virtualbox

Slow text consoles on Ubuntu running on Virtualbox...

Every time I need a new Ubuntu server virtual machine I come across a the nuisance of having slow text consoles.

Many of the posts and solutions found on the internet are misleading and involve changing some GRUB settings and alter some boot parameters but it doesn’t work.

This behaviour is due to a buggy behaviour from a framebuffer driver when running on virtualization software and I’ve seen reports that this also happens under Xen and QEMU.

To solve this problem you just have to blacklist the vga16fb kernel module and reboot.

To do this, you just:

$ sudo su -
<Enter password> 
# echo "blacklist vga16fb" >> /etc/modprobe.d/blacklist-framebuffer.conf
# reboot 

And there you go…no more slowness on your text consoles on Ubuntu.

This happens to me on Ubuntu Server 10.04 LTS but it can also occur on lower versions.

VirtualBox: Mom please stop getting spyware (Cheap VDI)

While I normally am able to avoid the desktop support role there is one person out there who guilts err.. convinces me to help her out. My mom.

I’m not going to sit here and bash my moms computer skills, in all actuality she is pretty good with a computer. In the past she figured out how to add a printer and print something with Ubuntu by herself.

The problem is my mom is a Windows user and she is the typical user who receives questionable emails and goes to certain sites that promise you win things but only infect your OS with spyware.

The last time I had to clean up her computer I decided to dual boot it with Ubuntu in order to prevent her from getting spyware. That endeavor was thwarted by the hands of Quickbooks, Tax Programs and Facebook games.

The problem I have with fixing my mom’s computer is that every time she needs it fixed either she has to bring it to my house or I have to go to hers. This usually ends up taking a good day or so and honestly while I like visiting my mom I don’t like having to spend the time fixing her computer. This also could mean she is without a working computer for weeks if I am travelling. 

So yet again (several years later) I find myself having to fix my moms computer, but this time I’m getting creative.

The solution to my headache:

My goal is to install a Linux OS and use VirtualBox to create a VM Guest with Windows Vista (it’s what she has..). Since the Windows VM Guest is doomed to be infected with spyware I am going to keep a clean install in a VM Guest powered off and use it as a template. This also has to be setup so that it is easy for my mom to use.

Getting Linux Ready

I’ve decided to use Ubuntu for this exercise because its quick to install, easy, a good OS in general, and my mom has some familiarity with it, in case she ever has to use it she can.

I did a plain default install of Ubuntu, then installed VirtualBox with apt-get.

# apt-get install virtualbox-ose virtualbox-guest-additions

VM Setup

I’ve decided to first create a template VM that I can clone. I am doing this because my mom seems to have a knack at getting spyware/virii/malware on her computer. I plan to use snapshots to create backups but if her Windows system ever gets hosed beyond the backups than I have a quick option of recreating the VM by cloning the template.

To create the template I must create a new virtual machine, the process is no different from any other VM creation. Rather than reinvent the wheel and guide you through installing Windows in a VirtualBox guest I am going to send you to a good tutorial I found Creating a Windows XP guest in VirtualBox for Linux.

*** I didn’t use this tutorial I only skimmed it

Once I had the OS loaded, Guest Additions installed, and connected her external hd to the guest I went ahead and installed some basic applications that I know my mom uses (i.e firefox, ad blockers, windows security). At this point the virtual machine is ready. I could give this to my mom and she can use it, but before that I am going to create a template from this virtual machine in case I ever need to completely re-OS or re-deploy her Windows Desktop.

VM Cloning

To utilize the VM as a template I will first power it off and use cloning to create a VM. My mom will then use the VM as her desktop leaving the original VM Guest powered off ready to be cloned again if need be.

VirtualBox doesn’t have a fancy right click > clone like other (normally higher end) virtualization technologies. Or at least the version that ships with Ubuntu does not. To create a clone you can use the VBoxManage clonevdi command.

# VBoxManage clonevdi Template.vdi WinVista.vdi

The above command will create a new copy of the .vdi file; a vdi file is the Virtual Disk Image file that contains all of the virtual machines configuration and disk storage. Essentially everything about this Virtual Machine is stored in the .vdi file.

After the clone is complete I added a new virtual machine which asks if you want to create a new disk or use an existing. I elected to use WinVista.vdi (the clone vdi). After answering some basic questions I started the new virtual machine and everything was setup just as it was on the template.

Starting the VM on boot

At this point I now have a Windows Desktop that my mom can use running in a VM but before I call this finished I want to have the Windows desktop to appear to my mom without any effort. To do this I added the command VBoxManage startvm “Windows Vista” as a new entry to System Settings > Startup Applications.

# VBoxManage startvm “Windows Vista”

Now when my mom boots the computer up she will see an Ubuntu login screen, once she logs into that system she will get a full screen Windows Desktop. She will still see the VirtualMachine management bar but I don’t mind my mom seeing that as she wont mess with settings she doesn’t understand. 

I’m sure there are other ways to make the full screen VM show up without my mom having to login to Ubuntu but I elected to take the easy/lazy way out. This also gives my mom the option of closing the VM and going into Ubuntu in the off chance she needs to do anything on the host OS.

Tasks for later

Before giving the computer back to my mom I also set openssh-server to start on boot so that I can manage the VirtualBox setup remotely.

# apt-get install openssh-server
# update-rc.d ssh defaults 

I will also remotely setup backups using a script and VBoxManage to create and rotate periodic snapshots of my moms desktop; maybe that will be another post.

The Benefits

After my mom starts using the Windows Desktop I’ve setup for her with VirtualBox; I can now rest easy knowing that if my mom gets her system infected again I can do any of the following.

  • Restore from recent snapshot - 15 minutes
  • Restore from weekly snapshot - 15 minutes
  • Deploy fresh image by cloning the template - 30 minutes

And the best part of this; I can do all of these tasks from anywhere with an internet connection. Not to mention that with snapshots I can upgrade her version of windows and if any of her programs don’t play nice I can revert it in a matter of minutes using snapshots from the comfort a local coffee shop.

How to run VboxWebSrv as a service on Windows 2008

I have recently install Virtualbox on a Windows 2008 Server along with phpvirtualbox web interface.

The installation of phpvirtualbox is straight forward and since IIS 7.0 support PHP you don’t need to do anything acrobatic in order to make it work.

External image

The problem is that the VboxWebSrv, which is actually the Virtualbox Web Service has not any builtin method to run as a service on Windows 2008 (or 2003), so you have to either run it every time you want to manage your VMs with phpvirtualbox or try to run it as a scheduled task as mentioned here.

I thought I might find a way to run it as a service using srvany.exe that is included on the Windows 2000/2003 Resource Kit, but unfortunately Microsoft has not release the Windows 2008 Resource Kit yet (and I don’t think it will do).

So after a little research and some try-and-error I found the NSSM - the Non Sucking Service Manager, which is a great srvany replacement with 64bit support as well.

So considering what someone has mentioned about actually using a bat file for running the vboxwebsrv and not the actual vboxwebsrv I created the following bat file

set HOMEDRIVE=C

set HOMEPATH=\Users\username

“C:\Program Files\Oracle\VirtualBox\vboxwebsrv.exe”

copied it at my Windows folder together with the 64bit nssm executable and I ran nssm install “Virtualbox Web Service”.

The rest is easy enough as hitting “Browse” and finding the bat file on your windows folder and then hitting “Install Service”.

That’s it!

After a net start “Virtualbox Web Service” I was able to manage my VMs through phpvirtualbox.

External image

If you also want your VMs to start and stop (or save their state) automatically on boot and shutdown of your Windows 2008 Server host, you should use VBoxVmService. Just follow the instructions and you will have your VMs running seconds after your server boots.

And if you are more of a Linux guy (or girl) you can use VBoxTool for booting and shutting down VMs on host boot and shutdown and builtin vboxweb-service for the Virtualbox Web Service (instructions to correctly settup vboxweb-service for use with phpvirtualbox)

Protecting a Windows laptop with iptables

Background:

One night last week I sat down to tune up the native firewall running on my copy of Windows 7.  I quickly became frustrated with how long it was taking to point-and-click my way through the process of pruning back permissions.  Between the annoyance of finding entries that various installers had entered without my permission and seeing that almost every rule had triplicates to cover each profile (Private, Public, and Domain), I decided that there had to be a better way.

As much as I would love to cut the Microsoft-cord and live in a pure open-source world, some of my frequently used applications don’t come in Linux-flavor (iTunes, Guitar Pro, Visio, etc).  Occasionally, I also like to take my laptop to local LAN parties and get my Unreal Tournament and StarCraft II on.  Because of this, I am reliant on a non-virtualized Window operating system.  After some thought and research, I decided to create a virtual machine to act as a gateway/firewall for my host OS.

Preparation:

  • I first started by downloading and installing an updated version of Oracle’s VirtualBox virtualization environment.
  • I also grabbed the 64-bit version of the Ubuntu Server 11.04 ISO.  Debian or Fedora would have easily taken care of the job as well.

Install the VM:

  1. Create a new VM.



  2. I have 16GB of RAM in my laptop, so I had no problem dishing out 512MB to the VM, but if you need to be more frugal with your memory, you’ll probably be fine with 128MB.
  3. I allocated 4GB to the dynamically-expanding virtual hard drive, but again, you could probably go as low as 2GB without problems.
  4. Removed the floppy device and disabled the audio.
  5. Set up the network adapters as listed below.





  6. Point the CD device at the Ubuntu Server ISO.
  7. Start the VM.
  8. Select “Install Ubuntu Server”.
  9. When Ubuntu asks which network interface to use as the primary, select “eth0”.  That will be Bridged Adapter.



  10. Pick a hostname.
  11. I chose to format the disk using the quick “Guided - Use Entire Disk” method for simplicity sake, but you can partition it up however you want.
  12. When it comes time to set a username and password, note that if you configure the firewall the way I did, there will be no access to the VM’s operating system except through the VirtualBox window.  Because of this, I wouldn’t bother making an uber-secure 16-character password for this.
  13. Disable automatic updates (the VM will not have the ability to connect to the internet).
  14. Don’t select any packages.
  15. Wait for the install to complete.
  16. Answer ‘yes’ to the GRUB question.
  17. Reboot the VM.  Optionally you can shut down instead, remove the CD device, and start back up.

Configure the VM:

  1. Log in to the VM.
  2. Edit the network interfaces configuration file to include the following:
    sudo vim /etc/network/interfaces

    auto lo
    iface lo inet loopback

    auto eth0
    iface eth0 inet dhcp

    auto eth1
    iface eth1 inet static
        address 192.168.56.1
        netmask 255.255.255.0
        network 192.168.56.0
  3. Create the iptables firewall setup script.  Note that all scripts in the 'if-up.d’ directory will automatically be run when a network interface comes up.  To allow incoming connections to reach your Windows OS, add space-separated port numbers into the FORWARDED_TCP_PORTS or FORWARD_UDP_PORTS arrays.
    For example, allowing a web server: “FORWARDED_TCP_PORTS=( 80 443 )”

    sudo vim /etc/network/if-up.d/iptables

    #!/bin/bash

    IPTABLES=/sbin/iptables
    IF_PUBLIC=eth0
    IF_PRIVATE=eth1
    HOST=192.168.56.2
    FORWARDED_TCP_PORTS=()
    FORWARDED_UDP_PORTS=()

    echo -n "Flushing existing iptables rules... "
    $IPTABLES -F
    $IPTABLES -F -t nat
    $IPTABLES -X
    $IPTABLES -P INPUT DROP
    $IPTABLES -P OUTPUT DROP
    $IPTABLES -P FORWARD DROP
    echo "DONE"

    echo -n "Setting up ingress rules... "
    # No inbound traffic allowed
    echo "DONE"

    echo -n "Setting up egress rules... "
    # No outbound traffic allowed
    echo "DONE"

    echo -n "Setting up the NAT... "
    $IPTABLES -A FORWARD -m state --state INVALID -j DROP
    $IPTABLES -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
    $IPTABLES -A FORWARD -i $IF_PRIVATE -j ACCEPT
    $IPTABLES -t nat -A POSTROUTING -s $HOST -o $IF_PUBLIC -j MASQUERADE
    echo "DONE"

    echo -n "Setting up forwarded ports... "
    for PORT in ${FORWARDED_TCP_PORTS[@]}; do
        $IPTABLES -A FORWARD -p tcp --dport $PORT -i $IF_PUBLIC -j ACCEPT
        $IPTABLES -t nat -A PREROUTING -p tcp --dport $PORT -i $IF_PUBLIC -j DNAT --to $HOST:$PORT
    done
    for PORT in ${FORWARDED_UDP_PORTS[@]}; do
        $IPTABLES -A FORWARD -p udp --dport $PORT -i $IF_PUBLIC -j ACCEPT
        $IPTABLES -t nat -A PREROUTING -p udp --dport $PORT -i $IF_PUBLIC -j DNAT --to $HOST:$PORT
    done
    echo "DONE"

  4. Add execution permissions to the script.
    sudo chmod +x /etc/network/if-up.d/iptables
  5. Configure the kernel to allow IP forwarding by uncommenting the line:
    “net.ipv4.ip_forward=1” in the sysctl configuration file.
    sudo vim /etc/sysctl.conf

  6. Shut down the VM and optionally take a snapshot.

Configure VirtualBox Networking

  1. In the main VirtualBox application, open up the network preferences (found in the File -> Preference window and under the Network section).
  2. Select the Host-Only Adapter and click the edit button on the right-hand side of the pane (looks like a screwdriver).
  3. Verify the IPv4 address is 192.168.56.1.
  4. On the DHCP Server tab, uncheck the “Enable Server” option.



Configure the Windows Host Networking

  1. Open the Windows network adapters control window.  This will be labeled and in different places depending on your version of Windows.
  2. Right-click on your Wireless LAN and/or Wired LAN adapter and click properties.
  3. Uncheck or remove everything except what is shown in the image below.



  4. Select the IPv4 protocol and click the Properties button.  Fill out the values to match the following image below.



  5. Click “OK” twice to return back to the list of network adapters.  Right-click on the “VirtualBox Host-Only” adapter and click properties.
  6. Uncheck or remove everything except what is shown in the image below.



  7. Select the IPv4 protocol and click the Properties button.  Fill out the values to match the following image below.  I have my own DNS server as the preferred server and the OpenDNS servers as two alternate servers (more than two DNS servers can be specified by using the “Advanced…” button).



  8. Optionally, you could disable your native Windows firewall entirely unless you want to maintain application-level firewall rules.
  9. Press “OK” and you’re done.

Done!

With any luck, you should be able to start up your Firewall VM, minimize it, and go about your business on the interwebs.

What I've been up to (technically)

Deleting the old XCode 3 and installing the newer XCode 4 freed up nearly 10 gigs of space on my always-full hard drive (I know, I’m a slow adopter of new things). So that meant I had some space for a virtual machine. Now I’ve done Ubuntu, Mint, Puppy, Jolicloud and all the rest of them. It was time for some more hardcore stuff - ArchLinux.

Took me maybe 10 hours in all to get where I needed to me. Everything done from scratch, which meant random errors. What threw me off, mostly, was Xcfe4 which didn’t run for some reason on VirtualBox’s video drivers. At least, I couldn’t get it to work. After a bit of trying (and lots of rebooting), I deleted it and installed LXDE instead. That worked fine. I’m actually not sure whether anything I did (changing the conf files) made any difference, or where the exact problem was, but I’m not going to bother about that anymore.

Then I spent some time trying to install colemak. I did eventually, it’s a layout variant apparently rather than an actual layout. I think it was some added line in the xorg.conf file. Maybe.

One thing I learned was to actually look through the logs carefully if errors pop up. It may sound obvious, but anyway, the specific errors helped greatly in the obligatory google searches.

Of course, I wasn’t satisfied with simply the basic LXDE theme. Downloaded the GTK theme Elegant through packer. Then I messed around with Conky. Downloaded the conky-colors, took me quite a while to understand what was going on. Even so, the background transparency wasn’t there (a visual setting should be set to ‘no’), and the sidebar cut off (changed the minimum size).

So I think I’m done for now. Like my many other computer ventures, I’d probably rarely touch the build again, but it’s all in the fun of the process. Did get to learn quite a bit about linux.

External image

More kgdb and virtualbox

Following Fotis post, some useful tips to use kdgb with a Linux kernel running inside Virtualbox

Compiling and launching the kernel

  • if you use gdb >=4.5 to compile, adding #pragma GCC optimize(0) in your .c file (for example, after all the #include in arch/x86/kernel/irq.c) is really helpful. Since it does not seem possible to fully compile the kernel without any optimization, you can avoid optimization of a couple of files
  • in the make menuconfig, don’t select the kdb options, only the kgdb one
  • append vga=794 to the kernel options for a bigger screen

Guest configuration

To make the SysRq key work in Virtualbox console, let’s replace it with the F12 key:

setkeycodes 58 99
echo 1 > /proc/sys/kernel/sysrq
echo ttyS0,115200 > /sys/module/kgdboc/parameters/kgdboc

GDB tips

Getting a backtrace of every threads (for easy grepping)

set pagination off
set logging on gdb.1.txt
thread apply all bt 30

If the system is locked, hitting Alt+SysRq+G will break within kgdb_breakpoint and not within the lock. Steps to get a proper trace if kgdb interrupted our lock: (will work for sure if irq.c has been compiled without optimization, see above)

  • system is deadlocked
  • run Alt+SysRq+9, Alt+SysRq+D, Alt+SysRq+L to know some information about this lock…
  • Alt+SysRq+G to make gdb break (within kgdb_breakpoint)

The actual code (trapped within the lock) has been interrupted. Let’s get information about the previous context

gdb> bt 30
#0  kgdb_breakpoint () at kernel/debug/debug_core.c:960
...
#15 0xffffffff81004567 in do_IRQ (regs=0xffff88041fc03e58) at arch/x86/kernel/irq.c:190
...
gdb> frame 15

Here the structure regs hold the state of the registers before the interruption.

gdb> p/a *regs
$11 = {
    ...
    ip = 0xffffffff8114f1c3 <vfsmount_lock_local_lock+83>,
    ...
gdb> hbr 0xffffffff8114f1c3
gdb> cont
Continuing.
Breakpoint
gdb> bt 30
How to run Windows under a Macbook Air

So I need to test my demos under Internet Explorer (IE7, IE8, IE9, you name it). I own a Macbook Air, which I absolutely LOVE. The problems are: I don’t own an official Windows DVD installer anymore (I switched 100% and I threw mine), but I don’t have a DVD drive neither. So, with a little help from some friends at twitter, and some googling and patience, here’s the final steps to run Windows under a Macbook Air:

  1. Download and install virtualbox.org which is open source and free.
  2. Go to Microsoft Download Center and get a copy of your desired guest system.
  3. You will need to unrar the corresponding exe, I made this from the terminal. If you don’t have access to rar/unrar in the terminal, you can go to rarlab and get the command line version of rar. Add rar to your binary folders, you can extract the rar you just downloaded, go there in the terminal and type “sudo mv unrar /usr/local/bin”
  4. Go to the folder where you downloaded the guest system and do “unrar e yourfile.exe”. This will take a while. 
  5. Then you just create a new VM in virtualbox and give it some space (I chose less than 1GB but auto expand option). 
  6. Configure the storage settings: point the IDE driver to the .vhd file you extracted from the Microsoft .exe, That’s it (you won’t need to install Windows).
  7. The trickiest part will be configuring the network. If the default NAT does not work for you, try a Bridge connection. If neither work, then you probably need to install the card driver, choose Intel pro/1000MT driver here and install it in your XP from a USB drive. You might need to install the Oracle VM VirtualBox Extension Pack (found in downloads section of virtualbox.org) to enable USB 2.0 drives.
  8. You will want to share files between your host system (OSX) and the guest (XP): add a shared folder and check the auto mount option.
  9. Run the VM and…
  10. ENJOY (err, I mean, test your demos in IE, which is not enjoyable per se)…

OK, if you run into problems using the network or shared folders, even after these instructions, it might be due to the lack of drivers in the official downloadable ISO from Microsoft. I was not able to use XP under this setup. So, I tried a different approach:

  1. Download and install virtualbox.org which is open source and free.
  2. Make a friend that has an original Windows OS disc. If you already have that friend ask him/her to burn an ISO for you. If she/he gives you the original disc and you have another mac with DVD device, you can make it an installer image by running Utilities > Disk utility, and then select the DVD, create a New Image, and make it CD/DVD Master. You will be able to mount that in the air as an installer disc.
  3. Then you just create a new VM in virtualbox and give it some space (in this case, installing from disc, it requieres at least 1400MB, use auto expand option anyway).
  4. Configure the storage settings: create a new CD/DVD device, pointing to your friend’s ISO.
  5. You will want to share files between your host system (OSX) and the guest (XP): add a shared folder and check the auto mount option. 
  6. This time, I tried configuring Bridge network instead of the default NAT (I also tried this in the previous setup with no luck), so in case shared folder works, I won’t even need to insert a USB drive with the ethernet card driver. 
  7. Once everything configured, run the VM and it will launch the OS installer, which takes like 35 minutes. 
  8. Go walk for a while, have a coffee or read a book.
  9. Once installed you should see the shared folder from inside guest OS and be able to use internet. 
  10. Enjoy (finally…?)

Just for the curious minds out there: second setup did'nt work yet for me, I didn’t need to install any driver, but the shared folder was not seen from the guest and I wasn’t able to navigate through my localhost installed in my mac (yes, I was pointing to the IP:port). So… third attempt! My final 10 steps to run windows under a macbook air:

  1. Download a demo version of VMWare Fusion.
  2. Install the software.
  3. Create a new VM.
  4. Configure it to allocate less space instead of the 40GB, I used 1500MB.
  5. I also changed to Bridge connection
  6. Also added 2 shared folders
  7. Run the VM to install the OS
  8. Go walk for a while, have a coffee or read a book.
  9. Once installed you should see the shared folder from inside guest OS and be able to use internet. Including your localhost from the mac. 
  10. ENJOY (big yes, clap your hands). 

Conclusion: virtualbox sucked big time, VM WARE worked like a charm. For me, that is.