Information below is not for the current semester.
The current semester can be found here.
Tasks for this week
This week your task is to install Arch Linux onto your first VM. Any setup is valid as long as it boots on its own. The bigger part of the homework is to finish the installation.
Use the following materials:
- Installation guide and linked articles
- Notes from Lab #1
- Notes from Lecture #1
Please pick a random host for your fist VM.
Homework
Look into your repo, you will find a new meta directory. We have assigned
each one of you a small integer, meta/n. Starting with this homework, we will
be using it for many things (as a port number, part of a MAC address, etc.) and
we will refer to it as just n for convenience.
This homework has got a two-week deadline (strict):
- Thursday 2022-10-27 9:00 Prague time for the Thursday group
- Monday 2022-10-31 9:00 Prague time for the Monday group
Please try to get it done during the first week. As usual, if anything is unclear, don’t hesitate to ask.
Finish the installation of your first VM
- If your VM boots up without help, the task is done.
- Describe your setup and commit and push as
$repo/hw/02/00-vm - 10 bonus points for UEFI boot
- (50+10 points)
Tmux basics
- Learn the basics of tmux—you can follow this nice tutorial
- Ssh to the host and start a new tmux session
- Stop your VM from the previous task and start it in this Tmux session
- Instruct QEMU to run a VNC server for the VM on port
$((10000+n))(ncomes from your repo, see above) - Hint: read the qemu(1) description of the
-vncoption very carefully, it is confusing - Hint:
ss -tlnpon the host can be useful for debugging - Verify that you can connect to the VNC server (with local port forwarding)
- 10 bonus points for password-protecting access to the VNC server (use the
string from
$repo/meta/pskas the password) - Once you tested that everything works, detach from the tmux session, so that your VM keeps on running. Verify that your VNC server still works.
- Be careful not to smash your tmux session next time you connect to this host.
- I will check that I can connect to your VNC server on the expected port—i.e., this is a practical task and there is no answer to commit and push into the homework repository
- (15+10 points)
$HOME/flashdrive.raw
- Take a look at dm-crypt/Device encryption
- Use fallocate(1) to create a 256 MiB preallocated sparse file
$HOME/flashdrive.raw - Boot a new VM running Archiso with
$HOME/flashdrive.rawattached as a disk drive - Create a new GUID partition table and a single partition spanning the entire drive
- On that single partition, create a LUKS2 container. Use
$repo/meta/pskas the password. - Open that LUKS2 container (pick any name you like)
- In that LUKS2 container, create a new Btrfs filesystem
- In that Btrfs filesystem, create a file
/protectedand write something nice into it - Unmount Btrfs, close the container, power down the VM.
- If you own a USB flash drive, you can use the same procedure to set it
up such that:
- If lost, keeps your files encrypted and nobody can access them
- If found, can be proven to be yours (you can demonstrate that by unlocking the container)
- Since there’s Btrfs on it, bit rot gets detected (checksums)
- (15+0 points)
$repo/hw/02/01-feedback
- If you have actionable feedback, please provide it—i.e., don’t say “it was OK”. You can let us know when something was too difficult or too esay (and why you think it was difficult or easy), suggest changes to the lecture for future years, provide extension materials, etc.
- (20+0 points)
(Bonus) Bomb disposal!
- Start a QEMU VM with 4 CPUs and 8 GiB of RAM running Archiso
- Set both the hard and the soft per-user limit of running processes to 1000
- Add a new user
victimandsu victim - Detonate the classic fork bomb
:(){ :|:; }; :& - Now dispose of the bomb!
- This shell you are running is the last one in the system. Don’t lose it.
- There’s one rule: if you kill the machine or you get logged out, you die.
- To be awarded the points, I will ask you to demonstrate your bomb disposal skills. I will ask questions—it’s not enough to memorize the commands, I expect you to know what you’re doing and why.
- This was (perhaps still is?) a popular Google interview task.
- It’s OK to Google hints, it’s still difficult :-).
- (0+30 points)
(Total = 100+50 points)
Don’t forget to git push all your changes! Also, make sure that VM still
works by the deadline—otherwise we have no way of grading your work.