Slashdot Mirror
User-Mode Linux Merged Into 2.5 Kernel
An anonymous reader writes "With little fanfare, User Mode-Linux (UML) has been merged into Linus' BitKeeper tree. The merge followed a patch by UML author Jeff Dike, resynching UML with the 2.5.34 development kernel.
From the UML homepage, User-Mode Linux provides you with a virtual machine that offers 'a safe, secure way of running Linux versions and Linux processes. Run buggy software, experiment with new Linux kernels or distributions, and poke around in the internals of Linux, all without risking your main Linux setup.'" There's more UML resources available at the community site.
I have a RedHat box that's colocated that I wanted to move over to Debian - so I installed UML and loaded Debian onto one partition, got everything set up correctly and told LILO to boot off the new slice. After a few minutes of praying Debian came up running all the correct services.
Thanks to the UML team!
Every time I've seen UML mentioned, it's in refrence to kernel programing/X programing/programing in general/software testing/etc. I understand how it would be incredibly usefull in this circumstances. But my question to you guys is this: how would it benifit Joe User to have this installed if he just surfs the web, does e-mail, plays games, GIMPs, etc? Other than just another layer of crash protection, what good is this to the masses?
Comment forecast: Bits of genius surrounded by a sea of mediocrity.
I just did this like 2 days ago. Im astounded that UML (bad name IMHO, been used already) is going into the main tree. ;-) so that ports 22 and 80 to to the *real* linux distro and all other exploitable ports goto my UML machine.
;-)
UML is awesome, dont just set up 1 honeypot, set up 5 let the hacker think theyve found a whole network..
Ive got my machine (no you cant have the IP
Except that ive got TCP wrappers set up so that when you connect to my virtual machine, it NMAPs you and logs it all to a file.
But probably the most fun thing you can do is test things like:
# rm -rf /
Official GOD FAQ.
Well, yes it is, but if you want to take advantage of the security, and debug processes in depth, then you might have some problems.
Many of you will probably remember the Reverse Challenge. One evening I downloaded the malicious binary, and decided that UML would be ideal to try running it in a tightly controlled enironment - using fenris to trace its execution and learn more about it.
Unfortunately, fenris doesn't work under UML (neither does strace if I remember correctly).
Shame. It's a lot cheaper than VMWare!
I know that FreeBSD's jail allows for some level of virtualization. My question is, how technically does this differ from the jail mechanism or does it?
As a side note this sounds like a really cool idea, especially if you could virtualize multiple instances.
-Peter
. Penguins Surely Ca
/me gets the idea to set up a beowulf cluster of UML "boxes" to learn how to set up a cluster...
/usr/games/fortune
Somebody has to mention the Virtual Private Servers (vservers) and security contexts (ctx) patch, which takes chroot(), and adds the good stuff from jail() and more to make completely separated contexts for process groups, without the overhead of another kernel.
I've been running Debian 2.2r7 and RedHat7.2 in parallel with Debian/Woody on the same box for months now with this patch.
--- Hindsight is 20/20, but walking backwards is not the answer.
There are several products that require a custom kernel, and this could certainly benefit all of them.
The one I'm thinking of right now is Win4lin, the cheapest, fastest Windows VM for Linux right now; it needs a kernel with its own patches, and they distribute patches for Debian, Slackware, Mandrake, and Vanilla kernels. My distro (Gentoo) makes a kernel which is known for its speed, but which I'm not using right now because of this (I can't even patch the Vanilla kernel to that level because it the Win4lin patch conflicts with Gentoo's patches).
Mod me down and I will become more powerful than you can possibly imagine!
The news here is that it is merged into 2.5
UML is not new, though this will certainly make things better.
Just think of the neat firewalling you can do.
Run your DNS servers inside a UML session, with traffic to them filtered by firewalling on the host... even if someone breaches BIND, they are stuck in a machine, can't go anywhere, because all traffic to that machine is filtered.
Virtual linux machines for each service that is not performance critical.
UML can emulate an SMP machine. It could be used for benchmarking multi-threaded code and teaching SMP programming without having to fork out big $$$ for SMP machines.
VLM - Virtual Linux Machine?
UMK - User Mode Kernel?
LUM - Linux User Mode?
LVM - Linux Virtual Machine?
PUL - Partitioned User Linux?
LUK = Linux User Kernel? (pronounced Luck!)
Whatever. I do think an new acronym should be found for this.
Software Wars
settings. Just yesterday I was tweaking my memory settings on a K7M mobo and now I get a black screen. No boot, beep, or blinking lights! DAMN!
The only reset on the mobo is to erase the pw.
Really makes me appreciate this.
I've done the Honeypot from home, but filled mine with killer bees instead. I used vmware to setup a honeypot machine running linux with a nice little samba server setup, and semilocked down. It was, however, filled with hundreds of programs and bullsnot documents all infected with one or more windows or dos viruses. I actually had someone email me and complain that my web server was virus infected and that it had caused major problems on their network when an employee of theirs had visited my website. They were threatening legal action and such. I replied to them that I didnt run a web server and that someone from their IP had hacked my machine. Several days later I got an apologetic email that also said the offending employee was no longer in their employ. I love my honeypot!
"Get Moose and Squirrel!"
I've read the web site, but I still don't really understand what UML is. How is it different from something like VMWare?
And the men who hold high places must be the ones who start
To mold a new reality... closer to the heart