offensive security certified procrastinator exam I had to install an Ubuntu with VMWare on my machine. They don’t even let you use KVM/qemu/libvirt and in my view the whole thing is just trying to scrape outrageous amounts of money from their students (try harder, not smarter).
Anyway, wouldn’t it be nice to start your Kali-Linux VM from Qubes? So I thought and wrote this two little nifty scripts to create a block device to boot from.
[user@disp678 ~]$ cat mount.sh #! /usr/bin/bash file='/mnt/cryptroot/home/offsec/vmware/offsec/Kali-Linux-2021.3-vmware-amd64.vmdk' offset=1048576 size=84873838592 sudo mkdir /mnt/cryptroot \ && sudo cryptsetup open /dev/xvdi cryptroot \ && sudo mount /dev/mapper/cryptroot /mnt/cryptroot \ && sudo modprobe nbd max-part=8 \ && sudo qemu-nbd -c /dev/nbd0 $file \ && sudo kpartx -av /dev/nbd0
[user@disp678 ~]$ cat umount.sh #! /usr/bin/bash sudo kpartx -d /dev/nbd0 \ && sudo qemu-nbd -d /dev/nbd0 \ && sudo umount /mnt/cryptroot \ && sudo cryptsetup close cryptroot \ && sudo rmdir /mnt/cryptroot \ && sleep 3 \ && sudo modprobe -r nbd
So, I attached the ubuntu-cryptroot to the
mount.sh and fired up my offsec HVM from dom0 with
qvm-start offsec --drive=hd:disp678:/dev/nbd0p1
seabios said NO, no bootable device.
qvm-start offsec --drive=hd:disp678:/dev/mapper/nbd0p1
with the same result:
Booting from Hard Disk... Boot failed: not a bootable disk [stuff] No bootable device.
In the dispVM I can
sudo mount (-r) /dev/mapper/nbd0p1 /mnt,
sudo ls -al /mnt/boot (i.e.) and
sudo umount /mnt successfully.
Is there a emergency console in seabios?
If yes, how can it be invoked?
Anyone an idea how to debug this further?
This “no bootable device” error has been reported before and dealt with by giving the VM an exactly 10Gbytes sized .raw image. However block devices of all sizes shouldn’t be a problem or the problem needs to be fixed.
This is rather unpleasant and I hope someone with more profound knowledge of QubesOS’ internals could help debug the problem.