g" /usr/share/logwatch/dist.conf/logwatch.conf
