Wednesday, September 24, 2008

Packaman Fixed to Work with Proxy Servers

After installing Minix3, I tried to install software as mentioned in the manuals. However as mentioned in those manuals I was unable to get software from the Internet even though I have set the environment variable http_proxy and ftp_proxy. After checking the /usr/bin/packman I figured out that it was shell script using a tool called urlget to download software from the Internet. By looking at the urlget code which was in /usr/src/commands/urlget (which is written in C) I figured out it is written without any consideration to proxies.

The C code for urlget was well written. Therefore I was able to modify it in few hours to work with ftp_proxy and http_proxy environment variables. I have posted the patch to gforge.cs.vu.nl Minix3 tracker. You can patch the /usr/src/commands/urlget with the patch given above. Once you have done do make and make install. Then run the packman with http_proxy and ftp_proxy environment variables set, it will go through the proxy without any problem.

Monday, September 22, 2008

Howto Run Minix3 on Linux with KVM and TAP Network

Yesterday I spent hours trying to get Minix3 working on kvm with CPU VT (Virtualization). However I manged to setup Minix3 running on kvm with CPU VT and TUN/TAP network. After getting Minix3 running as I wished, I thought that putting every little detail in to a small HOWTO would be a definite help for newbies (developers/students) trying out Minix3.

Before starting the work you should check your system for CPU VT support. You can do this by using the following command.

grep 'vmx' /proc/cpuinfo

After running this command, if you see some output on your console then that means your CPU has VT. But this does not mean kvm will work fine, in most cases hardware vendors disable VT support from system BIOS. In such cases you will have to go back to BIOS setup of your computer to enable the feature (In some computers new setting will be effective only after power on off cycle ie:- HP nx6320 note books). Before using the command given below you need to install kvm in your Linux box (if it is not installed already).

For Debian/Ubuntu

sudo apt-get install kvm

For Fedora

sudo yum install kvm


Now you can verify whether VT is enabled by BIOS by using the following command.
For Intel CPUs

sudo modprobe kvm_intel

For AMD CPUs

sudo modprobe kvm_amd

If modprobe exits silently it means that CPU VT is enabled and available for virtualization tasks.

Now it is time for you to download Minix3 iso image. This image is available at www.minix.org. Once you have downloaded the Minix3 iso, you can create an image for Minix3 hard drive.

qemu-img create minix.img 2G

This will create 2 GB file that will work as a hard disk for Minix.

After the file has been created you can start Minix3 installation as given below.

sudo kvm -no-kvm -localtime -net user -net nic -m 128 -cdrom IDE-3.1.2a.iso -hda minix.img -boot d

With above command the Minix should boot from the iso image. After booting is done you will get a login prompt. On the login prompt login as root, no password is required. After login in you can start the installation by issuing the command setup.

setup

When setup goes on it will ask the Ethernet device used in your computer, here you will have to select Realtek rtl8139 as this is one of the Ethernet devices that are emulated by kvm. After selecting this option setup will take you to several other prompts which are quite self explanatory. Once setup is completed give following command to shutdown Minix installation.

shutdown

At this stage Minix3 will run on kvm but with limitations (without network and CPU VT). These problems can be easily solved.

The network problem can be solved by creating a TAP device in your Linux box which comes with UML (User Mode Linux) utilities. You can install UML utilities as given below in Debian/Ubuntu and Fedora system respectively.

sudo apt-get install uml-utilities
sudo yum install uml-utilities

TAP device can be easily created by using the tunctl command as given below.

tunctl -b -u root -t tap0

The above command will create the tap0 device. Now you have to create an Ethernet bridge device in your Linux box which tap0 will be connecting to. To create a bridge Ethernet named br0 use the command given below.

brctl addbr br0

Now put an IP for this bridge device.

ifconfig br0 192.168.1.254 netmask 255.255.255.0 up

You can connect the tap0 to br0 and start the tap0 network interface by using the commands,

brctl addif br0 qtap0
ifconfig qtap0 up 0.0.0.0 promisc


Now it is time to boot Minix3 with network support, as given below.

sudo kvm minix.img -no-kvm -cdrom IDE-3.1.2a.iso -net nic,macaddr=55:43:0F:32:25:12 -net tap,ifname=qtap0,script=no -m 256 -localtime

Remember to put what ever (valid) bogus mac address to macaddr value in -net option. Otherwise your network wont function. At the boot prompt give following commands.

qemu_pci=1
save
boot


Now login as root (no password required) and reboot Minix3.

reboot


After rebooting the Minix system you can configure its' network interface with an IP as shown below.

ifconfig -I /dev/ip -h 192.168.1.1 -n 255.255.255.0
add_route -g 192.168.1.254

Now you should be able to ping 192.168.1.254 which is the IP address of the bridge device. And also you should be able to ping what ever IP address given to your Ethernet interface in your Linux box. But if you try to ping a different computer in your LAN it will fail, to do this go back to your Linux box and configure iptables as given below.

echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -F POSTROUTING
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Now pinging to a computer in your LAN from Minix should work without any problem. You can also setup your nameserver by adding nameserver x.x.x.x int to the file /etc/resolv.conf. You can use elvis editor to edit this file. Further details on setting up Minix network with a permanent IP address, etc can be found at Deep's blog

Once you have setup your network correctly you can recompile Minix kernel with a small modification to it's boot code. Even with the CPU VT support sometimes kvm will crash when booting the guest OS. This happens due to incompatibilities in the sub set of 16bit real mode instructions used by the guest OS and kvm. Unfortunately this happens with standard Minix kernel. Fortunately the problem can be resolved by editing boothead.s located in /usr/src/boot. Before editing this file I recommend you to install vim or emacs (using packman). Once you have opened the file /usr/src/boot/boothead.s go to line 643 and change hlt to !hlt, then go to line 744 and change hlt to !hlt. After saving the changes made to the file go to the directory /usr/src/boot and give following commands.

make
make install

Now shutdown Minix and quit kvm.

shutdown

Now try the command given below, it will start kvm with CPU VT.

sudo kvm minix.img -cdrom IDE-3.1.2a.iso -net nic,macaddr=55:43:0F:32:25:12 -net tap,ifname=qtap0 script=no -m 256 -localtime

After completing all these steps you will have Minix3 running on kvm (with CPU VT) with networking.

I have put all these commands in to a single shell script. All you have to do is running this shell script when you need Minix3 inside your Linux box. (Change file paths to suite your settings)

#!/bin/bash

#load tun module
modprobe tun
#create a bridge and attach eth0
brctl addbr br0
ifconfig br0 192.168.1.254 netmask 255.255.255.0 up
#create tap device and attach it to bridge br0
tunctl -b -u root -t qtap0
brctl addif br0 qtap0
ifconfig qtap0 up 0.0.0.0 promisc
#enable IP forwarding and natting
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -F POSTROUTING
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

#invoke kvm and load minix
kvm minix.img \
-cdrom IDE-3.1.2a.iso \
-net nic,macaddr=55:43:0F:32:25:12 \
-net tap,ifname=qtap0,script=no \
-m 256 \
-localtime
#clean tap and bridge devices
ifconfig qtap0 down
brctl delif br0 qtap0
tunctl -d qtap0
ifconfig br0 down
brctl delbr br0
#delete iptable entries
iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE

Thursday, May 29, 2008

Sunday, February 24, 2008

My First Publication

I finally managed to publish a my first research paper at the 10th International Conference on Advanced Communication Technology held on Feb 17-20, 2008 in Phoenix Park, Korea. In few days it will be indexed by IEEE Xplore and you folks can read the paper titled as "Next Generation Proxy Servers" on 10th ICACT conference proceedings (published by IEEE Communication Society) which was authored by myself and co-authored by Buddhika Siddhisena and Dr. Ajantha Atukorale.You can get the paper from here.