sysprep | build chroot | docker image | pkg build | xen guest | kvm guest
assuming the kvm host is up and running already
we’re using pre-built stage1 and kernel here, made available at https://lab.nethence.com/ & https://lab.nethence.com/nunux/ (might be oudated)
guest=sabotage mkdir -p /data/guests/$guest/lala/ cd /data/guests/$guest/ qemu-img create -f qcow2 $guest.qcow2 25G modprobe nbd max_part=8 device=/dev/nbd0 qemu-nbd --connect=$device $guest.qcow2
manual partitioning
fdisk $device n ENTER ENTER ENTER +24G n ENTER ENTER ENTER ENTER t 2 82 (Linux swap) a 1 w
create swap and filesystems
mkswap ${device}p2
mkfs.ext4 ${device}p1
mount ${device}p1 lala/
deploy core/stage1 binaries
wget https://lab.nethence.com/sabotage-stage1.tar.gz tar xzpSf sabotage-stage1.tar.gz mv -f sabotage/* lala/ rmdir sabotage/ rm -f sabotage-stage1.tar.gz cp -pi lala/etc/fstab lala/etc/fstab.dist vi lala/etc/fstab
# <file system> <dir> <type> <options> <dump> <pass> /dev/vda1 / ext4 async,noatime,nodiratime 0 1 /dev/vda2 swap swap defaults 0 0 proc /proc proc defaults 0 0 devpts /dev/pts devpts defaults 0 0 shm /dev/shm tmpfs nodev,nosuid 0 0
note tty0 is enabled already
ls -lF lala/var/service/tty*
get rid of the read-write check
mv -i lala/etc/rc.boot lala/etc/rc.boot.dist
sed '/hotplug/d; /hwclock/d' lala/etc/rc.boot.dist > lala/etc/rc.boot
chmod -x lala/etc/rc.boot.dist
chmod +x lala/etc/rc.boot
vi lala/etc/rc.boot
(search for rw= and get rid of the `/tmp/` write-test conditions)
mv -i lala/etc/rc.shutdown lala/etc/rc.shutdown.dist
sed '/hwclock/d' lala/etc/rc.shutdown.dist > lala/etc/rc.shutdown
chmod -x lala/etc/rc.shutdown.dist
chmod +x lala/etc/rc.shutdown
cp -pi lala/etc/profile lala/etc/profile.dist
vi lala/etc/profile
TZ="Europe/Moscow" #TZ="Europe/Paris"
default password is sabotage but that’s already too complicated to remember – anyhow it might even be safer not to have a password at all as long as you do not allow empty passwords
ls -lF lala/etc/shadow
cp -pi lala/etc/shadow lala/etc/shadow.dist
chroot lala/ passwd -d root
diff -bu lala/etc/shadow.dist lala/etc/shadow
grab pre-built kernel
wget https://lab.nethence.com/nunux/6.1.49.domU.vmlinuz mv 6.1.49.domU.vmlinuz lala/vmlinuz wget https://lab.nethence.com/nunux/6.1.49.domU.modules.tar.gz mkdir lala/lib/modules/ tar xzf 6.1.49.domU.modules.tar.gz -C lala/lib/modules/ rm -f 6.1.49.domU.modules.tar.gz chroot lala/ depmod -a 6.1.49.domU cat lala/etc/rc.modules
boot blocks
# debian mbrbin=/usr/lib/syslinux/mbr/mbr.bin # slackware #mbrbin=/usr/share/syslinux/mbr.bin dd if=$mbrbin of=$device mkdir -p lala/boot/syslinux/
boot code
extlinux --install lala/boot/syslinux --device ${device}p1
boot config
vi lala/boot/syslinux/syslinux.cfg
serial 0 115200
console 1
nohalt 1
default linux
prompt 1
timeout 100
label linux
linux /vmlinuz
append root=/dev/vda1 ro console=tty1 console=ttyS0,115200n8 mitigations=off
echo $guest > lala/etc/hostname
mv -i lala/etc/hosts lala/etc/hosts.dist cat > lala/etc/hosts <<EOF 127.0.0.1 localhost.localdomain localhost ::1 localhost.localdomain localhost 127.0.0.1 $guest EOF
cp -pi lala/etc/rc.local lala/etc/rc.local.dist
vi lala/etc/rc.local
do_static_ip=true
if=eth0
ip=192.168.122.9
nm=255.255.255.0
gw=192.168.122.0
mv -i lala/etc/resolv.conf lala/etc/resolv.conf.dist
vi lala/etc/resolv.conf
# opendns
nameserver 208.67.222.220
nameserver 208.67.222.222
du -sh lala/ # 254M on ext4 umount -R lala/ rmdir lala/ qemu-nbd --disconnect $device virsh list --all virsh create $guest.xml --console