Thursday, December 8, 2011

Cloned Red Hat/CentOS/Scientific Linux Virtual Machines and “Device eth0 does not seem to be present” Message


Recently I was preparing some new virtual machines in VMware running Scientific Linux 6.  I encountered some difficulty with the virtual network interface after preparing clones of the machines.  In particular I was unable to get the virtual NIC on the newly cloned machine to be recognized as a valid interface.  Upon further investigation the NIC on the newly cloned machines was being registered as “eth1″.  We can check the currently registered “eth” devices here:


[root@sl6 ~]# ls /sys/class/net
eth1  lo  sit0
As it turns out there is a device manager for the Linux kernel named “udev” which remembers the settings from the NIC of the virtual machine before it was cloned.  I was not familiar with udev because it was not installed in my previous Linux VM install, which were mainly CentOS 5.
Since the hardware address of the network interface changes as part of the clone, the system sees the NIC after the clone as “new” and assigns it to eth1.  The simple way to move the interface back to eth0 is to edit the strings beginning with “SUBSYSTEM” in udev’s network persistence file.
Start off by removing the first “SUBSYSTEM” entry that represents the “old” eth0 interface.  Then edit the second “SUBSYSTEM” entry, changing the “NAME” parameter from “eth1″ to “eth0″.  Of course your config may vary from mine.  Keep in mind that the “SUBSYSTEM” line may be wrapped in the text below.
Old file:

[root@localhost ~]# cat /etc/udev/rules.d/70-persistent-net.rules
# This file was automatically generated by the /lib/udev/write_net_rules
# program, run by the persistent-net-generator.rules rules file.
#
# You can modify it, as long as you keep each rule on a single
# line, and change only the value of the NAME= key.
# PCI device 0x15ad:0x07b0 (vmxnet3) (custom name provided by external tool)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:50:56:87:00:21", ATTR{type}=="1", KERNEL=="eth*", NAME="eth0"
# PCI device 0x15ad:0x07b0 (vmxnet3)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:50:56:87:00:25", ATTR{type}=="1", KERNEL=="eth*", NAME="eth1"
New file:

[root@localhost ~]# cat /etc/udev/rules.d/70-persistent-net.rules
# This file was automatically generated by the /lib/udev/write_net_rules
# program, run by the persistent-net-generator.rules rules file.
#
# You can modify it, as long as you keep each rule on a single
# line, and change only the value of the NAME= key.
# PCI device 0x15ad:0x07b0 (vmxnet3) (custom name provided by external tool)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:50:56:87:00:25", ATTR{type}=="1", KERNEL=="eth*", NAME="eth0"
Now verify that you have a properly configured network config file, the example below is for Red Hat/CentOS/Scientific Linux:

[root@sl6 ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE="eth0"
BOOTPROTO="static"
HWADDR="00:50:56:87:00:25"
IPV6INIT="no"
IPV6_AUTOCONF="no"
NM_CONTROLLED="no"
ONBOOT="yes"
IPADDR="192.168.10.125"
NETMASK="255.255.255.0"
NETWORK="192.168.10.0"
BROADCAST="192.168.10.255"
Now reboot the system and the NIC should now be registered as eth0!
Posted by at 1 comment:
Labels: , , ,

Hack the password protected “single user ” mode on Linux


The “single user ” mode could be used to bypass the security layer . Well single user mode can also be password protected , just append the following line in the  “/etc/inittab ” file :
su:S:wait:/sbin/nologin #Single level will be skipped —> goes directly to the default runlevel ie 5
su:S:wait:/sbin/sulogin #Single level will demand root password

Now your machine will demand the root password even if Linux is start on “single user ” mode . This extra layer of protection will only prohibit a newbie to break in to your Linux box . The following 4 steps  show how to bypass the protected “single user ” mode :
  1. While booting pass this kernel parameter : init=/bin/bash
    This parameter will prevent the kernel to run the /sbin/init and proceed with the usual /etc/rc.d/*  procedure , it will just give us a shell (no password checks , no filesystem checks , no startup environment) . THE FILESYSTEM WILL BE IN READ -ONLY MODE .
  2. The following command will remount the / filesystem writable .
    mount  -o  remount , rw  /
  3. Now the password can be changed with the “passwd ” command . Do not reboot yet until :
  4. mount  -o remount , ro /
  5. Now press the reset button


Posted by at 1 comment:
Labels: , ,
Subscribe to: Posts (Atom)