Windows Native VHD Boot and Dispatch
使用 GNU/Linux 環境同時派送 Windows VHD 至多台個人電腦,以 Native VHD Boot 方式開機。
- Server 端以 WOL (Wake-on-LAN) 方式啟動多台個人電腦
- dhcpd 派送網路設定與 next-server 資訊
- in.tfptd 派送 pxelinux.0、pxelinux.cfg/default 與 Tiny Core Linux 作業系統
- 修改 Tiny Core Linux 套件,增加 ntfs-3g、ntfsprogs、openssh、rsync、udpcast 與 uftp 等程式
- 修改 Tiny Core Linux 帳號密碼,如 /etc/passwd、/etc/shadow,並啟動 sshd server
- 於 server 端使用 PSSH 控制遠端的個人電腦
- 掛載 NTFS 分割區
- 以 UDP Multicast 或 BitTorrent 方式接收 VHD 檔案、grub4dos、BOOTMGR
- 安裝 grub4dos 至 MBR 或使用既有的開機程式
- 重新開機
- 於 Windows 中安裝 MSYS2,以 cygrunsrv 方式啟動 sshd server
- Windows 開機後自動依 IP 設定電腦名稱
+-----------+ +------+ +---------------+ +----------+ +---------------+ +----------------+ +---------------+
| dhcp | | tftp | | bootx64.efi | | grub.cfg | | vmlinuz64 | | tce64.gz | | deploy.sh |
| (RFC4578) | | | | (grubx64.efi) | | | | corepure64.gz | | (bootlocal.sh) | | (next-server) |
+-----------+ +------+ +---------------+ +----------+ +---------------+ +----------------+ +---------------+
- 40 GiB
| 設備 | 速度 | 估計傳輸時間 |
|---|---|---|
| Fast Ethernet | 100 mbps | 1:00:04 |
| Gigabit Ethernet | 1000 mbps | 0:06:00 |
| USB 2.0 | 480 mbps | 0:12:30 |
| USB 3.0 | 3.2 gbps | 0:01:50 |
| SATA-I | 1.5 gbps | 0:03:54 |
| SATA-II | 3 gbps | 0:01:57 |
| 檔案名稱 | 用途 | 類型 | 狀態 | 大小 |
|---|---|---|---|---|
| pcroom_base.vhdx | 母碟 | 基礎磁碟 | 靜態 | 約 30 GB |
| pcroom.vhdx | 子碟 | 差異化磁碟 | 動態 | 隨差異增加 |
| pcroom_r.vhdx | 還原檔 | 差異化磁碟 | 靜態 | 約 173 KB |
base.vhdx => pcroom_base.vhdx => pcroom.vhdx (pcroom_r.vhdx)
=> office_base.vhdx => office.vhdx (office_r.vhdx)
| 名稱 | 標題 | BCD | VHD |
|---|---|---|---|
| pcroom_r | 電腦教室還原 | BCD.pcroom_vhdx | pcroom_r.vhdx > pcroom.vhdx |
| pcroom | 電腦教室 | BCD.pcroom_vhdx | pcroom.vhdx |
| office_r | 辦公室還原 | BCD.office_vhdx | office_r.vhdx > office.vhdx |
| office | 辦公室 | BCD.office_vhdx | office.vhdx |
base.vhdx(0) => test.vhdx(1) == pcroom_base.vhdx(1) => pcroom.vhdx(2)
test_r.vhdx(1) pcroom_r.vhdx(2)
== office_base.vhdx(1) => office.vhdx(2)
office_r.vhdx(2)
- Windows 11 bypass
HKLM -> SYSTEM -> Setup -> LabConfig ->
BypassTPMCheck (DWORD => 1)
BypassRAMCheck (DWORD => 1)
BypassSecureBootCheck (DWORD => 1)
- 透過 VirtualBox 安裝新系統
- 取消
VirtualDiskExpandOnMountHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FsDepends\Parameters VirtualDiskExpandOnMount = 4 - SDelete 清理磁碟
> sdelete64 -c -z C:
- 緊湊 VHD 磁碟空間
diskpart > select vdisk file="f:\base.vhdx" > compact vdisk$ vboxmanage clonemedium INPUT.VHD OUTPUT.VHD --format VHD --variant Standard - 建立差異化磁碟 (Differencing Disks)
diskpart
> create vdisk file="f:\pcroom_base.vhdx" parent="f:\base.vhdx"
diskpart
> select vdisk file="f:\pcroom_base.vhdx"
> merge vdisk depth=1
> compact vdisk
> create vdisk file="f:\pcroom.vhdx" parent="f:\pcroom_base.vhdx"
> reg add "HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TimeZoneInformation" /v RealTimeIsUniversal /d 1 /t REG_DWORD /f
- grub2 (無 grub2 可略過)
menuentry 'GRUB4DOS (NTFS)' --class windows {
savedefault
insmod part_msdos
insmod ntfs
insmod ntldr
search --set=root --no-floppy --file /sig_ntfs # 特徵檔案,識別磁碟區位置
ntldr /grldr # 控制權交給 grub4dos
}
- grub4dos
timeout 5
default 0
title Windows 10 (Native VHD Boot)
find --set-root --ignore-floppies --ignore-cd /sig_ntfs
dd if=()/Boot/BCD.pcroom_vhdx of=()/Boot/BCD # 設定 pcroom.vhdx 為開機裝置 (可切換不同用途的 VHD 檔案)
find --set-root --ignore-floppies --ignore-cd /sig_ntfs # 還原 pcroom_r.vhdx 至 pcroom.vhdx
dd if=()/pcroom_r.vhdx of=()/pcroom.vhdx
find --set-root --ignore-floppies --ignore-cd /sig_ntfs
chainloader /bootmgr # 控制權交給 bootmgr (Boot\BCD)
- 1st stage files
- grldr (開機程式)
- menu.lst (開機選單)
- unifont.hex.gz (中文字形)
- sig_* (選用,特徵檔案,識別磁碟區位置)
- 2nd stage files
- bootmgr
- BOOTNXT
- Boot
- Boot\BCD (紀錄作業系統開機的裝置)
- Boot\BCD.*
- disk files
- base.vhdx (基礎檔)
- pcroom.vhdx (差異檔)
- pcroom_r.vhdx (差異檔,還原用)
$ modprobe loop
$ losetup /dev/loop0 disk.vhd
$ partprobe /dev/loop0
$ mount /dev/loop0p1 /mnt/images
$ losetup -d /dev/loop0
$ VBoxManage clonehd dynamicd_disk.vhd fixed_disk.vhd --format vhd --variant dynamic
$ rm /root/.ssh/known_hosts; sshpass -p [密碼] pssh -i -A -h [主機清單] -t 0 -O "StrictHostKeyChecking no" -- "[指令]"
$ rm /root/.ssh/known_hosts; sshpass -p [密碼] pssh -i -A -H user@host_or_ip -t 0 -O "StrictHostKeyChecking no" -- "[指令]"
$ rm /root/.ssh/known_hosts; sshpass -p [密碼] pssh -i -A -h [主機清單] -t 0 -O "StrictHostKeyChecking no" -- "sudo ntfs-3g /dev/sda2 /mnt/sda2"
$ rm /root/.ssh/known_hosts; sshpass -p [密碼] pssh -i -A -h [主機清單] -t 0 -O "StrictHostKeyChecking no" -- "tar xvfz /mnt/sda2/vhd.tgz -C /mnt/sda2"
$ rm /root/.ssh/known_hosts; sshpass -p [密碼] pssh -i -A -h [主機清單] -t 0 -O "StrictHostKeyChecking no" -- "sudo reboot"
$ rm /root/.ssh/known_hosts; sshpass -p [密碼] pssh -i -A -h [主機清單] -t 0 -O "StrictHostKeyChecking no" -- "shutdown -s -t 30"
$ rm /root/.ssh/known_hosts; sshpass -p [密碼] pssh -i -A -h [主機清單] -t 0 -O "StrictHostKeyChecking no" -- "shutdown -r -t 30"
$ rm /root/.ssh/known_hosts; sshpass -f [密碼] pssh -i -A -h [主機清單] -t 0 -O "StrictHostKeyChecking no" -- "/opt/bin/udp-receiver --receive-timeout 10 --n okbd -f /mnt/sda2/pcroom.vhdx \&"
$ /opt/bin/udp-sender -f /mnt/sda2/pcroom.vhdx
$ /usr/local/share/grub4dos/bootlace.com /dev/sda
$ cp /usr/local/share/grub4dos/{chinese/}grldr /mnt/sda2
中文字型顯示須符合 unifont.hex 格式,自行下載 GNU Unifont,可內嵌或外部載入。直接下載字型。
color blue/green yellow/red white/magenta white/magenta
## menu border color
color border=0xEEFFEE
## set vbe mode
graphicsmode -1 640:800 480:600 24:32 || graphicsmode -1 -1 -1 24:32
font /unifont.hex.gz
## fdisk
$ sudo fdisk /dev/sda
g (GPT) --> n (new partition) --> /dev/sda1 (EFI partition)
--> n (new partition) --> /dev/sda2 (Microsoft Basic Data / NTFS)
## foramt disk
$ sudo partprobe /dev/sda
$ sudo mkfs.vfat -v /dev/sda1
$ sudo mkfs.ntfs -Q /dev/sda2
## mount
$ sudo mount /dev/sda1 /mnt/sda1
$ sudo ntfs-3g /dev/sda2 /mnt/sda2
## copy bootup files
$ cd /mnt/sda1 ; sudo scp -r [REMOTE]:/mnt/efi/EFI .
$ cd /mnt/sda2 ; sudo scp -r [REMOTE]:/mnt/ntfs/Boot .
$ /mnt/sda2/{bootmgr, BOOTNXT, grldr, menu.lst, winpe_amd64.iso, unifont.hex.gz, DO_NOT_SAVE_FILES_IN_THIS_DRIVE}
## FILE_ATTRIBUTE_HIDDEN | FILE_ATTRIBUTE_ARCHIVE
$ setfattr -h -v 0x00000022 -n system.ntfs_attrib_be *.vhdx
$ veyon-cli networkobjects export c:\1.csv location PCROOM-1 format "%name%,%host%,%mac"
$ veyon-cli networkobjects export c:\2.csv location PCROOM-2 format "%name%,%host%,%mac"
$ veyon-cli networkobjects import c:\1.csv location PCROOM-1 format "%name%,%host%,%mac"
$ veyon-cli networkobjects import c:\2.csv location PCROOM-2 format "%name%,%host%,%mac"
## sender
$ tar -cf - /path/to/sourcefolder | udp-sender
## receiver
$ udp-receiver --nokbd | tar -C /path/to/destfolder -xf -
## RpcOverNamedPipesAndTcp.cmd
$ reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Printers\RPC" /v RpcProtocols /t REG_DWORD /d 0x7 /f
## RpcOverNamedPipes.cmd
$ reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Printers\RPC" /v RpcUseNamedPipeProtocol /t REG_DWORD /d 1 /f
-
Disable driver signature enforcement [Windows Guide]
$ bcdedit.exe -set loadoptions DISABLE_INTEGRITY_CHECKS $ bcdedit.exe -set TESTSIGNING ON $ gpedit.msc User Configuration > Administrative Templates > System > Driver Installation > Code signing for device drivers entry [Ignore] -
- ntfs-3g
- ntfsprogs
- rsync
- grub4dos
$ tce-load -wi ntfs-3g -
Tiny Core Linux Customizations for Remastering
$ mkdir temp $ cp tce.gz temp/ $ cd temp/ $ zcat tce.gz | sudo cpio -i -H newc -d $ rm tce.gz $ sudo find | sudo cpio -o -H newc | gzip -2 > ../tce.gz -
$ vi settings.json "dht-enabled": true "lpd-enabled": true$ transmission-create -o disk.torrent -c "Win7 VHD Boot" disk.vhd $ tftp -r pcroom/disk.torrent -l /mnt/sda2/p2p/disk.torrent -g [伺服器位址] $ transmission-cli -v -w /mnt/sda2/p2p/ /mnt/sda2/p2p/disk.torrent -
$ udp-sender --full-duplex -f source.vhdx $ udp-receiver -f saved.vhdx $ rm /root/.ssh/known_hosts; sshpass -f passwd pssh -t 0 -i -A -h hosts_pcroom_30 -O "StrictHostKeyChecking no" -- "sudo /opt/bin/udp-receiver --nokbd -f /mnt/sda2/pcroom.vhdx \&"$ mkdir /mnt/sda2/t # Temp $ uftpd -D /mnt/sda2/ -T /mnt/sda2/t/ # Dest, Temp (Client) $ uftp -R -1 /srv/pcroom/pieces/ # Source directory (Server) $ split -b 1G /src/pcroom/disk.vhdx /src/pcroom/pieces # Split, unknown file size limit (2147483647) $ cat * > disk.vhdx # Join$ tce-load -wi compiletc $ cd uftp-4.9.3/ $ vim makefile # Add -D_GNU_SOURCE (-D_FILE_OFFSET_BITS=64) ifeq ("Linux", "$(UNAME_S)") ... ... bad-function-cast -DHAS_GETIFADDRS -D_GNU_SOURCE $(ENC_OPTS) $ make NO_ENCRYPTION=1 -
$ ethtool -s net0 wol g $ etherwake -i [介面] -b [MAC Address / 11:22:33:44:55:66] -
LABEL tiny-core-linux TITLE Tiny Core Linux LINUX /corelinux/vmlinuz INITRD /corelinux/core.gz,/corelinux/tce.gz,/corelinux/cde.gz APPEND loglevel=3,next-server=163.26.68.15 -
ApplicationDevice => LocateExDevice = \pcroom.vhdx OSDevice => LocateExDevice = \pcroom.vhdx -
PsTools / 遠端執行桌面程式
$ ./PsExec -accepteula $ ./PsExec -i 1 -s notepad.exe 以 start 指令同步執行,類似 fork 功能 $ start /b C:\Users\student\Desktop\PSTools\PsExec.exe \\主機1 -u 帳號 -p 密碼 -i -f -c " 指令.cmd" $ start /b C:\Users\student\Desktop\PSTools\PsExec.exe \\主機2 -u 帳號 -p 密碼 -i -f -c " 指令.cmd" -
# $scaling = 0 : 100% (default) # $scaling = 1 : 125% # $scaling = 2 : 150% # $scaling = 3 : 175% param($scaling = 0) $source = @' [DllImport("user32.dll", EntryPoint = "SystemParametersInfo")] public static extern bool SystemParametersInfo( uint uiAction, uint uiParam, uint pvParam, uint fWinIni); '@ $apicall = Add-Type -MemberDefinition $source -Name WinAPICall -Namespace SystemParamInfo -PassThru $apicall::SystemParametersInfo(0x009F, $scaling, $null, 1) | Out-Null$ powershell -ExecutionPolicy Bypass -File "z:\scale.ps1" 1
- PC: Illustrated Guide to GRUB and Linux Boot Process on BIOS and UEFI
- The rEFInd Boot Manager
- MBR2GPT.EXE
- GPT + UEFI
GPT +-----------------------+ | EFI partition / FAT32 | boot manager: bootmgfw.efi, grubx64.efi +-----------------------+ | Ext4 partition | kernel, rootfs: Fedora Linux (/boot, /, /home) +-----------------------+ | NTFS partition | kernel: Windows 10 (winload.efi) +-----------------------+ | NTFS partition | VHD, VHDX files (winload.efi) +-----------------------+ - GPT + UEFI (VHDX)
GPT +----------------+ | EFI partition | /EFI/Microsoft/Boot/bootmgfw.efi | FAT32 | ./BCD.pcroom_vhdx_efi (pcroom.vhdx) | | ./BCD.win10_vhd.efi (win10.vhd) | | ./BCD (目前) +----------------+ | NTFS partition | /pcroom.vhdx | | /win10.vhd +----------------+ - MBR + BIOS (VHDX)
MBR +----------------+ | NTFS partition | /bootmgr | | /Boot/BCD.pcroom_vhdx | | /pcroom.vhdx +----------------+ - GPT + UEFI/BIOS coexist
GPT +---------------------+ | EFI partition | bootmgfw.efi | FAT32 | grubx64.efi +---------------------+ | BIOS boot partition | core.img (Grub2) +---------------------+ | Ext4 | /boot/grub2, /boot, vmlinuz, initramfs +---------------------+ | Ext4 / LVM | /, /home +---------------------+ | NTFS partition | bootmgr, grldr, pcroom.vhdx +---------------------+ - EFI partition (/boot/efi)
. ├── EFI │ ├── BOOT │ │ ├── BOOTX64.EFI │ │ ├── fallback.efi │ │ └── fbx64.efi │ ├── fedora │ │ ├── BOOT.CSV │ │ ├── BOOTX64.CSV │ │ ├── grub.cfg │ │ ├── grubx64.efi │ │ ├── shim.efi │ │ ├── shimx64.efi │ │ ├── shimx64-fedora.efi │ │ └── x86_64-efi/ │ ├── Insyde │ └── Microsoft │ ├── Boot │ │ ├── BCD │ │ ├── BCD.pcroom_vhdx_efi │ │ ├── BCD.win10_vhd_efi │ │ ├── bootmgfw.efi │ │ └── bootmgr.efi │ ├── Boot_pcroom_vhdx │ │ ├── BCD │ │ ├── bootmgfw.efi │ │ └── bootmgr.efi │ ├── Boot_win10_vhd │ │ ├── BCD │ │ ├── bootmgfw.efi │ │ └── bootmgr.efi │ └── Recovery │ └── BCD └── sig_swift
HSIEH, Li-Yi @進學國小資訊組