CIS 228 - Oakton Community College



CIS 228 - UNIX System Administration

Virtual program execution under LINUX:

DOSBox, Windows Emulation (wine), chroot jail, Linux Containers (lxc), KVM/ Xen, VirtualBox

DOS Compatibility Tools

Read man page on mtools, dos2unix, unix2dos.

Running DOS under LINUX: DOSBOX (DOSEMU is no longer supported)

1) Mount /dev/sda1 as a R/O NTFS drive at /mnt/Windows

2) yum install dosbox

3) Start DOSBox

4) mount c /root

5) c: , z:

6) mount d /mnt/cdrom

7) Insert a DVD into the CDROM drive mounted as /mnt/cdrom

8) d: , z:

9) exit

Running Windows Emulation (WINE) under LINUX

10) Install all WINE packages (yum install wine or from DVD)

11) Run winecfg. Does anything unusual occur?

12) Under Drives, run autodetect. See what appears

13) Find wordpad.exe under /mnt/Windows

14) Copy wordpad.exe and msfc*.dll to ~/.wine/windows

15) From a terminal session: cd ~/.wine/drive_c/windows, run: wine wordpad.exe

16) Go to Applications/Wine/wine configuration

17) Add wordpad.exe as Windows 2000 application

18) Right click on Applications, go to Wine, Add wordpad.exe from Browse Tab

19) Copy putty.exe and add it to the Wine Menu \

20) Copy putty.exe, go to Win File and run it. Add it to the Wine menu

Related commands: wine, winecfg,

CIS 228 - UNIX System Administration

Standard Chroot Jail (Fedora)

Creating a chroot jail, as root, give the command:

/usr/sbin/chroot .

The directory becomes the root directory, and the process attempts to run the default shell.

21) To create an ordinary user chroot jail, as ROOT:

useradd user8

passwd user8

22) Create jailed directories:

cd /home/user8

mkdir /home/user8/etc

mkdir /home/user8/dev

mkdir /home/user8/bin

mkdir /home/user8/lib

mkdir /home/user8/lib64 (64 bit omage)

ls –al (Note root ownership)

23) Change ownership to the ordinary user:

chown user8 *

ls –al (note user8 ownership)

24) Determine which utilities the chroot jail needs. Copy the appropriate binaries and their .so libraries ( as listed by the ldd command) into the jail.

Below displays will be /lib for 32 bit /lib64 for 64 bit image. Substitute as necessary.

cp /bin/ls ./bin

cp /bin/bash ./bin

cp /bin/echo ./bin

ldd /bin/ls

linux-gate.so.1 => (0xb77b6000)

libselinux.so.1 => /lib/libselinux.so.1 (0x46af0000)

librt.so.1 => /lib/librt.so.1 (0x46967000)

libcap.so.2 => /lib/libcap.so.2 (0x46cba000)

libacl.so.1 => /lib/libacl.so.1 (0x47837000)

libc.so.6 => /lib/libc.so.6 (0x467b6000)

libdl.so.2 => /lib/libdl.so.2 (0x46960000)

/lib/ld-linux.so.2 (0x46794000)

libpthread.so.0 => /lib/libpthread.so.0 (0x46944000)

libattr.so.1 => /lib/libattr.so.1 (0x477f6000)

ldd /bin/bash

linux-gate.so.1 => (0xb770e000)

libtinfo.so.5 => /lib/libtinfo.so.5 (0x480ad000)

libdl.so.2 => /lib/libdl.so.2 (0x46960000)

libgcc_s.so.1 => /lib/libgcc_s.so.1 (0x469b6000)

libc.so.6 => /lib/libc.so.6 (0x467b6000)

/lib/ld-linux.so.2 (0x46794000)

ldd /bin/echo

linux-gate.so.1 => (0xb7790000)

libc.so.6 => /lib/libc.so.6 (0x467b6000)

/lib/ld-linux.so.2 (0x46794000)

cp /lib/libdl.so.2 ./lib

cp /lib/libtinfo.so.5 /lib

cp /lib/libtinfo.so.5 ./lib

cp /lib/libselinux.so.1 ./lib

cp /lib/libselinux.so.1 ./lib

cp /lib/ld-linux.so.2 ./lib

cp /lib/libc.so.6 ./lib

cp /lib/libgcc_s.so.1 ./lib

cp /lib/librt.so.1 ./lib

cp /lib/libcap.so.2 ./lib

cp /lib/libc.so.6 ./lib

cp /lib/libacl.so.1 ./lib

cp /lib/libdl.so.2 ./lib

cp /lib/libpthread.so.0 ./lib

cp /lib/libattr.so.1 ./lib

25) Run the process from chroot:

chroot /home/user8 /bin/ls

bin dev etc lib

chroot /home/user8 /bin/echo hi there

hi there

26) As an ordinary user:

exit (root)

su - user8

pwd

chroot /home/user8 /bin/ls ... chroot: cannot change root directory to /home/user8: Operation not permitted

27) As root:

su -c "chroot /home/user8 /bin/ls"

You can also automate the process for user8 login. However chroot jails are less common than before, most daemon processes come with their own “chroot jail” procedures – Apache, BIND, SSH, etc. and are application specific.

CIS 228 - UNIX System Administration

Running Linux Application Containers (lxc) - (similar to BSD “chroot jail” OR Solaris zones”)

Ubunti 16.04 LTS procedure. Install the software:

28) apt-get install lxc lxc-templates lxc-extra debootstrap libvirt perl gpg

29) lxc-create -t download -n ubuntu-c1 -- -d ubuntu -r xenial -a amd64

30) chroot /var/lib/lxc/ubuntu-c1/rootfs/ passwd ubuntu (set password for ubuntu id)

31) chroot /var/lib/lxc/ubuntu-c1/rootfs/ passwd (lock out root)

32) lxc-start -n ubuntu-c1

33) lxc-console -n ubuntu-c1

34) apt-get install openssh-server (inside lxc)

35) lxc-info -n ubuntu-c1

36) lxc-ps

37) To exit from lxc-console type Ctrl+a q to exit the console session and back to the host.

Fedora 25 procedure:

38) dnf install lxc lxc-templates lxc-extra debootstrap libvirt perl gpg

39) sudo systemctl start libvirtd.service

40) systemctl start lxc.service

41) systemctl enable lxc.service

42) systemctl status libvirtd.service

43) systemctl status lxc.service

44) brctl show

45) vi /etc/lxc/default.conf

work.type = veth

work.link = virbr0

work.flags = up

work.hwaddr = 00:16:3e:xx:xx:xx

46) systemctl status libvirtd.service | grep range

47) lxc-checkconfig

48) lxc-create -t download -n ubuntu-c1 -- -d ubuntu -r xenial -a amd64

49) chroot /var/lib/lxc/ubuntu-c1/rootfs/ passwd ubuntu

50) chroot /var/lib/lxc/ubuntu-c1/rootfs/ passwd

51) lxc-start -n ubuntu-c1

52) lxc-console -n ubuntu-c1

Others:

lxc-create -t download -n debian-c1 -- -d debian -r stretch -a amd64

chroot /var/lib/lxc/debian-c1/rootfs/ passwd

lxc-start -n debian-c1

lxc-console -n debian-c1

lxc-create -t download -n centos-c1 -- -d centos -r 7 -a amd64

chroot /var/lib/lxc/centos-c1/rootfs/ passwd

$ sudo lxc-start -n centos-c1

$ lxc-console -n centos-c1

lxc-create -t download -n fedora-c1 -- -d fedora -r 25 -a amd64

chroot /var/lib/lxc/fedora-c1/rootfs/ passwd

$ sudo lxc-start -n fedora-c1

$ lxc-console -n fedora-c1

Running Kernel Virtual Machines (kvm)

53) yum install kvm virt-manager virt-viewer libvirt libvirt-python virtinst gnome-applet-vm

54) service libvirtd start

55) virt-manager

56) Right click on localhost

57) New, Install from media

58) Start OS from virt-manager

59)

Running VirtualBOX (Oracle)

60) cd /etc/yum.repos.d/

61) wget or /virtualbox.repo

62) yum check-update

63) yum install gcc kernel-devel kernel-headers

64) KERN_DIR=/usr/src/kernels/`uname –r` …Add –`uname –m` for RHEL

65) Export KERN_DIR

66) yum install VirtualBox-3.2 o4 4.0

67) usermod -a -G vboxusers user1

68) Run virtualbox from command line or use menu selection

Running Xen (LINUX Hypervisor)

See:

50) yum -y install xen xen-hypervisor xen-libs xen-runtime

chkconfig xend on

chkconfig xendomains on

51) reboot, verify that Xen is running:

# xm dmesg | head

52) Start tools and daemoons

yum -y install virt-manager dejavu* xorg-x11-xauth

yum -y install libvirt-daemon-driver-network libvirt-daemon-driver-storage libvirt-daemon-xen

chkconfig libvirtd on

service libvirtd start

53) ssh -X hypervisor. and run virt-manager.

54) yum -y install libvirt-daemon-config-network libvirt-daemon-config-nwfilter

service libvirtd restart

See

See

Discuss: Virtualization Issues

Docker Containers (to be updated)

Sign up at hub.

dnf install docker

dnf install docker-latest

dnf install docker*

dnf install docker-latest*

systemctl start docker

systemctl enable docker (to start at boot)

systemctl disable docker

docker run hello-world

docker pull ubuntu

docker run -it ubuntu /bin/sh

Docker basics:

docker ps ... display running containers

docker ps -a ... display container run history

docker version

docker info

docker images ... search local images

docker search {os} ... search available images

docker pull {image}

docker run -it {image} cmd

docker exec -it {image} bash

docker commit (after changes)

docker logs

Install Terminal interface

dnf install sen

Configure Docker:

/etc/sysconfig/docker

Roll your own

In a directory:

nano Dockerfile

FROM ubuntu:latest

CMD env

Build the image

docker build -t "my-image" . (NOTE THE PERIOND AT THE END!)

docker run -it my-image bash

Add a user to the Docker control group

groupadd docker && sudo gpasswd -a user1 docker && sudo systemctl restart docker

newgrp docker

................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download