At work today, I needed to get a screenshot of a LUKS passphrase prompt for a document I was preparing. I had my desktop configured with an encrypted /home partition, but there are practical problems taking screenshots from text prompts before a system has booted. What is easier would be to take a screenshot of a qemu emulator window, running a booting linux kernel.

I therefore performed the following:

# chmod g-w /dev/sda
# chgrp jon /dev/sda
$ qemu-img create -f qcow -b /dev/sda tmp.img
$ qemu -hda tmp.img

I created a qemu copy-on-write image backing off my hard drive and booted that. I was therefore booting the currently running kernel with the current root as the root filesystem.

This worked far enough to get a screenshot of the luks passphrase. Once I'd unlocked that, it started a fsck. This was attempting to repair "damage" to the filesystem (which was currently open on the host machine). Of course, all of the fsck writes were going into the qemu image file, which is a file stored on the filesytem that fsck was trying to repair...


Comments