tech stuff

Main - Archive - About - Feed

Booting Debian off phisical HDD in VirtualBox on WinXP host

While working in windows on dualboot system, it's handy to have access to linux system, installed on the same phisical machine. It'spossible by booting linux off the phicical hard drive in a virtual machine. I use VirtualBox with raw disk image for this:

First, look how VirtualBox sees the phisical partition:

$ VBoxManage.exe internalcommands listpartitions -rawdisk '\\.\PhysicalDrive0'
Number  Type   StartCHS       EndCHS      Size (MiB)  Start (Sect)
1       0x07  0   /1  /1   1023/254/63         30718           63
2       0x07  1023/254/63  1023/254/63        149997     62910540
3       0x83  1023/254/63  1023/254/63           286    370106368
5       0x83  1023/254/63  1023/254/63         57472    370694144

Here we see partitions 1,2 as WinXP C: and D: drives, partition 3 as /boot, and partition 5 as LVM. Now we create raw disk image with only needed linux partitions 3,5 (we don't want to mess with windows disks used by live windows host).

$ VBoxManage.exe internalcommands createrawvmdk -rawdisk '\\.\PhysicalDrive0' -partitions 3,5 -filename raw-disk.vmdk
RAW host disk access VMDK file raw-disk.vmdk created successfully.

There are 2 resulting files:
raw-disk.vmdk - text file virtual disk description
raw-disk-pt.vmdk - MBR and partition data from phisical disk

$ file -b raw-disk.vmdk
ASCII text
$ file -b raw-disk-pt.vmdk | sed 's/\; /\;\n/g'
x86 boot sector;
partition 1: ID=0x7, active, starthead 1, startsector 63, 62910477 sectors;
partition 2: ID=0x7, starthead 254, startsector 62910540, 307194930 sectors;
partition 3: ID=0x83, active, starthead 254, startsector 370106368, 585728 sectors;
partition 4: ID=0x5, starthead 254, startsector 370694142, 117702658 sectors, code offset 0x1e

Now in VirtualBox we create a standard linux Debian virtual machine. In System -> Processor tab, enable PAE/NX. Add raw-disk.vmdk as SATA disk. Enable second network adapter, and set it attached to Host-only Adapter (it's going to be used for network communication between guest and host, so, configure it via /etc/network/interfaces on guest later).

We can boot it now, but we will be facing a TrueCrypt boot loader, sitting in the MBR:

$ hexdump -C -n 32 raw-disk-pt.vmdk
00000000  ea 1e 7c 00 00 20 54 72  75 65 43 72 79 70 74 20  |..|.. TrueCrypt |
00000010  42 6f 6f 74 20 4c 6f 61  64 65 72 0d 0a 00 fa 33  |Boot Loader....3|
00000020

So, pressing escape needed to get to the grub2 in PBR of /boot partition. To eleminate TrueCrypt boot loader when booting in virtual machine, it's possible to play around with replacing bootstrap code in raw-disk-pt.vmdk image (like described here), but more simple shortcut would be to create a grub4dos boot floppy image (script and instructions here), and chainload grub2 on /boot partition via it, by modifying menu.lst on floppy root:

timeout 0
# chainload grub2 from /boot partition (/dev/sda3)
title grub2
kernel (hd0,2)/grub/core.img

and adding resulting floppy image to our virtual machine, as primary boot device.

wget SSL certificate error on cygwin

An issue:

$ wget -O - https://www.kernel.org
...
ERROR: The certificate of `www.kernel.org' is not trusted.
ERROR: The certificate of `www.kernel.org' hasn't got a known issuer.

Solution:

$ apt-cyg install ca-certificates
$ cygcheck -l ca-certificates
/usr/ssl/certs/ca-bundle.crt
/usr/ssl/certs/ca-bundle.trust.crt
$ echo "ca_certificate = /usr/ssl/certs/ca-bundle.crt" >> /etc/wgetrc

PC setup: XP/Debian dualboot with full disk encryption (C:/D: TrueCrypt + dm-crypt)

Got Samsung NC110 netbook, decommissioned at work, perfectly fitting my current reqs for a mobile workplace. Onboard Win7 Starter too heavy for netbooks anyway, but I still need windows for some tasks. Decided to wipe it out, and replace with XP SP3 (surprisingly legal one, hologrammic hardcopy found in legacy box), dualbooted with Debian Linux. Disk encryption is mandatory for both OS's.

Netbook lacks CD/DVD, and I don't like playing with this kind of media, so first I needed bootable USB stick, with an ability to direct boot installation and livecd iso images of any kind, just by dropping them on USB flash. RMPrepUSB and Easy2Boot from rmprepusb.com are one of the options. After creating bootable USB flash we are back to our setup.

First install Windows XP (vanilla XP installs without any problems). Create 2 ntfs partitions for c: and d: disks, leaving space for linux install. Then download and install hardware-specific drivers for XP from Samsung site Now Windows has 2 partitions - disk C: for system, and D: for data.

Install TrueCrypt. Encrypt System on C: disk - In Start -> run, type:

"C:\Program Files\TrueCrypt\TrueCrypt Format.exe" /n

(cmdline option to skip rescue disk iso burning verification later)

From wizard: "Encrypt the system partition or entire system drive" -> "Normal" -> "Encrypt the Windows system partition" -> "Multi-boot" -> "Warning:Yes" -> "BootDrive:Yes" -> "Number of System Drives: 1" -> "Non-Windows Boot Loader: No" -> "Encryption/Hash Alhorythms (by benchmark/default)" -> "Password (choose a goooood one)" -> "Collect Random Data" -> "Keys Generated" -> "Rescue Disk (generate iso and copy to usb flash)" -> "Wipe Mode(choose)" -> "System Encryption Pretest" (restart Computer) -> (Type in your passphrase on boot) -> "Pretest Completed: Encrypt" -> "Encryption (drink some coffee)" -> "Finish".

Reboot to verify.

Encrypt empty D: disk for data: Doble click on TrueCrypt tray icon, "Create volume" ->"Encrypt a non-system partition/drive" -> Standard TrueCrypt volume -> "Select Device" -> "Drive D:" -> "Are you sure? Yes" -> "Next" -> "Create encryptrd volume and format i it" -> "Encryption options: same as for drive C:" -> "Volume Password: same as for drive C" -> "Filesystem NTFS / Cluster Default / Quick format" -> "Format" -> "Are you sure: Yes" -> "OK" -> "Exit"

Right click "My Computer" -> "Manage" -> "Storage" -> "Disk Management"

Right vlick on "D:" -> "Change Drive Letter and Paths" -> "Remove" -> "Yes"

Doble click on TrueCrypt tray icon, select "D:" -> "Select device" -> "\Device'Harddisk0\Partition2" (ex. D: drive) -> "Mount"

From TrueCrypt menu -> Favorities -> "Add Mounted Volume to System Favorities…" -> "D:" -> check "Mount system favorite volumes when Windows starts" and "Allow only administrators…" -> "Ok" -> Exit

Reboot to verify both C: and D: encrypted volumes mounts on boot with single preboot auth password.

Install Debian 7 "wheezy" - since at the time of wtitting it's yet in testing, and netbook network hardware requires non-free firmware components, download custom netinst iso and boot install from it. In "Partition disks" menu choose "Manual":

"FREE SPACE" -> "Create a new partition" -> "size: 300 MB" -> "Primary" (TrueCrypt in MBR needs it to be primary) -> "Beginning" -> "Use as: Ext4, Mount point /boot, Label: boot, Bootable flag: on" -> Done.

"FREE SPACE" -> "Create a new partition" -> "size: agree with all that left" -> Logical -> "Use as: physical volume for encryption" -> "Erase data: no, others: agree with defaults" -> Done

"Configure encrypted volumes" -> "Write changes" -> "Yes" -> "Create encrypted volumes" -> choose one with "crypto" in it -> Finish -> Choose passphrase Select "Encrypted Volume #1 -> "Use as: physical volume for LVM" -> Done

"Configure the Logical Volume Manager" -> "Create volume group" -> "name: volumes"-> select mapper crypt device -> "Create logical volume" -> "volumes" -> "name: swap" -> "size: 2G" -> "Create logical volume" -> "volumes" -> "name: root" -> "size: agree with the rest" -> Finish"

"LV root #1" -> "Use as: Ext4, Mount point: /" -> Done

"LV swap #1" -> "Use as: swap area" -> Done

Finish partitioning and write changes to disk. Then istall as usual, with "SSH server, Laptop and Standard system utilities" Software selection. When it offers to instal GRUB to MBR, say No, and install it to PBR of the "boot" partition (/dev/sda3 in our case). After reboot, press escape on TrueCrypt boot loader pre-boot auth, and it will continue to GRUB. Boot linux with dm-crypt passphrase. As root start fdisk, and toggle boot flag on windows C: partiion (/dev/sda1):

# fdisk /dev/sda
Command (m for help): a
Partition number (1-5): 1
Command (m for help): w

So, now we have 2 bootable partitions: windows c: and linux "/boot". On boot enter TrueCrypt passphrase if you want to boot Windows, or press Escape to GRUB/linux.

apt-cyg

Windows IS usable. Install cygwin. Install apt-cyg:

$ svn --force export http://apt-cyg.googlecode.com/svn/trunk/ /bin/
$ chmod +x /bin/apt-cyg

Add cygwin distro and cygports aliases to apt-cyg (update ~/.bashrc accordlngly). Cygwinports advices to use different mirrors for ports and distro, though not sure it's critical.

$ alias apt-c='apt-cyg -m http://mirrors.kernel.org/sourceware/cygwin/'
$ alias apt-p='apt-cyg -m http://mirrors.kernel.org/sourceware/cygwinports/'

Use:

$ apt-c install lighttpd
$ apt-p install php php-sqlite3