Pambuka saka penerjemah: Ing latar mburi entri massive menyang urip kita saka macem-macem jinis kontaner, iku bisa cukup menarik lan migunani kanggo mangerteni karo teknologi apa iku kabeh diwiwiti sapisan. Sawetara wong bisa migunani nganti saiki, nanging ora saben wong ngelingi cara kasebut (utawa ngerti yen dheweke ora kejiret sajrone perkembangane kanthi cepet). Salah sawijining teknologi kasebut yaiku User Mode Linux. Penulis asli nindakake akeh penggalian, ngerteni endi pangembangan lawas sing isih bisa digunakake lan sing ora, lan nggabungake kaya instruksi langkah-langkah babagan carane nggawe UML homebrew ing 2k19. Lan ya, kita ngajak penulis kiriman asli menyang Habr Cadey, dadi yen sampeyan duwe pitakon - takon nganggo basa Inggris ing komentar.
Mode Panganggo ing Linux, nyatane, port kernel Linux kanggo awake dhewe. Mode iki ngidini sampeyan mbukak kernel Linux lengkap minangka proses pangguna lan umume digunakake dening pangembang kanggo nyoba driver. Nanging mode iki uga migunani minangka alat isolasi umum, prinsip sing padha karo operasi mesin virtual. Mode iki menehi isolasi luwih akeh tinimbang Docker, nanging kurang saka mesin virtual lengkap kaya KVM utawa Virtual Box.
Umumé, Mode Panganggo bisa uga katon kaya alat sing aneh lan angel digunakake, nanging isih ana gunane. Sawise kabeh, iki minangka kernel Linux lengkap sing mlaku saka pangguna sing ora duwe hak istimewa. Fitur iki ngidini kode potensial ora dipercaya kanggo mbukak tanpa ancaman kanggo mesin inang. Lan amarga iki minangka kernel lengkap, proses kasebut diisolasi saka mesin inang, yaiku pangolahan sing mlaku ing Mode Panganggo ora bakal katon ing host. Iki ora kaya wadhah Docker biasanipun, ing kasus iki mesin inang tansah ndeleng pangolahan ing gudang. Deleng potongan pstree iki saka salah sawijining serverku:
Lan mbandhingake iki karo pstree kernel Linux ing Mode Panganggo:
linux─┬─5*[linux]
└─slirp
Nalika nggarap kontaner Docker, aku bisa ndeleng saka host jeneng pangolahan sing mlaku ing tamu. Kanthi Mode Panganggo Linux, iki ora bisa ditindakake. Iki artine apa? Iki tegese alat ngawasi sing mlaku liwat subsistem audit Linux ora weruh pangolahan mlaku ing sistem tamu. Nanging ing sawetara kahanan, fitur iki bisa dadi pedhang pindho.
Umumé, kabeh kiriman ing ngisor iki minangka koleksi riset lan upaya kasar kanggo entuk asil sing dikarepake. Kanggo nindakake iki, aku kudu nggunakake macem-macem alat kuno, maca sumber kernel, nindakake debugging intensif kode sing ditulis nalika isih SD, lan uga tinker karo Heroku mbangun nggunakake binar khusus kanggo nemokake alat sing dibutuhake. . Kabeh karya iki nyebabake wong lanang ing IRCku nelpon aku sihir. Muga-muga kiriman iki bisa dadi dokumentasi sing dipercaya kanggo wong sing nyoba perkara sing padha karo kernel lan versi OS sing luwih anyar.
imbuhan
Nyiyapake Mode Panganggo Linux rampung ing sawetara langkah:
nginstal dependensi ing host;
ngundhuh kernel Linux;
konfigurasi mbangun kernel;
rakitan kernel;
instalasi binar;
ngatur sistem file tamu;
pilihan paramèter peluncuran kernel;
nyetel jaringan tamu;
miwiti kernel tamu.
Aku nganggep yen sampeyan arep nindakake dhewe, sampeyan bakal bisa nindakake kabeh sing diterangake ing sawetara sistem Ubuntu utawa Debian. Aku nyoba kanggo ngleksanakake kabeh ing ndhuwur ing distribusi favorit - Alpine, nanging ora ana sing teka saka iku, ketoke amarga kasunyatan sing kernel Linux wis hard-naleni glibc-isms kanggo pembalap ing Mode Panganggo. Aku rencana kanggo laporan iki kanggo hulu sawise aku pungkasanipun ngerti masalah.
Nginstal dependensi ing host
Ubuntu mbutuhake paling ora paket ing ngisor iki kanggo mbangun kernel Linux (assuming instalasi resik):
Elinga yen mbukak program persiyapan menu kernel Linux mbutuhake instalasi libncurses-dev. Priksa manawa wis diinstal nganggo printah ing ngisor iki (minangka root utawa sudo):
apt-get -y install libncurses-dev
Ngundhuh kernel
Temtokake ngendi arep ngundhuh lan banjur gawe kernel. Kanggo operasi iki, sampeyan kudu nyedhiakke babagan 1,3 GB papan hard disk, supaya priksa manawa sampeyan duwe.
Saiki kita ngetik direktori sing digawe nalika mbongkar tarball:
cd linux-5.1.16
Persiyapan mbangun kernel
Sistem mbangun kernel minangka set Makefiles с akeh alat lan skrip khusus kanggo ngotomatisasi proses kasebut. Pisanan, bukak program persiyapan interaktif:
make ARCH=um menuconfig
Sebagean bakal mbangun lan nampilake kothak dialog kanggo sampeyan. kapan'[Select]', sampeyan bakal bisa ngatur nggunakake tombol Space utawa Enter. Navigasi jendhela, kaya biasane, nganggo panah keyboard "munggah" lan "mudhun", lan pilih unsur - "kiwa" utawa "tengen".
Penunjuk tampilan -> tegese sampeyan ana ing submenu, diakses dening tombol Enter. Cara metu saka iku temenan liwat '[Exit]'.
Kalebu pilihan ing ngisor iki ing '[Select]' lan priksa manawa ana '[*]' ing jejere:
UML-specific Options:
- Host filesystem
Networking support (enable this to get the submenu to show up):
- Networking options:
- TCP/IP Networking
UML Network devices:
- Virtual network device
- SLiRP transport
Iku, sampeyan bisa metu saka jendhela iki kanthi milih '[Exit]'. Priksa manawa sampeyan dijaluk nyimpen konfigurasi ing pungkasan banjur pilih '[Yes]'.
Aku nyaranake sampeyan muter-muter karo opsi mbangun kernel sawise maca kirim iki. Liwat eksperimen kasebut, sampeyan bisa sinau akeh babagan ngerteni karya mekanika kernel tingkat rendah lan pengaruh macem-macem panji ing perakitan.
Nggawe kernel
Kernel Linux minangka program gedhe sing nindakake akeh perkara. Malah kanthi konfigurasi minimal ing hardware lawas, bisa uga cukup suwe kanggo mbangun. Dadi mbangun kernel kanthi printah ing ngisor iki:
make ARCH=um -j$(nproc)
Kanggo apa? Printah iki bakal ngandhani pembangun supaya nggunakake kabeh intine lan benang CPU sing kasedhiya ing proses mbangun. tim $(nproc) ing mburi Mbangun substitutes output saka printah nproc, kang minangka bagéan saka coreutils ing mbangun Ubuntu standar.
Sawise sawetara wektu, kernel kita bakal dikompilasi dadi file sing bisa dieksekusi ./linux.
Nginstal binar
Wiwit Mode Panganggo ing Linux nggawe binar biasa, sampeyan bisa nginstal kaya sarana liyane. Mangkene carane aku nindakake:
mkdir -p ~/bin
cp linux ~/bin/linux
Iku uga worth nggawe manawa ~/bin ana ing Panjenengan $PATH:
export PATH=$PATH:$HOME/bin
Nyetel sistem file tamu
Nggawe direktori kanggo sistem file tamu:
mkdir -p $HOME/prefix/uml-demo
cd $HOME/prefix
Bukak alpinelinux.org lan mlebu bagean download golek link download nyata MINI ROOT FILESYSTEM. Nalika nulis iki:
Saiki ketik direktori sistem file tamu lan ekstrak arsip:
cd uml-demo
tar xf ../alpine-rootfs.tgz
Tumindak sing diterangake bakal nggawe cithakan sistem file cilik. Amarga sifat sistem kasebut, bakal angel banget nginstal paket liwat manajer apk Alpine. Nanging FS iki bakal cukup kanggo ngevaluasi gagasan umum.
Kita uga butuh alat tini kanggo ngalangi konsumsi memori pangolahan zombie kernel tamu kita.
wget -O tini https://github.com/krallin/tini/releases/download/v0.18.0/tini-static
chmod +x tini
Nggawe baris printah kernel
Kernel Linux, kaya umume program liyane, nduweni argumen baris perintah sing bisa diakses kanthi nemtokake kunci kasebut --help.
Dhewe - bantuan
linux --help
User Mode Linux v5.1.16
available at http://user-mode-linux.sourceforge.net/
--showconfig
Prints the config file that this UML binary was generated from.
iomem=<name>,<file>
Configure <file> as an IO memory region named <name>.
mem=<Amount of desired ram>
This controls how much "physical" memory the kernel allocates
for the system. The size is specified as a number followed by
one of 'k', 'K', 'm', 'M', which have the obvious meanings.
This is not related to the amount of memory in the host. It can
be more, and the excess, if it's ever used, will just be swapped out.
Example: mem=64M
--help
Prints this message.
debug
this flag is not needed to run gdb on UML in skas mode
root=<file containing the root fs>
This is actually used by the generic kernel in exactly the same
way as in any other kernel. If you configure a number of block
devices and want to boot off something other than ubd0, you
would use something like:
root=/dev/ubd5
--version
Prints the version number of the kernel.
umid=<name>
This is used to assign a unique identity to this UML machine and
is used for naming the pid file and management console socket.
con[0-9]*=<channel description>
Attach a console or serial line to a host channel. See
http://user-mode-linux.sourceforge.net/old/input.html for a complete
description of this switch.
eth[0-9]+=<transport>,<options>
Configure a network device.
aio=2.4
This is used to force UML to use 2.4-style AIO even when 2.6 AIO is
available. 2.4 AIO is a single thread that handles one request at a
time, synchronously. 2.6 AIO is a thread which uses the 2.6 AIO
interface to handle an arbitrary number of pending requests. 2.6 AIO
is not available in tt mode, on 2.4 hosts, or when UML is built with
/usr/include/linux/aio_abi.h not available. Many distributions don't
include aio_abi.h, so you will need to copy it from a kernel tree to
your /usr/include/linux in order to build an AIO-capable UML
nosysemu
Turns off syscall emulation patch for ptrace (SYSEMU).
SYSEMU is a performance-patch introduced by Laurent Vivier. It changes
behaviour of ptrace() and helps reduce host context switch rates.
To make it work, you need a kernel patch for your host, too.
See http://perso.wanadoo.fr/laurent.vivier/UML/ for further
information.
uml_dir=<directory>
The location to place the pid and umid files.
quiet
Turns off information messages during boot.
hostfs=<root dir>,<flags>,...
This is used to set hostfs parameters. The root directory argument
is used to confine all hostfs mounts to within the specified directory
tree on the host. If this isn't specified, then a user inside UML can
mount anything on the host that's accessible to the user that's running
it.
The only flag currently supported is 'append', which specifies that all
files opened by hostfs will be opened in append mode.
Panel iki nyorot paramèter utama peluncuran. Ayo mbukak kernel kanthi pilihan minimal sing dibutuhake:
linux
root=/dev/root
rootfstype=hostfs
rootflags=$HOME/prefix/uml-demo
rw
mem=64M
init=/bin/sh
Garis ing ndhuwur ngandhani kernel kita ing ngisor iki:
Anggap sistem file root minangka piranti pseudo /dev/root.
Pasang sistem file tamu sing digawe ing piranti root.
Lan ya, ing mode maca-tulis.
Gunakake mung 64 MB RAM (sampeyan bisa nggunakake akeh kurang gumantung apa rencana apa, nanging 64 MB misale jek kaya jumlah optimal).
Kernel diwiwiti kanthi otomatis /bin/sh carane init- proses.
Jalanake printah iki lan sampeyan kudu entuk kaya ing ngisor iki:
Siji lembar maneh
Core dump limits :
soft - 0
hard - NONE
Checking that ptrace can change system call numbers...OK
Checking syscall emulation patch for ptrace...OK
Checking advanced syscall emulation patch for ptrace...OK
Checking environment variables for a tempdir...none found
Checking if /dev/shm is on tmpfs...OK
Checking PROT_EXEC mmap in /dev/shm...OK
Adding 32137216 bytes to physical memory to account for exec-shield gap
Linux version 5.1.16 (cadey@kahless) (gcc version 7.4.0 (Ubuntu 7.4.0-1ubuntu1~18.04.1)) #30 Sun Jul 7 18:57:19 UTC 2019
Built 1 zonelists, mobility grouping on. Total pages: 23898
Kernel command line: root=/dev/root rootflags=/home/cadey/dl/uml/alpine rootfstype=hostfs rw mem=64M init=/bin/sh
Dentry cache hash table entries: 16384 (order: 5, 131072 bytes)
Inode-cache hash table entries: 8192 (order: 4, 65536 bytes)
Memory: 59584K/96920K available (2692K kernel code, 708K rwdata, 588K rodata, 104K init, 244K bss, 37336K reserved, 0K cma-reserved)
SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=1, Nodes=1
NR_IRQS: 15
clocksource: timer: mask: 0xffffffffffffffff max_cycles: 0x1cd42e205, max_idle_ns: 881590404426 ns
Calibrating delay loop... 7479.29 BogoMIPS (lpj=37396480)
pid_max: default: 32768 minimum: 301
Mount-cache hash table entries: 512 (order: 0, 4096 bytes)
Mountpoint-cache hash table entries: 512 (order: 0, 4096 bytes)
Checking that host ptys support output SIGIO...Yes
Checking that host ptys support SIGIO on close...No, enabling workaround
devtmpfs: initialized
random: get_random_bytes called from setup_net+0x48/0x1e0 with crng_init=0
Using 2.6 host AIO
clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604462750000 ns
futex hash table entries: 256 (order: 0, 6144 bytes)
NET: Registered protocol family 16
clocksource: Switched to clocksource timer
NET: Registered protocol family 2
tcp_listen_portaddr_hash hash table entries: 256 (order: 0, 4096 bytes)
TCP established hash table entries: 1024 (order: 1, 8192 bytes)
TCP bind hash table entries: 1024 (order: 1, 8192 bytes)
TCP: Hash tables configured (established 1024 bind 1024)
UDP hash table entries: 256 (order: 1, 8192 bytes)
UDP-Lite hash table entries: 256 (order: 1, 8192 bytes)
NET: Registered protocol family 1
console [stderr0] disabled
mconsole (version 2) initialized on /home/cadey/.uml/tEwIjm/mconsole
Checking host MADV_REMOVE support...OK
workingset: timestamp_bits=62 max_order=14 bucket_order=0
Block layer SCSI generic (bsg) driver version 0.4 loaded (major 254)
io scheduler noop registered (default)
io scheduler bfq registered
loop: module loaded
NET: Registered protocol family 17
Initialized stdio console driver
Using a channel type which is configured out of UML
setup_one_line failed for device 1 : Configuration failed
Using a channel type which is configured out of UML
setup_one_line failed for device 2 : Configuration failed
Using a channel type which is configured out of UML
setup_one_line failed for device 3 : Configuration failed
Using a channel type which is configured out of UML
setup_one_line failed for device 4 : Configuration failed
Using a channel type which is configured out of UML
setup_one_line failed for device 5 : Configuration failed
Using a channel type which is configured out of UML
setup_one_line failed for device 6 : Configuration failed
Using a channel type which is configured out of UML
setup_one_line failed for device 7 : Configuration failed
Using a channel type which is configured out of UML
setup_one_line failed for device 8 : Configuration failed
Using a channel type which is configured out of UML
setup_one_line failed for device 9 : Configuration failed
Using a channel type which is configured out of UML
setup_one_line failed for device 10 : Configuration failed
Using a channel type which is configured out of UML
setup_one_line failed for device 11 : Configuration failed
Using a channel type which is configured out of UML
setup_one_line failed for device 12 : Configuration failed
Using a channel type which is configured out of UML
setup_one_line failed for device 13 : Configuration failed
Using a channel type which is configured out of UML
setup_one_line failed for device 14 : Configuration failed
Using a channel type which is configured out of UML
setup_one_line failed for device 15 : Configuration failed
Console initialized on /dev/tty0
console [tty0] enabled
console [mc-1] enabled
Failed to initialize ubd device 0 :Couldn't determine size of device's file
VFS: Mounted root (hostfs filesystem) on device 0:11.
devtmpfs: mounted
This architecture does not have kernel memory protection.
Run /bin/sh as init process
/bin/sh: can't access tty; job control turned off
random: fast init done
/ #
Manipulasi ing ndhuwur bakal menehi kita sistem tamu ing minimal, tanpa barang kaya /proc utawa jeneng host sing diutus. Contone, coba printah ing ngisor iki:
- uname -av
- cat /proc/self/pid
- hostname
Kanggo metu saka tamu, ketik exit utawa pencet kontrol-d. Iki bakal mateni cangkang diikuti karo panik kernel:
/ # exit
Kernel panic - not syncing: Attempted to kill init! exitcode=0x00000000
fish: “./linux root=/dev/root rootflag…” terminated by signal SIGABRT (Abort)
Kita entuk panik kernel iki amarga kernel Linux mikir proses inisialisasi tansah mlaku. Tanpa iku, sistem ora bisa maneh fungsi lan kacilakan. Nanging amarga iki minangka proses mode pangguna, output sing diasilake dikirim menyang SIGABRT, sing ngasilake output.
Persiyapan jaringan tamu
Lan iki ngendi iku wiwit salah. Jaringan ing Mode Panganggo Linux yaiku ing ngendi kabeh konsep "mode pangguna" winates wiwit ambruk. Sawise kabeh, biasane ing tingkat sistem, jaringan diwatesi ndarbeni hak istimewa mode eksekusi kanggo kabeh alasan sing bisa dingerteni.
Cathetan. saben .: sampeyan bisa maca liyane babagan opsi beda kanggo nggarap jaringan ing UML kene.
Perjalanan menyang Slirp
Nanging, ana alat kuno lan meh ora didukung sing diarani Slirane, karo User Mode Linux bisa sesambungan karo jaringan. Kerjane kaya tumpukan TCP/IP tingkat pangguna lan ora mbutuhake ijin sistem kanggo mbukak. Alat iki ana dirilis ing taun 1995, lan nganyari paling anyar wis tanggal 2006. Slirp wis lawas banget. Sajrone wektu tanpa dhukungan lan nganyari, compiler wis dadi adoh saiki alat iki mung bisa diterangake minangka kode rot.
Dadi ayo download Slirp saka repositori Ubuntu lan nyoba mbukak:
sudo apt-get install slirp
/usr/bin/slirp
Slirp v1.0.17 (BETA)
Copyright (c) 1995,1996 Danny Gasparovski and others.
All rights reserved.
This program is copyrighted, free software.
Please read the file COPYRIGHT that came with the Slirp
package for the terms and conditions of the copyright.
IP address of Slirp host: 127.0.0.1
IP address of your DNS(s): 1.1.1.1, 10.77.0.7
Your address is 10.0.2.15
(or anything else you want)
Type five zeroes (0) to exit.
[autodetect SLIP/CSLIP, MTU 1500, MRU 1500, 115200 baud]
SLiRP Ready ...
fish: “/usr/bin/slirp” terminated by signal SIGSEGV (Address boundary error)
Duh gusti. Ayo nginstal debugger Slirp lan ndeleng apa kita bisa ngerteni apa sing kedadeyan ing kene:
sudo apt-get install gdb slirp-dbgsym
gdb /usr/bin/slirp
GNU gdb (Ubuntu 8.1-0ubuntu3) 8.1.0.20180409-git
Copyright (C) 2018 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /usr/bin/slirp...Reading symbols from /usr/lib/debug/.build-id/c6/2e75b69581a1ad85f72ac32c0d7af913d4861f.debug...done.
done.
(gdb) run
Starting program: /usr/bin/slirp
Slirp v1.0.17 (BETA)
Copyright (c) 1995,1996 Danny Gasparovski and others.
All rights reserved.
This program is copyrighted, free software.
Please read the file COPYRIGHT that came with the Slirp
package for the terms and conditions of the copyright.
IP address of Slirp host: 127.0.0.1
IP address of your DNS(s): 1.1.1.1, 10.77.0.7
Your address is 10.0.2.15
(or anything else you want)
Type five zeroes (0) to exit.
[autodetect SLIP/CSLIP, MTU 1500, MRU 1500, 115200 baud]
SLiRP Ready ...
Program received signal SIGSEGV, Segmentation fault.
ip_slowtimo () at ip_input.c:457
457 ip_input.c: No such file or directory.
Kesalahan ngalahake kita baris iki. Ayo ndeleng stacktrace, bisa uga ana sing bisa nulungi kita ing kana:
(gdb) bt full
#0 ip_slowtimo () at ip_input.c:457
fp = 0x55784a40
#1 0x000055555556a57c in main_loop () at ./main.c:980
so = <optimized out>
so_next = <optimized out>
timeout = {tv_sec = 0, tv_usec = 0}
ret = 0
nfds = 0
ttyp = <optimized out>
ttyp2 = <optimized out>
best_time = <optimized out>
tmp_time = <optimized out>
#2 0x000055555555b116 in main (argc=1, argv=0x7fffffffdc58) at ./main.c:95
No locals.
Kene kita waca sing kacilakan mengkono sak daur ulang utama wiwitan nalika slirp nyoba kanggo mriksa wektu entek. Ing wektu iki, aku kudu nyerah kanggo nyoba debug. Nanging ayo kang ndeleng yen Slirp dibangun saka limo karya. Aku download maneh arsip langsung saka situs sourceforge, amarga nyeret soko saka ing kono liwat baris printah iku pain:
cd ~/dl
wget https://xena.greedo.xeserv.us/files/slirp-1.0.16.tar.gz
tar xf slirp-1.0.16.tar.gz
cd slirp-1.0.16/src
./configure --prefix=$HOME/prefix/slirp
make
Ing kene kita ndeleng tandha babagan fungsi sing dibangun sing ora ditemtokake, yaiku, babagan ora bisa nyambungake file binar sing diasilake. Katon yen antarane 2006 lan titik iki, gcc mandheg ngasilake simbol sing digunakake ing fungsi internal file kompilasi penengah. Ayo nyoba ngganti tembung kunci kasebut inline ing komentar kosong lan deleng asil:
vi slirp.h
:6
a
<enter>
#define inline /**/
<escape>
:wq
make
Ora. Iki uga ora bisa. Isih ora bisa nemokake simbol kanggo fungsi kasebut.
Ing wektu iki, aku nyerah lan miwiti nggoleki Github Heroku mbangun paket. Teoriku yaiku sawetara paket mbangun Heroku bakal ngemot binari sing dibutuhake. Ing pungkasan, panelusuran mimpin kula ing kene. Aku ngundhuh lan mbongkar uml.tar.gz lan ketemu ing ngisor iki:
total 6136
-rwxr-xr-x 1 cadey cadey 79744 Dec 10 2017 ifconfig*
-rwxr-xr-x 1 cadey cadey 373 Dec 13 2017 init*
-rwxr-xr-x 1 cadey cadey 149688 Dec 10 2017 insmod*
-rwxr-xr-x 1 cadey cadey 66600 Dec 10 2017 route*
-rwxr-xr-x 1 cadey cadey 181056 Jun 26 2015 slirp*
-rwxr-xr-x 1 cadey cadey 5786592 Dec 15 2017 uml*
-rwxr-xr-x 1 cadey cadey 211 Dec 13 2017 uml_run*
Iki binar slirp! Apa dheweke kerja?
./slirp
Slirp v1.0.17 (BETA) FULL_BOLT
Copyright (c) 1995,1996 Danny Gasparovski and others.
All rights reserved.
This program is copyrighted, free software.
Please read the file COPYRIGHT that came with the Slirp
package for the terms and conditions of the copyright.
IP address of Slirp host: 127.0.0.1
IP address of your DNS(s): 1.1.1.1, 10.77.0.7
Your address is 10.0.2.15
(or anything else you want)
Type five zeroes (0) to exit.
[autodetect SLIP/CSLIP, MTU 1500, MRU 1500]
SLiRP Ready ...
Ora nabrak - dadi kudu bisa! Ayo nandur binar iki ing ~/bin/slirp:
Loro printah konfigurasi pisanan /proc и /sys perlu kanggo karya ifconfig, sing nyetel antarmuka jaringan kanggo komunikasi karo Slirp. Tim route nyetel tabel nuntun kernel kanggo meksa kabeh lalu lintas dikirim liwat trowongan Slirp. Ayo priksa iki nganggo pitakon DNS:
Cathetan saben .: Ketoke, kiriman asli ditulis ing desktop nganggo kertu jaringan kabel, utawa sawetara konfigurasi liyane sing ora mbutuhake driver tambahan. Ing laptop karo WiFi 8265 saka Intel, ana kesalahan nalika mundhakaken jaringan
/ # ifconfig eth0 10.0.2.14 netmask 255.255.255.240 broadcast 10.0.2.15
slirp_tramp failed - errno = 2
ifconfig: ioctl 0x8914 failed: No such file or directory
/ #
Ketoke, kernel ora bisa komunikasi karo driver kertu jaringan. Nyoba kanggo ngumpulake perangkat kukuh menyang kernel, sayangé, ora ndandani kahanan. Ing wektu publikasi, ora bisa nemokake solusi ing konfigurasi iki. Ing konfigurasi sing luwih prasaja (contone, ing Virtualbox), antarmuka mundhak kanthi bener.
Ayo ngotomatisasi pangalihan nganggo skrip cangkang ing ngisor iki:
Banjur kita bakal nggawe owahan ing baris printah kernel:
linux
root=/dev/root
rootfstype=hostfs
rootflags=$HOME/prefix/uml-demo
rw
mem=64M
eth0=slirp,,$HOME/bin/slirp
init=/init.sh
Lan ayo mbaleni:
SLiRP Ready ...
networking set up
/bin/sh: can't access tty; job control turned off
nslookup google.com 8.8.8.8
Server: 8.8.8.8
Address 1: 8.8.8.8 dns.google
Name: google.com
Address 1: 172.217.12.206 lga25s63-in-f14.1e100.net
Address 2: 2607:f8b0:4004:800::200e iad30s09-in-x0e.1e100.net
Jaringan wis stabil!
file docker
Kanggo luwih gampang sampeyan mriksa kabeh iki, aku wis nglumpukake file docker, sing ngotomatisasi sebagian besar langkah sing diterangake lan kudu menehi konfigurasi sing bisa digunakake. Aku uga duwe kernel sing wis dikonfigurasi, kang wis kabeh sing diterangake ing kirim. Nanging iku penting kanggo ngerti sing kene aku wis mbatesi mung setelan minimal.
Muga-muga kiriman iki mbantu sampeyan ngerti carane ngunggahake kernel tamu. Iku dadi sawetara jenis monster, nanging publikasi iki disusun minangka pandhuan lengkap babagan mbangun, nginstal lan konfigurasi User Mode ing Linux ing versi modern saka sistem operasi saka kulawarga iki. Langkah sabanjure kudu kalebu nginstall layanan lan piranti lunak liyane sing wis ana ing sistem tamu. Wiwit gambar wadhah Docker mung tarball sing diumumake, sampeyan kudu bisa ngekstrak gambar kasebut liwat docker export, banjur nemtokake path instalasi ing ROOT saka sistem berkas kernel tamu. Inggih, banjur nglakokaké script shell.
Thanks khusus kanggo Rkeene saka #lobsters ing Freenode. Tanpa bantuan debugging Slirp, Aku ora bakal entuk iki adoh. Aku ora ngerti carane sistem Slackware kang dianggo bener karo slirp, nanging sistem Ubuntu lan Alpine ora nampa slirp lan binar Rkeene disaranake kanggo kula. Nanging cukup kanggo aku, paling ora ana sing bisa digunakake kanggo aku.