------------------------------- strongSwan UML - Installation ------------------------------- Contents -------- 1. Making the host system UML-capable 2. Installing the required files 3. Creating the UML testing environment 1. Making the host system UML-capable ---------------------------------- UML instances can be run on both Linux 2.4 and Linux 2.6 kernels. If you are using a vanilla kernel from kernel.org then you must first apply the host SKAS patch available from http://www.user-mode-linux.org/~blaisorblade/patches/ and recompile and reboot your host kernel. Some Linux distributions as e.g. SuSE already include the SKAS patch in their kernels. You will also need the UML utilities (uml_mconsole and uml_switch) available from http://prdownloads.sourceforge.net/user-mode-linux/uml_utilities_20040406.tar.bz2 Many Linux distributions offer the UML utilities as a package. 2. Installing the required files ----------------------------- First create a directory where you want the strongSwan UML testing environment to be located.The default directory is "~/strongswan-testing". If you choose a different location, please adapt the UMLTESTDIR variable in "testing.conf" accordingly. mkdir ~/strongswan-testing Now copy the "testing" subdirectory coming with the strongSwan distribution to the UML testing environment: cp -r testing ~/strongswan-testing Next you need to copy several files into the ~/strongswan-testing directory that are required for the strongSwan testing environment: * A vanilla Linux kernel on which the UML kernel will be based on. We recommend the use of http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.33.3.tar.bz2 * The Linux kernel 2.6.33.3 does not require any patches for the uml guest kernel to successfully start up but the aes_gmac patch must be applied for ESP AES-GMAC support. * The matching .config file required to compile the UML kernel: http://download.strongswan.org/uml/.config-2.6.33 * A gentoo-based UML file system (compressed size 130 MBytes) found at http://download.strongswan.org/uml/gentoo-fs-20090615.tar.bz2 * The latest strongSwan distribution http://download.strongswan.org/strongswan-4.4.1.tar.bz2 3. Creating the environment ------------------------ Now change into the testing subdirectory cd ~/strongswan-testing/testing and make the UML testing environment: ./make-testing The "make-testing" script calls a series of subscripts which can be enabled or disabled individually by setting the corresponding flags in "testing.conf": if [ $ENABLE_BUILD_UMLKERNEL = "yes" ] then scripts/build-umlkernel fi builds an UML kernel out of the vanilla Linux kernel and the corresponding UML kernel patch. if [ $ENABLE_BUILD_HOSTCONFIG = "yes" ] then scripts/build-hostconfig fi generates the default configurations for the UML hosts alice, venus, moon, carol, winnetou, dave, sun, and bob by replacing the wildcards PH_IP_ALICE, etc. by the actual IP addresses defined in "testing.conf". if [ $ENABLE_BUILD_UMLROOTFS = "yes" ] then scripts/build-umlrootfs fi takes the gentoo-based UML file system and compiles the latest strongSwan distribution into it. if [ $ENABLE_BUILD_SSHKEYS = "yes" ] then scripts/build-sshkeys fi adds the common RSA public key of the UML instances to your ~/.ssh/known_hosts directory so that you can log onto the UML instances using ssh without typing in a password. The "scripts/build-sshkeys" script should only be run once. if [ $ENABLE_BUILD_UMLHOSTFS = "yes" ] then scripts/build-umlhostfs fi creates the customized UML file systems for the instances given as command line arguments by adding the default host configurations to the UML root file system. If the "make-starting" scripts is called without any arguments then by default the UML file systems are created for the hosts alice, venus, moon, carol, winnetou, dave, sun, and bob. Each UML root file system has as size defined by the ROOTFSSIZE in testing.conf which by default is 544 MBytes. Thus all 8 UML hosts plus the master copy will require a total of 5 GBytes of disk space. if [ $ENABLE_START_TESTING = "yes" ] then ./start-testing fi starts the automated testing. More details on the tests you'll find in the README document. -----------------------------------------------------------------------------