Home

User-Mode Linux

Issue 145

From Issue #145
May 2006

Mar 30, 2006  By Matthew E. Hoskins
 in
User-mode Linux lets you do tricks like run a safely isolated Debian 3.1 on Fedora 4.

Listing 2. Destruction can be fun if you are just testing.


Debian GNU/Linux testing/unstable (none) tty0

(none) login: root
Linux (none) 2.6.14.3-bs3 #7 Fri Dec 16 17:47:00 CET 2005 i686 GNU/Linux

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.

(none):~#  rm -rf /
rm: cannot remove `//proc/meminfo': Operation not permitted
rm: cannot remove `//proc/uptime': Operation not permitted
(... Many warnings about read-only filesystems omitted ...)
rm: cannot remove `//proc/loadavg': Operation not permitted
rm: `//proc/self' changed dev/ino: Operation not permitted
(none):~# df -k
-bash: df: command not found
(none):~# ps -ef
-bash: ps: command not found
(none):~# halt
-bash: /sbin/halt: No such file or directory
(none):~#

It's hosed up pretty good at this point. In fact, you can't even run halt, because the halt program itself is gone. From another command window, kill the system with: 


killall -9 vmlinux-2.6.14.3-bs3

Then, see what happens when you try to boot it up again using the same command (Listing 3).

Listing 3. A Very Ill Debian UML Guest 


(... boot messages omitted ...)
EXT3-fs: INFO: recovery required on readonly filesystem.
EXT3-fs: write access will be enabled during recovery.
kjournald starting.  Commit interval 5 seconds
EXT3-fs: ubda: orphan cleanup on readonly fs
EXT3-fs: ubda: 66 orphan inodes deleted
EXT3-fs: recovery complete.
EXT3-fs: mounted filesystem with ordered data mode.
VFS: Mounted root (ext3 filesystem) readonly.
Warning: unable to open an initial console.
Kernel panic - not syncing: No init found. Try passing init= option to kernel.
EIP: 0073:[<a01c6691>] CPU: 0 Not tainted ESP: 007b:b7f3afac EFLAGS: 00000282
Not tainted
EAX: 00000000 EBX: 000012eb ECX: 00000013 EDX: 000012eb
ESI: 000012e8 EDI: 00000000 EBP: b7f3afb8 DS: 007b ES: 007b
a10afb80:  [<a0032d2a>] show_regs+0x21a/0x230
a10afbb0:  [<a0016c8c>] panic_exit+0x2c/0x50
a10afbc0:  [<a004a275>] notifier_call_chain+0x25/0x40
a10afbe0:  [<a0037501>] panic+0x71/0x100
a10afc00:  [<a000e2c0>] init+0x100/0x170
a10afc20:  [<a002bf59>] run_kernel_thread+0x39/0x50
a10afce0:  [<a001c3d4>] new_thread_handler+0xc4/0x120
a10afd20:  [<b7f3b420>] 0xb7f3b420

That's gotta hurt. So, as a lesson, do not do that on a real system. But because this is a UML guest with a COW file, you simply can delete the DangerDanger.cow file, and this guest system will boot up back to its initial state.

More on COW Files

The utility uml_moo included in the UML utilities will read a filesystem image and an associated COW file and create a new merged filesystem image. This allows you to merge changes stored in the COW file into a new master filesystem image. This makes it easy to clone working guest filesystem images when you have them set up the way you want.

Conclusion

User-mode Linux is fun to play with, but it also has some real-world uses. You can use it to test unknown or untrusted applications while limiting possible damage to the running host system. You can create virtual networks of UMLs by starting up multiple guests at once. This allows you to create a test-lab-in-a-box environment with very little time and effort, so you can try all those “Stupid Linux Tricks” you were afraid to try on a real system!

The code for this article is available at ftp.linuxjournal.com/pub/lj/listings/issue145/8803.tgz.

Resources for this article: /article/8883.

Matthew E. Hoskins is a Senior UNIX System Administrator for The New Jersey Institute of Technology where he maintains many of the corporate administrative systems. He enjoys trying to get wildly different systems and software working together, usually with a thin layer of Perl (locally known as “MattGlue”). When not hacking systems, he often can be found hacking in the kitchen. Matt is a member of the Society of Professional Journalists. He is eager to hear your feedback and can be reached at matt@njit.edu.

______________________

Comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Redhat 7.3

daniel_whj's picture
Submitted by daniel_whj (not verified) on Fri, 04/14/2006 - 10:34.

Redhat 7.3
Redhat 8.0
Redhat 9.0
Fedora 4

White Paper
More Resources
Fabric-Based Computing Enables Optimized Hyperscale Data Centers

Today’s modular x86 servers are compute-centric, designed as a least common denominator to support a wide range of IT workloads. Those generic, virtualized IT workloads have much different resource optimization requirements than hyperscale and cloud applications. They have resulted in a “one size fits all” enterprise IT architecture that is not optimized for a specific set of IT workloads, and especially not emerging hyperscale workloads, such as web applications, big data, and object storage. In this report, you will learn how shifting the focus from traditional compute-centric IT architectures to an innovative disaggregated fabric-based architecture can optimize and scale your data center.

Learn More

Sponsored by AMD

White Paper
More Resources
Red Hat White Paper: Using an Open Source Framework to Catch the Bad Guy

Built-in forensics, incident response, and security with Red Hat Enterprise Linux 6

Every security policy provides guidance and requirements for ensuring adequate protection of information and data, as well as high-level technical and administrative security requirements for a system in a given environment. Traditionally, providing security for a system focuses on the confidentiality of the information on it. However, protecting the data integrity and system and data availability is just as important. For example, when processing United States intelligence information, there are three attributes that require protection: confidentiality, integrity, and availability.

Learn more about catching the bad guy in this free white paper.

Learn More

Sponsored by DLT Solutions