Booting ISO images with Grub2, among other things

The other day I bought myself, at the great expense of £12, an 8Gb USB stick. My idea was to try out several things.

  1. Create a persistent BackTrack Live CD
  2. Create an encrypted USB partition, for all my secret things
  3. Try booting ISO images using grub2

I feel that before I go any further, I should take a leaf out of another bloggers book and point out that grub2 will not directly boot ISO images. So, it will not allow you to take a windows XP install ISO and boot it. It will not let you take just any old ISO image and boot it. There are some fairly restrictive criteria to getting this to work, however, it does lend itself to being a very useful tool.

So to start with I followed the BackTrack USB install video at the offensive security website. I’m not going to re-iterate all the commands here, but simply give an overview of what I did.

Using fdisk I created 3 partitions

  • 1 – 5Gb – Bootable – W95 FAT32
  • 2 – 1Gb – Linux
  • 3 – 1Gb – W95 FAT32

In my case, just to ensure I didn’t screw anything up, I installed this on my usb stick using a live CD, with my HDD unplugged. I have heard how the grub2 installer can be a little flaky and indeed will share an experience of this later. In the beginning I used the BackTrack, but later on I switch to using the ubuntu live CD for another reason.

So my stick had a device identifier of /dev/sda. I have replaced this in the instructions with /dev/sdX so that people trying to copy and paste don’t hose their systems.

The next step is to format the partitions;

mkfs.vfat -F 32 -n BT4 /dev/sdX1
mkfs.ext3 -b 4096 -L casper-rw /dev/sdX2

Now we need to copy all the data from the BT4 CD. Before you all shout in unison, yes, I could have just used the BT4 ISO here, but I simply didn’t want to 🙂

So we mount the /dev/sdX1 partition, and run rsync -avh /media/cdrom/ /mnt/sdX1

This will take a few minutes and allow me to explain that the way we have created this allows us to run BT4 in one of two ways. First, we can run just as a live CD, with all the benefits that brings. Second we can run a persistent version of BT4 which will use the casper-rw partition as a sudo layer over the top of the live ISO layer. Any files we alter whilst booted in the persistent environment will be stored in this layer. Many people use a 4Gb partition for the casper-rw purely so that they can apt-get update their BT4 installation.

One of the next steps in the process on the video is to install grub. I’m actually going to skip this step and go straight to a CD change, now booting into ubuntu 9.10. There is good reason for this. Though BT4 seems to have all of the relevant files for grub2 on the DVD in the /boot/grub directory, the actual install only appears to have grub1.

Once I was booted up into ubuntu-desktop, I remounted that same /dev/sda1 partition, moved the /boot/grub directory to /boot/grub-old and then created a new /boot/grub directory, initially blank. After this I ran the grub installer.

sudo grub-install --no-floppy --root-directory=/media/BT4

The /media/BT4 was where my /dev/sda1 partition was mounted. This should correctly install grub2. After this we just have to modify the grub.cfg file. It’s not actually present right now, as we are not supposed to create one from scratch. Grub2 works differently to previous incarnations and prefers users to use a grub-update command, which pulls various lines from various files and merges them into it’s own grub.cfg which will get overwritten each time an update is made, hence the advice not to edit it ones self.

Since we are not going to be running the grub-update command we are safe to create our own. Just before we do this, I want to mention about the /boot/grub/iso folder I created in out BT4 partition. I have copied an ubuntu netbook install there, so that I can demonstrate just how easy it is to boot Ubuntu live cds.

Below is my grub.cfg file. You will notice upon booting backtrack that we maintain the fancy terminal screen during boot and tty sessions. However I haven’t, as yet, messed with the grub boot image. Enjoy.

GRUB_GFXMODE=1024x768x16
insmod vbe

menuentry                "Start BackTrack FrameBuffer (1024x768)" {
linux                /boot/vmlinuz BOOT=casper boot=casper nopersistent rw quiet vga=0x317
initrd                /boot/initrd.gz
}

menuentry                "Start BackTrack FrameBuffer (800x600)" {
linux                /boot/vmlinuz BOOT=casper boot=casper nopersistent rw quiet vga=0x314
initrd                /boot/initrd800.gz
}

menuentry                "Start BackTrack Forensics (no swap)" {
linux                /boot/vmlinuz BOOT=casper boot=casper nopersistent rw vga=0x317
initrd                /boot/initrdfr.gz
}

menuentry                "Start BackTrack in Safe Graphical Mode" {
linux                /boot/vmlinuz BOOT=casper boot=casper xforcevesa rw quiet 
initrd                /boot/initrd.gz
}

menuentry                "Start Persistent Live CD" {
linux                /boot/vmlinuz BOOT=casper boot=casper persistent rw quiet 
initrd                /boot/initrd.gz
}

menuentry                "Start BackTrack in Text Mode" {
linux                /boot/vmlinuz BOOT=casper boot=casper nopersistent textonly rw quiet
initrd                /boot/initrd.gz
}

menuentry                "Start BackTrack Graphical Mode from RAM" {
linux                /boot/vmlinuz BOOT=casper boot=casper toram nopersistent rw quiet 
initrd                /boot/initrd.gz
}

menuentry		"Ubuntu Server 9.10" {
loopback loop /boot/iso/ubuntu-9.10-netbook-remix-i386.iso
linux (loop)/casper/vmlinuz boot=casper iso-scan/filename=/boot/iso/ubuntu-9.10-netbook-remix-i386.iso noeject noprompt --
initrd (loop)/casper/initrd.lz
}

menuentry                "Memory Test" {
linux                /boot/memtest86+.bin
}

You can see the loop commands tell grub to loopback mount the CD ISO. This is where the magic happens. Notice also the iso-scan option passed, which tells the kernel where to find the iso image once the second stage is loaded. Different distros have different ways of accomplishing this on live CDs, it’s worth googling to find out how. The one distro I haven’t heard of people having success with is fedora, but I’m unsure just why this is. I guess I need to take a look.

There are options to tell the loopback mounter to pull isos from different partitions, but if you place them in the same dir that grub lives, you don’t need to do this. This was the main reason for having such a large initial BT4 directory. BT4 is only 1.5Gb 🙂

That’s enough for one sitting. Have fun.

Advertisements
    • J Sundar
    • June 9th, 2010

    Excellent post.

    I have tried booting some of the distros directly from iso using loop and iso-scan command. Few worked fine however RPM based distros are not booting up properly. For example i have tried PCLinux OS usig the same command. I could see boot screen but not the desktop even after 30 min.

    Any idea how to over come this issue???

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: