Qemu asking for 'raw' format with -pflash parameter - qemu

After properly building OVMF x64 with EDK2, the command:
qemu-system-x86_64 -s -pflash run-ovmf/bios.bin -net none
provides the following message
WARNING: Image format was not specified for 'run-ovmf/bios.bin' and probing guessed raw.
Automatically detecting the format is dangerous for raw images, write operations on block 0 will be restricted.
Specify the 'raw' format explicitly to remove the restrictions.
This makes no sense to me as using qemu's -help command states "-pflash file use 'file' as a parallel flash image" where there is no parameter for a file format.
My OS is Windows WSL Ubuntu 22.04.1 LTS (GNU/Linux 5.15.79.1-microsoft-standard-WSL2 x86_64)
Qemu does still run, however I would like to run the VM without any write restrictions.

The '-pflash' option is (like -hda and -cdrom) a legacy "convenience" option which only allows you to specify a filename and nothing else. In order to specify other sub-options like the image format type, you need to switch to use a "long-form" option, which is typically some combination of -drive and -device. In this specific case, I think you probably want:
-drive if=pflash,file=bios.bin,format=raw

Related

external auth module for ejabberd on windows

How can I get ejabberd to run an external auth script on windows?
So far- I've modified the file
C:\Program
Files\ejabberd-15.06\lib\ejabberd-15.06\priv\cfg\ejabberd.yml
to comment out the existing auth_method directive and instead added this:
auth_method: external
extauth_program: "D:\\DROPBOX\\Dropbox (Personal)\\EJABBERD\\auth\\ejabberd-auth.exe"
However, when I try to connect to the server- I see nothing in the logs indicating an attempt to run the script. I've even tried changing it to a non-existant file to see if that will log an error of some sort, but nothing.
All I get are "Accepted connection" type of logs.
In case it matters- upon start I do get several "unknown option" errors, including "ejabberd_config:validate_opts:752 unknown option 'auth_method' will be likely ignored" - however it seems this is a known, cosmetic-only error (see: https://github.com/processone/ejabberd/issues/630)
I do not use Windows, but, you should try playing with Erlang open_port command:
open_port({spawn, "YOURCOMMAND"}, [{packet, 2}]).
Note that open_port Erlang documentation says:
For external programs, the PATH is searched (or an equivalent method is used to find programs, depending on operating system). This is done by invoking the shell on certain platforms. The first space separated token of the command will be considered as the name of the executable (or driver). This (among other things) makes this option unsuitable for running programs having spaces in file or directory names.
I see your path has spaces. That alone should indeed make it impossible to call your command.
That said, external_auth command has never been tested on Windows. You may need to patch ejabberd command to make that authentication through external process work. I would be surprised if it works as is.

Force TCPDump to write in PCAP instead of PCAP-NG format

I'm running tcpdump on Mac OS and I've noticed it saves files in PCAP-NG format (the first 4 bytes are 0A 0D 0D 0A). Is there a way to force it to use the old PCAP instead?
Software version:
tcpdump version 4.3.0 -- Apple version 56
libpcap version 1.3.0 - Apple version 41
ps.
I'm not sure is that related to TCPDump or libpcap.
The tcpdump man page on Mavericks says:
-i Listen on interface.
If the -D flag is supported, an interface number as printed by
that flag can be used as the interface argument.
On Darwin systems version 13 or later, when the interface is
unspecified, tcpdump will use a pseudo interface to capture
packets on a set of interfaces determined by the kernel
(excludes by default loopback and tunnel interfaces).
Alternatively, to capture on more than one interface at a time,
one may use "pktap" as the interface parameter followed by an
optional list of comma separated interface names to include.
For example, to capture on the loopback and en0 interface:
tcpdump -i pktap,lo0,en0
An interface argument of "all" or "pktap,all" can be used to
capture packets from all interfaces, including loopback and tun-
nel interfaces.
A pktap pseudo interface provides for packet metadata using the
default PKTAP data link type and files are written in the Pcap-
ng file format. The RAW data link type must be used to force to
use the legacy pcap-savefile(5) file format with a ptkap pseudo
interface. Note that captures on a ptkap pseudo interface will
not be done in promiscuous mode.
An interface argument of "iptap" can be used to capture packets
from at the IP layer. This capture packets as they are passed
to the input and output routines of the IPv4 and IPv6 protocol
handlers of the networking stack. Note that captures will not
be done in promiscuous mode.
so you need to specify an interface on which to capture.
Note that versions of OS X dating back to Lion, newer versions of FreeBSD/NetBSD/DragonFly BSD, and newer versions of many Linux distributions include libpcap 1.1.1 or later, which means that programs using libpcap to read capture files can read many pcap-ng files. Wireshark has also been able to read them for several releases.
There is also an app, CocoaPacketAnalyzer, which reads pcap files, but not pcap-NG files. There is a web page, https://pcapng.com, that will convert a small pcap-NG file to the older format. However, if you are capturing password or web server interactions, or generally care about security, beware about posting packet captures on the internet!

How to convert bash file to a binary executable

I created a binary executable from bash script on linux server through SHC. The binary created works fine on linux machines, but through mistake on Mac. How could I convert my bash file to binary executable that is able to run everywhere(ubuntu, CentOS, Mac, Cygwin)?
shc -v -r -T -f ir16fetcher.sh
mv ir16fetcher.sh.x ir16fetcher
Shebang of my bash script
#!/bin/bash
On Linux machines
./ir16installer
USAGE : ir16fetcher <servername/ip address> [the n th latest build - optional. Default 1]
EXAMPLE: ir16fetcher jagger 2
EXAMPLE: ir16fetcher 167.116.6.155
REQUIRE: Please make sure conf file in installation folder ~/IRinstall/ir16 & ~/IRinstall/irmanager
On my Mac
./ir16installer
-bash: ./ir16installer: cannot execute binary file
I think it's not gonna work
"The compiled binary will still be dependent on the shell
specified in the first line of the shell code (i.e.
#!/bin/sh), thus shc does not create completely independent
binaries."
From http://www.datsi.fi.upm.es/~frosal/sources/shc.html
You will have to do this for every architecture and operating system you need to support. In any case, there doesn't really seem to be any benefits of using this method for distribution. It adds dependencies and complicates delivery, and I'm pretty sure whatever obfuscation the "shc" compiler implements is easily reversed.
if the goal here is to "hide" your source code, and then have the "hidden" copy of the code be executable on the Unix OSes you listed, then, encryption is really your only option.
I say this because encryption tools are available on every base Unix install. For your purposes, this is a very good thing as you wont have to download or configure anything additional. They're just there, as part of the natural installation of the OS. One of such tools is called openssl.
To Encrypt your file/script with openssl:
echo precious-content | openssl aes-128-cbc -a -salt -k mypassword
U2FsdGVkX1+K6tvItr9eEI4yC4nZPK8b6o4fc0DR/Vzh7HqpE96se8Fu/BhM314z
To Decrypt your file/script with openssl:
echo U2FsdGVkX1+K6tvItr9eEI4yC4nZPK8b6o4fc0DR/Vzh7HqpE96se8Fu/BhM314z | openssl aes-128-cbc -a -d -salt -k mypassword
precious-content
Now, to get openssl to do what you want it to do automatically without having to spend hours of your own time figuring out a way, you can paste your script to a site like www.EnScryption.com. This site will generate an "executable" version of your code for you, which you can then run on any Mac, Ubuntu, RedHat, CentOS box.

how to combine "-" and "--" options when starting octave?

I noticed that I can't combine --traditional options with the other one letter other options such as -i for example.
For example, when I have this as the first line in my octave .m file
#!/usr/bin/octave --traditional
Then it work. Octave starts ok and runs the script.
But when I try
#!/usr/bin/octave --traditional --silent --norc --interactive
It does not work. Error from octave. does not understand the options.
When I try
#!/usr/bin/octave --traditional -qfi
Also error. But this
#!/usr/bin/octave -qfi
works.
The problem is that --traditional does not have a one letter short cut like all the other options. This is the options I see
Options:
--debug, -d Enter parser debugging mode.
--doc-cache-file FILE Use doc cache file FILE.
--echo-commands, -x Echo commands as they are executed.
--eval CODE Evaluate CODE. Exit when done unless --persist.
--exec-path PATH Set path for executing subprograms.
--help, -h, -? Print short help message and exit.
--image-path PATH Add PATH to head of image search path.
--info-file FILE Use top-level info file FILE.
--info-program PROGRAM Use PROGRAM for reading info files.
--interactive, -i Force interactive behavior.
--line-editing Force readline use for command-line editing.
--no-history, -H Don't save commands to the history list
--no-init-file Don't read the ~/.octaverc or .octaverc files.
--no-init-path Don't initialize function search path.
--no-line-editing Don't use readline for command-line editing.
--no-site-file Don't read the site-wide octaverc file.
--no-window-system Disable window system, including graphics.
--norc, -f Don't read any initialization files.
--path PATH, -p PATH Add PATH to head of function search path.
--persist Go interactive after --eval or reading from FILE.
--silent, -q Don't print message at startup.
--traditional Set variables for closer MATLAB compatibility.
--verbose, -V Enable verbose output in some cases.
--version, -v Print version number and exit.
I am mainly interested in running octave code that is compatible with Matlab, so I'd like to use this --traditional option to make sure I keep the code compatible with Matlab in case I need to run the same code inside Matlab as well.
Or may be I can "turn on" this compatiblity mode once octave starts using a different command?
I am using GNU Octave, version 3.2.4 on Linux.
thanks
I don't think this is really an octave problem, per se. The Unix shebang notation in general is somewhat limited. I don't know the exact limits off the top of my head, but I'm pretty sure many implementations aren't happy if you add more than one option to the shebang line, which seems to be your problem.
Using a wrapper script is probably the canonical way to get around such problems.
To address your question of combining short and long options, Unix conventions don't allow for this. You could consider patching octave to add a short option for --traditional, if this is feasible for you. Alternatively, I'd imagine there's a way to specify the traditional behavior in the user or system-wide Octave configuration file, but this might not be that helpful if you need the script to work on systems you don't control.

KVM install and QEMU install

I try to install qemu, but I should intall the kvm first, and I have checked my cpu supporting the visualization, so I don't know why. Here is the error, when I input kvm.
open /dev/kvm: No such file or directory
Could not initialize KVM, will disable KVM support
And a new window for qemu comes out, but there are
boot failed....could not read the boot disk, could not read from CDROM(code 0003)
What can I do. I searched the methods for a long time. Thanks!
when I use mobprobe, the problem is here, (I checked my CPU, it supports VMX.)
FATAL: Error inserting kvm_intel (/lib/modules/2.6.38-8-generic/kernel/arch/x86/kvm/kvm-intel.ko): Operation not supported
When I use:~$ kvm -cdrom img.iso -hda disk.img -boot d
open /dev/kvm: No such file or directory Could not initialize KVM, will disable KVM support kvm: -cdrom img.iso: could not open disk image img.iso: No such file or directory
I don't know why..... Thanks!
The "could not open disk image img.iso" problem is the easier of the two errors: that file does not exist. That argument means "mount the disk image in the file img.iso as the CD-ROM"; that file must exist (and should be a valid ISO). Try downloading a ISO of any Linux flavor, for example.
disk.img must also exist (that argument means "use the disk image contained in the file disk.img as the hard disk"). You can create it using dd, e.g.:
dd if=/dev/zero of=images/disk.img bs=512M count=20
That will create a 10GB disk image in a file called disk.img. Adjust the block size and # of blocks (bs and count) to increase or decrease the size; bs cannot be larger than available memory.
For the second problem, Could not initialize KVM, will disable KVM, there are a number of possible causes:
disabled in BIOS
you are not running as root (i.e. using sudo) and your user cannot access /dev/kvm
the machine you are on is already virtualized (e.g. you are using Amazon EC2). These CPUs may have the VMX flag (because they are paravirtualized) but cannot be virtualized (because the hypervisor won't allow it.)
Note that this is NOT a fatal error; qemu can run without KVM support, it just runs in emulation mode and is quite slow.
The first problem will probably produce some output, examine the output of dmesg (dmesg | grep kvm). It can be solved by enabling it in BIOS.
The second problem can be diagnosed easily by running the commands as root instead of as a user. If that works, you have identified the problem.
The third problem is more difficult to resolve. XEN-blanket may help.
Pasting the output of "sudo kvm-ok" might be allow someone to offer more insight.
The instructions given in here would be translatable to other platforms:
https://help.ubuntu.com/community/KVM/Installation
If you provide more information about the machines you are using and your desired goals, we can be more helpful.
Did you check your BIOS-Settings? Some BIOS let you choose wether you want to activate VT / VMX or not.
Furthermore, I've found following, pretty similiar thread:
http://ubuntuforums.org/archive/index.php/t-755122.html
Hope this helps
Your problem is your system does not have KVM modules inserted. Please check your BIOS setting regarding VT is enabled, and also your KVM module matches your specific Linux distribution. An unmatched version of KVM module and Linux cannot be inserted.
Check the VM xml CD-ROM is set as 'file' not 'block'.
try to load kvm-intel or kvm-amd kernel modules, then take a look at dmesg, if loaded successfully you should be good to go