XEN PVH // Sabotage Linux

Requirements

either grab some stage2 or build it yourself

cd /data/kernels/
wget http://mirrors.2f30.org/sabotage/sabotage-1.1.19-x86_64-rootfs-stage2-e0b6285a.tar.xz

Virtual disk

mkdir sabotage/
cd sabotage/

sparse file

dd if=/dev/zero of=sabotage.reiser4 bs=1G count=0 seek=10
mkfs.reiser4 -fy sabotage.reiser4
mkdir lala/
mount sabotage.reiser4 lala/

#mkfs.ext4...
#tune2fs -O ^metadata_csum sabotage.reiser4

LVM2 thin-provisioning

mkfs.ext4 /dev/drbd2
tune2fs -O ^metadata_csum /dev/drbd2
mkdir lala/
mount /dev/drbd2 lala/

Bootstrap

tar xJf /data/kernels/sabotage-1.1.19-x86_64-rootfs-stage2-e0b6285a.tar.xz -C lala/
cp -pi lala/etc/fstab lala/etc/fstab.dist
vi lala/etc/fstab

/dev/xvda1             /             reiser4   defaults            0      1

cp -R lala/etc/service/ttyS0/ lala/etc/service/hvc0/
vi lala/etc/service/hvc0/run

exec getty -L 38400 hvc0 linux

mkdir lala/lib/modules/
tar xzf /data/kernels/5.2.21.domureiser4.modules.tar.gz -C lala/lib/modules/
ls -lhF lala/lib/modules/
vi lala/etc/rc.boot # remove hwclock
vi lala/etc/rc.shutdown # remove hwclock
vi lala/etc/rc.modules

#!/bin/sh
modprobe tmem

chmod +x lala/etc/rc.modules

vi lala/etc/rc.local

    do_static_ip=true

[...]

    if=eth0
    ip=x.x.x.x
    nm=255.255.255.0
    gw=x.x.x.x

    vi lala/etc/profile

    TZ="Europe/Moscow"
    TZ="Europe/Paris"

[...]

case "$-" in *i*)
    alias ll='ls -alhF --color=auto'
    alias cp='cp -i'
    alias mv='mv -i'
    alias rm='rm -i'
    ;;
esac

du -sh lala/
#174M // 454M -- is this caused by ext4 vs reiser4?!
umount lala/
rmdir lala/

Skeleton

ls -lhF /data/kernels/*vmlinuz*
vi sabotage

INTERNAL NETWORK br0

kernel = "/data/kernels/5.2.21.domureiser4.vmlinuz"
root = "/dev/xvda1 ro console=hvc0 mitigations=off"
name = "sabotage"
vcpus = 3
maxvcpus = 8
memory = 7168
disk = ['tap:tapdisk:aio:/data/guests/sabotage/sabotage.reiser4,xvda1,w']
vif = [ 'bridge=br0, vifname=sabotage.0' ]
type = "pvh"

#extra = "init=/bin/bash"
#disk = ['tap:tapdisk:aio:/data/guests/sabotage/sabotage.ext4,xvda1,w']
#disk = ['phy:/dev/vdisks/thin1,xvda1,w']

xl create sabotage -c # default password is sabotage

You can now proceed with post-installation as such

mount -o remount,rw /

install a few packages

ping -c3 opendns.com
#butch search ksh
#butch install mksh
butch install openssh
butch-install-service openssh /var/service/openssh/run
#butch install htop

and eventually setup your environment and MKSH

Ready to go

You’re now ready to reboot and switch to read-only mode.

reboot

your system should be read-only but /var/ and /tmp/

mount

TODO

enable TMEM or something

fix that

/etc/rc.boot: line 23: can't create /proc/sys/kernel/hotplug: nonexistent directory

Resources

http://mirrors.2f30.org/sabotage/

Runit tools in busybox - up to the task? https://busybox.net/kill_it_with_fire.txt


HOME | GUIDES | BENCHMARKS | html