3 Xen-Shell

The xen-shell provides a special command-line interface that allows users to connect to the host system (dom0) via SSH and to control their own virtual Xen machine. This shell knows only commands which are needed to manage the virtual machine, so it cannot be abused for other tasks. It also allows the owner to reimage his virtual machine (if he messed up his current one), i.e., reset it to a pristine/new state.

To allocate a virtual machine to a user, it must have the same name as the user. For example, if you have a user bob, then his virtual machine must also be named bob instead of vm03.example.com, etc.

To demonstrate this, I first create a user bob and give him a password:

useradd -d /home/bob -m -g users -s /bin/bash bob
passwd bob

Now I create a virtual machine called bob:

xen-create-image --hostname=bob --ip=192.168.0.105 --netmask=255.255.255.0 \
--gateway=192.168.0.1 --dir=/vserver/images --dist=sarge --debootstrap

Then we boot up the guest domain to see if it works:

xm create -c /etc/xen/bob.cfg

and shut it down again:

xm shutdown bob

Next we install some prerequisites for xen-shell:

apt-get install sudo libterm-readline-gnu-perl

Afterwards, we install xen-shell like this:

cd /tmp
wget http://xen-tools.org/software/xen-shell/xen-shell-0.5.tar.gz
tar xvfz xen-shell-0.5.tar.gz
cd xen-shell-0.5
make install

Now we must change bob's login shell from /bin/bash to /usr/bin/xen-login-shell:

chsh -s /usr/bin/xen-login-shell bob

(This step is optional if you are comfortable with the nano text editor:

Next, I change Debian's default text editor to vi:

update-alternatives --config editor

<-- 3 (/usr/bin/nvi)

)

Now we edit /etc/sudoers by using visudo. We have to allow bob to use the commands /usr/sbin/xm and /usr/bin/xen-create-image which require root privileges:

visudo

[...]

User_Alias   XENUSERS = bob
Cmnd_Alias   XEN      = /usr/sbin/xm
Cmnd_Alias   XENIMG   = /usr/bin/xen-create-image
XENUSERS     ALL      = NOPASSWD: XEN,XENIMG

This is necessary because otherwise bob won't be able to use the reimage function of the xen-shell.

To use the reimage function, we also need a shell script called image.sh in bob's home dir /home/bob. This script must contain the commands to be executed to reset or create a new guest domain for bob. The contents is totally up to you. For example, it could look like this:

vi /home/bob/image.sh

#!/bin/sh
/usr/bin/sudo /usr/bin/xen-create-image --hostname=bob --ip=192.168.0.105 \
--netmask=255.255.255.0 --gateway=192.168.0.1 --dir=/vserver/images \
--dist=sarge --debootstrap --force

(You should use full paths in the script, and you must invoke the xen-create-image command with /usr/bin/sudo, otherwise bob isn't allowed to run xen-create-image.)

We must make the script executable:

chmod 755 /home/bob/image.sh

Now bob can use his favourite SSH client (like PuTTY for Windows) and connect to dom0 (192.168.0.100). If all goes well, bob will see the xen-shell:

The following commands are available on the xen-shell:

• boot - This allows you to boot your Xen guest if it is currently shutdown.
• console / serial - These, identical, commands allow you to access your Xen guest's console, allowing you to login if your networking is broken, or if you've chosen to disable the OpenSSH server.
• exit / quit - These commands both exit the shell, saving any commands you might have entered into the ~/.xen-shell history file.
• help [command1 command2] - When invoked with no arguments the help command will show a list of available commands and a one-line description of them all. If you wish help on a specific command you can use "help command" to see more details.
• passwd - If the client is connecting to the host system via OpenSSH using a plain text password then this command will allow them to change that password. The command is disabled/removed if the users home directory contains the file ~/.ssh/authorized_keys - since it is assumed this means key-based authentication is in force.
• rdns [ip hostname] - The rdns command allows you to either view your current reverse DNS settings, or update them. Run rdns with no arguments to view your current setup, or run "rdns 1.2.3.4 foo.bar.com" to set the reverse DNS for the IP 1.2.3.4 Note: you can only set the reverse DNS for IPs which you control, which you'll find listed in the output of rdns. See the installation page for what is required to implement this fully.
• reboot - This allows you to reboot your running Xen guest.
• reimage - After prompting for confirmation, and counting down for ten seconds this command will wipe your Xen guest, and perform a fresh installation via the use of xen-tools.
• shutdown - This command will shutdown your currently running Xen guest. It will remain shutdown until you issue a boot command.
• status - This command shows you the current status of your Xen guest, which will either be "running/booted", or "shutdown". For information purposes it will also show you the uptime of the host system.
• uptime - This command is similar to the status command and will show you the uptime of your Xen guest along with the uptime of the host system.
• version - This shows you the version of the Xen shell which is installed, which is the CVS revision number.