Intel® Active Management Technology

Creating a Linux Rescue Image for IDE Redirection - Part 1

May 15, 2008 – 8:42 pm

IDE-Redirect allows an AMT enabled system to boot from an image, floppy, CD or DVD device which is located in the system running a management application. Usually, images booted remotely would be used to rescue the system from a fatal crash or in case of virus infection (if windows is the main OS installed). While many rescue systems are available for windows, nothing really beats Linux as a rescue tool, for both Windows and Linux systems. Linux has a large number of application designed for system diagnosis and system rescue that both target Linux and Windows.

This tutorial shows how to create a Linux based image that can be used with IDE redirection features of Intel AMT. The image will be based on a standard Linux distribution and is in fact a live CD image that can also booted on any system. The changes needed to make a standard Linux distributions work as an IDE-R capable image are minimal, however, they require some preparation because IDE-R devices are not yet support in the mainline Linux kernel.

The Linux distribution to be used should not make a difference as most popular distributions have support for creating live images and some level of customization. We have chosen an image based on Debian and Ubuntu because of the powerful utilities available for creating highly customized images. The generated image will be Debian based, and we will use Ubuntu to create it.

The requirements for the image we are going to create are the following, you can customize it as you wish later:

• Support IDE Redirection in the Kernel
• The complete boot process and prompt are text based (for serial over lan)
• Support redirecting output to serial console (Serial Over LAN device)
• Add Rescue and Diagnosis package (example: partitioning tools, ntfs rescue, …)
• Minimize image size as much as possible
• Start VNC server on remote system
• Start needed network services to allow remote login (SSH, Samba)

Getting Started

First, we need to install latest ubuntu. If you have ubuntu already installed then you can use existing installation, however, you will need to change the kernel that comes with ubuntu and compile a new one that supports IDE Redirection.

You can install ubuntu anywhere, the development system does not need to be AMT enabled. If you decide to install ubuntu on a system with AMT then you will be able to test IDE redirection before you build the image. Might be useful.

Installing required packages

After installing Ubuntu and bringing the system up to date with the online update install the following packages needed to create the live image:

• live-helper
• apt-cacher

The packages can be installed on the command line using:

# apt-get install live-helper apt-cacher

Live-helper is a utility to build CD, DVD, netboot and USB-stick live images of Debian, a GNU/Linux operating system. It boasts support for multiple architectures, auto-building images, amongst many other features.

Live-helper is extremely flexible, allowing interested parties to create their own system completely specific to their needs, including support for custom package lists, kernel parameters, encryption, additional commands to configure the live system etc.

For more information about live-helper, see the live-helper wiki.

You will be building the image more than once fixing problems and resolving issues. To speed things up it is recommended to cache packages downloaded from the internet on the local system. This way you can save time and bandwidth by reusing cached deb package files instead of repeatedly downloading them. A complete guide about caching packages can be found here. Do not run any of the lh_* command as described in the documentation yet.

To configure the image you would normally need to run

lh_config

with various options. Because of the many customization needed, we prepared the configuration files needed so you can start building the image immediately. This part of the tutorial will show how to build the image with the needed packages and the startup scripts that would start the required services and configure the serial console to send the text output to the SOL console.

Start by checking out the configuration files from the subversion repository on openamt.org. As root create a directory where the image will be created:

# cd /root

# svn co https://openamt.svn.sourceforge.net/svnroot/openamt/amt-rescue-cd

# cd amt-rescue-cd

Now it is time to build the modified kernel package. This is the most important step and you should follow the guide carefully to build a kernel that can boot the image and load the file system from the remote CD.

There are many guides on the net showing how to build a custom kernel for Ubuntu. We will be following the guide from the official Ubuntu documentation which is the most recent and covers the latest Ubuntu distribution: https://help.ubuntu.com/community/Kernel/Compile.

Read the documentation carefully and start by installing the required packages:

# mkdir -p kernel# cd kernel

# sudo apt-get install linux-kernel-devel fakeroot build-essential

# sudo apt-get build-dep linux-image-$(uname -r)

# apt-get source linux-image-$(uname -r)

# sudo apt-get build-dep linux-ubuntu-modules-$(uname -r)

# apt-get source linux-ubuntu-modules-$(uname -r)

Now that we have the sources, we will apply a patch to add IDER support and build a kernel package:

# cd linux-2.6.24# patch -p1 < ../../patches/linux-2.6.25.rc8-ider.patch

# CONCURRENCY_LEVEL=2 AUTOBUILD=1 NOEXTRAS=1 fakeroot debian/rules binary-generic

Let the kernel build, this will take a while. Now build the ubuntu kernel module package:

# cd linux-ubuntu-modules-2.6.24-2.6.24
# AUTOBUILD=1 fakeroot debian/rules binary-debs flavours="generic"

When all is done, you will have all built packages in the kernel directory. Copy the following two packages (version numbers may vary)

• linux-image-2.6.24-16-generic_2.6.24-16.30_i386.deb
• linux-ubuntu-modules-2.6.24-16-generic_2.6.24-16.23_i386.deb

to config/chroot_local-packages.

Thats it, you are ready to build the image now.

Now assuming the apt-cacher daemon is already running you can start building the image using the default settings by running the live-helper command:

# lh_build

The first time you run this it will take a while. Packages will be downloaded from the internet and cached in a local directory. At the end of the process a binary ISO image will be created that can be used with an management console application that supports IDE redirection.

You can use the AMT DTK (Intel(r) AMT Commander) to connect to an AMT system and boot into the created image. The following two screen shots show the bootloader screen and the final screen when the image has finished loading.

Next part of the tutorial will show how to customize the image for your needs.