Kumaha ngamimitian nganggo Modeu Pamaké dina Linux
Bubuka ti penerjemah: Ngalawan backdrop tina asupna masif kana kahirupan urang rupa-rupa wadahna, bisa jadi rada metot jeung mangpaat pikeun manggihan kalawan téknologi naon eta sadayana dimimitian sakali. Sababaraha di antarana bisa dipake nepi ka poé ieu, tapi teu sadaya jelema apal kana métode misalna (atawa weruh lamun maranéhna teu bray salila ngembangkeun gancang maranéhanana). Salah sahiji téknologi sapertos nyaéta Pamaké Mode Linux. Panulis asli seueur ngagali, terangkeun mana tina pamekaran lami anu masih tiasa dianggo sareng anu henteu, sareng ngahijikeun hal-hal sapertos petunjuk léngkah-léngkah ngeunaan kumaha carana kéngingkeun UML homebrew dina 2k19. Na enya, urang diondang panulis pos aslina ka Habr Cadey, janten upami anjeun gaduh patarosan - tanyakeun dina basa Inggris dina koméntar.
Modeu Pamaké dina Linux, saleresna, mangrupikeun palabuhan tina kernel Linux ka dirina. Modeu ieu ngamungkinkeun anjeun ngajalankeun kernel Linux lengkep salaku prosés pangguna sareng biasana dianggo ku pamekar pikeun nguji supir. Tapi mode ieu ogé mangpaat salaku alat isolasi umum, prinsip nu sarupa jeung operasi mesin virtual. Modeu ieu nyayogikeun langkung seueur ngasingkeun tibatan Docker, tapi kirang tina mesin virtual anu lengkep sapertos KVM atanapi Virtual Box.
Sacara umum, Modeu Pamaké sigana sapertos alat anu anéh sareng sesah dianggo, tapi masih aya kagunaanana. Barina ogé, ieu mangrupikeun kernel Linux lengkep anu ngajalankeun ti pangguna anu teu boga hak istimewa. Fitur ieu ngamungkinkeun kode anu henteu dipercaya pikeun ngajalankeun tanpa ancaman kana mesin host. Sareng kusabab ieu mangrupikeun kernel anu lengkep, prosésna terasing tina mesin host, nyaéta prosés anu ngajalankeun di jero Modeu Pamaké moal katingali ku host. Ieu sanés sapertos wadah Docker biasa, dimana mesin host sok ningali prosés di jero gudang. Tingali sapotong pstree ieu tina salah sahiji server kuring:
Sareng bandingkeun ieu sareng pstree kernel Linux dina Modeu Pamaké:
linux─┬─5*[linux]
└─slirp
Nalika damel sareng wadah Docker, kuring tiasa ningali tina host nami prosés anu dijalankeun dina tamu. Kalayan Mode Pamaké Linux, ieu teu mungkin. Naon éta hartosna? Ieu ngandung harti yén alat ngawaskeun anu ngajalankeun ngaliwatan subsistem auditing Linux tong ningali prosés ngajalankeun dina sistem tamu. Tapi dina sababaraha kaayaan, fitur ieu tiasa janten pedang dua sisi.
Sacara umum, sakabéh tulisan di handap mangrupa kumpulan panalungtikan sarta usaha kasar pikeun ngahontal hasil nu dipikahoyong. Pikeun ngalakukeun ieu, kuring kedah nganggo sababaraha alat kuno, maca sumber kernel, ngalakukeun debugging intensif kode anu ditulis dina dinten-dinten nalika kuring masih di sakola dasar, sareng ogé ngintip sareng Heroku ngawangun nganggo binér khusus pikeun milarian alat anu kuring peryogikeun. . Sadaya karya ieu nyababkeun jalma-jalma di IRC kuring nyauran kuring sihir. Abdi ngarepkeun tulisan ieu janten dokuméntasi anu tiasa dipercaya pikeun jalma anu nyobian hal anu sami sareng kernels sareng versi OS anu langkung énggal.
carana ngatur
Nyetél Mode Pamaké Linux didamel ku sababaraha léngkah:
masang dependensi dina host;
ngundeur kernel Linux;
konfigurasi ngawangun kernel;
assembly kernel;
pamasangan binér;
ngonpigurasikeun sistem file tamu;
pilihan parameter peluncuran kernel;
nyetel jaringan tamu;
ngamimitian kernel tamu.
Kuring nganggap yén upami anjeun mutuskeun ngalakukeun éta nyalira, anjeun bakal paling dipikaresep ngalakukeun sadayana anu dijelaskeun dina sababaraha sistem sapertos Ubuntu atanapi Debian. Kuring nyobian ngalaksanakeun sagala di luhur dina distribusi karesep kuring - Alpine, tapi teu aya anu sumping, katingalina kusabab kanyataan yén kernel Linux ngagaduhan glibc-isme anu mengikat pikeun supir dina Modeu Pamaké. Kuring rencanana ngalaporkeun ieu ka hulu sanggeus kuring tungtungna ngartos masalahna.
Masang katergantungan dina host
Ubuntu merlukeun sahenteuna bungkusan di handap ieu pikeun ngawangun kernel Linux (anggap pamasangan bersih):
Catet yén ngajalankeun program setup menu kernel Linux peryogi pamasangan libncurses-dev. Punten pastikeun dipasang sareng paréntah di handap ieu (salaku root atanapi sudo):
apt-get -y install libncurses-dev
Ngundeur kernel
Mutuskeun dimana ngundeur lajeng ngawangun kernel. Pikeun operasi ieu, anjeun bakal kudu allocate ngeunaan 1,3 GB rohangan hard disk, jadi pastikeun Anjeun gaduh eta.
Ayeuna urang asupkeun diréktori anu diciptakeun nalika ngabongkar tarball:
cd linux-5.1.16
Pangaturan ngawangun kernel
Sistem ngawangun kernel mangrupikeun set Makefiles с loba parabot custom sarta Aksara pikeun ngajadikeun otomatis prosés. Kahiji, buka program setelan interaktif:
make ARCH=um menuconfig
Sawaréh bakal ngawangun sareng nampilkeun kotak dialog pikeun anjeun. Iraha '[Select]', Anjeun bakal tiasa ngonpigurasikeun nganggo konci Spasi atanapi Lebetkeun. Napigasi jandela, sakumaha biasa, jeung panah keyboard "up" jeung "handap", tur pilih elemen - "kénca" atawa "katuhu".
Panunjuk arah -> hartina anjeun dina submenu, diaksés ku mencét kenop Enter. Jalan kaluarna jelas ngaliwatan '[Exit]'.
Lebetkeun pilihan di handap ieu dina '[Select]' sareng pastikeun aranjeunna gaduh '[*]' gigireun aranjeunna:
UML-specific Options:
- Host filesystem
Networking support (enable this to get the submenu to show up):
- Networking options:
- TCP/IP Networking
UML Network devices:
- Virtual network device
- SLiRP transport
Éta waé, anjeun tiasa kaluar tina jandela ieu ku cara milih '[Exit]'. Ngan pastikeun anjeun dipenta pikeun nyimpen konfigurasi di ahir tur pilih '[Yes]'.
Abdi nyarankeun yén anjeun maénkeun kalayan pilihan ngawangun kernel saatos maca tulisan ieu. Ngaliwatan ékspérimén ieu, anjeun tiasa diajar pisan dina hal ngartos karya mékanika kernel tingkat rendah sareng dampak rupa-rupa umbul dina rakitanna.
Ngawangun kernel
Kernel Linux mangrupikeun program ageung anu ngalakukeun seueur hal. Malah ku konfigurasi minimal misalna dina hardware heubeul, eta tiasa nyandak rada lila pikeun ngawangun. Janten ngawangun kernel kalayan paréntah di handap ieu:
make ARCH=um -j$(nproc)
Kanggo naon? Paréntah ieu bakal nyarioskeun ka pembina urang ngagunakeun sadaya inti CPU sareng benang anu aya dina prosés ngawangun. Tim $(nproc) dina ahir Ngawangun substitutes kaluaran paréntah nproc, anu mangrupa bagian tina coreutils dina ngawangun Ubuntu standar.
Sanggeus sababaraha waktu, kernel urang bakal disusun jadi file laksana ./linux.
Masang binér
Kusabab Modeu Pamaké dina Linux nyiptakeun binér biasa, anjeun tiasa masang éta sapertos utilitas anu sanés. Ieu kumaha kuring ngalakukeunana:
mkdir -p ~/bin
cp linux ~/bin/linux
Éta ogé patut mastikeun yén ~/bin aya dina anjeun $PATH:
export PATH=$PATH:$HOME/bin
Nyetél sistem file tamu
Jieun diréktori pikeun sistem file tamu:
mkdir -p $HOME/prefix/uml-demo
cd $HOME/prefix
Buka alpinelinux.org sareng asup bagian download manggihan link download sabenerna MINI ROOT FILESYSTEM. Dina waktos nyerat ieu:
Ayeuna lebetkeun diréktori sistem file tamu sareng nimba arsipna:
cd uml-demo
tar xf ../alpine-rootfs.tgz
Tindakan anu dijelaskeun bakal nyiptakeun template sistem file leutik. Kusabab sifat sistemna, bakal sesah pisan pikeun masang bungkusan ngalangkungan manajer apk Alpine. Tapi FS ieu bakal cukup pikeun meunteun ide umum.
Urang ogé peryogi alat tini pikeun curb konsumsi memori prosés zombie kernel tamu urang.
wget -O tini https://github.com/krallin/tini/releases/download/v0.18.0/tini-static
chmod +x tini
Nyiptakeun garis paréntah kernel
Kernel Linux, sapertos sabagéan ageung program anu sanés, gaduh argumen baris paréntah anu tiasa diaksés ku netepkeun konci --help.
Dirina - pitulung
linux --help
User Mode Linux v5.1.16
available at http://user-mode-linux.sourceforge.net/
--showconfig
Prints the config file that this UML binary was generated from.
iomem=<name>,<file>
Configure <file> as an IO memory region named <name>.
mem=<Amount of desired ram>
This controls how much "physical" memory the kernel allocates
for the system. The size is specified as a number followed by
one of 'k', 'K', 'm', 'M', which have the obvious meanings.
This is not related to the amount of memory in the host. It can
be more, and the excess, if it's ever used, will just be swapped out.
Example: mem=64M
--help
Prints this message.
debug
this flag is not needed to run gdb on UML in skas mode
root=<file containing the root fs>
This is actually used by the generic kernel in exactly the same
way as in any other kernel. If you configure a number of block
devices and want to boot off something other than ubd0, you
would use something like:
root=/dev/ubd5
--version
Prints the version number of the kernel.
umid=<name>
This is used to assign a unique identity to this UML machine and
is used for naming the pid file and management console socket.
con[0-9]*=<channel description>
Attach a console or serial line to a host channel. See
http://user-mode-linux.sourceforge.net/old/input.html for a complete
description of this switch.
eth[0-9]+=<transport>,<options>
Configure a network device.
aio=2.4
This is used to force UML to use 2.4-style AIO even when 2.6 AIO is
available. 2.4 AIO is a single thread that handles one request at a
time, synchronously. 2.6 AIO is a thread which uses the 2.6 AIO
interface to handle an arbitrary number of pending requests. 2.6 AIO
is not available in tt mode, on 2.4 hosts, or when UML is built with
/usr/include/linux/aio_abi.h not available. Many distributions don't
include aio_abi.h, so you will need to copy it from a kernel tree to
your /usr/include/linux in order to build an AIO-capable UML
nosysemu
Turns off syscall emulation patch for ptrace (SYSEMU).
SYSEMU is a performance-patch introduced by Laurent Vivier. It changes
behaviour of ptrace() and helps reduce host context switch rates.
To make it work, you need a kernel patch for your host, too.
See http://perso.wanadoo.fr/laurent.vivier/UML/ for further
information.
uml_dir=<directory>
The location to place the pid and umid files.
quiet
Turns off information messages during boot.
hostfs=<root dir>,<flags>,...
This is used to set hostfs parameters. The root directory argument
is used to confine all hostfs mounts to within the specified directory
tree on the host. If this isn't specified, then a user inside UML can
mount anything on the host that's accessible to the user that's running
it.
The only flag currently supported is 'append', which specifies that all
files opened by hostfs will be opened in append mode.
Panel ieu nyorot parameter utama peluncuran. Hayu urang ngajalankeun kernel sareng set pilihan minimum anu diperyogikeun:
linux
root=/dev/root
rootfstype=hostfs
rootflags=$HOME/prefix/uml-demo
rw
mem=64M
init=/bin/sh
Garis di luhur nyarioskeun kernel urang di handap ieu:
Anggap sistem file akar mangrupikeun alat pseudo /dev/root.
Pasang sistem file tamu anu kami ciptakeun dina alat akar.
Sareng enya, dina mode baca-tulis.
Paké ngan 64 MB RAM (Anjeun tiasa make loba kurang gumantung kana naon rencana pikeun ngalakukeun, tapi 64 MB sigana jumlah optimal).
Kernel otomatis dimimitian /bin/sh kumaha init- prosés.
Jalankeun paréntah ieu sareng anjeun kedah nampi sapertos kieu:
Hiji lambar deui
Core dump limits :
soft - 0
hard - NONE
Checking that ptrace can change system call numbers...OK
Checking syscall emulation patch for ptrace...OK
Checking advanced syscall emulation patch for ptrace...OK
Checking environment variables for a tempdir...none found
Checking if /dev/shm is on tmpfs...OK
Checking PROT_EXEC mmap in /dev/shm...OK
Adding 32137216 bytes to physical memory to account for exec-shield gap
Linux version 5.1.16 (cadey@kahless) (gcc version 7.4.0 (Ubuntu 7.4.0-1ubuntu1~18.04.1)) #30 Sun Jul 7 18:57:19 UTC 2019
Built 1 zonelists, mobility grouping on. Total pages: 23898
Kernel command line: root=/dev/root rootflags=/home/cadey/dl/uml/alpine rootfstype=hostfs rw mem=64M init=/bin/sh
Dentry cache hash table entries: 16384 (order: 5, 131072 bytes)
Inode-cache hash table entries: 8192 (order: 4, 65536 bytes)
Memory: 59584K/96920K available (2692K kernel code, 708K rwdata, 588K rodata, 104K init, 244K bss, 37336K reserved, 0K cma-reserved)
SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=1, Nodes=1
NR_IRQS: 15
clocksource: timer: mask: 0xffffffffffffffff max_cycles: 0x1cd42e205, max_idle_ns: 881590404426 ns
Calibrating delay loop... 7479.29 BogoMIPS (lpj=37396480)
pid_max: default: 32768 minimum: 301
Mount-cache hash table entries: 512 (order: 0, 4096 bytes)
Mountpoint-cache hash table entries: 512 (order: 0, 4096 bytes)
Checking that host ptys support output SIGIO...Yes
Checking that host ptys support SIGIO on close...No, enabling workaround
devtmpfs: initialized
random: get_random_bytes called from setup_net+0x48/0x1e0 with crng_init=0
Using 2.6 host AIO
clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604462750000 ns
futex hash table entries: 256 (order: 0, 6144 bytes)
NET: Registered protocol family 16
clocksource: Switched to clocksource timer
NET: Registered protocol family 2
tcp_listen_portaddr_hash hash table entries: 256 (order: 0, 4096 bytes)
TCP established hash table entries: 1024 (order: 1, 8192 bytes)
TCP bind hash table entries: 1024 (order: 1, 8192 bytes)
TCP: Hash tables configured (established 1024 bind 1024)
UDP hash table entries: 256 (order: 1, 8192 bytes)
UDP-Lite hash table entries: 256 (order: 1, 8192 bytes)
NET: Registered protocol family 1
console [stderr0] disabled
mconsole (version 2) initialized on /home/cadey/.uml/tEwIjm/mconsole
Checking host MADV_REMOVE support...OK
workingset: timestamp_bits=62 max_order=14 bucket_order=0
Block layer SCSI generic (bsg) driver version 0.4 loaded (major 254)
io scheduler noop registered (default)
io scheduler bfq registered
loop: module loaded
NET: Registered protocol family 17
Initialized stdio console driver
Using a channel type which is configured out of UML
setup_one_line failed for device 1 : Configuration failed
Using a channel type which is configured out of UML
setup_one_line failed for device 2 : Configuration failed
Using a channel type which is configured out of UML
setup_one_line failed for device 3 : Configuration failed
Using a channel type which is configured out of UML
setup_one_line failed for device 4 : Configuration failed
Using a channel type which is configured out of UML
setup_one_line failed for device 5 : Configuration failed
Using a channel type which is configured out of UML
setup_one_line failed for device 6 : Configuration failed
Using a channel type which is configured out of UML
setup_one_line failed for device 7 : Configuration failed
Using a channel type which is configured out of UML
setup_one_line failed for device 8 : Configuration failed
Using a channel type which is configured out of UML
setup_one_line failed for device 9 : Configuration failed
Using a channel type which is configured out of UML
setup_one_line failed for device 10 : Configuration failed
Using a channel type which is configured out of UML
setup_one_line failed for device 11 : Configuration failed
Using a channel type which is configured out of UML
setup_one_line failed for device 12 : Configuration failed
Using a channel type which is configured out of UML
setup_one_line failed for device 13 : Configuration failed
Using a channel type which is configured out of UML
setup_one_line failed for device 14 : Configuration failed
Using a channel type which is configured out of UML
setup_one_line failed for device 15 : Configuration failed
Console initialized on /dev/tty0
console [tty0] enabled
console [mc-1] enabled
Failed to initialize ubd device 0 :Couldn't determine size of device's file
VFS: Mounted root (hostfs filesystem) on device 0:11.
devtmpfs: mounted
This architecture does not have kernel memory protection.
Run /bin/sh as init process
/bin/sh: can't access tty; job control turned off
random: fast init done
/ #
Manipulasi di luhur bakal masihan urang Sistim tamu di minimum, tanpa hal kawas /proc atanapi hostname ditugaskeun. Contona, cobian paréntah di handap ieu:
- uname -av
- cat /proc/self/pid
- hostname
Pikeun kaluar tina tamu, ketik exit atawa pencét kontrol-d. Ieu bakal maéhan cangkang dituturkeun ku panik kernel:
/ # exit
Kernel panic - not syncing: Attempted to kill init! exitcode=0x00000000
fish: “./linux root=/dev/root rootflag…” terminated by signal SIGABRT (Abort)
Kami ngagaduhan panik kernel ieu kusabab kernel Linux nyangka prosés inisialisasi salawasna jalan. Tanpa éta, sistem moal tiasa dianggo deui sareng ngadat. Tapi saprak ieu prosés pamaké-mode, kaluaran hasilna ngirimkeun sorangan ka SIGABRT, anu ngahasilkeun kaluaran.
Setélan jaringan tamu
Sareng ieu dimana hal-hal mimiti salah. Jaringan dina Modeu Pamaké Linux nyaéta dimana sakabeh konsép "mode pamaké" kawates mimiti ambruk. Barina ogé, biasana dina tingkat sistem, jaringan diwatesan boga hak husus modeu palaksanaan pikeun sakabéh alesan kaharti.
Catetan. per .: Anjeun bisa maca leuwih lengkep tentang pilihan béda pikeun gawé bareng jaringan di UML di dieu.
Lalampahan ka Slirp
Sanajan kitu, aya hiji alat kuno jeung ampir unsupported disebut Slirén, anu mana pamaké Mode Linux tiasa berinteraksi sareng jaringan. Gawéna sapertos tumpukan TCP/IP tingkat pangguna sareng henteu meryogikeun idin sistem pikeun ngajalankeun. Alat ieu dirilis dina 1995, jeung apdet panganyarna geus tanggal 2006. Slirp geus kolot pisan. Salami tanpa dukungan sareng apdet, kompiler parantos dugi ka ayeuna alat ieu ngan ukur tiasa didadarkeun salaku kode rot.
Janten hayu urang unduh Slirp tina repositori Ubuntu sareng cobian ngajalankeunana:
sudo apt-get install slirp
/usr/bin/slirp
Slirp v1.0.17 (BETA)
Copyright (c) 1995,1996 Danny Gasparovski and others.
All rights reserved.
This program is copyrighted, free software.
Please read the file COPYRIGHT that came with the Slirp
package for the terms and conditions of the copyright.
IP address of Slirp host: 127.0.0.1
IP address of your DNS(s): 1.1.1.1, 10.77.0.7
Your address is 10.0.2.15
(or anything else you want)
Type five zeroes (0) to exit.
[autodetect SLIP/CSLIP, MTU 1500, MRU 1500, 115200 baud]
SLiRP Ready ...
fish: “/usr/bin/slirp” terminated by signal SIGSEGV (Address boundary error)
Duh gusti. Hayu urang pasang debugger Slirp sareng tingali upami urang tiasa terang naon anu aya di dieu:
sudo apt-get install gdb slirp-dbgsym
gdb /usr/bin/slirp
GNU gdb (Ubuntu 8.1-0ubuntu3) 8.1.0.20180409-git
Copyright (C) 2018 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /usr/bin/slirp...Reading symbols from /usr/lib/debug/.build-id/c6/2e75b69581a1ad85f72ac32c0d7af913d4861f.debug...done.
done.
(gdb) run
Starting program: /usr/bin/slirp
Slirp v1.0.17 (BETA)
Copyright (c) 1995,1996 Danny Gasparovski and others.
All rights reserved.
This program is copyrighted, free software.
Please read the file COPYRIGHT that came with the Slirp
package for the terms and conditions of the copyright.
IP address of Slirp host: 127.0.0.1
IP address of your DNS(s): 1.1.1.1, 10.77.0.7
Your address is 10.0.2.15
(or anything else you want)
Type five zeroes (0) to exit.
[autodetect SLIP/CSLIP, MTU 1500, MRU 1500, 115200 baud]
SLiRP Ready ...
Program received signal SIGSEGV, Segmentation fault.
ip_slowtimo () at ip_input.c:457
457 ip_input.c: No such file or directory.
Kasalahan ngéléhkeun di urang garis ieu. Hayu urang tingali stacktrace, meureun aya anu ngabantosan urang di dinya:
(gdb) bt full
#0 ip_slowtimo () at ip_input.c:457
fp = 0x55784a40
#1 0x000055555556a57c in main_loop () at ./main.c:980
so = <optimized out>
so_next = <optimized out>
timeout = {tv_sec = 0, tv_usec = 0}
ret = 0
nfds = 0
ttyp = <optimized out>
ttyp2 = <optimized out>
best_time = <optimized out>
tmp_time = <optimized out>
#2 0x000055555555b116 in main (argc=1, argv=0x7fffffffdc58) at ./main.c:95
No locals.
Di dieu urang nempo yén kacilakaan lumangsung salila loop utama dimimitian nalika slirp nyoba mariksa timeouts. Dina titik ieu, kuring kedah nyerah nyobian debug. Tapi hayu urang tingali lamun Slirp diwangun ti sorts karya. Kuring ulang diundeur arsip langsung ti loka sourceforge, sabab nyered hiji hal ti dinya ngaliwatan garis paréntah mangrupa nyeri:
cd ~/dl
wget https://xena.greedo.xeserv.us/files/slirp-1.0.16.tar.gz
tar xf slirp-1.0.16.tar.gz
cd slirp-1.0.16/src
./configure --prefix=$HOME/prefix/slirp
make
Di dieu urang ningali panggeuing ngeunaan undefined built-in fungsi, nyaeta, ngeunaan henteu mampuh ngahubungkeun file binér hasilna. Nembongan yen antara 2006 jeung titik ieu, gcc dieureunkeun ngahasilkeun simbol dipaké dina fungsi diwangun-di file disusun panengah. Hayu urang coba ngaganti kecap konci inline dina koméntar kosong sareng tingali hasilna:
vi slirp.h
:6
a
<enter>
#define inline /**/
<escape>
:wq
make
Heueuh. Ieu oge teu jalan. Masih teu bisa manggihan simbol pikeun fungsi ieu.
Dina titik ieu, kuring nyerah sareng mimiti milarian Github Heroku ngawangun bungkusan. Téori kuring nyaéta yén sababaraha pakét ngawangun Heroku bakal ngandung binari anu kuring diperyogikeun. Tungtungna, pilarian ngarah kuring ka dieu. Kuring ngundeur tur unpacked uml.tar.gz sareng mendakan ieu:
total 6136
-rwxr-xr-x 1 cadey cadey 79744 Dec 10 2017 ifconfig*
-rwxr-xr-x 1 cadey cadey 373 Dec 13 2017 init*
-rwxr-xr-x 1 cadey cadey 149688 Dec 10 2017 insmod*
-rwxr-xr-x 1 cadey cadey 66600 Dec 10 2017 route*
-rwxr-xr-x 1 cadey cadey 181056 Jun 26 2015 slirp*
-rwxr-xr-x 1 cadey cadey 5786592 Dec 15 2017 uml*
-rwxr-xr-x 1 cadey cadey 211 Dec 13 2017 uml_run*
Ieu binér slirp! Naha anjeunna damel?
./slirp
Slirp v1.0.17 (BETA) FULL_BOLT
Copyright (c) 1995,1996 Danny Gasparovski and others.
All rights reserved.
This program is copyrighted, free software.
Please read the file COPYRIGHT that came with the Slirp
package for the terms and conditions of the copyright.
IP address of Slirp host: 127.0.0.1
IP address of your DNS(s): 1.1.1.1, 10.77.0.7
Your address is 10.0.2.15
(or anything else you want)
Type five zeroes (0) to exit.
[autodetect SLIP/CSLIP, MTU 1500, MRU 1500]
SLiRP Ready ...
Henteu ngadat - janten kedah dianggo! Hayu urang melak binér ieu ~/bin/slirp:
Dua paréntah konfigurasi munggaran /proc и /sys diperlukeun pikeun digawé ifconfig, nu susunan panganteur jaringan pikeun komunikasi sareng Slirp. Tim route Nyetél tabel routing kernel pikeun maksakeun sagala lalulintas dikirim ngaliwatan torowongan Slirp. Hayu urang parios ieu ku pamundut DNS:
Catetan per .: Tétéla, pos aslina ieu ditulis dina desktop kalayan kartu jaringan kabel, atawa sababaraha konfigurasi séjén nu teu merlukeun drivers tambahan. Dina laptop sareng WiFi 8265 ti Intel, aya kasalahan nalika ngangkat jaringan
/ # ifconfig eth0 10.0.2.14 netmask 255.255.255.240 broadcast 10.0.2.15
slirp_tramp failed - errno = 2
ifconfig: ioctl 0x8914 failed: No such file or directory
/ #
Tétéla, kernel teu tiasa komunikasi sareng supir kartu jaringan. Hiji usaha pikeun compile firmware kana kernel, hanjakalna, teu ngalereskeun kaayaan. Dina waktos ieu publikasi, teu mungkin pikeun manggihan solusi dina konfigurasi ieu. Dina configs basajan (contona, dina Virtualbox), panganteur naek leres.
Hayu urang ngajadikeun otomatis alihan kalayan skrip cangkang ieu:
Teras urang bakal ngarobih kana garis paréntah kernel:
linux
root=/dev/root
rootfstype=hostfs
rootflags=$HOME/prefix/uml-demo
rw
mem=64M
eth0=slirp,,$HOME/bin/slirp
init=/init.sh
Jeung hayu urang ngulang:
SLiRP Ready ...
networking set up
/bin/sh: can't access tty; job control turned off
nslookup google.com 8.8.8.8
Server: 8.8.8.8
Address 1: 8.8.8.8 dns.google
Name: google.com
Address 1: 172.217.12.206 lga25s63-in-f14.1e100.net
Address 2: 2607:f8b0:4004:800::200e iad30s09-in-x0e.1e100.net
Jaringanna stabil!
file docker
Sangkan leuwih gampang pikeun anjeun pariksa sagala ieu, Kuring geus dikumpulkeun dockerfile, anu ngajadikeun otomatis sabagéan ageung léngkah anu dijelaskeun sareng kedah masihan anjeun konfigurasi anu tiasa dianggo. Kuring ogé boga kernel preconfigured, anu ngagaduhan sadayana anu dijelaskeun dina tulisan. Tapi hal anu penting pikeun ngarti yén di dieu Kuring geus outlined ukur setelan minimum.
Kuring miharep pos ieu geus mantuan anjeun ngartos kumaha carana ngangkat kernel tamu. Tétéla éta sababaraha jenis monster, tapi publikasi ieu katimu salaku pituduh komprehensif ngeunaan wangunan, masang jeung ngonpigurasikeun Mode pamaké dina Linux Ubuntu dina versi modern tina sistem operasi kulawarga ieu. Léngkah salajengna kedah kalebet masang jasa sareng parangkat lunak sanés anu parantos aya di jero sistem tamu. Kusabab gambar wadahna Docker ngan ukur dipublikasikeun tarballs, anjeun kedah tiasa nimba gambar liwat docker export, teras tangtukeun jalur pamasanganna dina akar sistem file kernel tamu. Nya, teras laksanakeun skrip cangkang.
hatur nuhun husus ka Rkeene ti #lobsters on Freenode. Tanpa pitulung na debugging Slirp, Abdi teu bakal meunang jauh ieu. Abdi henteu terang kumaha sistem Slackware na leres sareng slirp, tapi sistem Ubuntu sareng Alpine kuring henteu nampi slirp sareng binér Rkeene nyarankeun ka kuring. Tapi cukup pikeun kuring yén sahenteuna aya anu tiasa dianggo pikeun kuring.