Archive for the ‘user mode linux’ Category

user mode linux + nested x server + gdm
Kasım 25, 2008

I’ve been thrilled with the idea of User Mode Linux, aka UML lately. I’ve been carrying my laptop around lately, home, office, friends’, department’s labs. When I discovered UML, I noticed that I can use it as a user mode virtualization platform, I can just create a USB ubuntu distro, and run it on any machine without being root.

There are two main advantages compared to other virtualization solutions

  1. no need to be superuser and install kernel modules (including tun/tap driver for networking)
  2. and performance gain over other non-root solutions like qemu

A performance overview can be found at Alberto Garcia’s weblog, UML+skas3 and QEMU + KQEMU both requires loading kernel modules, so they’re irrelevant for me. But comparing UML+skas0 and QEMU, I would definitely choose UML.

UML skas0 : 14m 30s

QEMU : 2h 13m 04s

I had already seen a linux usb thumb drive belonging to a friend. He bought it online, apparently, it has QEMU on it, an X display with XFCE, it can run on windows / linux. My plan is not to have just a small usb drive, but move most of my daily usage to the usb stick — having a ubuntu on top of it, with mostly everything except my music archive. So UML is the way to go.

First I started off with stock UML kernel in ubuntu, and tried bootstrapping an ubuntu. After a painful process of a few days, I finally managed to do it (and hey, it is easy when you know what to do). There is a user space SLIP program, slirp, that can provide networking of IP packets. It also has other useful features I’ll visit later.

After getting ubuntu installed, I saw that I cannot get X running. I can access the virtual consoles fine (as xterms). After some struggling (for 2 full days), I finally got an Xnest getting run by gnome-display-manager on the guest. Well, this required,

  • examining openssh codes to see how it does X forwarding (did you know about the .Xauthority file? and that you need to transfer the keys from there to the other end so X server will accept the connection?),
  • learning how to make slirp forward a TCP port from guest to host (but requires opening TCP port on server, which I don’t want to do, neither as a TCP->Unix Socket proxy, or as a X server configuration which will require root access — so it’s not useful for me as it’ll comprimise security of host)
  • learning how to make slirp run a program on host machine by telnetting to one of its special IPs from guest
  • creating an X windows socket forwarder: a bridge between stdin/stdout and local X socket (unix socket)
  • learning how GDM is configured for which X server to use (I mean the X server program, not a hostname / ip thing)
  • learning that GDM awaits a SIGUSR1 from the X server it forks as a “I’m ready to accept connections” message (well, I went crazy until I learned this)
  • learning that I can trap signals in bash scripts and forward them to GDM (I had to write a wrapper shell script for Xnest, see DISPLAY and XAUTHORITY below 🙂 )
  • learning Xnest does not send the signal, so I have to emulate it with a fixed sleep timer 🙂
  • learning the exact meanings of DISPLAY and XAUTHORITY environment variables for x applications (including Xnest server which is a client of another X server)
  • and how to get the Xauthority keys from host using xauth and create them on guest using the same program

After struggling for nearly 2 days, examining sources of openssh and learning most of the internals of GDM and X servers, I finally got it working. Well, almost. It doesn’t work automatically for now, I have to go and copy keys, set up slirp for tcp->stdin forwarding, setting up network by ifconfig, etc. But the good news is, it works, and it’s pretty easy to automate.

When completed I’ll have a hostfs filesystem in guest that contains the xauthority keys for the host (which will be only root-readable), a gdm configuration change that runs a custom shell script as an x server, an installed Xnest (or Xephyr, I heard it’s newer and better). On the host side, I’ll have slirp, a small stdin/stdout <-> unix socket bridge application [I’m thinking of extending the right side to TCP also, so I won’t have to have a local X server, but the X server might be somewhere else (like ssh X forwarding)], and a starting shell script that prepares the hostfs’s host side, and then executes the user mode linux kernel.

There is also a message by Jeff Dike, creator of UML, related to this topic

My solution will solve the authorization keys of the problem, and then the connection forwarding part may be implemented as part of the UML, removing the dependency on slirp and a host-application to forward the data.

Well, a long post, but no scripts attached yet. I’m planning to get these scripts live by this weekend, we’ll see how it goes:)

PS: slirp limits the connection between host and guest at 10 kB/s, but I learned it’s a compile time option that can be disabled. I have to recompile that too:) a long way to go, after all is working, I’ll make a static compile of UML kernel, not to have any runtime dependencies…

uml-xnest-first