Menu
▾
▴
isolated-exec-devel
|
From: Passera, P. R <pab...@in...> - 2009-01-27 17:02:28
|
Mmm, it should have closed automatically after closing Notepad.exe. In this way the decision module will restart the VM and add it to the VMPool. I will try to reproduce the error in our installation. Pablo PS: I am copying Isolated-exec distribution list so this so others can benefit from this also. Could you copy the list also? >-----Original Message----- >From: Todd Deshane [mailto:des...@gm...] >Sent: Tuesday, January 27, 2009 2:57 PM >To: Passera, Pablo R >Cc: Protti, Duilio J; Giusti, Gisela; Colsani, Guillermo E >Subject: Re: [Xen-research] Security through Isolation in Xen > >On Tue, Jan 27, 2009 at 11:56 AM, Passera, Pablo R ><pab...@in...> wrote: >>>I then closed the sandbox VM and tried to send cmd.exe, but that led >>>to the same error as before. >> >> Did you close the VM by hand or did it close automatically after >closing notepad in the sandbox? >> >> > >By Hand. > >>>-----Original Message----- >>>From: Todd Deshane [mailto:des...@gm...] >>>Sent: Tuesday, January 27, 2009 2:52 PM >>>To: Passera, Pablo R >>>Cc: Protti, Duilio J; Giusti, Gisela; Colsani, Guillermo E >>>Subject: Re: [Xen-research] Security through Isolation in Xen >>> >>>On Tue, Jan 27, 2009 at 11:32 AM, Passera, Pablo R >>><pab...@in...> wrote: >>>>>It seems that something isn't fully setup up correctly or there is >>>>>another bug/problem. >>>> >>>> To migrate the executable to the other VM, the program tries to >fetch >>>a VM from the VM pool. In this case, because we stated like that in >the >>>deployment >>>> guide there is only one sandbox (you can add as many as you want, >and >>>your system permits, creating more windows images and adding them in >>>vmpool.cfg). So, in theory, after running the application and once you >>>close the application in the Sandbox, the migration module running in >>>the sandbox VM should detect that the program was closed. After that, >it >>>sends a command to the decision module running in Dom0 and then the >>>decision module restarts the VM and put that available again in the VM >>>pool. We never tested with Windows shortcuts, so maybe that was the >>>problem. Somehow, the migration module did not detected that notepad >was >>>closed. Could you try again but always sending an executable? >>>> >>> >>> >>>OK, so sending the first executable worked fine. (notepad showed up on >>>the sandbox VM as expected) >>> >>>I then closed the sandbox VM and tried to send cmd.exe, but that led >>>to the same error as before. >>> >>>It seems that the network in the user VM is broken somehow. Can't ping >>>dom0, google... >>> >>>Attached is the screen shot of the UserVM (error) and here is the >>>command console log >>> >>>** (ie:22142): DEBUG: Initializing >>>** (ie:22142): DEBUG: Processing CONFIG group [DecisionModule] >>>** (ie:22142): DEBUG: Processing CONFIG group [UserVM] >>>** Message: Booting User VM: xm create "/etc/xen/UserVM.cfg" >>>Using config file "/etc/xen/UserVM.cfg". >>>Started domain UserVM >>>Setting Guest IP to '192.168.0.1' >>>Configuring bridge xenbr0 >>>** (ie:22142): DEBUG: [TIME] VMPool initialization begun at >>>1233074763.613652 >>>** (ie:22142): DEBUG: Processing CONFIG group 'Sandbox01' >>>** (ie:22142): DEBUG: Initializing Xen backend >>>** (ie:22142): DEBUG: Into vmpool_pool_init >>>** (ie:22142): DEBUG: vmpool_pool_init: uploading image 60A040 into vm >>>60D3D0 >>>** (ie:22142): DEBUG: Into vm_set_vm_status >>>** Message: [XEN backend]: Booting VM: xm create >>>"/etc/xen/Sandbox01.cfg" >>>Using config file "/etc/xen/Sandbox01.cfg". >>>Started domain Sandbox01 >>>** Message: [XEN backend]: Created new domain 25 >>>** Message: Invoking post boot program: >>>/usr/local/bin/vmpool-setup-network-xen-guest.sh 192.168.0.2 >>>Setting Guest IP to '192.168.0.2' >>>Configuring bridge xenbr0 >>>** Message: Using Boot Detector: '/usr/local/bin/vmpool-windetect -s 1 >>>-r 400 192.168.0.2' >>>** Message: Host 192.168.0.2 detected >>>** Message: [XEN backend]: Pausing VM: xm pause Sandbox01 >>>** (ie:22142): DEBUG: Into vm_set_vm_status >>>** (ie:22142): DEBUG: [TIME] Pool paused - Initialization completed at >>>1233074827.382199 >>>** (ie:22142): DEBUG: IP Interface starting >>>** (ie:22142): DEBUG: Socket 3 created >>>** (ie:22142): DEBUG: Socket 3 bound >>>** (ie:22142): DEBUG: Receive >>>** (ie:22142): DEBUG: Adding socket 3 to fds >>>** (ie:22142): DEBUG: nfds = 4 >>>** (ie:22142): DEBUG: Packet received >>>** (ie:22142): DEBUG: Reading the packet >>>** (ie:22142): DEBUG: Reading from socket 3 flags 0 >>>** (ie:22142): DEBUG: Session accepted with socket 4 >>>** (ie:22142): DEBUG: if_ip_send_pending >>>** (ie:22142): DEBUG: if_ip_send >>>** (ie:22142): DEBUG: if_ip_send session >>>** (ie:22142): DEBUG: if_ip_send >>>** (ie:22142): DEBUG: if_ip_send session >>>** (ie:22142): DEBUG: Receive >>>** (ie:22142): DEBUG: Adding socket 3 to fds >>>** (ie:22142): DEBUG: nfds = 4 >>>** (ie:22142): DEBUG: Adding socket 4 to fds >>>** (ie:22142): DEBUG: nfds = 5 >>>** (ie:22142): DEBUG: Packet received >>>** (ie:22142): DEBUG: Reading the packet >>>** (ie:22142): DEBUG: Reading from socket 4 flags 1 >>>** (ie:22142): DEBUG: count=61 >>>buffer=CMD=DELEGATE|APP=any|FILE=NOTEPAD.EXE|PATH=/home/delegator/| >>>** (ie:22142): DEBUG: Interface parser >>>** (ie:22142): DEBUG: Message: >>>CMD=DELEGATE|APP=any|FILE=NOTEPAD.EXE|PATH=/home/delegator/| >>>** (ie:22142): DEBUG: Delegate command handler >>>** (ie:22142): DEBUG: efilter_execute >>>** Message: any NOTEPAD.EXE /home/delegator/ >>>** (ie:22142): DEBUG: Into vmpool_pool_get_free_vm >>>** (ie:22142): DEBUG: Into vmpool_pool_find_vm_status >>>** (ie:22142): DEBUG: vmpool_pool_find_vm_status: Match on 60D3D0 >>>** (ie:22142): DEBUG: vmpool_pool_get_free_vm: item found 608570 >>>item_data 60D3D0 >>>** Message: [XEN backend]: Unpausing VM: xm unpause Sandbox01 >>>** (ie:22142): DEBUG: Into vm_set_vm_status >>>** (ie:22142): DEBUG: /usr/bin/scp -v -i /home/delegator/.ssh/id_rsa >>>/home/delegator/NOTEPAD.EXE delegator@192.168.0.2:/tmp >>>Executing: program /usr/bin/ssh host 192.168.0.2, user delegator, >>>command scp -v -t /tmp >>>OpenSSH_5.1p1 Debian-3ubuntu1, OpenSSL 0.9.8g 19 Oct 2007 >>>debug1: Reading configuration data /etc/ssh/ssh_config >>>debug1: Applying options for * >>>debug1: Connecting to 192.168.0.2 [192.168.0.2] port 22. >>>debug1: Connection established. >>>debug1: permanently_set_uid: 0/0 >>>debug1: identity file /home/delegator/.ssh/id_rsa type 1 >>>debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048 >>>debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048 >>>debug1: Remote protocol version 2.0, remote software version >OpenSSH_5.1 >>>debug1: match: OpenSSH_5.1 pat OpenSSH* >>>debug1: Enabling compatibility mode for protocol 2.0 >>>debug1: Local version string SSH-2.0-OpenSSH_5.1p1 Debian-3ubuntu1 >>>debug1: SSH2_MSG_KEXINIT sent >>>debug1: SSH2_MSG_KEXINIT received >>>debug1: kex: server->client aes128-cbc hmac-md5 none >>>debug1: kex: client->server aes128-cbc hmac-md5 none >>>debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent >>>debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP >>>debug1: SSH2_MSG_KEX_DH_GEX_INIT sent >>>debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY >>>debug1: Host '192.168.0.2' is known and matches the RSA host key. >>>debug1: Found key in /root/.ssh/known_hosts:9 >>>debug1: ssh_rsa_verify: signature correct >>>debug1: SSH2_MSG_NEWKEYS sent >>>debug1: expecting SSH2_MSG_NEWKEYS >>>debug1: SSH2_MSG_NEWKEYS received >>>debug1: SSH2_MSG_SERVICE_REQUEST sent >>>debug1: SSH2_MSG_SERVICE_ACCEPT received >>>debug1: Authentications that can continue: >>>publickey,password,keyboard-interactive >>>debug1: Next authentication method: publickey >>>debug1: Offering public key: /home/delegator/.ssh/id_rsa >>>debug1: Server accepts key: pkalg ssh-rsa blen 277 >>>debug1: read PEM private key done: type RSA >>>debug1: Authentication succeeded (publickey). >>>debug1: channel 0: new [client-session] >>>debug1: Requesting no-...@op... >>>debug1: Entering interactive session. >>>debug1: Sending environment. >>>debug1: Sending env LANG = en_US.UTF-8 >>>debug1: Sending command: scp -v -t /tmp >>>Sending file modes: C0644 69120 NOTEPAD.EXE >>>Sink: C0644 69120 NOTEPAD.EXE >>>NOTEPAD.EXE 100% 68KB 67.5KB/s >>>00:00 >>>debug1: client_input_channel_req: channel 0 rtype exit-status reply 0 >>>debug1: channel 0: free: client-session, nchannels 1 >>>debug1: fd 0 clearing O_NONBLOCK >>>debug1: fd 1 clearing O_NONBLOCK >>>Transferred: sent 71600, received 2392 bytes, in 0.8 seconds >>>Bytes per second: sent 86331.3, received 2884.1 >>>debug1: Exit status 0 >>>** (ie:22142): DEBUG: Session sd=5 connected to 192.168.0.2:9999 with >>>flags 2 >>>** (ie:22142): DEBUG: efilter_if_send >>>** (ie:22142): DEBUG: if_ip_send_pending >>>** (ie:22142): DEBUG: if_ip_send >>>** (ie:22142): DEBUG: if_ip_send session >>>** (ie:22142): DEBUG: if_ip_send >>>** (ie:22142): DEBUG: if_ip_send session >>>** (ie:22142): DEBUG: if_ip_send >>>** (ie:22142): DEBUG: if_ip_send session >>>** (ie:22142): DEBUG: Message to send: >>>CMD=MIGRATED|APP=any|SRC=c:\\cygwin\\tmp\\NOTEPAD.EXE length 53 >>>** (ie:22142): DEBUG: Receive >>>** (ie:22142): DEBUG: Adding socket 3 to fds >>>** (ie:22142): DEBUG: nfds = 4 >>>** (ie:22142): DEBUG: Adding socket 4 to fds >>>** (ie:22142): DEBUG: nfds = 5 >>>** (ie:22142): DEBUG: Adding socket 5 to fds >>>** (ie:22142): DEBUG: nfds = 6 >>>** (ie:22142): DEBUG: Packet received >>>** (ie:22142): DEBUG: Reading the packet >>>** (ie:22142): DEBUG: Reading from socket 5 flags 2 >>>** (ie:22142): DEBUG: count=8 buffer=CMD=ACK| >>>** (ie:22142): DEBUG: Interface parser >>>** (ie:22142): DEBUG: Message: CMD=ACK| >>>** Message: Command not recognized >>>** (ie:22142): DEBUG: if_ip_send_pending >>>** (ie:22142): DEBUG: if_ip_send >>>** (ie:22142): DEBUG: if_ip_send session >>>** (ie:22142): DEBUG: if_ip_send >>>** (ie:22142): DEBUG: if_ip_send session >>>** (ie:22142): DEBUG: if_ip_send >>>** (ie:22142): DEBUG: if_ip_send session >>>** (ie:22142): DEBUG: Receive >>>** (ie:22142): DEBUG: Adding socket 3 to fds >>>** (ie:22142): DEBUG: nfds = 4 >>>** (ie:22142): DEBUG: Adding socket 4 to fds >>>** (ie:22142): DEBUG: nfds = 5 >>>** (ie:22142): DEBUG: Adding socket 5 to fds >>>** (ie:22142): DEBUG: nfds = 6 >>>** (ie:22142): DEBUG: Packet received >>>** (ie:22142): DEBUG: Reading the packet >>>** (ie:22142): DEBUG: Reading from socket 5 flags 2 >>>** (ie:22142): DEBUG: count=15 buffer=CMD=ACK_RUN_OK| >>>** (ie:22142): DEBUG: Interface parser >>>** (ie:22142): DEBUG: Message: CMD=ACK_RUN_OK| >>>** (ie:22142): DEBUG: efilter_if_send >>>** (ie:22142): DEBUG: if_ip_send_pending >>>** (ie:22142): DEBUG: if_ip_send >>>** (ie:22142): DEBUG: if_ip_send session >>>** (ie:22142): DEBUG: if_ip_send >>>** (ie:22142): DEBUG: if_ip_send session >>>** (ie:22142): DEBUG: Message to send: ACK_RUN_OK length 10 >>>** (ie:22142): DEBUG: if_ip_send >>>** (ie:22142): DEBUG: if_ip_send session >>>** (ie:22142): DEBUG: Receive >>>** (ie:22142): DEBUG: Adding socket 3 to fds >>>** (ie:22142): DEBUG: nfds = 4 >>>** (ie:22142): DEBUG: Adding socket 4 to fds >>>** (ie:22142): DEBUG: nfds = 5 >>>** (ie:22142): DEBUG: Adding socket 5 to fds >>>** (ie:22142): DEBUG: nfds = 6 >>>** (ie:22142): DEBUG: Packet received >>>** (ie:22142): DEBUG: Reading the packet >>>** (ie:22142): DEBUG: Reading from socket 5 flags 2 >>>** (ie:22142): DEBUG: Socket 5 closed >>>** (ie:22142): DEBUG: Connection with socket 5 closed. Session removed >>>** (ie:22142): DEBUG: if_ip_send_pending >>>** (ie:22142): DEBUG: if_ip_send >>>** (ie:22142): DEBUG: if_ip_send session >>>** (ie:22142): DEBUG: if_ip_send >>>** (ie:22142): DEBUG: if_ip_send session >>>** (ie:22142): DEBUG: Receive >>>** (ie:22142): DEBUG: Adding socket 3 to fds >>>** (ie:22142): DEBUG: nfds = 4 >>>** (ie:22142): DEBUG: Adding socket 4 to fds >>>** (ie:22142): DEBUG: nfds = 5 >>>** (ie:22142): DEBUG: Packet received >>>** (ie:22142): DEBUG: Reading the packet >>>** (ie:22142): DEBUG: Reading from socket 4 flags 1 >>>** Message: Error reading data: >>>** (ie:22142): DEBUG: if_ip_send_pending >>>** (ie:22142): DEBUG: if_ip_send >>>** (ie:22142): DEBUG: if_ip_send session >>>** (ie:22142): DEBUG: if_ip_send >>>** (ie:22142): DEBUG: if_ip_send session >>>** (ie:22142): DEBUG: Receive >>>** (ie:22142): DEBUG: Adding socket 3 to fds >>>** (ie:22142): DEBUG: nfds = 4 >>>** (ie:22142): DEBUG: Adding socket 4 to fds >>>** (ie:22142): DEBUG: nfds = 5 >>>** (ie:22142): DEBUG: Packet received >>>** (ie:22142): DEBUG: Reading the packet >>>** (ie:22142): DEBUG: Reading from socket 4 flags 1 >>>** (ie:22142): DEBUG: Socket 4 closed >>>** (ie:22142): DEBUG: Connection with socket 4 closed. Session removed >>>** (ie:22142): DEBUG: if_ip_send_pending >>>** (ie:22142): DEBUG: if_ip_send >>>** (ie:22142): DEBUG: if_ip_send session >>>** (ie:22142): DEBUG: Receive >>>** (ie:22142): DEBUG: Adding socket 3 to fds >>>** (ie:22142): DEBUG: nfds = 4 >>> >>> >>> >>>> Thanks, >>>> Pablo >>> >>>-- >>>Todd Deshane >>>http://todddeshane.net >>>http://runningxen.com >> > > > >-- >Todd Deshane >http://todddeshane.net >http://runningxen.com |
|
From: Todd D. <des...@gm...> - 2009-01-27 17:28:37
|
On Tue, Jan 27, 2009 at 12:02 PM, Passera, Pablo R <pab...@in...> wrote: > Mmm, it should have closed automatically after closing Notepad.exe. In this way the decision module will restart the VM and add it to the VMPool. I will try to reproduce the error in our installation. > Even withough closing, trying to run notepad again, I get a NO_FREE_VM error on the user VM... I see, I only have one sandbox VM... So it looks like I can uncomment/make more in /etc/vmpool.conf right? Does anybody have a Linux Sandbox VM that I could download? If not, I'll try to make a Linux one (with wine installed)... Cheers, Todd > Pablo > > > PS: I am copying Isolated-exec distribution list so this so others can benefit from this also. Could you copy the list also? > Sure :) -- Todd Deshane http://todddeshane.net http://runningxen.com |
|
From: Passera, P. R <pab...@in...> - 2009-01-27 17:48:49
|
>Even withough closing, trying to run notepad again, I get a NO_FREE_VM >error on the user VM... After closing notepad the VM should be restarted and once is up and running again, the decision module will add it automatically to the VMPool. This takes like 45 seconds. After that you can send an application again. If you have more than one VM in the pool, you can send the application immediately and the decision module will pick another VM from the pool while the first one is starting. >I see, I only have one sandbox VM... So it looks like I can >uncomment/make more in /etc/vmpool.conf right? Yes, that is correct. >Does anybody have a Linux Sandbox VM that I could download? If not, >I'll try to make a Linux one (with wine installed)... You can do that or you can copy the windows image and configure the network in it (you can put 192.168.0.2 to this other one). Also you will have to modify vmpool.cfg to point to the correct xen config file for this new machine and all the other configurations there. If you install a linux machine with wine remember to install the migration module in wine. Unfortunately, I don't have here a linux image ready to run. Regards, Pablo >-----Original Message----- >From: Todd Deshane [mailto:des...@gm...] >Sent: Tuesday, January 27, 2009 3:29 PM >To: Passera, Pablo R >Cc: Protti, Duilio J; Giusti, Gisela; Colsani, Guillermo E; isolated- >exe...@li... >Subject: Re: [Xen-research] Security through Isolation in Xen > >On Tue, Jan 27, 2009 at 12:02 PM, Passera, Pablo R ><pab...@in...> wrote: >> Mmm, it should have closed automatically after closing Notepad.exe. In >this way the decision module will restart the VM and add it to the >VMPool. I will try to reproduce the error in our installation. >> > >Even withough closing, trying to run notepad again, I get a NO_FREE_VM >error on the user VM... > >I see, I only have one sandbox VM... So it looks like I can >uncomment/make more in /etc/vmpool.conf right? > >Does anybody have a Linux Sandbox VM that I could download? If not, >I'll try to make a Linux one (with wine installed)... > >Cheers, >Todd > >> Pablo >> >> >> PS: I am copying Isolated-exec distribution list so this so others can >benefit from this also. Could you copy the list also? >> > >Sure :) > > >-- >Todd Deshane >http://todddeshane.net >http://runningxen.com |
|
From: Todd D. <des...@gm...> - 2009-01-27 22:49:20
|
On Tue, Jan 27, 2009 at 12:48 PM, Passera, Pablo R <pab...@in...> wrote: >>Even withough closing, trying to run notepad again, I get a NO_FREE_VM >>error on the user VM... > > After closing notepad the VM should be restarted and once is up and running again, the decision module will add it >automatically to the VMPool. This takes like 45 seconds. After that you can send an application again. If you have more >than one VM in the pool, you can send the application immediately and the decision module will pick another VM from >the pool while the first one is starting. > >>I see, I only have one sandbox VM... So it looks like I can >>uncomment/make more in /etc/vmpool.conf right? > > Yes, that is correct. > >>Does anybody have a Linux Sandbox VM that I could download? If not, >>I'll try to make a Linux one (with wine installed)... > > You can do that or you can copy the windows image and configure the network in it (you can put 192.168.0.2 to this >other one). Also you will have to modify vmpool.cfg to point to the correct xen config file for this new machine and all the >other configurations there. If you install a linux machine with wine remember to install the migration module in wine. >Unfortunately, I don't have here a linux image ready to run. > I just built a Linux VM, but now I need to find the code that tells it to run the command. When I go to send to the Linux Sandbox VM, it crashes the Linux VM right after the file copy, but I assume that is because it is try to run it without the wine command in front. I'll look through the code to try to find it, but pointers and any other things that I might run into would be helpful. Thanks, Todd -- Todd Deshane http://todddeshane.net http://runningxen.com |
|
From: Passera, P. R <pab...@in...> - 2009-01-29 12:39:42
Attachments:
smime.p7s
|
>I just built a Linux VM, but now I need to find the code that tells it >to run the command. The application that runs the executable in the sandbox is called Migration Module. You can find both the code and the executable in the release 0.0.1 >When I go to send to the Linux Sandbox VM, it crashes the Linux VM >right after the file copy, but I assume that is because it is try to >run it without the wine command in front. I don't understand. Did you installed the Migration Module in the Linux Sandbox? Without that it won't work because the Decision Module that is in Dom0 communicates with the Migration Module to orchestrate the execution. >I'll look through the code to try to find it, but pointers and any >other things that I might run into would be helpful. The code that sends the file from the UserVM is called Delegation Module, it just copy the file to Dom0 and then notifies Dom0 that a file wants to be migrated. Then the Decision Module in Dom0 receives the message, it unpauses a Sandbox, copies the file and then commands the Migration Module in the Sandbox to run the application. You can find all the code that belong to the Windows modules under the ./windows folder in the repo and the code for the decision module can be found under the ./linux folder in the repo also. Let me know if you need more info. Regarding the bug after closing the application in the Sandbox. The correct behavior is that the Decision Module closes the application, then it restart the Sandbox, pause it and put it again into the VM pool. There is a bug related to that that we need to fix. This should be easy because it was working and in one of our latest changes it got broken. You can see the bug at http://sourceforge.net/tracker/index.php?func=detail&aid=2372647&group_id=24 5240&atid=1126054. We will try to fix it so complete use case can be seen. Regards, Pablo >-----Original Message----- >From: Todd Deshane [mailto:des...@gm...] >Sent: Tuesday, January 27, 2009 8:49 PM >To: Passera, Pablo R >Cc: Protti, Duilio J; Giusti, Gisela; Colsani, Guillermo E; isolated- >exe...@li... >Subject: Re: [Xen-research] Security through Isolation in Xen > >On Tue, Jan 27, 2009 at 12:48 PM, Passera, Pablo R ><pab...@in...> wrote: >>>Even withough closing, trying to run notepad again, I get a NO_FREE_VM >>>error on the user VM... >> >> After closing notepad the VM should be restarted and once is up and >running again, the decision module will add it >automatically to the >VMPool. This takes like 45 seconds. After that you can send an >application again. If you have more >than one VM in the pool, you can >send the application immediately and the decision module will pick >another VM from >the pool while the first one is starting. >> >>>I see, I only have one sandbox VM... So it looks like I can >>>uncomment/make more in /etc/vmpool.conf right? >> >> Yes, that is correct. >> >>>Does anybody have a Linux Sandbox VM that I could download? If not, >>>I'll try to make a Linux one (with wine installed)... >> >> You can do that or you can copy the windows image and configure the >network in it (you can put 192.168.0.2 to this >other one). Also you >will have to modify vmpool.cfg to point to the correct xen config file >for this new machine and all the >other configurations there. If you >install a linux machine with wine remember to install the migration >module in wine. >Unfortunately, I don't have here a linux image ready to >run. >> > >I just built a Linux VM, but now I need to find the code that tells it >to run the command. > >When I go to send to the Linux Sandbox VM, it crashes the Linux VM >right after the file copy, but I assume that is because it is try to >run it without the wine command in front. > >I'll look through the code to try to find it, but pointers and any >other things that I might run into would be helpful. > >Thanks, >Todd > >-- >Todd Deshane >http://todddeshane.net >http://runningxen.com |
|
From: Todd D. <des...@gm...> - 2009-01-30 00:28:00
|
On Thu, Jan 29, 2009 at 6:39 AM, Passera, Pablo R <pab...@in...> wrote: >>I just built a Linux VM, but now I need to find the code that tells it >>to run the command. > > The application that runs the executable in the sandbox is called Migration > Module. You can find both the code and the executable in the release 0.0.1 > Thanks, I think I have the general idea of where it is and hope to test out some code changes later. I think I may have to cross compile with mingw32 and then reinstall into the Linux guest. >>When I go to send to the Linux Sandbox VM, it crashes the Linux VM >>right after the file copy, but I assume that is because it is try to >>run it without the wine command in front. > > I don't understand. Did you installed the Migration Module in the Linux > Sandbox? Without that it won't work because the Decision Module that is in > Dom0 communicates with the Migration Module to orchestrate the execution. > Yes, I installed the Migration Module in Linux with wine and run it on boot by simply putting it in /etc/rc.local, the better way of course would be to write an init script, but that can wait until later. >>I'll look through the code to try to find it, but pointers and any >>other things that I might run into would be helpful. > > The code that sends the file from the UserVM is called Delegation Module, it > just copy the file to Dom0 and then notifies Dom0 that a file wants to be > migrated. Then the Decision Module in Dom0 receives the message, it unpauses > a Sandbox, copies the file and then commands the Migration Module in the > Sandbox to run the application. You can find all the code that belong to the > Windows modules under the ./windows folder in the repo and the code for the > decision module can be found under the ./linux folder in the repo also. Let > me know if you need more info. > I will look this over. > Regarding the bug after closing the application in the Sandbox. The correct > behavior is that the Decision Module closes the application, then it restart > the Sandbox, pause it and put it again into the VM pool. There is a bug > related to that that we need to fix. This should be easy because it was > working and in one of our latest changes it got broken. You can see the bug > at > http://sourceforge.net/tracker/index.php?func=detail&aid=2372647&group_id=24 > 5240&atid=1126054. We will try to fix it so complete use case can be seen. > Thanks for the pointer, I will take a look later and I could even test when a fix is released probably. I hope to make some progress soon, but will be busy most of next month. Thanks, Todd -- Todd Deshane http://todddeshane.net http://runningxen.com |
Thanks for helping keep SourceForge clean.
X