Listing 2. Destruction can be fun if you are just testing.
Debian GNU/Linux testing/unstable (none) tty0 (none) login: root Linux (none) 220.127.116.11-bs3 #7 Fri Dec 16 17:47:00 CET 2005 i686 GNU/Linux The programs included with the Debian GNU/Linux system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. (none):~# rm -rf / rm: cannot remove `//proc/meminfo': Operation not permitted rm: cannot remove `//proc/uptime': Operation not permitted (... Many warnings about read-only filesystems omitted ...) rm: cannot remove `//proc/loadavg': Operation not permitted rm: `//proc/self' changed dev/ino: Operation not permitted (none):~# df -k -bash: df: command not found (none):~# ps -ef -bash: ps: command not found (none):~# halt -bash: /sbin/halt: No such file or directory (none):~#
It's hosed up pretty good at this point. In fact, you can't even run halt, because the halt program itself is gone. From another command window, kill the system with:
killall -9 vmlinux-18.104.22.168-bs3
Then, see what happens when you try to boot it up again using the same command (Listing 3).
Listing 3. A Very Ill Debian UML Guest
(... boot messages omitted ...) EXT3-fs: INFO: recovery required on readonly filesystem. EXT3-fs: write access will be enabled during recovery. kjournald starting. Commit interval 5 seconds EXT3-fs: ubda: orphan cleanup on readonly fs EXT3-fs: ubda: 66 orphan inodes deleted EXT3-fs: recovery complete. EXT3-fs: mounted filesystem with ordered data mode. VFS: Mounted root (ext3 filesystem) readonly. Warning: unable to open an initial console. Kernel panic - not syncing: No init found. Try passing init= option to kernel. EIP: 0073:[<a01c6691>] CPU: 0 Not tainted ESP: 007b:b7f3afac EFLAGS: 00000282 Not tainted EAX: 00000000 EBX: 000012eb ECX: 00000013 EDX: 000012eb ESI: 000012e8 EDI: 00000000 EBP: b7f3afb8 DS: 007b ES: 007b a10afb80: [<a0032d2a>] show_regs+0x21a/0x230 a10afbb0: [<a0016c8c>] panic_exit+0x2c/0x50 a10afbc0: [<a004a275>] notifier_call_chain+0x25/0x40 a10afbe0: [<a0037501>] panic+0x71/0x100 a10afc00: [<a000e2c0>] init+0x100/0x170 a10afc20: [<a002bf59>] run_kernel_thread+0x39/0x50 a10afce0: [<a001c3d4>] new_thread_handler+0xc4/0x120 a10afd20: [<b7f3b420>] 0xb7f3b420
That's gotta hurt. So, as a lesson, do not do that on a real system. But because this is a UML guest with a COW file, you simply can delete the DangerDanger.cow file, and this guest system will boot up back to its initial state.
The utility uml_moo included in the UML utilities will read a filesystem image and an associated COW file and create a new merged filesystem image. This allows you to merge changes stored in the COW file into a new master filesystem image. This makes it easy to clone working guest filesystem images when you have them set up the way you want.
User-mode Linux is fun to play with, but it also has some real-world uses. You can use it to test unknown or untrusted applications while limiting possible damage to the running host system. You can create virtual networks of UMLs by starting up multiple guests at once. This allows you to create a test-lab-in-a-box environment with very little time and effort, so you can try all those “Stupid Linux Tricks” you were afraid to try on a real system!
The code for this article is available at ftp.linuxjournal.com/pub/lj/listings/issue145/8803.tgz.
Resources for this article: /article/8883.
Matthew E. Hoskins is a Senior UNIX System Administrator for The New Jersey Institute of Technology where he maintains many of the corporate administrative systems. He enjoys trying to get wildly different systems and software working together, usually with a thin layer of Perl (locally known as “MattGlue”). When not hacking systems, he often can be found hacking in the kitchen. Matt is a member of the Society of Professional Journalists. He is eager to hear your feedback and can be reached at firstname.lastname@example.org.
|Where's That Pesky Hidden Word?||Aug 28, 2015|
|A Project to Guarantee Better Security for Open-Source Projects||Aug 27, 2015|
|Concerning Containers' Connections: on Docker Networking||Aug 26, 2015|
|My Network Go-Bag||Aug 24, 2015|
|Doing Astronomy with Python||Aug 19, 2015|
|Build a “Virtual SuperComputer” with Process Virtualization||Aug 18, 2015|
- A Project to Guarantee Better Security for Open-Source Projects
- Concerning Containers' Connections: on Docker Networking
- Problems with Ubuntu's Software Center and How Canonical Plans to Fix Them
- My Network Go-Bag
- Firefox Security Exploit Targets Linux Users and Web Developers
- Doing Astronomy with Python
- Build a “Virtual SuperComputer” with Process Virtualization
- Where's That Pesky Hidden Word?
- diff -u: What's New in Kernel Development
- Three More Lessons