distribution, onto your Linux system. Download and install ADIOS, and you’ll have a complete Fedora Core server that you can use for tons of other things.

Every Linux computer needs two major components: a kernel and a root file system. The same is true for UML — you need a UML kernel and a root file system. The root file system contains the configuration files, data files, and programs that run inside the VM. A UML kernel is a full Linux kernel compiled to run on Linux rather than a real CPU. When the VM needs access to a piece of hardware, it asks the host to do the dirty work. The ADIOS root file system is built from Fedora Core (release 1, Yarrow at the time we write this). It includes a version 2.4 kernel and a basic set of Fedora RPM packages. ADIOS offers some nice features that make it stand apart from other UML packages:

A minimal set of packages is already installed.

Each ADIOS root file system comes with a minimal set of RPM packages (just enough to get up and running). That means that your VMs are as small as is practical and are not bloated with software that could introduce vulnerabilities.

RPM is already up and running. You can use the Red Hat package manager to install new packages into the virtual machine or to remove things you don’t need. Just start the VM, mount your install media, and use the normal RPM commands to install new packages.

ADIOS automatically configures network interfaces. Each ADIOS VM comes with a virtual Ethernet interface configured to talk to your host’s TCP/IP network. That means that you can log into the VM from your host, transfer files, mount host drives, and even run a Web browser — all from the safety of your VM.

ADIOS can create an X desktop for you. When you run startx within the VM, a new window appears on your desktop. Inside that window, you see the VM’s desktop.

Root privileges are not required. After you’ve installed ADIOS, you can relinquish your superuser privileges. UML lets you create new VMs

without requiring superuser privileges, which makes your system less vulnerable to typorelated accidents.

The Linux Intrusion Detection System is included. Two of the four ADIOS VM’s include LIDS (Linux Intrusion Detection System). LIDS protects your VM in a number of ways, but most importantly, it takes away most of the privileges from the superuser account. When you’re running under LIDS, a hacker who somehow gains superuser privileges cannot destroy your system. We tell you more about LIDS in Technique 58.

SELinux is included. SELinux (security-enhanced Linux) is a hardened version of Linux developed by the U.S. National Security Agency. Like LIDS, SELinux closes vulnerabilities and limits the superuser’s power. SELinux is more difficult to use than LIDS.

Setting Up ADIOS

Now that we’ve convinced you to use ADIOS, you need to set it up. To do so takes three steps: First, you download ADIOS, then you burn it to CD, and finally, you install it. ADIOS makes it easy to install UML and the Fedora file system.

Downloading ADIOS

To download ADIOS, open a Web browser and navigate to the address dc.qut.edu.au/adios/iso/uml/.

Right-click uml-fedora1-1.00.iso and choose Save Link Target As. Highlight your Desktop directory, click Open, and then click Save.

The version specified in the name of the ISO file is the operating system inside the VM.

In other words, when you install this ISO disc image, you’re installing Fedora Linux in the UML VM.

The ADIOS package is 121 megabytes long, so when you download it, this would be a good time to get a cup of coffee, go to a meeting,

and so on. A better idea might be to schedule this download to happen at night when the network load is low — see Technique 20 for help.

Because this is such a big package to download, you should verify that the bits that you received are really the same bits that the server sent you (in other words, make sure that the file didn’t get corrupted in transit). When the download completes, use your command line to compute the MD5 checksum and compare it to the corresponding checksum from the Web site. Type the following command and then press Enter:

$ md5sum ~/Desktop/uml-fedora1-1.00.iso

(If you didn’t save the download to your Desktop directory, substitute the correct pathname.) The command line displays the checksum:

bf8237afa555e99ec31b7e1aaff5856e

If your checksum matches the one on the Web site, your download succeeded.

It’s important to check your sum against the one on the Web site (instead of the one you see in this book) in case the package has been changed.

If the checksums don’t match, delete your local copy and download the package again.

Burning ADIOS to CD

ADIOS is distributed as an ISO disc image. If you have a CD burner, copy the ISO image to your CD (see Technique 56 for details). If not, mount the disc image by using the Linux loopback device:

1. Open a terminal window and use the su command to give yourself superuser privileges:

$ su Password:

2. Create a mount point for the loopback driver:

#mkdir /mnt/loop

3.Mount the disc image over the loopback mount point:

#mount -o loop ~username/Desktop/

uml-fedora-1.00.iso /mnt/loop

The content of the ADIOS disc image appears in the /mnt/loop directory. (In other words, if you cd to /mnt/loop, you see the file system inside the uml-fedora-1.00.iso disc image.) If you’ve burned ADIOS onto a CD and mounted the CD, ADIOS appears in /mnt/cdrom.

Installing ADIOS

To install ADIOS, follow these steps:

1. Make sure you have complete superuser privileges by using the su- command:

$ su - Password:

#

2. Move to the mount point (either /mnt/loop or

/mnt/cdrom):

#cd /mnt/loop

3.Run the INSTALL program:

#./INSTALL

The installer program takes a few moments to copy the root file system to your computer and then asks you a few questions.

4. ADIOS asks whether you want to install Mozilla Firebird. Answer y here to run Firebird within the UML VMs.

5. When prompted, type y to install the IceWM window manager.

This is a lightweight desktop environment, which takes up a lot less room (and CPU) than GNOME