Building Qubes .iso?

Hi, I’ve built a custom Qubes 4.1.0.iso with the latest kernel that allows me to install Qubes on my Intel 11th Gen laptop.

However, booting into the now installed Qubes USB stick, I get a pink screen ( on another laptop Qubes works, no pink screen, same USB stick ). You can find the .iso I built here: Qubes-R4.1.0-x86_64

Are there any packages for the latest kernel I missed while building it? Thank you =)

Specs:

• Intel i7 11800H
• Nvidia RTX 3070 GPU
• Intel UHD Graphics

Here are the steps I used so far:

1. On Windows download Qubes 4.1.0 , as well as Qubes-kernel latest from https://qubes.notset.fr Use the earliest build.

2. Extract both .iso’s to somewhere on your computer, using 7zip to do so.

3. Take the newer kernel packages from Qubes-kernel-latest & put them into the 4.1.0 extracted packages folder:
   kernel-5.10.96-1.fc32.qubes.x86_64.rpm
   kernel-latest-5.16.11-1.fc32.qubes.x86_64.rpm
   kernel-latest-qubes-vm-5.16.11-1.fc32.qubes.x86_64.rpm
   kernel-qubes-vm-5.10.96-1.fc32.qubes.x86_64.rpm

As well as replace [BOOT], EFI, images, isolinux, & LiveOS folders

4. Install Fedora onto a USB.

5. Use the command createrepo --update ( directory to extracted qubes 4.1.0 )
   You can create persistance on step 4, & take ownership of it for the extracted folder of 4.1.0.

6. Copy the repodata folder to a USB.

7. Go to Windows, delete, then update your extracted 4.1.0 installations repodata with the one from Step 5.

8. Download, then use Imgburn to create an iso from a folder, using the extracted 4.1.0 folder.

9. Install Ventoy to a USB, making it UEFI, then copy your new custom Qubes installation .iso to it.

10. Restart, & boot from the Ventoy USB, then choose your .iso from the list.

11. Install Qubes.

So anything I missed for Qubes to use the updated kernel? Thank you! =)

You modified an existing ISO, the other procedure for building an ISO is the official doc: qubes-iso-building.

Thank you for your reply, it’s much appreciated. =)

I do need the latest kernel however, which doesn’t seem to have instructions on that page to do so. I was just hoping to do the building of the .iso on Windows preferably, with an updated kernel.

Anything I can do? Thanks ^^

Did you try latest Qubes ISO build with kernel-latest from https://qubes.notset.fr or https://openqa.qubes-os.org?
Does it work fine for you?
Also if you have problems with kernel-latest-5.16.11-1.fc32.qubes.x86_64 then you can try kernel-latest-5.17.5-1.fc32.qubes.x86_64 from here:
https://yum.qubes-os.org/r4.1/current-testing/dom0/fc32/rpm/kernel-latest-5.17.5-1.fc32.qubes.x86_64.rpm

Hi, I’ve tried the ISO builds with kernel - latest from the site & they work on my laptop without problems. However, 4.1.0 doesn’t work. I’ve also tried the kernel latest 5.17-5 from the qubes.notset site but it isn’t working.

I’ve tried a different method now. The method is editing the .iso of the kernel - latest .iso using the program any burn, then copying over the packages from 4.1.0; but keeping the new kernel packages. It installs, but it doesn’t want to work.

Also, I attempted using the command isohybrid -v as well as isohybrid --uefi -v after I edited the .iso to see if this works, but it doesn’t. All of those .iso’s including one that I didn’t use isohybrid on would install, but not run Qubes.

By work you mean you only can install them or you can install them and the installed Qubes works? What ISO works for you then?

Are you talking about this ISO from qubes-os.org?
https://ftp.qubes-os.org/iso/Qubes-R4.1.0-x86_64.iso

You tried to add only kernel latest 5.17-5 package from it to your own modified ISO?

How exactly it doesn’t work? What errors are you getting?

By work you mean you only can install them or you can install them and the installed Qubes works? What ISO works for you then?

All the ISO Kernel-Latest builds on the notset website work on my Alienware laptop, they install, & you can get to the Qubes desktop without problems.

Yup, that’d be the one.

I tried to add only the kernel-latest.rpm packages to the 4.1.0 .iso.

Now I’ve used AnyBurn to edit the Qubes-20220519-kernel-latest-x86_64.iso & bring over all the packages from Qubes 4.1.0, but with the kernel-latest files still in place.
These are the files I kept:

kernel-5.10.112-1.fc32.qubes.x86_64.rpm
kernel-latest-5.17.7-1.fc32.qubes.x86_64.rpm
kernel-latest-5.17.7-1.fc32.qubes.x86_64.rpm
kernel-qubes-vm-5.10.112-1.fc32.qubes.x86_64.rpm
qubes-core-qrexec-dom0-4.1.16-1.fc32.x86_64.rpm

Xen.cfg was missing in the qubes folder, so I created it with this content ( from UEFI troubleshooting | Qubes OS):

 [global]
 default=5.10.112-1.pvops.qubes.x86_64

 [5.10.112-1.pvops.qubes.x86_64]
 options=loglvl=all dom0_mem=min:1024M dom0_mem=max:4096M
 kernel=vmlinuz-5.10.112-1.pvops.qubes.x86_64 root=/dev/mapper/qubes_dom0-root rd.lvm.lv=qubes_dom0/root rd.lvm.lv=qubes_dom0/swap i915.preliminary_hw_support=1 rhgb quiet
 ramdisk=initramfs-5.10.112-1.pvops.qubes.x86_64.img

I then followed the guide here:

Then I rebooted, went to advanced options, Xen hypervisor version 4.14.3.config

Then Qubes with xen 4.14.3.config

Qubes with xen 4.14.3 config and Linux 5.10.112-1

This gives the output of

error: no multiboot header found.
error: you need to load the kernel first.
error: you need to load the kernel first.

It’s for Qubes 4.0 and outdated for Qubes 4.1.
In Qubes 4.1 I have these files:

# ls /boot/efi/EFI/qubes/
fonts  grub.cfg  grubenv  grubx64.efi  initramfs-5.17.5-1.fc32.qubes.x86_64.img  xen-4.14.5.efi  xen.efi

These files are coming from grub2-efi-x64 package so you need to download it first form here:
https://download-cc-rdu01.fedoraproject.org/pub/fedora/linux/updates/32/Everything/x86_64/Packages/g/grub2-efi-x64-2.04-24.fc32.x86_64.rpm
So for Qubes 4.1 you need to mount your installed Qubes along with /boot and /boot/efi and copy the grub2-efi-x64 to your mounted dom0 and then chroot into in.
Then install the package:
dnf install /path/to/grub2-efi-x64-2.04-24.fc32.x86_64.rpm
or
rpm -i /path/to/grub2-efi-x64-2.04-24.fc32.x86_64.rpm
Then you need to update grub:
grub2-mkconfig -o /boot/efi/EFI/qubes/grub.cfg
Then you need to add Qubes boot option:
efibootmgr -v -c -u -L QubesOS -l /EFI/qubes/grubx64.efi -d /dev/sdX -p 1
You can change QubesOS to any name you like and /dev/sdX is your Qubes drive and 1 - EFI partition number

But it’d be better if you build the ISO as @ludovic said instead of tinkering with existing ISO.

Hi, I got Dom0-root mounted using this: How to mount a Qubes partition from another OS | Qubes OS, but trying to copy over the grub file over to Dom0 gets permission denied.

On the dnf install (path to) The path is the path to Dom0 I linked? I also mounted the first 2 partitions, one had only one file in it, & the other looks like this:

Screenshot from 2022-05-24 18-10-092145×1114 240 KB

Thanks ^^

Assuming your:
/boot/efi partition is /dev/sda1
/boot partition is /dev/sda2
dom0 root partition is /dev/mapper/qubes_dom0-root

Mount your Qubes:

mnt_path=/mnt
sudo mount /dev/mapper/qubes_dom0-root $mnt_path
sudo mount /dev/sda2 $mnt_path/boot
sudo mount /dev/sda1 $mnt_path/boot/efi/
sudo mount --bind /dev $mnt_path/dev
sudo mount --bind /dev/pts $mnt_path/dev/pts
sudo mount --bind /dev/shm $mnt_path/dev/shm
sudo mount --bind /proc $mnt_path/proc
sudo mount --bind /sys $mnt_path/sys

Copy grub2-efi-x64 package:

sudo cp /path/to/grub2-efi-x64-2.04-24.fc32.x86_64.rpm $mnt_path/home/user/.

Chroot into your Qubes:

sudo chroot $mnt_path

Install grub:

rpm -i /home/user/grub2-efi-x64-2.04-24.fc32.x86_64.rpm
grub2-mkconfig -o /boot/efi/EFI/qubes/grub.cfg

Exit chroot:

exit

Add EFI Qubes boot option:

sudo efibootmgr -v -c -u -L QubesOS -l /EFI/qubes/grubx64.efi -d /dev/sda -p 1

Unmount Qubes:

sudo umount $mnt_path/sys
sudo umount $mnt_path/proc
sudo umount $mnt_path/dev/shm
sudo umount $mnt_path/dev/pts
sudo umount $mnt_path/dev
sudo umount $mnt_path/boot/efi
sudo umount $mnt_path/boot/
sudo umount $mnt_path/

Hi, where do I get the dependencies for the grub package? I currently get this error:

[root@localhost-live /]# rpm -i /home/User/grub2-efi-x64-2.04-24.fc32.x86_64.rpm
error: Failed dependencies:
	grub2-common = 1:2.04-24.fc32 is needed by grub2-efi-x64-1:2.04-24.fc32.x86_64
	grub2-tools = 1:2.04-24.fc32 is needed by grub2-efi-x64-1:2.04-24.fc32.x86_64

Edit: I did find those packages. I’ll keep you updated.

Thank you =)

I did try to install the grub2-common & tools packages, but I got these errors:

rpm -i /home/user/grub2-tools-2.04-24.fc32.x86_64.rpm
error: Failed dependencies:
	grub2-common = 1:2.04-24.fc32 is needed by grub2-tools-1:2.04-24.fc32.x86_64
	grub2-tools < 1000:2.04-2.fc32 is obsoleted by (installed) grub2-tools-minimal-1000:2.04-2.fc32.x86_64
	grub2-tools < 1000:2.04-2.fc32 is obsoleted by (installed) grub2-tools-extra-1000:2.04-2.fc32.x86_64
	grub2-tools < 1000:2.04-2.fc32 is obsoleted by (installed) grub2-tools-1000:2.04-2.fc32.x86_64

rpm -i /home/user/grub2-common-2.04-24.fc32.noarch.rpm
	package grub2-common-1000:2.04-2.fc32.noarch (which is newer than grub2-common-1:2.04-24.fc32.noarch) is already installed
	file /usr/lib/kernel/install.d/20-grub.install from install of grub2-common-1:2.04-24.fc32.noarch conflicts with file from package grub2-common-1000:2.04-2.fc32.noarch
	file /usr/lib/kernel/install.d/99-grub-mkconfig.install from install of grub2-common-1:2.04-24.fc32.noarch conflicts with file from package grub2-common-1000:2.04-2.fc32.noarch
	file /usr/share/doc/grub2-common/grub-dev.html from install of grub2-common-1:2.04-24.fc32.noarch conflicts with file from package grub2-common-1000:2.04-2.fc32.noarch
	file /usr/share/doc/grub2-common/grub.html from install of grub2-common-1:2.04-24.fc32.noarch conflicts with file from package grub2-common-1000:2.04-2.fc32.noarch

rpm -i /home/user/grub2-tools-efi-2.04-24.fc32.x86_64.rpm
error: Failed dependencies:
	grub2-common = 1:2.04-24.fc32 is needed by grub2-tools-efi-1:2.04-24.fc32.x86_64
[root@localhost-live /]# rpm -i /home/user/grub2-common-2.04-24.fc32.noarch.rpm
	package grub2-common-1000:2.04-2.fc32.noarch (which is newer than grub2-common-1:2.04-24.fc32.noarch) is already installed
	file /usr/lib/kernel/install.d/20-grub.install from install of grub2-common-1:2.04-24.fc32.noarch conflicts with file from package grub2-common-1000:2.04-2.fc32.noarch
	file /usr/lib/kernel/install.d/99-grub-mkconfig.install from install of grub2-common-1:2.04-24.fc32.noarch conflicts with file from package grub2-common-1000:2.04-2.fc32.noarch
	file /usr/share/doc/grub2-common/grub-dev.html from install of grub2-common-1:2.04-24.fc32.noarch conflicts with file from package grub2-common-1000:2.04-2.fc32.noarch
	file /usr/share/doc/grub2-common/grub.html from install of grub2-common-1:2.04-24.fc32.noarch conflicts with file from package grub2-common-1000:2.04-2.fc32.noarch

Try this package:
https://yum.qubes-os.org/r4.1/current/dom0/fc32/rpm/grub2-efi-x64-2.04-2.fc32.x86_64.rpm

Hi, sorry for the late reply. I tried the package above & it said it was already installed.

I did go ahead with grub2-mkconfig -o /boot/efi/EFI/qubes/grub.cfg though:

[root@localhost-live /]# grub2-mkconfig -o /boot/efi/EFI/qubes/grub.cfg
Generating grub configuration file …
Found theme: /boot/grub2/themes/qubes/theme.txt
Found linux image: /boot/vmlinuz-5.10.112-1.fc32.qubes.x86_64
Found initrd image: /boot/initramfs-5.10.112-1.fc32.qubes.x86_64.img
Found linux image: /boot/vmlinuz-5.10.112-1.fc32.qubes.x86_64
Found initrd image: /boot/initramfs-5.10.112-1.fc32.qubes.x86_64.img
done
[root@localhost-live /]#

But still no dice on getting Qubes to run.

Any ideas? Thank you =)

Try to install it like this:
rpm -i --replacepkgs /home/user/grub2-efi-x64-2.04-2.fc32.x86_64.rpm

Hi, this is the output I get:

[root@localhost-live /]# rpm -i --replacepkgs /home/XPS/grub2-efi-x64-2.04-2.fc32.x86_64.rpm
[root@localhost-live /]# grub2-mkconfig -o /boot/efi/EFI/qubes/grub.cfg
Generating grub configuration file ...
Found theme: /boot/grub2/themes/qubes/theme.txt
Found linux image: /boot/vmlinuz-5.10.112-1.fc32.qubes.x86_64
Found initrd image: /boot/initramfs-5.10.112-1.fc32.qubes.x86_64.img
Found linux image: /boot/vmlinuz-5.10.112-1.fc32.qubes.x86_64
Found initrd image: /boot/initramfs-5.10.112-1.fc32.qubes.x86_64.img
done

[liveuser@localhost-live ~]$ sudo efibootmgr -v -c -u -L QubesOSX -l /EFI/qubes/grubx64.efi -d /dev/sdc -p 1
BootCurrent: 0007
Timeout: 1 seconds
BootOrder: 0006,0005,0007,0002,0003,0001,0004,0000
Boot0000* Windows Boot Manager	HD(1,GPT,854c8bfe-3f45-4283-086f-131076db8a3f,0x800,0x32000)/File(\EFI\Microsoft\Boot\bootmgfw.efi)䥗䑎坏S
Boot0001* 1	HD(2,GPT,81341710-8b09-4b62-8670-2e1ebe304459,0x1dd57b3,0x800)/File(\EFI\Boot\bootx64.efi)
Boot0002* Onboard NIC (IPV4 PXE)	PciRoot(0x0)/Pci(0x1c,0x0)/Pci(0x0,0x0)/MAC(a0291984e243,0)/IPv4(0.0.0.00.0.0.0,0,0)
Boot0003* Onboard NIC (IPV6 PXE)	PciRoot(0x0)/Pci(0x1c,0x0)/Pci(0x0,0x0)/MAC(a0291984e243,0)/IPv6([::]:<->[::]:,0,0)
Boot0004* 2	HD(1,GPT,854c8bfe-3f45-4283-086f-131076db8a3f,0x800,0x32000)/File(\EFI\Boot\bootx64.efi)
Boot0005* Qubes OS	HD(1,GPT,653b71d4-213b-4d06-85de-e4a844f98126,0x800,0x12c000)/File(\EFI\qubes\grubx64.efi)
Boot0007* Fedora	HD(1,GPT,df336fb1-cede-49a3-ba0a-ec66f502cc4f,0x800,0x408f7cb)/File(\EFI\BOOT\BOOTX64.EFI)
Boot0006* QubesOSX	HD(1,GPT,653b71d4-213b-4d06-85de-e4a844f98126,0x800,0x12c000)/File(\EFI\qubes\grubx64.efi)
[liveuser@localhost-live ~]$ sudo umount $mnt_path/sys
sudo umount $mnt_path/proc
sudo umount $mnt_path/dev/shm
sudo umount $mnt_path/dev/pts
sudo umount $mnt_path/dev
sudo umount $mnt_path/boot/efi
sudo umount $mnt_path/boot/
sudo umount $mnt_path/

Edit: Unfortunately it didn’t work.

What about making sure that the Intel GPU is being used instead of dedicated graphics? Thanks =)

How exactly it doesn’t work? What errors are you getting?

Ah, sorry. I boot my computer, get to the bootscreen, then after I select the option, it goes to a solid color screen. No errors I can see.

20220608_1245521920×1440 74.6 KB

20220608_1249323264×2448 627 KB

20220608_1248031920×1440 54.3 KB

20220608_1250121920×1440 117 KB

With the last image, if I try loading this screen, I get No multiboot header found, & you need to load the kernel first.

20220608_125154_HDR1920×1440 139 KB

I don’t know if you’ll be able to boot with stable kernel 5.10.
You can try to install kernel-latest the same way you’ve installed grub2-efi package and then try to boot with kernel-latest 5.17.7.
https://yum.qubes-os.org/r4.1/current-testing/dom0/fc32/rpm/kernel-latest-5.17.7-1.fc32.qubes.x86_64.rpm

Here is what I got so far:

[liveuser@localhost-live ~]$ sudo mount --bind /sys $mnt_path/sys
[liveuser@localhost-live ~]$ sudo cp '/run/media/liveuser/persistence/kernel-latest-5.17.7-1.fc32.qubes.x86_64.rpm'  $mnt_path/home/XPS/.
[liveuser@localhost-live ~]$ sudo chroot $mnt_path
[root@localhost-live /]# rpm -i /home/XPS/kernel-latest-5.17.7-1.fc32.qubes.x86_64.rpm
/usr/lib/kernel/install.d/20-grub.install: line 81: grub2-get-kernel-settings: command not found
dracut: No '/dev/log' or 'logger' included for syslog logging
Generating grub configuration file ...
Found theme: /boot/grub2/themes/qubes/theme.txt
Found linux image: /boot/vmlinuz-5.17.7-1.fc32.qubes.x86_64
Found initrd image: /boot/initramfs-5.17.7-1.fc32.qubes.x86_64.img
Found linux image: /boot/vmlinuz-5.10.112-1.fc32.qubes.x86_64
Found initrd image: /boot/initramfs-5.10.112-1.fc32.qubes.x86_64.img
Found linux image: /boot/vmlinuz-5.17.7-1.fc32.qubes.x86_64
Found initrd image: /boot/initramfs-5.17.7-1.fc32.qubes.x86_64.img
Found linux image: /boot/vmlinuz-5.10.112-1.fc32.qubes.x86_64
Found initrd image: /boot/initramfs-5.10.112-1.fc32.qubes.x86_64.img
done
[root@localhost-live /]# 

After I reboot Ill let you know how it is. Thank you.

Okay. That seems to have solved it! Awesome, thank you so much for your help ^-^

20220608_1429211920×1440 82.3 KB

20220608_1434571920×1440 308 KB

One question though, is it possible to update the kernel on the installation media if you go into the Alt+F2 menu? Instead of using Fedora to do this?