CentOS 7 UEFI boot in KVM

I rely heavily on virtualisation for testing things and making sure they work as they are supposed to.

Today I was trying to probe to a vendor that their Windows installer was failing in computers with big hard drives, so I went to my only box that has few TB of spare space and created a VM. The host computer is running CentOS 7 and I run KVM on it to virtualise things.

As I soon discovered KVM by default does not come with UEFI boot out of the box, so my Windows installation on a 3TB virtual drive was creating a 2TB partition and leaving the rest un-used. You probably knew that “legacy” boot mode only supports 2.2TB disks and that for bigger drives you must do a firmware boot (a.k.a. UEFI boot). If you didn’t know, now you do.

So this is how you install UEFI into KVM and configure your VM to use it.

Navigate to your repos folder and get the .repo file for kraxel

cd /etc/yum.repos.d/ && wget http://www.kraxel.org/repos/firmware.repo

Install the OVMF project for 64bit

bash-3.2$ su -c 'yum install edk2.git-ovmf-x64 -y'

You can check what files you just installed with

bash-3.2$ rpm -ql edk2.git-ovmf-x64
/usr/share/doc/edk2.git-ovmf-x64-0
/usr/share/doc/edk2.git-ovmf-x64-0/License.txt
/usr/share/doc/edk2.git-ovmf-x64-0/README
/usr/share/edk2.git
/usr/share/edk2.git/ovmf-x64
/usr/share/edk2.git/ovmf-x64/OVMF-pure-efi.fd
/usr/share/edk2.git/ovmf-x64/OVMF-with-csm.fd
/usr/share/edk2.git/ovmf-x64/OVMF_CODE-pure-efi.fd
/usr/share/edk2.git/ovmf-x64/OVMF_CODE-with-csm.fd
/usr/share/edk2.git/ovmf-x64/OVMF_VARS-pure-efi.fd
/usr/share/edk2.git/ovmf-x64/OVMF_VARS-with-csm.fd
/usr/share/edk2.git/ovmf-x64/UefiShell.iso
/usr/share/edk2.git/ovmf-x64/bios.bin
/usr/share/edk2.git/ovmf-x64/efi-e1000.rom
/usr/share/edk2.git/ovmf-x64/efi-ne2k_pci.rom
/usr/share/edk2.git/ovmf-x64/efi-pcnet.rom
/usr/share/edk2.git/ovmf-x64/efi-rtl8139.rom
/usr/share/edk2.git/ovmf-x64/efi-virtio.rom
/usr/share/edk2.git/ovmf-x64/pxe-e1000.bin
/usr/share/edk2.git/ovmf-x64/pxe-e1000.rom
/usr/share/edk2.git/ovmf-x64/pxe-ne2k_pci.bin
/usr/share/edk2.git/ovmf-x64/pxe-ne2k_pci.rom
/usr/share/edk2.git/ovmf-x64/pxe-pcnet.bin
/usr/share/edk2.git/ovmf-x64/pxe-pcnet.rom
/usr/share/edk2.git/ovmf-x64/pxe-rtl8139.bin
/usr/share/edk2.git/ovmf-x64/pxe-rtl8139.rom
/usr/share/edk2.git/ovmf-x64/pxe-virtio.bin
/usr/share/edk2.git/ovmf-x64/pxe-virtio.rom
/usr/share/edk2.git/ovmf-x64/vgabios-cirrus.bin
/usr/share/edk2.git/ovmf-x64/vgabios-qxl.bin
/usr/share/edk2.git/ovmf-x64/vgabios-stdvga.bin
/usr/share/edk2.git/ovmf-x64/vgabios-virtio.bin
/usr/share/edk2.git/ovmf-x64/vgabios-vmware.bin

Create your VM as you normally would. You can use the gui tool virt-manager for example.

Once done and with you VM turned off, edit your VM’s xml with

bash-3.2$ su -c 'virsh edit <VMNAME>'

Search for the line that contains arch and paste the following line underneath

<loader>/usr/share/edk2.git/ovmf-x64/OVMF_CODE-pure-efi.fd</loader>

Write the changes and exit. Done! Now you can boot of the CD/DVD/PXE or any other method and it will be a UEFI boot.

You will know if you have done it properly because the VM will show the TianoCore splash screen while booting.

TianoCore

Posted in IT and stuff Tagged with: , , ,

Netatalk 3.1.7 rpm for CentOS and RHEL 7

Once again I have compiled the newest version of Netatalk for linux rhel based distros.

This time two packages, one for rhel version 6 and one for rhel version 7.

I have only tested version 7 because my home server is running CentOS 7.

The dependencies for version 7 of the OS are:

su -c 'yum install dconf libevent libtdb tracker -y'

And the dependencies for version 6 look like:

su -c 'yum install dbus-python libevent libtdb avahi-libs -y'

Then install the downloaded rpm with:

su -c 'rpm -ivh netatalk-3.1.7-0.1.el*'

Edit the config file in /etc/netatalk/afp.conf to look something like:

[Global]
uam list = uams_guest.so
guest account = student
mimic model = Macmini

[Student's AFP share]
path = /home/student
valid users = student guest

And start the service with either

su -c 'systemctl start netatalk && systemctl enable netatalk'

Or

su -c 'service netatalk start && chkconfig netatalk on'

Don’t forget to allow ports 548 and 4700 through firewalld

Documentation can be found here

[student@centos-server ~]$ afpd -v
afpd 3.1.7 - Apple Filing Protocol (AFP) daemon of Netatalk

This program is free software; you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by the Free Software
Foundation; either version 2 of the License, or (at your option) any later
version. Please see the file COPYING for further information and details.

afpd has been compiled with support for these features:

          AFP versions:	2.2 3.0 3.1 3.2 3.3 3.4
         CNID backends:	dbd last tdb mysql

              afp.conf:	/etc/netatalk//afp.conf
           extmap.conf:	/etc/netatalk//extmap.conf
       state directory:	/var/netatalk/
    afp_signature.conf:	/var/netatalk/afp_signature.conf
      afp_voluuid.conf:	/var/netatalk/afp_voluuid.conf
       UAM search path:	/usr/lib64/netatalk//
  Server messages path:	/var/netatalk/msg/

 

Posted in IT and stuff Tagged with: , , , , , ,

Sharepoint 2010 not rendering in Safari

Today I had to troubleshoot an issue where a user was not able to use a website with Safari. When the user browsed the website the dropdown menus and buttons were not rendering.

This the look of the menu when the issue appears

error

While digging to find the root cause and a fix I realised that the problem wasn’t just with Safari 8. All these versions of Safari appeared to have the issue:

  • Safari 8.0
  • Safari 7.1
  • Safari 6.1
  • Safari on iOS 8

After some googling I found this thread in StackExchange were they clearly explain the reason and a fix.

Turns out Microsoft messed up a regular expression in their mozilla.browser definition file. The current Safaris are using the WebKit core version 600.xyz and Microsoft used “60” to match older versions of Safari. Therefore the server incorrectly identifies the browser as an old version and disables AJAX-Extensions.

You can verify that this is the cause by enabling the developer menu in Safari and changing the user agent to something other that …600…

For example this

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10) AppleWebKit/610.1.25 (KHTML, like Gecko) Version/8.0 Safari/610.1.25

As for the server fix, the file that contains this error is located at

C:\Windows\Microsoft.NET\Framework\<version>\CONFIG\Browsers\mozilla.browser

and probably at here too

C:\Windows\Microsoft.NET\Framework64\<version>\CONFIG\Browsers\mozilla.browser

What you can do is add a dollar sign (end of line) just after the 60

<capability name="appleWebTechnologyVersion" match="60$" />

Once that is done on the server, the same website renders just fine in all the browsers mentioned above :)

working

Posted in IT and stuff Tagged with: , , , , , ,