Extract YubiRadius from VMware image

In this post which is part of the series on how to import YubiRadius, a Free Radius appliance implementing OTP validation, into Xen Open source Hypervisor, we will extract the files from the VMware image and build a .tar file to eventually unpack it in a DomU .img

Yubico distributes its YubiRadius appliance in 2 formats: OVF and VMware. I was able to extract the appliance only from VMware format. When you download the image and unzip the file, you will end up with several level of directories and a lot of difficult to handle filenames full of spaces that all need to be escaped. Windows heritage! This would confuse the convert utility, so we need to rename:

1190199296 Feb 17 01:02 Other Linux 2.6.x kernel-s001.vmdk
1220739072 Feb 17 01:02 Other Linux 2.6.x kernel-s002.vmdk
-662044672 Feb 17 01:02 Other Linux 2.6.x kernel-s003.vmdk
================
mv Other\ Linux\ 2.6.x\ kernel-s001.vmdk s001.vmdk
mv Other\ Linux\ 2.6.x\ kernel-s002.vmdk s002.vmdk
mv Other\ Linux\ 2.6.x\ kernel-s003.vmdk s003.vmdk
================
root@Lithium-Dom0:/mnt/sdb1/download/home/yubico/YubiRADIUS_Virtual_Appliance_3.5# ls -la
total 3004084

-rw-r–r– 1 root root 1190199296 Feb 17 01:02 s001.vmdk
-rw-r–r– 1 root root 1220739072 Feb 17 01:02 s002.vmdk
-rw-r–r– 1 root root  662044672 Feb 17 01:02 s003.vmdk

The Image is contained in the s00?.vmdk in order to put it together we need to convert the .vmdk format in the raw format and then concatenate the resulting files. The converting utility is in the QEMU package, aptitude once again is your friend to install the packages if missing, and you can then issue:

qemu-img convert –f vmdk s001.vmdk –O raw s001.raw
qemu-img convert –f vmdk s002.vmdk –O raw s002.raw
qemu-img convert –f vmdk s003.vmdk –O raw s003.raw

at this point you have three raw files that contain a piece of the disk image you need. To concatenate them in the right order the ususpectable cat utility and the globbing feature of the shell will become handy:

cat s00?.raw >> image.img

Ensure that the target file of the cat statement does not exist otherwise you will append the image to whatever the file contains. The resulting file is a disk image. It cannot be mounted until we determine the geometry with

fdisk -ul Yubico_part.img
You must set cylinders.
You can do this from the extra functions menu.

Disk Yubico_part.img: 0 MB, 0 bytes
255 heads, 63 sectors/track, 0 cylinders, total 0 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x0007b3a5

Device Boot      Start         End      Blocks   Id  System
Yubico_part.img1   *        2048     9951231     4974592   83  Linux
Partition 1 does not end on cylinder boundary.
Yubico_part.img2         9953278    10483711      265217    5  Extended
Partition 2 does not end on cylinder boundary.
Yubico_part.img5         9953280    10483711      265216   82  Linux swap / Solaris

Once you know where the partition begins (in this case sector 2048) we can mount it by specifying the offset in bytes (sectors * sector size). The filesystem type should be automatically recognized. In the mount there is explicitly stated.

# mount -t ext3 -o loop,offset=$((512*2048)) Yubico_part.img /mnt/img

At this point we have managed to have access to the appliance filesystem which has been mounted on /mnt/img (ensure you have created the mount point before executing the preceding statement)

The last thing we need to do is extract the content of the file system from the mounted partition with TAR (the content could be transferred directly into the final image but I prefer to keep the TAR file as a backup of the original distribution, it can be gunzipped and will be rather small)

cd /mnt
tar –c img > YubiRadius.tar
umount /mnt/img

At this point we have our tarred image we can trash the vmdk directory and files and start creating our image.

If Yubico would make available the .tar version of their appliance all of this time could be saved, but until then we have to extract the content from the VMware image with thi procedure.

About Fabio

Love of technology and flying have been the drivers of my life, more about me.
Tagged , , , , , , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Couldn't connect to server: Connection timed out (110)