Hi Guys,
As I’m (still) struggling with installation, I need my install medium to NOT be an USB
Whenever I plug the install media and boot from it, it becomes sda.
I need sda for another use, so I need the install media to be on anything else but USB
I’ve tried to add the Qubes-OS install on a partition, but I can’t boot from it (Grub doesn’t recognise it)
I’m thinking about burning a DVD (Dl = 8,5GB) but wondering if it’s large enough … as the partition I made was 8GB, but too small, so I stretched it to 10GB (then it fits)
Qubes ISO is around 5.7GB, so burning it to a DVD should be sufficient. The question is how DVD device is connected to your computer. If it’s internal, non-USB, then I can’t see a better way…
You should be able to dd the image to a SATA disk (and not on a partition) and boot from it to install on another one
You say you need sda for another use, you add yourself a requirement that create issues. You should use UUID instead of full paths, that would solve your issue.
There are special devices (from Zalman) that has an USB connection, it’s a 2.5" HDD case but you can load ISO files in it and expose the device as an usb optical reader, it would be seen as /dev/sr0, I bought one like that 10 years ago, it’s so useful to have an ISO library at hand
I have installed from optical disc before.
Guessing you have a computer with an Optical disc drive?
You only have one USB Port? Or is it a mini or tower which needs USB for keyboard, and mouse. My tower has two USB ports on the front, and five on the back. I do not know if the Qubes installer would work with a USB Hub (which would be a security hazard, as the Hub might be compromised in some unknown way)
This sounds like an older computer. Might be some could offer better help if you listed computer hardware.
So, this needs 3 disks, all internal, none USB? As I understand, she wants exclusively non-USB option most probably for security reasons. Any USB flash can be presented as read-only as far as I know, but that is not enough against controller firmware poisoning?
Sure !
Any USB I plug (in one of the three slots) which is booted from (like an OS Installer) is automatically mounted as sda
But inb my setup script, I direct the LUKS header to sda, so I need my luks header usb stick to be sda … which is not allowed for the above reason
When I removed the installer, then any other usb will be sda … it’s only during the install that I can’t have the other stick as sdb (otherwise the script doesn’t work)
I have only NVMe on this laptop, and the three of them are used for Qubes-os, so …
I can’t us a fourth disk
I can’t use any of the three, except for a 10GB partition on NVMe0n1
UUID … hum … that is a very good hint !
Yes, I’m going to investigate with this in the script rather than physical/Bios path
An optical drive would be (even though usb) mounted as /dev/cdrom or /dev/sr1 or /dev/sg1 which would leave sda for my Luks-header usb stick
On the contrary, it’s a brand new P15 gen2 with 128GB RAM and 3 NVMe slots
I have 3 USB, and 2 Thunder.something
But it’s not about availability of USB slots, it’s about the very sda bios address. I need the install medium to NOT be mounted as sda for I need this adress for another usb stick which is part of the install script
indeed, for if I set my luks-header as sdb, then when I will boot qubes-os (after install done) the header will be missing for it will be serached in sda
Just use UUID or ID in grub linux cmdline or in crypttab like this: luks UUID=xxxx none force,header=/dev/disk/by-uuid/yyyy
or luks ID=xxxx none force,header=/dev/disk/by-id/yyyy
Check corresponding UUID/ID for your header disk/partition:
But I’d suggest you to use the header in file in initramfs instead: luks ID=xxxx none force,header=/root/header.img
Because if you create sys-usb later it’ll add rd.qubes.hide_all_usb to grub cmdline and your header will be inaccessible during boot and it’ll fail.
