Running Network Services under User-Mode Linux, Part I

First, you need to make sure you've got the right kind of kernel on your host system. You very likely may need to compile a new kernel.

On the one hand, some Linux distributions already have User-Mode Linux compiled into their default kernels. On the other hand, your distribution of choice may or may not also have the skas (separate kernel address space) patch compiled in as well. It is, in fact, somewhat unlikely that your default kernel has skas support. Although the Linux kernel source code has included UML support since version 2.6.9, the skas patch is still maintained separately (and Linus has resisted its inclusion).

The skas patch is important. It greatly improves UML performance and security by running the guest system's kernel in separate address space from its other processes (just like the host's kernel does). The User-Mode Linux Web site's skas page on SourceForge provides a more detailed explanation of why you need skas (see the on-line Resources).

To obtain kernel source code, your best bet may be simply to install your Linux distribution's kernel-source package. Take care, however, that your distribution provides a kernel version of 2.6.9 or higher, because UML support is included from 2.6.9 onward, and prior UML patches had security vulnerabilities.

Because Debian 3.1 still uses kernel version 2.6.8, I decided not to use the official Debian kernel packages and instead downloaded the 2.6.17 kernel from kernel.org. I did, however, install the kernel-package package, which provides tools for generating Debian packages from official kernel source.

Besides kernel source code, you need the skas patch, the latest version of which is available on Blaisorblade's site (see Resources). Be sure to download the patch version that corresponds to the kernel source code you're about to patch.

On my Debian host, I unpacked my official source code to /usr/src/linux-2.6.17.3, renamed the source code directory to /usr/src/linux-2.6.17.3-host and copied the skas patch tarball (skas-2.6.17-rc5-v9-pre9.patch.bz2) to /usr/src. I then changed ownership of the directory /usr/src/linux-2.6.17.3-host to a nonroot account. (Adhering to the principle of never being root unless you really need to, we're going to do most of this kernel build as an unprivileged user.)

Here are the commands I executed as root:

host:/usr/src/# tar -xjvf ./linux-2.6.17.3.tar.bz
host:/usr/src/# mv ./linux-2.6.17.3 ./linux-2.6.17.3-host
host:/usr/src/# chown mick ./linux-2.6.17.3
host:/usr/src/# su - mick

To apply the skas patch, I then navigated, as my nonroot user, to /usr/src/linux-2.6.17.3-host and ran the following command:

host:/usr/src/linux-2.6.17.3-host$ bunzip2 -c
 ↪../skas-2.6.17-rc5-v9 -pre9.patch.bz2 | patch -p1

Next, from the same directory, I issued the command make menuconfig. When setting up the kernel configuration for User-Mode Linux, the defaults generally are fine, though you should ensure that the configuration matches your host's hardware. In addition, it's probably prudent to double-check the following settings:

From this point on, the process is the same with any other kernel build: issue the commands make bzImage and make modules;. Then, become root and issue the commands make modules, make modules_install and make install. (Or in the case of Debian, use the make-kpkg command to achieve the same thing, and run dpkg to install the resulting kernel package.)

Once your new host kernel is installed, reboot your system. Your host system is now capable of running User-Mode Linux guest systems.