XEN guest // CRUX using packages

guest-crux | guest-crux-rootfs | guest-crux-hvm

Requirements

grab the ISO from a mirror and prepare the required file-system archive

ver=3.7

cd ~/ISO-IMAGES/
wget http://ftp.cc.uoc.gr/mirrors/linux/crux/crux-$ver/iso/crux-3.7.iso
wget http://ftp.cc.uoc.gr/mirrors/linux/crux/crux-$ver/iso/crux-3.7.md5
wget http://ftp.cc.uoc.gr/mirrors/linux/crux/crux-$ver/iso/crux-3.7.sha256
wget https://crux.mirror.garr.it/crux-3.7/iso/crux-$ver.md5
wget https://crux.mirror.garr.it/crux-3.7/iso/crux-$ver.sha256
mkdir loop/
mount crux-$ver.iso loop/

proceed with the guest skeleton

mkdir -p ~/guests/crux/lala/
cd ~/guests/crux/

# REISER4
dd if=/dev/zero of=crux.reiser4 bs=1GB count=0 seek=8
mkfs.reiser4 -dfy crux.reiser4
mount crux.reiser4 lala/

# BUTTERFS
dd if=/dev/zero of=crux.butterfs bs=1GB count=0 seek=8
mkfs.btrfs -O list-all
mkfs.btrfs crux.butterfs
mount crux.butterfs lala/

Bootstrap

deploy the file-system

# only xz there
ls -lhF ~/ISO-IMAGES/loop/crux/core/ | grep -v .tar.xz$

# no need for rootfs apparently
#bsdtar xJf ~//ISO-IMAGES/loop/rootfs.tar.xz -C lala/

for pkg in ~/ISO-IMAGES/loop/crux/core/*.tar.xz; do
    echo -n $pkg ...
    bsdtar xJf $pkg -C lala/ && echo done
done; unset pkg

# we want ping command
bsdtar xJf ~/ISO-IMAGES/loop/crux/opt/iputils*.tar.xz -C lala/

# mhm we would need to bind the loop/ folder into the chroot for that
mkdir -p lala/var/lib/pkg/
touch lala/var/lib/pkg/db
for pkg in core/*.pkg.tar.xz; do
    chroot pkgadd $pkg
done; unset pkg

du -sh lala/
# v3.6.1 -- 671M
# v3.7 -- 2.2G @reiser4

push some kernel modules in there

ls -lhF lala/lib/modules/ # not yet
tar xzf /data/kernels/5.2.21.domureiser4.modules.tar.gz -C lala/lib/modules/

and proceed with system preparation

echo modprobe tmem >> lala/etc/rc.modules
ls -lF lala/etc/rc.modules # already executable

cp -pi lala/etc/rc lala/etc/rc.dist
vi lala/etc/rc # remove hwclock

cp -pi lala/etc/rc.shutdown lala/etc/rc.shutdown.dist
vi lala/etc/rc.shutdown # remove hwclock

cp -pi lala/etc/fstab lala/etc/fstab.dist
vi lala/etc/fstab

/dev/xvda1 / reiser4 defaults 0 1
#/dev/xvda1 / btrfs defaults 0 0

devpts                 /dev/pts  devpts    noexec,nosuid,gid=tty,mode=0620  0      0
shm                    /dev/shm  tmpfs     defaults                         0      0

cp -pi lala/etc/inittab lala/etc/inittab.dist
vi lala/etc/inittab

#c1:2:respawn:/sbin/agetty --noclear 38400 tty1 linux
c1:2:respawn:/sbin/agetty --noclear 115200 hvc0 xterm

(and remove c2 to c6)

cp -pi lala/etc/rc.conf lala/etc/rc.conf.dist
vi lala/etc/rc.conf

TIMEZONE=Europe/Moscow
#TIMEZONE=Europe/Paris
HOSTNAME=crux

SERVICES=(lo net crond sshd)

cp -pi lala/etc/profile lala/etc/profile.dist
vi lala/etc/profile

case "$-" in *i*)
    alias ll='ls --color=auto --group-directories-first -alh'
    alias ls='ls --color=auto --group-directories-first'
    alias rm='rm -i'
    alias cp='cp -i'
    alias mv='mv -i'
    ;;
esac

in case you want to reach the console without a password, you need first to define a password (renewal is enforced somehow) and only then delete it

#unalias pwgen
#pwgen 16 1 | chroot lala/ chpasswd

chroot lala/ passwd root
chroot lala/ passwd --delete --unlock root
#chroot lala/ usermod --expiredate "" --inactive -1 --unlock root
#chroot lala/ usermod -p '*' root

setup networking

cp -pi lala/etc/rc.d/net lala/etc/rc.d/net.dist
vi lala/etc/rc.d/net

TYPE="static"
...
DEV=eth0
ADDR=x.x.x.x
MASK=24
GW=x.x.x.x

# dedibox
cat > lala/etc/resolv.conf <<EOF
nameserver 62.210.16.6
nameserver 62.210.16.7
EOF

cp -pi lala/etc/hosts lala/etc/hosts.dist
vi lala/etc/hosts

x.x.x.x crux

ready to go

umount /root/ISO-IMAGES/loop/

umount lala/
rmdir lala/
vi crux

kernel = "/data/kernels/5.2.21.domureiser4.vmlinuz"
root = "/dev/xvda1 ro console=hvc0 net.ifnames=0 biosdevname=0 mitigations=off"
name = "crux"
vcpus = 2
memory = 1024
disk = ['file:/root/guests/crux/crux.reiser4,xvda1,w']
#disk = ['file:/root/guests/crux/crux.butterfs,xvda1,w']
vif = [ 'bridge=guestbr0,vifname=crux0','bridge=br0,vifname=crux1' ]

xl create crux -c

Acceptance

pkginfo -i | grep bash
pkginfo -i | grep iputils

ping -c1 -W1 opendns.com
curl -I https://www.opendns.com/

Packages

ports -u
prt-get install bash-completion

Make it a template

updatedb
history -c
#rm -f .bash_history
^]

xl shu crux

Toubleshooting

You are required to change your password immediately (administrator enforced)
login[266]: pam_unix(login:account): expired password for user root (root enforced)

You are required to change your password immediately (administrator enforced)
usermod: PAM: Authentication token is no longer valid; new one required

==> I did not manage to avoid this issue while trying to setup a password-less root account

pkgadd: could not open /var/lib/pkg/db: No such file or directory

==> just create that folder and touch the db file

Resources

crux

https://crux.nu/gitweb/?p=system/iso.git;a=tree

https://crux.nu/gitweb/?p=system/iso.git;a=blob;f=Makefile

https://crux.nu/Wiki/SignedPorts

handbook chapter 3 https://crux.nu/Main/Handbook3-4#ntoc9

handbook chapter 4 https://crux.nu/Main/Handbook3-4-Install

tar append

https://www.gnu.org/software/tar/manual/html_node/appending-files.html

https://www.crybit.com/add-files-to-an-existing-tar-archive/

https://www.tecmint.com/18-tar-command-examples-in-linux/

xen

https://pravinchavan.wordpress.com/2013/08/16/creating-paravirtualized-domain-on-xen/

https://wiki.xen.org/wiki/Blktap2


HOME | GUIDES | LECTURES | LAB | SMTP HEALTH | HTML5 | CONTACT
Copyright © 2024 Pierre-Philipp Braun