Here is how to setup a sensible dual boot Win7 + Linux environment, with support for virtualization. The setup will use Win7 as the primary OS, minimizing the effects of the dualboot on the Linux environment. This guide assumes that Win7 Pro, 64 bit is previously installed. And that the processor supports VT-X (this is important).
Step 1 : Setup disks
1.1 Shrink the active C: and create a 20 gb partition (extended is fine, not just primary partitions)
1.2 Use the Disk Management plugin in Computer management
1.3 Create this partition as a RAW partition, with no drive letter assigned
Step 2 : Installing Linux
2.1 Put dvd of your favorite linux distro in.
2.2 While installing, use the 20gb partition, formatted as ext3, as the "/" or root partition.
2.3 WHEN INSTALLING GRUB, DO NOT INSTALL IT ON THE MBR. INSTALL GRUB ON THE PARTITION WHERE LINUX IS INSTALLED.
2.4 For the rest of this, we assume that Linux is installed on /dev/sda5
Step 3 : Creating the boot sector
3.1 Reboot computer using a livecd. Most install disks for Linux distributions are live CDs.
3.2 Once booted, switch to a root shell.
3.3 Mount the existing Windows 7 boot drive (i.e. C:). This is usually /dev/sda2
3.4 Copy the boot sector of the Linux installation into a file.
dd if=/dev/sda5 of=/media/Win7/LINUX.BOOT bs=512 count=1
This should create a small file C:\LINUX.BOOT which is the stage 1 of GRUB for the install.
Step 4 : Integrating this with the Windows 7 boot menu
4.1 Boot into Windows 7
4.2 Open an administrator shell by rightclicking "cmd" -> Run As Administrator
4.3 Create an entry for linux. NOTE: {ID} is generated after the first command is run. Its a long GUID for the partition entry.
bcdedit.exe /create /d "Linux" /application BOOTSECTOR
bcdedit.exe /set {ID} device partition=c:
bcdedit.exe /set {ID} PATH \LINUX.BOOT
4.4 Set the order and display time
bcdedit.exe /displayorder {ID} /addlast
bcdedit.exe /timeout 5
4.5 Test this works by rebooting and choosing windows or linux.
5. Setting up Virtual Box in Windows
5.1 Download and install virtual box for windows (NOT THE OPEN SOURCE EDITION)
5.2 Reboot the T510. On boot, press F1 to get BIOS options. Enable the option for VT-x under CPU->Virtualization.
5.3 Save, exit, and reboot into windows.
5.4 Start a new administrator shell
5.5 Navigate to the virtualbox installed folder ("C:\Program Files\Oracle\VirtualBox")
5.6 Check the partition number
VboxManage.exe internalcommands listpartions -rawdisk \\.\PhysicalDrive0
Look for the number of the 20 gb drive (alternately, the partition with type 0x83)
5.7 Create the harddisk
VboxManage.exe internalcommands createrawvmdk -filename rawdisk.vmdk -rawdisk \\.\PhysicalDrive0 -partitions 5 -mbr C:\LINUX.BOOT -register
NOTE: Change the number for the partitions argument to the partition numbers from 5.6. For multiple partitions, use a comma separated list.
5.8 Create a new virtual machine, add this hard disk as the storage disk, and all should be well.
One important note : VirtualBox needs admin access to use raw disks, so if you are running as an alternate user, you must use RunAs to run virtualbox as root. (Even the GUI, everytime)
Refs:
Ref1
Ref2
VirtualBox Manual
Tuesday, September 21, 2010
Monday, April 12, 2010
Centos Aide lgetfilecon_raw
If aide is giving the following error:
lgetfilecon_raw failed for /boot:No data available
It is due to SElinux being diabled by default in CentOS and AIDE using selinux bits in the check. Easiest way to fix is to edit the /etc/aide.conf file to remove all indications of selinux.
NOTE : +R used in many places implies selinux, so that must be replaced
Sample Aide.conf
# Example configuration file for AIDE.
@@define DBDIR /var/lib/aide
@@define LOGDIR /var/log/aide
# The location of the database to be read.
database=file:@@{DBDIR}/aide.db.gz
# The location of the database to be written.
#database_out=sql:host:port:database:login_name:passwd:table
#database_out=file:aide.db.new
database_out=file:@@{DBDIR}/aide.db.new.gz
# Whether to gzip the output to database
gzip_dbout=yes
# Default.
verbose=5
report_url=file:@@{LOGDIR}/aide.log
report_url=stdout
#report_url=stderr
#NOT IMPLEMENTED report_url=mailto:root@foo.com
#NOT IMPLEMENTED report_url=syslog:LOG_AUTH
# These are the default rules.
#
#p: permissions
#i: inode:
#n: number of links
#u: user
#g: group
#s: size
#b: block count
#m: mtime
#a: atime
#c: ctime
#acl: Access Control Lists
#selinux SELinux security context
#xattrs: Extended file attributes
#S: check for growing size
#md5: md5 checksum
#sha1: sha1 checksum
#sha256: sha256 checksum
#sha512: sha512 checksum
#rmd160: rmd160 checksum
#tiger: tiger checksum
#haval: haval checksum (MHASH only)
#gost: gost checksum (MHASH only)
#crc32: crc32 checksum (MHASH only)
#whirlpool: whirlpool checksum (MHASH only)
#R: p+i+n+u+g+s+m+c+acl+selinux+xattrs+md5
#L: p+i+n+u+g+acl+selinux+xattrs
#E: Empty group
#>: Growing logfile p+u+g+i+n+S+acl+selinux+xattrs
# You can create custom rules like this.
# With MHASH...
# ALLXTRAHASHES = sha1+rmd160+sha256+sha512+whirlpool+tiger+haval+gost+crc32
ALLXTRAHASHES = sha1+rmd160+sha256+sha512+tiger
# Everything but access time (Ie. all changes)
EVERYTHING = p+i+n+u+g+s+m+c+acl+xattrs+md5+ALLXTRAHASHES
# Sane, with multiple hashes
# NORMAL = R+rmd160+sha256+whirlpool
NORMAL = p+i+n+u+g+s+m+c+acl+xattrs+md5+rmd160+sha256
# For directories, don't bother doing hashes
DIR = p+i+n+u+g+acl+xattrs
# Access control only
PERMS = p+i+u+g+acl
# Logfile are special, in that they often change
LOG = p+u+g+i+n+S+acl+xattrs
# Just do md5 and sha256 hashes
LSPP = p+i+n+u+g+s+m+c+acl+xattrs+md5+sha256
# Some files get updated automatically, so the inode/ctime/mtime change
# but we want to know when the data inside them changes
DATAONLY = p+n+u+g+s+acl+xattrs+md5+sha256+rmd160+tiger
# Next decide what directories/files you want in the database.
/boot NORMAL
/bin NORMAL
/sbin NORMAL
/lib NORMAL
/opt NORMAL
/usr NORMAL
/root NORMAL
# These are too volatile
!/usr/src
!/usr/tmp
# Check only permissions, inode, user and group for /etc, but
# cover some important files closely.
/etc PERMS
!/etc/mtab
# Ignore backup files
!/etc/.*~
/etc/exports NORMAL
/etc/fstab NORMAL
/etc/passwd NORMAL
/etc/group NORMAL
/etc/gshadow NORMAL
/etc/shadow NORMAL
/etc/security/opasswd NORMAL
/etc/hosts.allow NORMAL
/etc/hosts.deny NORMAL
/etc/sudoers NORMAL
/etc/skel NORMAL
/etc/logrotate.d NORMAL
/etc/resolv.conf DATAONLY
/etc/nscd.conf NORMAL
/etc/securetty NORMAL
# Shell/X starting files
/etc/profile NORMAL
/etc/bashrc NORMAL
/etc/bash_completion.d/ NORMAL
/etc/login.defs NORMAL
/etc/zprofile NORMAL
/etc/zshrc NORMAL
/etc/zlogin NORMAL
/etc/zlogout NORMAL
/etc/profile.d/ NORMAL
/etc/X11/ NORMAL
# Pkg manager
/etc/yum.conf NORMAL
/etc/yumex.conf NORMAL
/etc/yumex.profiles.conf NORMAL
/etc/yum/ NORMAL
/etc/yum.repos.d/ NORMAL
/var/log LOG
/var/run/utmp LOG
# This gets new/removes-old filenames daily
!/var/log/sa
# As we are checking it, we've truncated yesterdays size to zero.
!/var/log/aide.log
# LSPP rules...
# AIDE produces an audit record, so this becomes perpetual motion.
# /var/log/audit/ LSPP
/etc/audit/ LSPP
/etc/libaudit.conf LSPP
/usr/sbin/stunnel LSPP
/var/spool/at LSPP
/etc/at.allow LSPP
/etc/at.deny LSPP
/etc/cron.allow LSPP
/etc/cron.deny LSPP
/etc/cron.d/ LSPP
/etc/cron.daily/ LSPP
/etc/cron.hourly/ LSPP
/etc/cron.monthly/ LSPP
/etc/cron.weekly/ LSPP
/etc/crontab LSPP
/var/spool/cron/root LSPP
/etc/login.defs LSPP
/etc/securetty LSPP
/var/log/faillog LSPP
/var/log/lastlog LSPP
/etc/hosts LSPP
/etc/sysconfig LSPP
/etc/inittab LSPP
/etc/grub/ LSPP
/etc/rc.d LSPP
/etc/ld.so.conf LSPP
/etc/localtime LSPP
/etc/sysctl.conf LSPP
/etc/modprobe.conf LSPP
/etc/pam.d LSPP
/etc/security LSPP
/etc/aliases LSPP
/etc/postfix LSPP
/etc/ssh/sshd_config LSPP
/etc/ssh/ssh_config LSPP
/etc/stunnel LSPP
/etc/vsftpd.ftpusers LSPP
/etc/vsftpd LSPP
/etc/issue LSPP
/etc/issue.net LSPP
/etc/cups LSPP
# With AIDE's default verbosity level of 5, these would give lots of
# warnings upon tree traversal. It might change with future version.
#
#=/lost\+found DIR
#=/home DIR
# Ditto /var/log/sa reason...
!/var/log/and-httpd
# Admins dot files constantly change, just check perms
/root/.* PERMS
lgetfilecon_raw failed for /boot:No data available
It is due to SElinux being diabled by default in CentOS and AIDE using selinux bits in the check. Easiest way to fix is to edit the /etc/aide.conf file to remove all indications of selinux.
NOTE : +R used in many places implies selinux, so that must be replaced
Sample Aide.conf
# Example configuration file for AIDE.
@@define DBDIR /var/lib/aide
@@define LOGDIR /var/log/aide
# The location of the database to be read.
database=file:@@{DBDIR}/aide.db.gz
# The location of the database to be written.
#database_out=sql:host:port:database:login_name:passwd:table
#database_out=file:aide.db.new
database_out=file:@@{DBDIR}/aide.db.new.gz
# Whether to gzip the output to database
gzip_dbout=yes
# Default.
verbose=5
report_url=file:@@{LOGDIR}/aide.log
report_url=stdout
#report_url=stderr
#NOT IMPLEMENTED report_url=mailto:root@foo.com
#NOT IMPLEMENTED report_url=syslog:LOG_AUTH
# These are the default rules.
#
#p: permissions
#i: inode:
#n: number of links
#u: user
#g: group
#s: size
#b: block count
#m: mtime
#a: atime
#c: ctime
#acl: Access Control Lists
#selinux SELinux security context
#xattrs: Extended file attributes
#S: check for growing size
#md5: md5 checksum
#sha1: sha1 checksum
#sha256: sha256 checksum
#sha512: sha512 checksum
#rmd160: rmd160 checksum
#tiger: tiger checksum
#haval: haval checksum (MHASH only)
#gost: gost checksum (MHASH only)
#crc32: crc32 checksum (MHASH only)
#whirlpool: whirlpool checksum (MHASH only)
#R: p+i+n+u+g+s+m+c+acl+selinux+xattrs+md5
#L: p+i+n+u+g+acl+selinux+xattrs
#E: Empty group
#>: Growing logfile p+u+g+i+n+S+acl+selinux+xattrs
# You can create custom rules like this.
# With MHASH...
# ALLXTRAHASHES = sha1+rmd160+sha256+sha512+whirlpool+tiger+haval+gost+crc32
ALLXTRAHASHES = sha1+rmd160+sha256+sha512+tiger
# Everything but access time (Ie. all changes)
EVERYTHING = p+i+n+u+g+s+m+c+acl+xattrs+md5+ALLXTRAHASHES
# Sane, with multiple hashes
# NORMAL = R+rmd160+sha256+whirlpool
NORMAL = p+i+n+u+g+s+m+c+acl+xattrs+md5+rmd160+sha256
# For directories, don't bother doing hashes
DIR = p+i+n+u+g+acl+xattrs
# Access control only
PERMS = p+i+u+g+acl
# Logfile are special, in that they often change
LOG = p+u+g+i+n+S+acl+xattrs
# Just do md5 and sha256 hashes
LSPP = p+i+n+u+g+s+m+c+acl+xattrs+md5+sha256
# Some files get updated automatically, so the inode/ctime/mtime change
# but we want to know when the data inside them changes
DATAONLY = p+n+u+g+s+acl+xattrs+md5+sha256+rmd160+tiger
# Next decide what directories/files you want in the database.
/boot NORMAL
/bin NORMAL
/sbin NORMAL
/lib NORMAL
/opt NORMAL
/usr NORMAL
/root NORMAL
# These are too volatile
!/usr/src
!/usr/tmp
# Check only permissions, inode, user and group for /etc, but
# cover some important files closely.
/etc PERMS
!/etc/mtab
# Ignore backup files
!/etc/.*~
/etc/exports NORMAL
/etc/fstab NORMAL
/etc/passwd NORMAL
/etc/group NORMAL
/etc/gshadow NORMAL
/etc/shadow NORMAL
/etc/security/opasswd NORMAL
/etc/hosts.allow NORMAL
/etc/hosts.deny NORMAL
/etc/sudoers NORMAL
/etc/skel NORMAL
/etc/logrotate.d NORMAL
/etc/resolv.conf DATAONLY
/etc/nscd.conf NORMAL
/etc/securetty NORMAL
# Shell/X starting files
/etc/profile NORMAL
/etc/bashrc NORMAL
/etc/bash_completion.d/ NORMAL
/etc/login.defs NORMAL
/etc/zprofile NORMAL
/etc/zshrc NORMAL
/etc/zlogin NORMAL
/etc/zlogout NORMAL
/etc/profile.d/ NORMAL
/etc/X11/ NORMAL
# Pkg manager
/etc/yum.conf NORMAL
/etc/yumex.conf NORMAL
/etc/yumex.profiles.conf NORMAL
/etc/yum/ NORMAL
/etc/yum.repos.d/ NORMAL
/var/log LOG
/var/run/utmp LOG
# This gets new/removes-old filenames daily
!/var/log/sa
# As we are checking it, we've truncated yesterdays size to zero.
!/var/log/aide.log
# LSPP rules...
# AIDE produces an audit record, so this becomes perpetual motion.
# /var/log/audit/ LSPP
/etc/audit/ LSPP
/etc/libaudit.conf LSPP
/usr/sbin/stunnel LSPP
/var/spool/at LSPP
/etc/at.allow LSPP
/etc/at.deny LSPP
/etc/cron.allow LSPP
/etc/cron.deny LSPP
/etc/cron.d/ LSPP
/etc/cron.daily/ LSPP
/etc/cron.hourly/ LSPP
/etc/cron.monthly/ LSPP
/etc/cron.weekly/ LSPP
/etc/crontab LSPP
/var/spool/cron/root LSPP
/etc/login.defs LSPP
/etc/securetty LSPP
/var/log/faillog LSPP
/var/log/lastlog LSPP
/etc/hosts LSPP
/etc/sysconfig LSPP
/etc/inittab LSPP
/etc/grub/ LSPP
/etc/rc.d LSPP
/etc/ld.so.conf LSPP
/etc/localtime LSPP
/etc/sysctl.conf LSPP
/etc/modprobe.conf LSPP
/etc/pam.d LSPP
/etc/security LSPP
/etc/aliases LSPP
/etc/postfix LSPP
/etc/ssh/sshd_config LSPP
/etc/ssh/ssh_config LSPP
/etc/stunnel LSPP
/etc/vsftpd.ftpusers LSPP
/etc/vsftpd LSPP
/etc/issue LSPP
/etc/issue.net LSPP
/etc/cups LSPP
# With AIDE's default verbosity level of 5, these would give lots of
# warnings upon tree traversal. It might change with future version.
#
#=/lost\+found DIR
#=/home DIR
# Ditto /var/log/sa reason...
!/var/log/and-httpd
# Admins dot files constantly change, just check perms
/root/.* PERMS
Centos Setup buildtools
1. Install Build tools for centos
yum install autoconf automake bison byacc ctags cvs flex gcc-c++ gdb gettext libtool patchutils pkgconfig redhat-rpm-config strace subversion git valgrind boost-devel bzip2-devel cyrus-sasl-devel gmp-devel python-devel readline-devel zlib-devel
yum install autoconf automake bison byacc ctags cvs flex gcc-c++ gdb gettext libtool patchutils pkgconfig redhat-rpm-config strace subversion git valgrind boost-devel bzip2-devel cyrus-sasl-devel gmp-devel python-devel readline-devel zlib-devel
Sunday, April 11, 2010
Basic Centos Setup #1
1. Change the default email to whatever external mail might be
echo ${EMAIL} >> /root/.forward
2. Logwatch
yum install logwatch
2.1. Edit the conf file /usr/share/logwatch/default.conf/logfiles/cron.conf
Replace line 20
Archive=cron.*
with
Archive=/var/log/cron.*
3. Aide
yum install aide
3.1. Initialize the database
aide --init
3.2. Copy the database to the regular spot
cp /var/lib/aide/aide.db.new.gz /var/lib/aide/aide.db.gz
3.3. Add a cron script to run aide daily
/etc/cron.daily/aide.cron
#!/bin/bash
/usr/sbin/aide --check | /bin/mail -s "Daily AIDE check" ${EMAIL}
echo ${EMAIL} >> /root/.forward
2. Logwatch
yum install logwatch
2.1. Edit the conf file /usr/share/logwatch/default.conf/logfiles/cron.conf
Replace line 20
Archive=cron.*
with
Archive=/var/log/cron.*
3. Aide
yum install aide
3.1. Initialize the database
aide --init
3.2. Copy the database to the regular spot
cp /var/lib/aide/aide.db.new.gz /var/lib/aide/aide.db.gz
3.3. Add a cron script to run aide daily
/etc/cron.daily/aide.cron
#!/bin/bash
/usr/sbin/aide --check | /bin/mail -s "Daily AIDE check" ${EMAIL}
Using Dag Wiers RPMForge with centos5
Original Source: Centos RPMForge Setup
1. Install priorities plugin for yum
yum install yum-priorities
2. Enable plugins (usually turned on by default)
/etc/yum/pluginconf.d/priorities.conf
[main]
enabled=1
3. Edit all the repos.conf
3.1. /etc/yum.repos.d/CentOS-Base.repo
[base], [updates], [addons] [extras] ... priority=1
[centosplus] [contrib] ... priority=2
3.2. /etc/yum.repos.d/vz.repo
[vz-base] ... priority=3
[vz-updates] ... priority=4
4. Get Dag RPM
wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.1-1.el5.rf.i386.rpm
5. Import the GPG key for Dag's repo
rpm --import http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dag.txt
6. Verify the RPM package
rpm -K rpmforge-release-0.5.1-1.el5.rf.*.rpm
7. Install RPM
rpm -i rpmforge-release-0.5.1-1.el5.rf.*.rpm
8. Reset the RPMForge priority. Edit /etc/yum.repos.d/rpmforge.repo
[rpmforge]
priority=10
9. Test the setup
yum check-update
1. Install priorities plugin for yum
yum install yum-priorities
2. Enable plugins (usually turned on by default)
/etc/yum/pluginconf.d/priorities.conf
[main]
enabled=1
3. Edit all the repos.conf
3.1. /etc/yum.repos.d/CentOS-Base.repo
[base], [updates], [addons] [extras] ... priority=1
[centosplus] [contrib] ... priority=2
3.2. /etc/yum.repos.d/vz.repo
[vz-base] ... priority=3
[vz-updates] ... priority=4
4. Get Dag RPM
wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.1-1.el5.rf.i386.rpm
5. Import the GPG key for Dag's repo
rpm --import http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dag.txt
6. Verify the RPM package
rpm -K rpmforge-release-0.5.1-1.el5.rf.*.rpm
7. Install RPM
rpm -i rpmforge-release-0.5.1-1.el5.rf.*.rpm
8. Reset the RPMForge priority. Edit /etc/yum.repos.d/rpmforge.repo
[rpmforge]
priority=10
9. Test the setup
yum check-update
Thursday, April 1, 2010
Centos 5 Logwatch bug
Centos 5 seems to have a bug in the default version of logwatch that is in the repos. If you are getting :
system cat failed: 256 at /usr/sbin/logwatch line 880
Then, there is a problem wit the cron configuration. Make the following change in file /usr/share/logwatch/default.conf/logfiles/cron.conf line 20 to
Archive = /var/log/cron.*
The problem was that the cron file filter was picking up cron.* (i.e. cron.daily, cron.monthly etc) which was causing a the cat to fail, as they are directories and not simple files.
system cat failed: 256 at /usr/sbin/logwatch line 880
Then, there is a problem wit the cron configuration. Make the following change in file /usr/share/logwatch/default.conf/logfiles/cron.conf line 20 to
Archive = /var/log/cron.*
The problem was that the cron file filter was picking up cron.* (i.e. cron.daily, cron.monthly etc) which was causing a the cat to fail, as they are directories and not simple files.
Subscribe to:
Posts (Atom)