Access Dom0 Partitions inside a User Qube

hitam · May 19, 2024, 5:23pm

Hi,

I installed qubes in the root partition in disk 1, which contains additional partitions.
These partitions I can access with the Thunar File manager from dom0 and i am able to access the second disk with its own partition as well. Owner of all partitions is root. So far so good.

I installed a template DEBIAN12 and based on this template a Qube called Office successfully.
Now i want to access the - additional - partitions from the dom0 environment inside the user Qube Office, and the big partition, because i store my media files (picture, music, video) in the second drive.

How I do have to configure the system ??

I really appreciate your detailed answer in advance.

regards, hitam

apparatus · May 19, 2024, 5:33pm

hitam · May 19, 2024, 5:47pm

Hi,

thank you for your reference. qvm-block ONLY lists the partitions of an USB stick, but NOT the partitions of the fixed disks.

regards, hitam

apparatus · May 19, 2024, 6:12pm

In dom0 terminal:

sudo losetup -f --show /dev/sda

Change /dev/sda to your disk name.

hitam · May 19, 2024, 6:34pm

Ok, thanks . I received a list of all partitions on both disks including their loop devices.

I could attach one partition to the Office qube, but it does not show up in the file manager of the Office qube. Why ?

regards, Hitam

apparatus · May 19, 2024, 6:39pm

hitam · May 19, 2024, 6:51pm

qvm-block a Office dom0:loop36
error: backend on ‘dom0’ does not expose ‘loop36’

Output from qvm-block:

u.a.

dom0:loop38 /dev/sda1 Office(read-only=no, frontend-dev=xvdi)

The partition is not visible in Office !!! !!!

in fstab in der Office VM

I found the entry:

/dev/xvd1 /mnt/removabe auto noauto,user, rw 0 0

The directory /mnt/removable does not exist !

i added the directory manually, a sudo mount -a did not change the situation.
after a rebbot of Office qube, the directory disappeared.
reagrds, hitam

apparatus · May 19, 2024, 7:20pm

What’s the output of this command in Office qube?

sudo fdisk -l

Do you see /dev/xvdi device there?

Follow the linked doc:

cd ~
mkdir mnt
sudo mount /dev/xvdi2 mnt

Then access the /home/user/mnt directory in your File Manager.

hitam · May 19, 2024, 7:28pm

Yes, xvdi device is present in Office.

Thanks a lot everything is Ok, i can see and access the share will put it in fstab as well.

regards, hitam

hitam · May 19, 2024, 7:34pm

After restart of the Office qube all hand made changes are LOST !
Even the fstab has been changed to the old content !

Do i have to do it always manually ???

Why fstab destroys manually added mounts after each reboot ???

sudo mount /dev/xvdi /home//user/mnt ???

Another problem is, that user cannot make any changes to the mount (owner is still root)

apparatus · May 20, 2024, 3:35am

You can change files ownership from root to user if you want:

sudo chown -R user:user /home/user//mnt

hitam · May 20, 2024, 11:55am

Thank you very much for your kind support and help to get started with Qubes in an efficient way.The next step i want to automate attaching the partitions to the Office Qube by executing a script, which should be run every time dom0 will be started. Where i do have to place such a script to automatically executed by dom0???

reagrds, hitam

apparatus · May 20, 2024, 11:59am

You can attach the block devices to a qube persistently by using qvm-block command line tool in dom0 terminal, there is a --persistent flag:

[user@dom0 ~]$ qvm-block -h
usage: qvm-block [--verbose] [--quiet] [--help] [--list-device-classes] {list,ls,l,attach,at,a,detach,d,dt} ...

Qubes volume and block device managment

options:
  --verbose, -v         increase verbosity
  --quiet, -q           decrease verbosity
  --help, -h            show this help message and exit
  --list-device-classes

commands:
  For more information see qvm-device command -h

  {list,ls,l,attach,at,a,detach,d,dt}
    list (ls,l)         list devices
    attach (at,a)       Attach device to domain
    detach (d,dt)       Detach device from domain

Command 'list':
  usage: qvm-block list [--verbose] [--quiet] [--help] [--all] [--exclude EXCLUDE] [VMNAME ...]

Command 'attach':
  usage: qvm-block attach [--verbose] [--quiet] [--help] [--option OPTION] [--ro] [--persistent] VMNAME BACKEND:DEVICE_ID

Command 'detach':
  usage: qvm-block detach [--verbose] [--quiet] [--help] VMNAME [BACKEND:DEVICE_ID]

hitam · May 20, 2024, 12:23pm

thank you very much for your advice.

hitam · May 20, 2024, 12:55pm

I tried to attach the partition to the qube office with this command:

qvm-block at --persistent Office dom0:/dev/loop8
qvm-block: error backend ‘dom0’ doesn’t expose ‘/dev/loop8’

The device loop8 is available in dom0.

What happened ?

apparatus · May 20, 2024, 1:05pm

Run this command to see the correct device id:

qvm-block list

I guess it should be like this:

qvm-block at --persistent Office dom0:loop8

But on second thought, you’ll still need to run losetup command to expose your block devices so you’ll still have to run this command on Qubes OS start.
You can use specific loop device number so it’ll be consistent and you can use --persistent flag with it:

sudo losetup loop987 /dev/sda

You can use cron/systemd service/something else to run your script on startup:

hitam · May 20, 2024, 1:31pm

Ok, that worked for me.

The fstab in the qube Office shows:

/dev/xvdi /mnt/removable auto noauto,user, rw 0 0

with the directory removable is non existing.

If i change with sudo the fstab into

/dev/xvdi /home/user/mnt auto noauto, user, rw 0 0

and save the file

the changes will be lost after the next restart and I have to do it allover again.

Why ???

How to make my changes in /etc/fstab persistent ???

regards, hitam

apparatus · May 20, 2024, 1:42pm

Read the link that I posted before:

You need to edit the fstab in template of your Office qube or maybe you can try to use bind-dirs in Office qube:

hitam · July 22, 2024, 4:09am

Hi,

i just tried to attach a dom0 partition to the Office Qube:

losetup dom0:loop50 /dev/nvme0n1p7
qvm-block at --persistent Office dom0:loop50

qvm-block list
BACKEND:DEVID DESCRIPTION USED BY
dom0:loop50 /dev/nvme0n1p7 Office (read-onl=no, frontend-device=xvdi)

In the Office qube i found in fstab:

/dev/xvdi /mnt/removable auto noauto, user, rw 0 0

However, the file manager i Office Qube does not show any content of the partition /daten.

What went wrong and how I can I recover form my mistake ?

Could someone please advise me of a systemd script to get this process automated at every startup, since I am not familiar with systemd service.

In total I do have 5 partition to connect to different qubes.

Many hanks in advance and best regards,

Hitam

hitam · July 23, 2024, 2:30am

Hi, i could attach the dom0 partitions to the different apps successfully.

The /dev/xvdi is mounted into a specific directory. If I open this specific directory INSIDE the file manager of the gnome desktop it shows a size of about 11 GB - in all cases - but NEVER the real size of the different partitions attached.

How to correct these inconsistency ??