version=pmwiki-2.2.130 ordered=1 urlencoded=1 agent=Mozilla/5.0 (Windows NT 10.0; rv:91.0) Gecko/20100101 Firefox/91.0 author=fossdev charset=UTF-8 csum= ctime=1655142121 host=49.37.73.171 name=Vmm.Alpine rev=1 targets= text=(:title Alpine Linux:)%0a%0a[[https://en.wikipedia.org/wiki/Alpine_Linux | Alpine Linux]]%0ais a security-oriented, lightweight Linux distribution based on%0a[[https://en.wikipedia.org/wiki/Musl | musl libc]], %0a[[https://en.wikipedia.org/wiki/BusyBox | busybox]] and uses%0a[[https://en.wikipedia.org/wiki/OpenRC | OpenRC]] for its init system.%0a%0a!! Pros%0a%0a* small, simple and secure.%0a* Uses musl, busyBox and OpenRC.%0a%0a!! Cons%0a%0a* Includes [[https://en.wikipedia.org/wiki/Binary_blob | non-free blobs]].%0a* No way to prevent these blobs from installing.%0a%0a!! Overview%0a%0aThis guide will show you how you can install Alpine Linux on Openbsd's VMM.%0a%0a!! NOTE%0a%0a* Replace all instance of @@username@@ with your username.%0a* Replace all instance of @@host.example.com@@ with the hostname of host system.%0a* Replace all instance of @@username.host.example.com@@ with the hostname of your virtual machine.%0a%0a!! Login to Virtual Machine%0a%0aFirst let's login to the host operating system.%0a%0a[@%0a$ ssh username@host.example.com%0a@]%0a%0a'''NOTE :''' Hostname should be @@username@host.example.com@@ '''not'''%0a@@username@username.host.example.com@@.%0a%0a!! Download the iso image%0a%0aAlpine provides different type of iso image for different use case.%0aBut you will be going to running it on a virtual machine so you need to download%0athe latest stable version of '''virtual''' iso image from their [[https://www.alpinelinux.org/downloads | download page]]%0a%0aAt the time of writing, the latest stable version is 3.16.%0a%0a[@%0a$ wget https://dl-cdn.alpinelinux.org/alpine/v3.16/releases/x86_64/alpine-virt-3.16.0-x86_64.iso%0a@]%0a%0aAlso download the SHA256 signatures.%0a%0a[@%0a$ wget https://dl-cdn.alpinelinux.org/alpine/v3.16/releases/x86_64/alpine-virt-3.16.0-x86_64.iso.sha256%0a@]%0a%0aNow let's verify the iso image.%0a%0a[@%0a$ sha256 -C alpine-*.sha256 alpine-*.iso%0a(SHA256) alpine-virt-3.16.0-x86_64.iso: OK%0a@]%0a%0aIf the output is '''OK''' then you good to go, however if your output is '''FAILED'''%0athen you should contact to a sysadmin for confirmation before reporting to%0aAlpine linux.%0a%0a'''NOTE :''' Never run any iso image before verifying it.%0a%0aNow delete the signature and rename the iso image to @@username.iso@@.%0a%0a[@%0a$ rm alpine-*.sha256%0a$ mv alpine-*.iso username.iso%0a@]%0a%0a!! Create a VM disk image file%0a%0aBefore creating disk image file make sure to stop and remove any%0a@@username.qcow2@@ disk image if exist.%0a%0a[@%0a$ vmctl stop username%0a$ rm username.qcow2%0a@]%0a%0aTo create a disk image file of 20 GB size.%0a%0a[@%0a$ vmctl create -s 20G username.qcow2%0a@]%0a%0a!! Check VMM configuration%0a%0aVMM configuration file is located at /etc/vm.conf. The file contains all the%0aentries of users of that host server.%0a%0aSo to find your entry, run:%0a%0a[@%0a$ sed -ne '/username/,$p' /etc/vm.conf | head -n10%0avm "username" {%0a owner username%0a memory 1024M%0a cdrom "/home/username/username.iso"%0a disk /home/username/username.qcow2%0a interface { %0a locked lladdr aa:bb:cc:dd:ed:03%0a switch "switch0"%0a }%0a}%0a@]%0a%0aIn this command @@sed@@ searches @@/etc/vm.conf@@ for @@username@@ and returns the%0aall the lines after the match including the matched line then pipe the%0aresult to @@head@@ to only print 10 lines from start.%0a%0aFrom the result, make sure @@cdrom@@ and @@disk@@ points to the right path. If not,%0amove the iso image and disk image files to the right path.%0a%0a'''NOTE :''' You can't edit @@/etc/vm.conf@@ because it need root permission.%0a%0a!! Start the Installation%0a%0aStart the virtual machine.%0a%0a[@%0a$ vmctl start username%0a@]%0a%0aOpen the serial console and press Enter.%0a%0a[@%0a$ vmctl console username%0aConnected to /dev/ttypj (speed 115200)%0a@]%0a%0aNow press Enter to continue.%0a%0a[@%0aWelcome to Alpine Linux 3.16%0aKernel 5.15.41-0-virt on an x86_64 (/dev/ttyS0)%0a@]%0a%0a'''NOTE :''' At any time, if you want to exit the serial console, type @@~^d@@%0a(tilde followed by ctrl+d).%0a%0a!! Install Alpine Linux%0a%0aLogin as root.%0a%0a[@%0alocalhost login: root%0a@]%0a%0aStart the @@setup-alpine@@ installer script.%0a%0a[@%0a# setup-alpine%0a@]%0a%0a'''NOTE :''' Text inside @@[...]@@ is default answer. Type @@Enter@@ without answer to%0ago with the default answer and type @@?@@ for brief explanation of the question.%0a%0aEnter the hostname of your virtual machine (given by your trainer).%0a%0a[@%0aEnter system hostname (fully qualified form, e.g. 'foo.example.org') [localhost] username.host.example.com%0a@]%0a%0aSelect the ethernet interface.%0a%0a[@%0aAvailable interfaces are: eth0.%0aEnter '?' for help on bridges, bonding and vlans.%0aWhich one do you want to initialize? (or '?' or 'done') [eth0] eth0%0a@]%0a%0aEnter the static IP address of your virtual machine (given by your trainer).%0a%0a[@%0aIp address for eth0? (or 'dhcp', 'none', '?') [dhcp] 38.87.162.41/24%0a@]%0a%0aEnter the Gateway of your virtual machine (given by your trainer).%0a%0a[@%0aGateway? (or 'none') [none] 38.87.162.1%0a@]%0a%0aWe will set IPv6 later.%0a%0a[@%0aDo you want to do any manual network configuration? (y/n) [n] n%0a@]%0a%0aLeave it blank.%0a%0a[@%0aDNS domain name? (e.g 'bar.com')%0a@]%0a%0aFor privacy reasons, don't use Google DNS server (8.8.8.8 or 8.8.4.4). Here I%0aam using [[https://www.quad9.net/ | quad9]] DNS server.%0a%0a[@%0aDNS nameserver(s)? 9.9.9.9%0a@]%0a%0aEnter your root password.%0a%0a[@%0aChanging password for root%0aNew password:%0aRetype password:%0a@]%0a%0aSelect your timezone. Type @@?@@ to list all timezone or sub-timezone.%0a%0a[@%0aWhich timezone are you in? ('?' for list) [UTC] UTC%0a@]%0a%0aWe don't need proxy server.%0a%0a[@%0aHTTP/FTP proxy URL? (e.g. 'http://proxy:8080', or 'none') [none] none%0a@]%0a%0aSelect @@chrony@@.%0a%0a[@%0aWhich NTP client to run? ('busybox', 'openntpd', 'chrony' or 'none') [chrony] chrony%0a@]%0a%0aSelect @@f@@ to find the fastest mirror.%0a%0a[@%0ar) Add random from the above list%0af) Detect and add fastest mirror from above list%0ae) Edit /etc/apk/repositories with text editor%0aEnter mirror number (1-74) or URL to add (or r/f/e/done) [1] f%0a@]%0a%0aWe will setup users later.%0a%0a[@%0aSetup a user? (enter a lower-case loginname, or 'no') [no] no%0a@]%0a%0aSelect @@openssh@@%0a%0a[@%0aWhich ssh server? ('openssh', 'dropbear' or 'none') [openssh] openssh%0a@]%0a%0a'''NOTE :''' You should never allow root ssh login.%0a%0a[@%0aAllow root ssh login? ('?' for help) [prohibit-password] no%0a@]%0a%0aSelect the disk from the list (there should be only one because we are in VM).%0a%0a[@%0aAvailable disks are:%0a vda (21.5 GB 0x0b5d )%0aWhich disk(s) would you like to use? (or '?' for help or 'none') [none] vda%0a@]%0a%0aSelect @@sys@@ to install the system on disk.%0a%0a[@%0aHow would you like to use it? ('sys', 'data', 'crypt', 'lvm' or '?' for help) [?] sys%0a@]%0a%0aSelect @@y@@.%0a%0a[@%0aWARNING: The following disk(s) will be erased:%0a vda (21.5 GB 0x0b5d )%0aWARNING: Erase the above disk(s) and continue? (y/n) [n] y%0a@]%0a%0aAfter the installation, reboot the system.%0a%0a[@%0aInstallation is complete. Please reboot.%0a# reboot%0a@]%0a%0aPress @@~^d@@ to exit the serial console.%0a%0aYou no longer need the iso image file.%0a%0a[@%0a$ rm username.iso%0a@]%0a%0aStart the virtual machine.%0a%0a[@%0a$ vmctl start username%0a@]%0a%0aOpen the serial console and press Enter.%0a%0a[@%0a$ vmctl console username%0a@]%0a%0aLogin as root.%0a%0a[@%0ausername.host.example.com login: root%0aPassword: %0a@]%0a%0aTo update the system, run:%0a%0a[@%0aapk update%0aapk upgrade%0a@]%0a%0a!! Create a User%0a%0aTo add a user, run:%0a%0a[@%0a# adduser username%0aChanging password for username%0aNew password:%0aRetype password:%0a@]%0a%0aTo add user to wheel, run:%0a%0a[@%0a# adduser username wheel%0a@]%0a%0a!! Configure doas%0a%0aLogin as root.%0a%0a[@%0a$ su%0aPassword:%0a@]%0a%0aInstall doas:%0a%0a[@%0a# apk add doas%0a@]%0a%0aIn Alpine Linux, default configuration file is located at @@/etc/doas.d/doas.conf@@.%0a%0aTo allow doas for wheel group.%0a%0a[@%0a# echo "permit persist :wheel" >> /etc/doas.d/doas.conf%0a@]%0a%0aTo allow doas for wheel group without password.%0a%0a[@%0a# echo "permit nopass :wheel" >> /etc/doas.d/doas.conf%0a@]%0a%0a!! Setup SSH%0a%0a'''NOTE:''' Make sure your are able to login to your virtual machine from your%0alocal computer.%0a%0a[@%0a$ ssh username@username.host.example.com%0ausername@username.host.example.com's password: %0a@]%0a%0aNow, Setup [[https://fossdev.host.oddprotocol.org/wiki/ssh.html#Public Key Authentication | Public Key Authentication]] and%0a[[https://fossdev.host.oddprotocol.org/wiki/ssh.html#Disable Password Authentication | Disable Password Authentication]]. time=1655142121 title= Alpine Linux author:1655142121=fossdev diff:1655142121:1655142121:=1,384d0%0a%3c (:title Alpine Linux:)%0a%3c %0a%3c [[https://en.wikipedia.org/wiki/Alpine_Linux | Alpine Linux]]%0a%3c is a security-oriented, lightweight Linux distribution based on%0a%3c [[https://en.wikipedia.org/wiki/Musl | musl libc]], %0a%3c [[https://en.wikipedia.org/wiki/BusyBox | busybox]] and uses%0a%3c [[https://en.wikipedia.org/wiki/OpenRC | OpenRC]] for its init system.%0a%3c %0a%3c !! Pros%0a%3c %0a%3c * small, simple and secure.%0a%3c * Uses musl, busyBox and OpenRC.%0a%3c %0a%3c !! Cons%0a%3c %0a%3c * Includes [[https://en.wikipedia.org/wiki/Binary_blob | non-free blobs]].%0a%3c * No way to prevent these blobs from installing.%0a%3c %0a%3c !! Overview%0a%3c %0a%3c This guide will show you how you can install Alpine Linux on Openbsd's VMM.%0a%3c %0a%3c !! NOTE%0a%3c %0a%3c * Replace all instance of @@username@@ with your username.%0a%3c * Replace all instance of @@host.example.com@@ with the hostname of host system.%0a%3c * Replace all instance of @@username.host.example.com@@ with the hostname of your virtual machine.%0a%3c %0a%3c !! Login to Virtual Machine%0a%3c %0a%3c First let's login to the host operating system.%0a%3c %0a%3c [@%0a%3c $ ssh username@host.example.com%0a%3c @]%0a%3c %0a%3c '''NOTE :''' Hostname should be @@username@host.example.com@@ '''not'''%0a%3c @@username@username.host.example.com@@.%0a%3c %0a%3c !! Download the iso image%0a%3c %0a%3c Alpine provides different type of iso image for different use case.%0a%3c But you will be going to running it on a virtual machine so you need to download%0a%3c the latest stable version of '''virtual''' iso image from their [[https://www.alpinelinux.org/downloads | download page]]%0a%3c %0a%3c At the time of writing, the latest stable version is 3.16.%0a%3c %0a%3c [@%0a%3c $ wget https://dl-cdn.alpinelinux.org/alpine/v3.16/releases/x86_64/alpine-virt-3.16.0-x86_64.iso%0a%3c @]%0a%3c %0a%3c Also download the SHA256 signatures.%0a%3c %0a%3c [@%0a%3c $ wget https://dl-cdn.alpinelinux.org/alpine/v3.16/releases/x86_64/alpine-virt-3.16.0-x86_64.iso.sha256%0a%3c @]%0a%3c %0a%3c Now let's verify the iso image.%0a%3c %0a%3c [@%0a%3c $ sha256 -C alpine-*.sha256 alpine-*.iso%0a%3c (SHA256) alpine-virt-3.16.0-x86_64.iso: OK%0a%3c @]%0a%3c %0a%3c If the output is '''OK''' then you good to go, however if your output is '''FAILED'''%0a%3c then you should contact to a sysadmin for confirmation before reporting to%0a%3c Alpine linux.%0a%3c %0a%3c '''NOTE :''' Never run any iso image before verifying it.%0a%3c %0a%3c Now delete the signature and rename the iso image to @@username.iso@@.%0a%3c %0a%3c [@%0a%3c $ rm alpine-*.sha256%0a%3c $ mv alpine-*.iso username.iso%0a%3c @]%0a%3c %0a%3c !! Create a VM disk image file%0a%3c %0a%3c Before creating disk image file make sure to stop and remove any%0a%3c @@username.qcow2@@ disk image if exist.%0a%3c %0a%3c [@%0a%3c $ vmctl stop username%0a%3c $ rm username.qcow2%0a%3c @]%0a%3c %0a%3c To create a disk image file of 20 GB size.%0a%3c %0a%3c [@%0a%3c $ vmctl create -s 20G username.qcow2%0a%3c @]%0a%3c %0a%3c !! Check VMM configuration%0a%3c %0a%3c VMM configuration file is located at /etc/vm.conf. The file contains all the%0a%3c entries of users of that host server.%0a%3c %0a%3c So to find your entry, run:%0a%3c %0a%3c [@%0a%3c $ sed -ne '/username/,$p' /etc/vm.conf | head -n10%0a%3c vm "username" {%0a%3c owner username%0a%3c memory 1024M%0a%3c cdrom "/home/username/username.iso"%0a%3c disk /home/username/username.qcow2%0a%3c interface { %0a%3c locked lladdr aa:bb:cc:dd:ed:03%0a%3c switch "switch0"%0a%3c }%0a%3c }%0a%3c @]%0a%3c %0a%3c In this command @@sed@@ searches @@/etc/vm.conf@@ for @@username@@ and returns the%0a%3c all the lines after the match including the matched line then pipe the%0a%3c result to @@head@@ to only print 10 lines from start.%0a%3c %0a%3c From the result, make sure @@cdrom@@ and @@disk@@ points to the right path. If not,%0a%3c move the iso image and disk image files to the right path.%0a%3c %0a%3c '''NOTE :''' You can't edit @@/etc/vm.conf@@ because it need root permission.%0a%3c %0a%3c !! Start the Installation%0a%3c %0a%3c Start the virtual machine.%0a%3c %0a%3c [@%0a%3c $ vmctl start username%0a%3c @]%0a%3c %0a%3c Open the serial console and press Enter.%0a%3c %0a%3c [@%0a%3c $ vmctl console username%0a%3c Connected to /dev/ttypj (speed 115200)%0a%3c @]%0a%3c %0a%3c Now press Enter to continue.%0a%3c %0a%3c [@%0a%3c Welcome to Alpine Linux 3.16%0a%3c Kernel 5.15.41-0-virt on an x86_64 (/dev/ttyS0)%0a%3c @]%0a%3c %0a%3c '''NOTE :''' At any time, if you want to exit the serial console, type @@~^d@@%0a%3c (tilde followed by ctrl+d).%0a%3c %0a%3c !! Install Alpine Linux%0a%3c %0a%3c Login as root.%0a%3c %0a%3c [@%0a%3c localhost login: root%0a%3c @]%0a%3c %0a%3c Start the @@setup-alpine@@ installer script.%0a%3c %0a%3c [@%0a%3c # setup-alpine%0a%3c @]%0a%3c %0a%3c '''NOTE :''' Text inside @@[...]@@ is default answer. Type @@Enter@@ without answer to%0a%3c go with the default answer and type @@?@@ for brief explanation of the question.%0a%3c %0a%3c Enter the hostname of your virtual machine (given by your trainer).%0a%3c %0a%3c [@%0a%3c Enter system hostname (fully qualified form, e.g. 'foo.example.org') [localhost] username.host.example.com%0a%3c @]%0a%3c %0a%3c Select the ethernet interface.%0a%3c %0a%3c [@%0a%3c Available interfaces are: eth0.%0a%3c Enter '?' for help on bridges, bonding and vlans.%0a%3c Which one do you want to initialize? (or '?' or 'done') [eth0] eth0%0a%3c @]%0a%3c %0a%3c Enter the static IP address of your virtual machine (given by your trainer).%0a%3c %0a%3c [@%0a%3c Ip address for eth0? (or 'dhcp', 'none', '?') [dhcp] 38.87.162.41/24%0a%3c @]%0a%3c %0a%3c Enter the Gateway of your virtual machine (given by your trainer).%0a%3c %0a%3c [@%0a%3c Gateway? (or 'none') [none] 38.87.162.1%0a%3c @]%0a%3c %0a%3c We will set IPv6 later.%0a%3c %0a%3c [@%0a%3c Do you want to do any manual network configuration? (y/n) [n] n%0a%3c @]%0a%3c %0a%3c Leave it blank.%0a%3c %0a%3c [@%0a%3c DNS domain name? (e.g 'bar.com')%0a%3c @]%0a%3c %0a%3c For privacy reasons, don't use Google DNS server (8.8.8.8 or 8.8.4.4). Here I%0a%3c am using [[https://www.quad9.net/ | quad9]] DNS server.%0a%3c %0a%3c [@%0a%3c DNS nameserver(s)? 9.9.9.9%0a%3c @]%0a%3c %0a%3c Enter your root password.%0a%3c %0a%3c [@%0a%3c Changing password for root%0a%3c New password:%0a%3c Retype password:%0a%3c @]%0a%3c %0a%3c Select your timezone. Type @@?@@ to list all timezone or sub-timezone.%0a%3c %0a%3c [@%0a%3c Which timezone are you in? ('?' for list) [UTC] UTC%0a%3c @]%0a%3c %0a%3c We don't need proxy server.%0a%3c %0a%3c [@%0a%3c HTTP/FTP proxy URL? (e.g. 'http://proxy:8080', or 'none') [none] none%0a%3c @]%0a%3c %0a%3c Select @@chrony@@.%0a%3c %0a%3c [@%0a%3c Which NTP client to run? ('busybox', 'openntpd', 'chrony' or 'none') [chrony] chrony%0a%3c @]%0a%3c %0a%3c Select @@f@@ to find the fastest mirror.%0a%3c %0a%3c [@%0a%3c r) Add random from the above list%0a%3c f) Detect and add fastest mirror from above list%0a%3c e) Edit /etc/apk/repositories with text editor%0a%3c Enter mirror number (1-74) or URL to add (or r/f/e/done) [1] f%0a%3c @]%0a%3c %0a%3c We will setup users later.%0a%3c %0a%3c [@%0a%3c Setup a user? (enter a lower-case loginname, or 'no') [no] no%0a%3c @]%0a%3c %0a%3c Select @@openssh@@%0a%3c %0a%3c [@%0a%3c Which ssh server? ('openssh', 'dropbear' or 'none') [openssh] openssh%0a%3c @]%0a%3c %0a%3c '''NOTE :''' You should never allow root ssh login.%0a%3c %0a%3c [@%0a%3c Allow root ssh login? ('?' for help) [prohibit-password] no%0a%3c @]%0a%3c %0a%3c Select the disk from the list (there should be only one because we are in VM).%0a%3c %0a%3c [@%0a%3c Available disks are:%0a%3c vda (21.5 GB 0x0b5d )%0a%3c Which disk(s) would you like to use? (or '?' for help or 'none') [none] vda%0a%3c @]%0a%3c %0a%3c Select @@sys@@ to install the system on disk.%0a%3c %0a%3c [@%0a%3c How would you like to use it? ('sys', 'data', 'crypt', 'lvm' or '?' for help) [?] sys%0a%3c @]%0a%3c %0a%3c Select @@y@@.%0a%3c %0a%3c [@%0a%3c WARNING: The following disk(s) will be erased:%0a%3c vda (21.5 GB 0x0b5d )%0a%3c WARNING: Erase the above disk(s) and continue? (y/n) [n] y%0a%3c @]%0a%3c %0a%3c After the installation, reboot the system.%0a%3c %0a%3c [@%0a%3c Installation is complete. Please reboot.%0a%3c # reboot%0a%3c @]%0a%3c %0a%3c Press @@~^d@@ to exit the serial console.%0a%3c %0a%3c You no longer need the iso image file.%0a%3c %0a%3c [@%0a%3c $ rm username.iso%0a%3c @]%0a%3c %0a%3c Start the virtual machine.%0a%3c %0a%3c [@%0a%3c $ vmctl start username%0a%3c @]%0a%3c %0a%3c Open the serial console and press Enter.%0a%3c %0a%3c [@%0a%3c $ vmctl console username%0a%3c @]%0a%3c %0a%3c Login as root.%0a%3c %0a%3c [@%0a%3c username.host.example.com login: root%0a%3c Password: %0a%3c @]%0a%3c %0a%3c To update the system, run:%0a%3c %0a%3c [@%0a%3c apk update%0a%3c apk upgrade%0a%3c @]%0a%3c %0a%3c !! Create a User%0a%3c %0a%3c To add a user, run:%0a%3c %0a%3c [@%0a%3c # adduser username%0a%3c Changing password for username%0a%3c New password:%0a%3c Retype password:%0a%3c @]%0a%3c %0a%3c To add user to wheel, run:%0a%3c %0a%3c [@%0a%3c # adduser username wheel%0a%3c @]%0a%3c %0a%3c !! Configure doas%0a%3c %0a%3c Login as root.%0a%3c %0a%3c [@%0a%3c $ su%0a%3c Password:%0a%3c @]%0a%3c %0a%3c Install doas:%0a%3c %0a%3c [@%0a%3c # apk add doas%0a%3c @]%0a%3c %0a%3c In Alpine Linux, default configuration file is located at @@/etc/doas.d/doas.conf@@.%0a%3c %0a%3c To allow doas for wheel group.%0a%3c %0a%3c [@%0a%3c # echo "permit persist :wheel" >> /etc/doas.d/doas.conf%0a%3c @]%0a%3c %0a%3c To allow doas for wheel group without password.%0a%3c %0a%3c [@%0a%3c # echo "permit nopass :wheel" >> /etc/doas.d/doas.conf%0a%3c @]%0a%3c %0a%3c !! Setup SSH%0a%3c %0a%3c '''NOTE:''' Make sure your are able to login to your virtual machine from your%0a%3c local computer.%0a%3c %0a%3c [@%0a%3c $ ssh username@username.host.example.com%0a%3c username@username.host.example.com's password: %0a%3c @]%0a%3c %0a%3c Now, Setup [[https://fossdev.host.oddprotocol.org/wiki/ssh.html#Public Key Authentication | Public Key Authentication]] and%0a%3c [[https://fossdev.host.oddprotocol.org/wiki/ssh.html#Disable Password Authentication | Disable Password Authentication]].%0a\ No newline at end of file%0a host:1655142121=49.37.73.171