How would I go about applying this patch to a Qubes OS 4.2.3 Install? There is this patch I found from this post but I’m just not sure how I would apply such thing. Please explain best you can
PATCH
How would I go about applying this patch to a Qubes OS 4.2.3 Install? There is this patch I found from this post but I’m just not sure how I would apply such thing. Please explain best you can
PATCH
you use the GitHub - QubesOS/qubes-builderv2-github: Integration of qubes-builderv2 with github either in an excisting installation or on a machine that has docker (i used fedora on proxmox with docker…) first you build vmm-xen with patches applied, then you pack the installer with your built package.
if you want your manual changes to persist for the version you’re using maybe set the rel to an unrealisticly high value (+100 to the current)
but with this you are responsible to update the xen package manually until either xen them selfs merged the patch upstream, or the dev team at qubes merged the patch into the main qubes patch branch. neither of both i have any knowlege if it is going to happen
@uip @james could you name what systems you are having, to further see if its an AMD issue changing their architecture or bios vendor not fully implementing standards?
I’m using a Beelink Ser8. Its odd because the vendor tells me that virtualization is enabled by default but I cant find it anywhere in the bios. There was a post on this same question on the Beelink Forums.
https://bbs.bee-link.com/d/695-ser8-amd-ryzen-7-8845hs-how-to-enable-svm-mode-in-bios
To be able to verify SVM was enabled you’d use an application called LoonMoon CPU-V, where I was able to verify that this feature is enabled.
Ignore the different username I lost the password to the original account
Could you detail a step by step guide to make this possible? I’m really not familiar with the qubes-builder please explain best as you can.
do you have a running qubes system or do you want to go fedora with docker?
I don’t know how to do docker and no I don’t have a running Qubes system. I do have a fedora system with docker install just don’t know how to use docker.
What image I’m supposed to pull from docker for Qubes Os? I went to docker hub and I saw this as the most downloaded.
But I’m not sure.
sorry i linked the wrong repo:
the readme here explains in more detail how to build a mock build, and go from there
use a template qubes-builderv2/example-configs at main · QubesOS/qubes-builderv2 · GitHub (qubes-os-r4.2.yml )
now you have the xen package that is patched.
next you package the iso with your binary.
i can later take a look at my .bash_history but now i got earn my rent first
git clone https://gitlab.com/QubesOS/qubes-builderv2.git
cd qubes-builderv2/
sudo dnf install $(cat dependencies-fedora.txt)
git submodule update --init
cp example-configs/qubes-os-r4.2.yml builder.yml
nano builder.yml
## edit the part that you use docker instead of qubes as executor:
## (delete qubes, un-comment docker)
tools/generate-container-image.sh docker fedora-40-x86_64
./qb -c vmm-xen package fetch
nano artifacts/sources/vmm-xen/9998-amd-ioapic-test.patch
nano artifacts/sources/vmm-xen/9999-amd-iommu-test.patch
nano artifacts/sources/vmm-xen/xen.spec.in
# also you might want to change the rel number here
# and everytime you change somehting in the source you need to prep first
# then build, dont skip prep.
./qb -c vmm-xen package prep
./qb -c vmm-xen package build
# you now have the xen binary
cp artifacts/sources/qubes-release/conf/iso-online-testing.ks builder.yml
nano builder.yml #probably again from qubes to docker
./qb installer fetch
./qb installer init-cache
./qb installer fetch
./qb installer prep
./qb installer build
# you should now have an ISO file in the artifacts
When I do
./qb -c vmm-xen package fetch
I get this output below
16:05:51 [qb] Running stage 'fetch'
16:05:51 [qb] An error occurred: Cannot find 'docker' on the system.
16:05:51 [qb]
Traceback (most recent call last):
File "/home/q/qubes-builderv2/qubesbuilder/cli/cli_base.py", line 76, in __call__
rv = self.main(*args, standalone_mode=False, **kwargs)
File "/usr/lib/python3.13/site-packages/click/core.py", line 1078, in main
rv = self.invoke(ctx)
File "/usr/lib/python3.13/site-packages/click/core.py", line 1688, in invoke
return _process_result(sub_ctx.command.invoke(sub_ctx))
~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^
File "/usr/lib/python3.13/site-packages/click/core.py", line 1719, in invoke
rv.append(sub_ctx.command.invoke(sub_ctx))
~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^
File "/usr/lib/python3.13/site-packages/click/core.py", line 1434, in invoke
return ctx.invoke(self.callback, **ctx.params)
~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.13/site-packages/click/core.py", line 783, in invoke
return __callback(*args, **kwargs)
File "/usr/lib/python3.13/site-packages/click/decorators.py", line 45, in new_func
return f(get_current_context().obj, *args, **kwargs)
File "/home/q/qubes-builderv2/qubesbuilder/cli/cli_package.py", line 63, in fetch
_component_stage(
~~~~~~~~~~~~~~~~^
config=obj.config,
^^^^^^^^^^^^^^^^^^
...<3 lines>...
stage_name="fetch",
^^^^^^^^^^^^^^^^^^^
)
^
File "/home/q/qubes-builderv2/qubesbuilder/cli/cli_package.py", line 41, in _component_stage
p.run(stage=stage_name)
~~~~~^^^^^^^^^^^^^^^^^^
File "/home/q/qubes-builderv2/qubesbuilder/plugins/fetch/__init__.py", line 99, in run
executor = self.get_executor_from_config(stage)
File "/home/q/qubes-builderv2/qubesbuilder/plugins/__init__.py", line 152, in get_executor_from_config
self._executors[stage] = self.config.get_executor_from_config(
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^
stage, self
^^^^^^^^^^^
)
^
File "/home/q/qubes-builderv2/qubesbuilder/config.py", line 500, in get_executor_from_config
executor = self.get_executor(executor_options)
File "/home/q/qubes-builderv2/qubesbuilder/config.py", line 573, in get_executor
executor = ContainerExecutor(executor_type, **executor_options)
File "/home/q/qubes-builderv2/qubesbuilder/executors/container.py", line 66, in __init__
raise ExecutorError(f"Cannot find 'docker' on the system.")
qubesbuilder.executors.ExecutorError: Cannot find 'docker' on the system.
16:05:51 [qb] An error occurred: Cannot find 'docker' on the system.
is docker installed?
sudo dnf install docker
Yes
is the user you’re running the qb with allowed to run docker?
docker ps
?
When I ran docker PS
permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/v1.47/containers/json": dial unix /var/run/docker.sock: connect: permission denied
I ran as root and instead I got this
17:12:39 [qb] An error occurred: Failed to verify file '{'url': 'https://downloads.xenproject.org/release/xen/4.17.5/xen-4.17.5.tar.gz', 'signature': 'https://downloads.xenproject.org/release/xen/4.17.5/xen-4.17.5.tar.gz.sig', 'pubkeys': ['xen.org-key.asc']}': Failed to run '['bash', '-c', '/home/q/qubes-builderv2/qubesbuilder/plugins/fetch/scripts/verify-file --output-dir /home/q/qubes-builderv2/artifacts/tmp/tmpl35j035m --untrusted-file /home/q/qubes-builderv2/artifacts/tmp/tmpl35j035m/untrusted_xen-4.17.5.tar.gz --untrusted-signature-file /home/q/qubes-builderv2/artifacts/tmp/tmpl35j035m/untrusted_xen-4.17.5.tar.gz.sig --pubkey-file /home/q/qubes-builderv2/artifacts/sources/vmm-xen/xen.org-key.asc']' (status=2)..
17:12:39 [qb]
Traceback (most recent call last):
File "/home/q/qubes-builderv2/qubesbuilder/plugins/fetch/__init__.py", line 600, in download_file
local_executor.run(
~~~~~~~~~~~~~~~~~~^
cmd, copy_in, copy_out, environment=self.environment
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
)
^
File "/home/q/qubes-builderv2/qubesbuilder/executors/local.py", line 193, in run
raise e
File "/home/q/qubes-builderv2/qubesbuilder/executors/local.py", line 169, in run
raise ExecutorError(msg)
qubesbuilder.executors.ExecutorError: Failed to run '['bash', '-c', '/home/q/qubes-builderv2/qubesbuilder/plugins/fetch/scripts/verify-file --output-dir /home/q/qubes-builderv2/artifacts/tmp/tmpl35j035m --untrusted-file /home/q/qubes-builderv2/artifacts/tmp/tmpl35j035m/untrusted_xen-4.17.5.tar.gz --untrusted-signature-file /home/q/qubes-builderv2/artifacts/tmp/tmpl35j035m/untrusted_xen-4.17.5.tar.gz.sig --pubkey-file /home/q/qubes-builderv2/artifacts/sources/vmm-xen/xen.org-key.asc']' (status=2).
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/home/q/qubes-builderv2/qubesbuilder/cli/cli_base.py", line 76, in __call__
rv = self.main(*args, standalone_mode=False, **kwargs)
File "/usr/lib/python3.13/site-packages/click/core.py", line 1078, in main
rv = self.invoke(ctx)
File "/usr/lib/python3.13/site-packages/click/core.py", line 1688, in invoke
return _process_result(sub_ctx.command.invoke(sub_ctx))
~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^
File "/usr/lib/python3.13/site-packages/click/core.py", line 1719, in invoke
rv.append(sub_ctx.command.invoke(sub_ctx))
~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^
File "/usr/lib/python3.13/site-packages/click/core.py", line 1434, in invoke
return ctx.invoke(self.callback, **ctx.params)
~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.13/site-packages/click/core.py", line 783, in invoke
return __callback(*args, **kwargs)
File "/usr/lib/python3.13/site-packages/click/decorators.py", line 45, in new_func
return f(get_current_context().obj, *args, **kwargs)
File "/home/q/qubes-builderv2/qubesbuilder/cli/cli_package.py", line 63, in fetch
_component_stage(
~~~~~~~~~~~~~~~~^
config=obj.config,
^^^^^^^^^^^^^^^^^^
...<3 lines>...
stage_name="fetch",
^^^^^^^^^^^^^^^^^^^
)
^
File "/home/q/qubes-builderv2/qubesbuilder/cli/cli_package.py", line 41, in _component_stage
p.run(stage=stage_name)
~~~~~^^^^^^^^^^^^^^^^^^
File "/home/q/qubes-builderv2/qubesbuilder/plugins/fetch/__init__.py", line 199, in run
self.download_file(file, executor, distfiles_dir)
~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/q/qubes-builderv2/qubesbuilder/plugins/fetch/__init__.py", line 604, in download_file
raise FetchError(f"Failed to verify file '{file}': {str(e)}.")
qubesbuilder.plugins.fetch.FetchError: Failed to verify file '{'url': 'https://downloads.xenproject.org/release/xen/4.17.5/xen-4.17.5.tar.gz', 'signature': 'https://downloads.xenproject.org/release/xen/4.17.5/xen-4.17.5.tar.gz.sig', 'pubkeys': ['xen.org-key.asc']}': Failed to run '['bash', '-c', '/home/q/qubes-builderv2/qubesbuilder/plugins/fetch/scripts/verify-file --output-dir /home/q/qubes-builderv2/artifacts/tmp/tmpl35j035m --untrusted-file /home/q/qubes-builderv2/artifacts/tmp/tmpl35j035m/untrusted_xen-4.17.5.tar.gz --untrusted-signature-file /home/q/qubes-builderv2/artifacts/tmp/tmpl35j035m/untrusted_xen-4.17.5.tar.gz.sig --pubkey-file /home/q/qubes-builderv2/artifacts/sources/vmm-xen/xen.org-key.asc']' (status=2)..
See the /home/q/qubes-builderv2/qubesbuilder/plugins/fetch/scripts/verify-file
script file which uses the sq
command. So is this issue ?
not sure, is gpg installed?
i guess its best to follow the mock build instructions first:
I have gpg installed but when to say follow mock build instructions what do you mean?
I ran
sudo mock --init --no-bootstrap-chroot --config-opts chroot_setup_cmd='install dnf @buildsys-build' -r fedora-40-x86_64
and
docker build -f dockerfiles/fedora.Dockerfile -t qubes-builder-fedora /var/cache/mock/fedora-40-x86_64/root_cache/
And executed
./qb -c vmm-xen package fetch
Same 17:12:39 [qb] An error occurred: Failed to verify file...
from the previous error
my link actually links to a chapter/anker in the readme:
$ tools/generate-container-image.sh docker fedora-36-x86_64
this will generate the docker build environment
tools/generate-container-image.sh docker fedora-36-x86_64
gives me
+ '[' 2 -lt 1 ']'
+ CONTAINER_ENGINE=podman
+ MOCK_CONF=fedora-36-x86_64
+ '[' -n podman ']'
+ '[' podman '!=' docker ']'
+ '[' podman '!=' podman ']'
+ '[' podman == docker ']'
+ CONTAINER_CMD=podman
++ dirname tools/generate-container-image.sh
+ TOOLS_DIR=tools
++ readlink -f tools
+ TOOLS_DIR=/home/q/qubes-builderv2/tools
+ '[' -n fedora-36-x86_64 ']'
++ basename fedora-36-x86_64
+ MOCK_CONF_BN=fedora-36-x86_64
+ sudo mock -r fedora-36-x86_64 --scrub=all
ERROR: Could not find required config file: /etc/mock/fedora-36-x86_64.cfg
ERROR: If you're trying to specify a path, include the .cfg extension, e.g. -r ./target.cfg
ERROR: Non-existing Mock config 'fedora-36-x86_64'
So instead I did
tools/generate-container-image.sh docker fedora-39-x86_64
Then I did both
sudo mock --init --no-bootstrap-chroot --config-opts chroot_setup_cmd='install dnf @buildsys-build' -r fedora-39-x86_64
and
docker build -f dockerfiles/fedora.Dockerfile -t qubes-builder-fedora /var/cache/mock/fedora-39-x86_64/root_cache/
Finally when those are both done I execute this
./qb -c vmm-xen package fetch
Im still getting
18:10:07 [qb] An error occurred: Failed to verify file '{'url': 'https://downloads.xenproject.org/release/xen/4.17.5/xen-4.17.5.tar.gz', 'signature': 'https://downloads.xenproject.org/release/xen/4.17.5/xen-4.17.5.tar.gz.sig', 'pubkeys': ['xen.org-key.asc']}': Failed to run '['bash', '-c', '/home/q/qubes-builderv2/qubesbuilder/plugins/fetch/scripts/verify-file --output-dir /home/q/qubes-builderv2/artifacts/tmp/tmpexskibi7 --untrusted-file /home/q/qubes-builderv2/artifacts/tmp/tmpexskibi7/untrusted_xen-4.17.5.tar.gz --untrusted-signature-file /home/q/qubes-builderv2/artifacts/tmp/tmpexskibi7/untrusted_xen-4.17.5.tar.gz.sig --pubkey-file /home/q/qubes-builderv2/artifacts/sources/vmm-xen/xen.org-key.asc']' (status=2)..
18:10:07 [qb]
Traceback (most recent call last):
File "/home/q/qubes-builderv2/qubesbuilder/plugins/fetch/__init__.py", line 600, in download_file
local_executor.run(
~~~~~~~~~~~~~~~~~~^
cmd, copy_in, copy_out, environment=self.environment
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
)
^
File "/home/q/qubes-builderv2/qubesbuilder/executors/local.py", line 193, in run
raise e
File "/home/q/qubes-builderv2/qubesbuilder/executors/local.py", line 169, in run
raise ExecutorError(msg)
qubesbuilder.executors.ExecutorError: Failed to run '['bash', '-c', '/home/q/qubes-builderv2/qubesbuilder/plugins/fetch/scripts/verify-file --output-dir /home/q/qubes-builderv2/artifacts/tmp/tmpexskibi7 --untrusted-file /home/q/qubes-builderv2/artifacts/tmp/tmpexskibi7/untrusted_xen-4.17.5.tar.gz --untrusted-signature-file /home/q/qubes-builderv2/artifacts/tmp/tmpexskibi7/untrusted_xen-4.17.5.tar.gz.sig --pubkey-file /home/q/qubes-builderv2/artifacts/sources/vmm-xen/xen.org-key.asc']' (status=2).
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/home/q/qubes-builderv2/qubesbuilder/cli/cli_base.py", line 76, in __call__
rv = self.main(*args, standalone_mode=False, **kwargs)
File "/usr/lib/python3.13/site-packages/click/core.py", line 1078, in main
rv = self.invoke(ctx)
File "/usr/lib/python3.13/site-packages/click/core.py", line 1688, in invoke
return _process_result(sub_ctx.command.invoke(sub_ctx))
~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^
File "/usr/lib/python3.13/site-packages/click/core.py", line 1719, in invoke
rv.append(sub_ctx.command.invoke(sub_ctx))
~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^
File "/usr/lib/python3.13/site-packages/click/core.py", line 1434, in invoke
return ctx.invoke(self.callback, **ctx.params)
~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.13/site-packages/click/core.py", line 783, in invoke
return __callback(*args, **kwargs)
File "/usr/lib/python3.13/site-packages/click/decorators.py", line 45, in new_func
return f(get_current_context().obj, *args, **kwargs)
File "/home/q/qubes-builderv2/qubesbuilder/cli/cli_package.py", line 63, in fetch
_component_stage(
~~~~~~~~~~~~~~~~^
config=obj.config,
^^^^^^^^^^^^^^^^^^
...<3 lines>...
stage_name="fetch",
^^^^^^^^^^^^^^^^^^^
)
^
File "/home/q/qubes-builderv2/qubesbuilder/cli/cli_package.py", line 41, in _component_stage
p.run(stage=stage_name)
~~~~~^^^^^^^^^^^^^^^^^^
File "/home/q/qubes-builderv2/qubesbuilder/plugins/fetch/__init__.py", line 199, in run
self.download_file(file, executor, distfiles_dir)
~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/q/qubes-builderv2/qubesbuilder/plugins/fetch/__init__.py", line 604, in download_file
raise FetchError(f"Failed to verify file '{file}': {str(e)}.")
qubesbuilder.plugins.fetch.FetchError: Failed to verify file '{'url': 'https://downloads.xenproject.org/release/xen/4.17.5/xen-4.17.5.tar.gz', 'signature': 'https://downloads.xenproject.org/release/xen/4.17.5/xen-4.17.5.tar.gz.sig', 'pubkeys': ['xen.org-key.asc']}': Failed to run '['bash', '-c', '/home/q/qubes-builderv2/qubesbuilder/plugins/fetch/scripts/verify-file --output-dir /home/q/qubes-builderv2/artifacts/tmp/tmpexskibi7 --untrusted-file /home/q/qubes-builderv2/artifacts/tmp/tmpexskibi7/untrusted_xen-4.17.5.tar.gz --untrusted-signature-file /home/q/qubes-builderv2/artifacts/tmp/tmpexskibi7/untrusted_xen-4.17.5.tar.gz.sig --pubkey-file /home/q/qubes-builderv2/artifacts/sources/vmm-xen/xen.org-key.asc']' (status=2)..