Wireshark · Wireshark-dev: [Wireshark-dev] Using losetup etc to mount and then modify a flat VMDK ...

[Richard Sharpe <realrichardsharpe@xxxxxxxxx>]

Hi folks,
This seems to work:

nutanix@NTNX-15SM12010009-B-CVM:10.4.80.40:~$ sudo losetup /dev/loop0 /mnt/MainContainer/RichardCentOSSimpleDisk/RichardCentOSSimpleDisk-flat.vmdk
nutanix@NTNX-15SM12010009-B-CVM:10.4.80.40:~$ losetup -o 210763776 /dev/loop1 /dev/loop0
losetup: /dev/loop0: warning: file smaller than 512 bytes, the loop device maybe be useless or invisible for system tools.
nutanix@NTNX-15SM12010009-B-CVM:10.4.80.40:~$ sudo mount -t ext4 /dev/loop1 /mnt/vmdk1/
nutanix@NTNX-15SM12010009-B-CVM:10.4.80.40:~$ sudo vim /mnt/vmdk1/etc/sysconfig/network-scripts/ifcfg-eth0
nutanix@NTNX-15SM12010009-B-CVM:10.4.80.40:~$ #sudo scp root@10.4.29.200:/root/.ssh
nutanix@NTNX-15SM12010009-B-CVM:10.4.80.40:~$ sudo mkdir /mnt/vmdk1/root/.ssh
nutanix@NTNX-15SM12010009-B-CVM:10.4.80.40:~$ sudo scp root@10.4.29.200:/root/.ssh/authorized_keys /mnt/vmdk1/root/.ssh
FIPS mode initialized
Warning: Permanently added '10.4.29.200' (RSA) to the list of known hosts.
root@10.4.29.200's password:
authorized_keys                               100%  802     0.8KB/s   00:00
nutanix@NTNX-15SM12010009-B-CVM:10.4.80.40:~$ sudo cat /mnt/vmdk1/root/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA1PzcXXvAxc08bu8TcEcXSVCxWGyDHKVkyRr1EKp8QdycQODGITCuu8fyNetBMJdjcKCjXiKPep3Td5+YFlB4wqSaQL1ZiZ6uPbDVUsvgH70IqvU8qPP7Vo2QAnbh4Xzv6L69hPcbok9CA0uDpCE+Hw0Dlxle+RoBX5kk+LEp2YCk/ptUBMCJk4EDbPKSRHDC/bEWwYN1vSpMaoRHpV+5d5jlhjr8iEI8tR7IN5yiEDHX87OfWNS1jDpnURQI4vG34iCCo8t6kjyT7Nhc1vqfFidAPe6fCJvkUFn8UEtqGFrV6ScllVdirYNU07KZEs4gQtfUv9pTAhwIE/6zlOn47Q== rsharpe@sharpe
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEApR29KGWsX+2/Wd5JvJlwFHS4sZm2C8vWuCERSoSszapb4RUsiwU6lX4IfUCPChC6k8IEqngiWfuZqNGTT/Kfhgsh9JthsTnbYv0vijXUfBBib+95QpZHfZX13nw4JAwAyNWTv8462l3KvdPDjlD2PAklsi6my9hq7X3JWKy3Mf8sucoP9yIk4fW9rRu2u7JX7K1xINW3C4FMwoe1NNZGaIMFpTgjmrwAppnxmlFoaK/UzPuZUb1VblXAQImcgMfx7DAUnLFYG/cVcVHZSuBm1RZn7LS8FE3Xmb2gh1sUhPKoVQ9klUZOnU8baBUqkUL9tPi/1JfA7ZbERGWgpfrgZQ== /home/kbafna/.ssh/id_rsa
nutanix@NTNX-15SM12010009-B-CVM:10.4.80.40:~$ sudo umount /mnt/vmdk1/

When I booted the VM, the changes were all there.

What I did here is:

1. Access the vmdk as a loop device

2. Setup another loop device that skips the first partition

3. Mounted it

4. Edited the network setup file.

5. Put an authorized_keys file in /root/.ssh

6. Unmounted it

7. Booted the VM

8. Checked that the mods were there, and they were.

--
Regards,
Richard Sharpe
(何以解憂？唯有杜康。--曹操)