Skip to content

Photon OS on WSL2

Jump to bottom
dcasota edited this page Jun 10, 2024 · 134 revisions

To make run various Nvidia tutorials directly on a user laptop, the idea came up to use Photon OS on WSL2. The initiative has been specified at https://github.com/vmware/photon/issues/1532.

The following recipe to accomplish the installation and configuration has been tested on

  • Lenovo Yoga Pro i9 with Nvidia RTX4070
  • Windows 11 Version 10.0.22631.3235
  • Powershell 5.1.22621.2506
  • WSL-Version: 2.1.5.0
    • Kernelversion: 5.15.146.1-2
    • WSLg-Version: 1.0.60
    • MSRDC-Version: 1.2.5105
    • Direct3D-Version: 1.611.1-81528511
    • DXCore-Version: 10.0.25131.1002-220531-1700.rs-onecore-base2-hyp
    • Windows-Version: 10.0.22631.3235
  • VMware Photon OS 5.0, PHOTON_BUILD_NUMBER=dde71ec57

Setup

  1. Ensure WSL2 is installed and configured.

    # Open a Powershell Terminal (Administrator) 
# see https://learn.microsoft.com/en-us/windows/wsl/install-manual#step-1---enable-the-windows-subsystem-for-linux
dism /Online /Enable-Feature /All /FeatureName:Microsoft-Windows-Subsystem-Linux /norestart
# see https://learn.microsoft.com/en-us/windows/wsl/install-manual#step-3---enable-virtual-machine-feature
dism.exe /online /enable-feature /featurename:VirtualMachinePlatform /all /norestart
# dism /Online /Enable-Feature /All /FeatureName:Microsoft-Hyper-V /norestart # not necessary accordingly to prerequisites
bcdedit /set hypervisorlaunchtype auto
# reboot

    Optional: run wsl --update, install latest WSL2 release from https://github.com/microsoft/WSL/releases and WSL2 GUI (wslg) from https://github.com/microsoft/wslg/releases.

  2. Install Docker Desktop to make use of it importing Photon OS docker in WSL2 e.g. x86_64 version.

    invoke-webrequest https://desktop.docker.com/win/main/amd64/Docker%20Desktop%20Installer.exe -outfile "$env:userprofile\downloads\Docker Desktop Installer.exe"
$oprocess = start-process "$env:userprofile\downloads\Docker Desktop Installer.exe" -passthru

    Start Docker Desktop and configure it initially.

    start-process "$env:ProgramFiles\Docker\Docker\Docker Desktop.exe"

    Close the Powershell window. Issue Docker Desktop releases 4.29, 4.30: If it does not start, stop WSL Service. In Docker Desktop remove WSL 2 integration, and restart Docker Desktop.

  3. Open a new Powershell Terminal (Administrator) and prepare Photon OS docker container

    docker pull photon:latest # docker pull photon release from https://hub.docker.com/_/photon/
docker run -it -d photon:latest # run container in background

# get docker container id
$jsonstring = docker container list --format '{\"Image\":"\"{{.Image}}\",\"ID\":\"{{.ID}}\"}' 2>$NULL
$ID = ($jsonstring | convertfrom-json | where-object -Property image -eq "photon:latest" | select ID).ID
docker export -o "$env:userprofile\photon.tar" $ID # docker export
docker container stop $ID # docker container stop and prune
docker container prune --force # docker container stop and prune

  4. Import Photon OS docker container and configure as WSL2 distro.

    Importing or starting a WSL2 distribution under Windows 11, actually starts two distributions:

    • the user Linux distribution
    • a corresponding system distribution system distro for each "main" distribution. This distribution is actually Microsoft CBL-Mariner.

    Using the docker container method, the user Linux distribution can be configured. I haven't found out how to exchange the system distro.

    This scenario explicitly uses the default WSL networking setting NAT. The new networkingMode=mirrored isn't used because it caused more complexity for debugging and didn't solve a minor NAT issue (see workaround 2).

    $distroname="Ph5"
$targetdirectory="$env:userprofile\$distroname"
mkdir $targetdirectory

# configure .wslconfig . If needed, change debugConsole=true
echo "[wsl2]">"$env:userprofile\.wslconfig"
echo "# Enable nested virtualization">>"$env:userprofile\.wslconfig"
echo "nestedVirtualization=true">>"$env:userprofile\.wslconfig"
echo "# networking mode">>"$env:userprofile\.wslconfig"
echo "networkingMode=NAT">>"$env:userprofile\.wslconfig"
echo "# Turn on default connection to bind WSL 2 localhost to Windows localhost">>"$env:userprofile\.wslconfig"
echo "localhostforwarding=true">>"$env:userprofile\.wslconfig"
echo "# turn off idle timeout">>"$env:userprofile\.wslconfig"
echo "vmIdleTimeout = -1">>"$env:userprofile\.wslconfig"
echo "# needed to start properly [email protected]">>"$env:userprofile\.wslconfig"
echo "guiApplications = true">>"$env:userprofile\.wslconfig"
echo "# debug console" >>"$env:userprofile\.wslconfig"
echo "debugConsole=false">>"$env:userprofile\.wslconfig"
# backup the global .wslconfig
cp "$env:userprofile\.wslconfig" "$targetdirectory\.wslconfig.bkup"

wsl --set-default-version 2 # set wsl version
wsl --import $distroname $targetdirectory "$env:userprofile\photon.tar" # wsl import to a target directory
# wsl --set-default $distroname # set wsl default

# start and login as root
wsl -d $distroname -u root -e /bin/bash # Keep calm as it starts with "ERROR: UtilTranslatePathList". time settings will fix this.

  5. With the first boot, configure the following steps.

    # this is a preparation to run Photon OS on WSL2 with a user. In addition, the user is used for docker rootless.
# Change here.
ROOTLESS_USER="dcaso"  

# WORKAROUND 1
# This snippet solves the issue "ERROR: UtilTranslatePathList".
# ntpd does not work yet in WSL2 because systemd isn't the booted init system but ntpdate can be triggered at this time.
tdnf install -y ntp tzdata
ZONEINFO="Europe/Zurich"
set $ZONEINFO timezone
ln -sf /usr/share/zoneinfo/$ZONEINFO /etc/localtime
ntpdate -u pool.ntp.org
hwclock --systohc --localtime

# install dbus as prerequisite to use systemd on boot
tdnf install -y sudo dbus-user-session systemd-udev

# install docker, also docker-rootless
tdnf install -y runc containerd shadow fuse slirp4netns libslirp docker docker-rootless usbutils pciutils
# disable docker for first boot to not conflict with system services
systemctl disable docker

# WORKAROUND 2
# It's not clear why the wsl'ified Photon OS does not get a NAT dhcp ip with the next boot.
# As workaround, the actual NAT dhcp ip address is saved and stored as static ip.
# This seems to work as long as you don't reconfigure the vswitch settings for WSL.
IPADDRESS=`ifconfig -S | grep eth0 | awk '{print $2}'`
NAMESERVER=`cat /etc/resolv.conf | grep nameserver | awk '{print $2}'`
echo "[Match]"> /etc/systemd/network/10-static-en.network
echo "Name=eth0">> /etc/systemd/network/10-static-en.network
echo "[Network]">> /etc/systemd/network/10-static-en.network
echo "Address=$IPADDRESS">> /etc/systemd/network/10-static-en.network
echo "Gateway=$NAMESERVER">> /etc/systemd/network/10-static-en.network
echo "DNS=$NAMESERVER">> /etc/systemd/network/10-static-en.network
chmod 644 /etc/systemd/network/10-static-en.network

# WORKAROUND 3
# see https://forums.developer.nvidia.com/t/wsl2-libcuda-so-and-libcuda-so-1-should-be-symlink/236301
cd /usr/lib/wsl/lib
rm libcuda.so libcuda.so.1
ln -s libcuda.so.1.1 libcuda.so.1
ln -s libcuda.so.1 libcuda.so
/sbin/ldconfig

# remove root password expiration
chage -m 0 root

# create and configure ROOTLESS_USER
# systemd-managed see https://rootlesscontaine.rs/getting-started/common/subuid/
uid="524288"
useradd $ROOTLESS_USER --uid $uid -m -g users -G sudo,wheel
echo "$ROOTLESS_USER:$uid:65536" >> /etc/subuid
echo "$ROOTLESS_USER:$uid:65536" >> /etc/subgid
echo "kernel.unprivileged_userns_clone = 1" >> /etc/sysctl.d/50-rootless.conf
chmod 644 /etc/subuid /etc/subgid /etc/sysctl.d/50-rootless.conf

# WORKAROUND
mkdir -p /run/user/0 # seems a wsl2 bug
mkdir -p /run/user/$uid # seems a wsl2 bug

chage -m 0 $ROOTLESS_USER
# add ROOTLESS_USE to visudo
echo "$ROOTLESS_USER ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers

# /etc/wsl.conf contains the configuration to run Photon OS on WSL2 and to boot as systemd. 
# In addition, to boot systemd it seems to be necessary to preserve the dhcp address as static ip with no new resolv.conf.
echo "[user]"> /etc/wsl.conf
echo "default = $ROOTLESS_USER">> /etc/wsl.conf
echo "">> /etc/wsl.conf
echo "[boot]">> /etc/wsl.conf
echo "systemd=true">> /etc/wsl.conf
echo "">> /etc/wsl.conf
echo "[network]">> /etc/wsl.conf
echo "generateResolvConf = false">> /etc/wsl.conf

# see https://github.com/microsoft/wslg/wiki/WSLg-Configuration-Options-for-Debugging

#  see https://github.com/microsoft/wslg/issues/43#issuecomment-826039096
echo "#  This file is part of the debianisation of systemd."> /etc/tmpfiles.d/wslg.conf
echo "#">> /etc/tmpfiles.d/wslg.conf
echo "#  systemd is free software; you can redistribute it and/or modify it">> /etc/tmpfiles.d/wslg.conf
echo "#  under the terms of the GNU General Public License as published by">> /etc/tmpfiles.d/wslg.conf
echo "#  the Free Software Foundation; either version 2 of the License, or">> /etc/tmpfiles.d/wslg.conf
echo "#  (at your option) any later version.">> /etc/tmpfiles.d/wslg.conf
echo "">> /etc/tmpfiles.d/wslg.conf
echo "# See tmpfiles.d(5) for details">> /etc/tmpfiles.d/wslg.conf
echo "">> /etc/tmpfiles.d/wslg.conf
echo "# Type Path           Mode UID  GID  Age Argument">> /etc/tmpfiles.d/wslg.conf
echo "L+     /tmp/.X11-unix -    -    -    -   /mnt/wslg/.X11-unix">> /etc/tmpfiles.d/wslg.conf

touch /mnt/wslg/.X11-unix
chmod 777 /mnt/wslg/.X11-unix

# change password of $ROOTLESS_USER
passwd $ROOTLESS_USER

exit

  6. Shutdown Photon OS on WSL2.

    wsl -d $distroname --shutdown

    Boot, and login as <ROOTLESS_USER>.

    # Change here
$ROOTLESS_USER="dcaso"
wsl -d $distroname -u $ROOTLESS_USER -e /bin/bash

    You can use this wsl'ified Photon OS now more or less like a typical installation.

  7. Option 1: Configure Photon OS system to make use of docker and ssh.

    sudo cat <<EOFInstall | sudo tee $HOME/install.sh
 
# enable ntpd
systemctl enable ntpd.service
systemctl restart ntpd

# install and configure openssh
tdnf remove -y openssh openssh-server openssh-clients
rm -r -f /etc/ssh
sleep 5
tdnf install -y openssh
sleep 5
sed -i "s/#PermitRootLogin no/PermitRootLogin yes/" /etc/ssh/sshd_config
sed -i "s/#PermitRootLogin yes/PermitRootLogin yes/" /etc/ssh/sshd_config
sed -i "s/PermitRootLogin no/PermitRootLogin yes/" /etc/ssh/sshd_config
sed -i "s/#PasswordAuthentication no/PasswordAuthentication yes/" /etc/ssh/sshd_config
sed -i "s/#PasswordAuthentication yes/PasswordAuthentication yes/" /etc/ssh/sshd_config
sed -i "s/PasswordAuthentication no/PasswordAuthentication yes/" /etc/ssh/sshd_config
sed -i "s/#LoginGraceTime/LoginGraceTime/" /etc/ssh/sshd_config
sed -i "s/#Port /Port /" /etc/ssh/sshd_config
sed -i "s/#ListenAddress 0.0.0.0/ListenAddress 0.0.0.0/" /etc/ssh/sshd_config
systemctl restart sshd

# docker neeeds iptables just installed. Configure docker.
tdnf install -y iptables
systemctl enable containerd.service
systemctl restart containerd
systemctl enable docker.socket
systemctl enable docker
systemctl restart docker
# check docker
docker run -it hello-world
EOFInstall

    Run the install script.

    sudo chmod a+x $HOME/install.sh
sudo /bin/bash $HOME/install.sh

  8. Option 2: Recompile kernel to make use of usb video connectivity. By default, usb video is not enabled. Hence, the first step is to recompile the kernel by using the kernel template e.g. this. It has been adopted from Ubuntu and works for Photon OS.

    # change here
ROOTLESS_USER="dcaso"
distroname="Ph5"

# prerequisites
sudo tdnf makecache
sudo tdnf install -y git ncurses-devel dwarves openssl-devel bc build-essential unzip elfutils-devel rsync
cd /usr/local/src

# Unsure if needed or not
sudo tdnf install -y sysdig linux-drivers-sound linux-drivers-gpu alsa-utils alsa-lib linux-devel linux-firmware
sudo tdnf install -y grub2-efi grub2-efi-image dmidecode dracut

# see https://github.com/microsoft/WSL2-Linux-Kernel/releases

# For dockerized Photon OS 5.0 with Kernel 6.1
tag="6.1.21.2"
tagname=linux-msft-wsl-${tag}
sudo git clone --depth 1 -b ${tagname} https://github.com/microsoft/WSL2-Linux-Kernel.git ${tag}-microsoft-standard
cd WSL2-Linux-Kernel
sudo ln -s ${tag}-microsoft-standard ${tag}-microsoft-standard-WSL2+
cd ${tag}-microsoft-standard-WSL2+

# For dockerized Photon OS 5.0 with Kernel 5.15 e.g. "5.15.137.3", "5.15.146.1", "5.15.150.1", "5.15.153.1"
# tag="5.15.137.3" 
# tagname=linux-msft-wsl-${tag}
# sudo git clone --depth 1 -b ${tagname} https://github.com/microsoft/WSL2-Linux-Kernel.git ${tag}-microsoft-standard
# sudo ln -s ${tag}-microsoft-standard ${tag}-microsoft-standard-WSL2+
# cd ${tag}-microsoft-standard-WSL2+

# prepare
export TERM=linux
sudo make clean

# Option1: use the kernel template Microsoft/config-wsl
sudo cp Microsoft/config-wsl .config

# Option2: use actual Photon OS kernel as template
# sudo cp /proc/config.gz config.gz
# sudo gunzip config.gz
# sudo cp config .config

# Option3: use the custom kernel template config-ubuntu22.04.txt
# sudo curl -J -L -O https://github.com/dcasota/photonos-scripts/files/13948054/config-ubuntu22.04.txt
# sudo mv config-ubuntu22.04.txt .config

# configure kernel by `sudo make menuconfig` if necessary
sudo chmod 777 .config
sudo make prepare modules_prepare
# sudo make menuconfig

sudo make -j$(nproc --all)
sudo make -j$(nproc --all) modules_install headers_install install

cp /usr/local/src/${tag}-microsoft-standard/arch/x86_64/boot/bzImage /mnt/c/Users/$ROOTLESS_USER/$distroname/vmlinux
# cp /usr/local/src/${tag}-microsoft-standard/vmlinux /mnt/c/Users/$ROOTLESS_USER/$distroname/vmlinux
exit

    Shutdown wsl and make use of the new kernel in .wslconfig.

    wsl -d $distroname --shutdown
# wait a few seconds
# add vmlinux location to [wsl2] section in .wslconfig
echo "kernel=C:\\Users\\$env:username\\$distroname\\vmlinux" >>"$env:userprofile\.wslconfig"

    Boot and login.

    wsl -d $distroname -u $ROOTLESS_USER -e /bin/bash

    Check the date of the kernel.

    uname -a
Linux yourcomputer 5.15.137.3-microsoft-standard-WSL2+ #2 SMP Mon Jan 15 20:56:55 CET 2024 x86_64 GNU/Linux

exit

    Install and configure usbip to redirect and use usb devices in wsl2.

    # update wsl
wsl --update

# installation of usbipd
winget install usbipd --force
# this seems to be necessary for the usbip client tool
winget install --interactive --exact dorssel.usbipd-win --force

# close Powershell Terminal (Administrator)

    If using Docker Desktop, in Docker Desktop > Settings > Resources > WSL integration > Enable integration with additional distros: Ph5 > Apply & restart, if needed.

    Reopen Powershell Terminal (Administrator).

    #change here
$ROOTLESS_USER="dcaso"
$distroname="Ph5"

# find busid
PS C:\Users\youruser> usbipd list
Connected:
BUSID  VID:PID    DEVICE                                                        STATE
2-4    04f2:b7c1  Integrated Camera, Integrated IR Camera, APP Mode             Not shared
2-10   8087:0033  Intel(R) Wireless Bluetooth(R)                                Not shared
3-2    0bda:8153  Realtek USB GbE Family Controller                             Not shared
4-1    046d:c046  USB-Eingabegerät                                              Not shared
4-3    046d:c316  USB-Eingabegerät                                              Not shared

Persisted:
GUID                                  DEVICE

# bind the preferred device by busid
usbipd bind -b 2-4

# start wsl and exit to background
wsl -d $distroname -u $ROOTLESS_USER -e /bin/bash -c "echo 'wsl running in background..';exit"

# attach
usbipd attach --wsl -b 2-4

# enter wsl again
wsl -d $distroname -u $ROOTLESS_USER -e /bin/bash

# install utils
sudo tdnf install -y usbutils

localuser [ /mnt/c/Users/youruser ]# lsusb
Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 001 Device 002: ID 04f2:b7c1 Chicony Electronics Co., Ltd Integrated Camera
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub

# video0 must be present
ls /dev/video0

    Option: Install video 4 linux.

    cd $HOME
sudo tdnf install -y git meson build-essential which clang doxygen cmake libgssglue json-c systemd-devel libjpeg-turbo libjpeg-turbo-devel libgudev alsa-lib alsa-lib-devel alsa-utils json-c-devel libgssglue-devel libXcursor-devel libXi-devel libXinerama-devel libXrandr-devel ninja-build
sudo tdnf install -y gstreamer gstreamer-devel gstreamer-plugins-base gstreamer-plugins-base-devel libtiff libtiff-devel lttng-tools lttng-ust lttng-ust-devel libglvnd-devel libglvnd-opengl mesa
cd $HOME
git clone https://github.com/gjasny/v4l-utils.git
cd v4l-utils

sudo meson setup build/ # sudo meson build/ --reconfigure
sudo ninja -C build/
sudo ninja -C build/ install
cd ./build/utils/v4l2-ctl
sudo ./v4l2-ctl --all

    You should get a similar sample output.

Additional information

Option: Prepare make use of vCenter Converter

WSL2 afaik isn't supported yet. The following steps are prerequisites.

On Photon OS, install additional packages for vCenter Converter Worker.
```
# install and configure openssh. See steps above.
# install additional prerequisites
sudo tdnf install -y grub2-efi grub2-efi-image dmidecode dracut
```

In Powershell Terminal (Administrator) configure the Hyperv firewall.
```
New-NetFirewallHyperVRule -Name SSH -DisplayName "SSH" -Direction Inbound -VMCreatorId "{40E0AC32-46A5-438A-A0B2-2B479E8F2E90}" -Protocol TCP -LocalPorts 22
New-NetFirewallHyperVRule -Name https -DisplayName "https" -Direction Inbound -VMCreatorId "{40E0AC32-46A5-438A-A0B2-2B479E8F2E90}" -Protocol TCP - 
LocalPorts 443
New-NetFirewallHyperVRule -Name Port9089 -DisplayName "Port9089" -Direction Inbound -VMCreatorId "{40E0AC32-46A5-438A-A0B2-2B479E8F2E90}" -Protocol TCP -LocalPorts 9089
```

Hardening

DOES NOT WORK YET AS EXPECTED. DO NOT USE.
Hardening using Photon OS iptables and Hyperv firewall.

port proxy settings.  

```
netsh interface portproxy reset
# In Photon OS run ifconfig -S and determine the ipaddress
$connectaddress="172.19.160.222"
netsh interface portproxy set v4tov4 listenport=22 listenaddress=0.0.0.0 connectport=22 connectaddress=$connectaddress
netsh interface portproxy add v4tov4 listenport=443 listenaddress=0.0.0.0 connectport=443 connectaddress=$connectaddress
netsh interface portproxy add v4tov4 listenport=9089 listenaddress=0.0.0.0 connectport=9089 connectaddress=$connectaddress
```

Firewall Hyperv settings.

```
get-netfirewallhypervrule | where-object {$_.VMCreatorId -eq "{40E0AC32-46A5-438A-A0B2-2B479E8F2E90}"} | remove-netfirewallhypervrule
Set-NetFirewallHyperVVMSetting -Name "{40E0AC32-46A5-438A-A0B2-2B479E8F2E90}" -DefaultInboundAction Allow
Set-NetFirewallHyperVVMSetting -Name "{40E0AC32-46A5-438A-A0B2-2B479E8F2E90}" -DefaultOutboundAction Allow
Set-NetFirewallHyperVVMSetting -Name "{40E0AC32-46A5-438A-A0B2-2B479E8F2E90}" -LoopbackEnabled True
Set-NetFirewallHyperVVMSetting -Name "{40E0AC32-46A5-438A-A0B2-2B479E8F2E90}" -AllowHostPolicyMerge True
Set-NetFirewallHyperVVMSetting -Name "{40E0AC32-46A5-438A-A0B2-2B479E8F2E90}" -Enabled True 
New-NetFirewallHyperVRule -Name SSH -DisplayName "SSH" -Direction Inbound -VMCreatorId "{40E0AC32-46A5-438A-A0B2-2B479E8F2E90}" -Protocol TCP -LocalPorts 22
New-NetFirewallHyperVRule -Name https -DisplayName "https" -Direction Inbound -VMCreatorId "{40E0AC32-46A5-438A-A0B2-2B479E8F2E90}" -Protocol TCP -LocalPorts 443
New-NetFirewallHyperVRule -Name Port9089 -DisplayName "vCenter Converter Port 9089" -Direction Inbound -VMCreatorId "{40E0AC32-46A5-438A-A0B2-2B479E8F2E90}" -Protocol TCP -LocalPorts 9089
```   

On Photon OS install and configure iptables.
```
sudo cat <<EOFInstall2 | sudo tee $HOME/install2.sh

# Configure iptables
tdnf install -y iptables
systemctl enable iptables
systemctl restart iptables

# delete all of the rules in the INPUT,FORWARD and OUTPUT chain
iptables -F INPUT
iptables -F FORWARD
iptables -F OUTPUT

# set default in the INPUT,FORWARD and OUTPUT chain
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP

# ntp
iptables -A INPUT -i eth0 -p udp --dport 123 -j ACCEPT
# dns
iptables -A INPUT -i eth0 -p udp --dport 53 -j ACCEPT
# dhcp
iptables -A INPUT -i eth0 -p udp --dport 67 -j ACCEPT

# ping
iptables -A INPUT -i eth0 -p icmp -j ACCEPT
# ssh and https
iptables -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 443 -j ACCEPT
# VMware vCenter Converter source Windows machine
iptables -A INPUT -i eth0 -p udp --dport 137 -j ACCEPT
iptables -A INPUT -i eth0 -p udp --dport 138 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 139 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 9089 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 445 -j ACCEPT
# VMware vCenter Converter connectivity
iptables -A INPUT -i eth0 -p tcp --dport 902 -j ACCEPT

iptables-save >/etc/systemd/scripts/ip4save
ip6tables-save >/etc/systemd/scripts/ip6save
EOFInstall2
```

Run the install script.
```
sudo chmod a+x $HOME/install2.sh
sudo /bin/bash $HOME/install2.sh
```

Known issues

ISSUE: simply starting wsl does not login.

Didn't find the cause. Use wsl -u $ROOTLESS_USER -e /bin/bash as workaround.

ISSUE: docker-rootless fails.

The setup above should be ready to allow docker-rootless, however it fails. See steps below.

  • Login as ROOTLESS_USER.

    $distroname="Ph5"
$ROOTLESS_USER="dcaso"
wsl -d $distroname -u $ROOTLESS_USER -e /bin/bash

  • Finish rootless setup.

    /usr/bin/dockerd-rootless-setuptool.sh install --skip-iptables # retry if it doesn't work the first time. docker daemon must be up and running.

ROOTLESS_USER=localuser # same user as above.
echo "export PATH=/usr/bin:\$PATH" >> $HOME/.bashrc
echo export DOCKER_HOST=unix:///run/user/$ROOTLESS_USER/docker.sock >> $HOME/.bashrc

docker run -it hello-world # does not work. docker daemon not detected

ISSUE: How to avoid check connection?

The debug log shows that on each boot there is a sort of connection test. I do not understand how to configure -> https://learn.microsoft.com/en-us/windows-server/networking/ncsi/ncsi-frequently-asked-questions#does-linux-have-its-own-ncsi

CheckConnection: resolving the name www.msftconnecttest.com [AF_INET]
CheckConnection: connecting to 80.67.82.217
CheckConnection: resolving the name www.msftconnecttest.com [AF_INET6]
Exception: CheckConnection: getaddrinfo() failed: -2
CheckConnection: arming select for 5 seconds
CheckConnection: v4 succeeded
CheckConnection: returning v4 (1) v6 (2)
LxGnsMessageConnectTestRequest (destination: www.msftconnecttest.com) returning: 0x20001
GNS: Processing Next Message Successful (0x20001)
Returning LxGnsMessageResult [131073 - ]

ISSUE: Sound does not work. ALSA lib confmisc.c:855:(parse_card) cannot find card '0'

sudo tdnf install sysdig linux-drivers-sound linux-drivers-gpu alsa-utils
speaker-test -t sine -f 1000 -l 1
# issue: ALSA lib confmisc.c:855:(parse_card) cannot find card '0'

In /mnt/wslg there are logs. stderr.log

[11:31:52.825] <3>WSLGd: LogException:75: Exception: No such file or directory @../FontMonitor.cpp:280 (Start)

[11:31:52.825] <5>WSLGd: Stop:330: FontMonitor: monitoring stopped.
dbus[16]: Unknown username "pulse" in message bus configuration file
glamor: 'wl_drm' not supported
Missing Wayland requirements for glamor GBM backend
Failed to initialize glamor, falling back to sw
The XKEYBOARD keymap compiler (xkbcomp) reports:
> Warning:          Unsupported maximum keycode 569, clipping.
>                   X11 cannot support keycodes above 255.
Errors from xkbcomp are not fatal to the X server

pulseaudio.log

(   0.000|   0.000) W: [pulseaudio] authkey.c: Failed to open cookie file '/home/wslg/.config/pulse/cookie': No such file or directory
(   0.000|   0.000) W: [pulseaudio] authkey.c: Failed to load authentication key '/home/wslg/.config/pulse/cookie': No such file or directory
(   0.000|   0.000) W: [pulseaudio] authkey.c: Failed to open cookie file '/home/wslg/.pulse-cookie': No such file or directory
(   0.000|   0.000) W: [pulseaudio] authkey.c: Failed to load authentication key '/home/wslg/.pulse-cookie': No such file or directory
(   0.005|   0.005) E: [pulseaudio] module-console-kit.c: GetSessionsForUnixUser() call failed: org.freedesktop.DBus.Error.ServiceUnknown: The name    org.freedesktop.ConsoleKit was not provided by any .service files
(   0.005|   0.000) E: [pulseaudio] module.c: Failed to load module "module-console-kit" (argument: ""): initialization failed.
(   0.007|   0.001) W: [pulseaudio] cli-command.c: stat('/etc/pulse/default.pa.d'): No such file or directory
(   0.513|   0.506) E: [rdp-sink] module-rdp-sink.c: RDP Sink - Trying to connect to /mnt/wslg/PulseAudioRDPSink
(   0.513|   0.000) E: [rdp-sink] module-rdp-sink.c: Connected failed
(   5.514|   4.999) E: [rdp-sink] module-rdp-sink.c: RDP Sink - Trying to connect to /mnt/wslg/PulseAudioRDPSink
(   5.514|   0.000) E: [rdp-sink] module-rdp-sink.c: RDP Sink - Connected to fd 1

and two additional logs weston.log, wlog.log.

Research notes.

sudo tdnf install -y git meson build-essential which clang doxygen cmake libgssglue json-c systemd-devel libjpeg-turbo libjpeg-turbo-devel libgudev alsa-lib alsa-lib-devel alsa-utils json-c-devel libgssglue-devel libXcursor-devel libXi-devel libXinerama-devel libXrandr-devel ninja-build
 sudo tdnf install -y gstreamer gstreamer-devel gstreamer-plugins-base gstreamer-plugins-base-devel libtiff libtiff-devel lttng-tools lttng-ust lttng-ust-devel libglvnd-devel libglvnd-opengl mesa
sudo tdnf install -y dbus dbus-devel dbus-glib dbus-glib-devel dbus-broker libcap-devel valgrind autogen
sudo git clone https://github.com/microsoft/PulseAudio-mirror
cd PulseAudio-mirror

sudo git clone https://github.com/libsndfile/libsndfile
cd libsndfile
sudo autoreconf -vif
sudo ./configure --enable-werror
sudo make
sudo make install
cd ..

sudo meson build # FAILS
sudo meson compile -C build
sudo build/src/daemon/pulseaudio -n -F build/src/daemon/default.pa -p $(pwd)/build/src/modules/
autoreconv -vif
# libflac, libogg,
# configure: WARNING: *** libvorbis and libopus)
# "MPEG support selected but external Lame library cannot be found.

# 3rd attempt
sudo git clone https://github.com/xiph/ogg
cd ogg
sudo ./autogen.sh
sudo ./configure
sudo make
sudo make install
cd ..

export LD_LIBRARY_PATH=/usr/local/lib:$LD_LIBRARY_PATH

sudo ldconfig

sudo git clone https://github.com/xiph/vorbis
cd vorbis
sudo ./autogen.sh
sudo ./configure
sudo make
sudo make install
cd ..

sudo ldconfig

sudo git clone https://github.com/xiph/flac
cd flac
sudo ./autogen.sh
sudo ./configure
sudo make
sudo make install

sudo ldconfig

sudo git clone https://github.com/xiph/opus
cd opus
sudo ./autogen.sh
sudo ./configure
sudo make
sudo make install

sudo ldconfig

cd $HOME
curl -J -L -O https://johnvansickle.com/ffmpeg/builds/ffmpeg-git-amd64-static.tar.xz
sudo tar -xvf ffmpeg-git-amd64-static.tar.xz
export PATH=$HOME/ffmpeg-git-20240504-amd64-static:$PATH


sudo tdnf install -y autoconf-archive
sudo git clone https://github.com/chirlu/sox.git
cd sox
sudo autoreconf -i
sudo ./configure --enable-pulseaudio

sudo git clone https://gitlab.freedesktop.org/pipewire/pipewire.git
cd pipewire
sudo tdnf install -y dbus dbus-glib dbus-glib-devel
sudo ./autogen.sh
sudo make
sudo make install

sudo tdnf remove alsa-lib
sudo rpm -ivh https://ftp.lysator.liu.se/pub/opensuse/distribution/leap/15.5/repo/oss/x86_64/libasound2-1.2.8-150500.1.1.x86_64.rpm

# another attempt
sudo tdnf install -y autogen
sudo git clone -b master https://github.com/libsndfile/libsndfile/
cd src
sudo curl -J -L -O https://raw.githubusercontent.com/libsndfile/libsndfile/master-evpobr/src/test_endswap.c
cd ..
cd tests
sudo git clone -b master-evpobr https://github.com/libsndfile/libsndfile/
sudo cp ./libsndfile/tests/*.c .
sudo rm -r -f libsndfile/
cd ..
sudo make install


sudo tdnf install -y wayland wayland-devel wayland-protocols wayland-protocols-devel
sudo tdnf install -y libxkbcommon libxkbcommon-devel libxkbcommon-x11 libxkbcommon-x11-devel
sudo groupadd audio
sudo useradd pulse -m -g users -G sudo,wheel
echo "pulse ALL=(ALL) NOPASSWD: ALL" | sudo tee -a /etc/sudoers
sudo usermod -a -G audio pulse

cd $HOME
git clone https://github.com/libsdl-org/SDL
cd SDL
sudo cmake -S . -B build
sudo cmake --build build
sudo cmake --install build


wsl -d Ph5 --system -u root
cp -vr /home/wslg/ /mnt/c/Users/dcaso
exit
wsl -d Ph5 -u dcaso -e /bin/bash
sudo cp -vr /mnt/c/Users/dcaso/wslg /home
sudo chmod 777 /home/wslg/.config/pulse/cookie
sudo mkdir -p /etc/pulse/default.pa.d


sudo tdnf install -y gstreamer gstreamer-devel gstreamer-plugins-base gstreamer-plugins-base-devel gst-plugins-bad gst-plugins-bad-devel
sudo tdnf install -y libdrm libdrm-devel mesa mesa-libgbm mesa-libgbm-devel mesa-vulkan-drivers vulkan-headers vulkan-loader-devel vulkan-tools 
sudo tdnf install -y python3-lxml python3-sphinx libapparmor-devel readline-devel
sudo tdnf install -y dbus-glib dbus-glib-devel glib-devel glibc-devel glibc-i18n glibc-tools glibmm-devel json-glib-devel linux-drivers-intel-i40e linux-drivers-intel-ice

ISSUE: dmesg and journalctl show a few error messages. How to avoid these?

PCI (not supported)
hv_vmbus (unknown guid)
libcuda.so.1 (not asymbolic link)
dxgk (dxgkio_query_adapter_info: Ioctl failed: -22)
potentially unexpected fatal signal 11
systemd-coredump (Failed to connect to coredump service: No such file or directory)
usr/lib/udev/rules.d/60-block-scheduler.rules (Failed to write ATTR), etc/udev/rules.d/60-ioschedulers.rules (Failed to write ATTR)
/proc/sys/fs/binfmt_misc/WSLInterop-late (Permission denied)
iptables (Module nf_conntrack not found in directory /lib/modules/5.15.133.1-microsoft-standard-WSL2
Module xt_LOG not found in directory /lib/modules/5.15.133.1-microsoft-standard-WSL2)
Kernel reports TIME_ERROR: 0x41 (Clock Unsynchronized)

dmesg.txt journal.txt

How to use Photon OS kernel?

How to use Photon OS kernel instead of cbl mariner as default ? (and not only the dockerized Photon OS distro.) The cbl-mariner system distribution can be explored started using

  • wsl --system which starts in context of the internal wslg user. 
    wslg [ /mnt/c/Users/dcaso ]$ cat /etc/os-release
NAME="Common Base Linux Mariner"
VERSION="2.0.20231130"
ID=mariner
VERSION_ID="2.0"
PRETTY_NAME="CBL-Mariner/Linux"
ANSI_COLOR="1;34"
HOME_URL="https://aka.ms/cbl-mariner"
BUG_REPORT_URL="https://aka.ms/cbl-mariner"
SUPPORT_URL="https://aka.ms/cbl-mariner"
  • wsl --system -u root /bin/bash which starts in context of the internal root user. cbl-mariner allows to make use of tdnf. 
    tdnf update -y tdnf
tdnf install -y rpm-build
tdnf distro-sync -y
    The changes above aren't persistent, but allows to quickly test a newer release. 
    root [ /mnt/c/Users/dcaso ]# cat /etc/os-release
NAME="Common Base Linux Mariner"
VERSION="2.0.20240223"
ID=mariner
VERSION_ID="2.0"
PRETTY_NAME="CBL-Mariner/Linux"
ANSI_COLOR="1;34"
HOME_URL="https://aka.ms/cbl-mariner"
BUG_REPORT_URL="https://aka.ms/cbl-mariner"
SUPPORT_URL="https://aka.ms/cbl-mariner"

Various

Enable Docker Desktop WSL2 integration with Photon OS

In Docker Desktop > Settings > Resources > WSL integration > Enable integration with additional distros: Ph5 > Apply & restart

Cleanup Photon OS on WSL2

Run the following powershell commands.

wsl -d $distroname --shutdown
wsl --unregister $distroname
rm "$targetdirectory\.wslconfig"
rm "$targetdirectory\vmlinux"
rm "$targetdirectory\photon.tar"
# rm "$targetdirectory/.ssh/known_hosts"

Weblinks

How to recompile the Linux Kernel: - https://github.com/PINTO0309/wsl2_linux_kernel_usbcam_enable_conf/tree/main

Notes

For smartcard support, you need at least release 5.15.150.1, see https://github.com/microsoft/WSL/issues/10581

Clone this wiki locally