search

QubesOS / qubes-issues

The Qubes OS Project issue tracker
https://www.qubes-os.org/doc/issue-tracking/
535 stars 47 forks source link

anaconda rescue is broken #5609

Open arno01 opened 4 years ago

arno01 commented 4 years ago

Qubes OS version I've tried Qubes OS R4.1 only (built it on 26 Jan 2020).

Affected component(s) or functionality qubes-anaconda

Brief summary Anaconda rescue isn't working because the functionality to find the Linux partition has been recently removed in this patch - 0024-Do-not-mount-pre-existing-partitions-and-do-not-dete.patch Whilst it is the right thing to do from the security point of view as Marek mentioned:

anaconda installer mounts every single partition it finds on the disk, and analyze various files found there (/etc/os-release, /etc/fstab etc). Something that can easily end up badly. Imagine you're reinstalling your system over previous compromised one - the amount of parsing of pre-existing disk content here makes it quite likely that it would be possible to plant files that would re-compromise qubes installer...

it should not impact the anaconda rescue functionality.

To Reproduce

  1. Install Qubes OS (probably version 4.1, not sure if 4.0 is affected)
  2. Boot from the installation media again and select Rescue mode
  3. choose 1. Continue when anaconda rescue meets you

Expected behavior anaconda rescue should find my Linux partition and mount it as normally expected.

Actual behavior anaconda rescue meets me with the You don't have any Linux partitions message.

Additional context People seeing You don't have any Linux partitions message might be spending hours trying to figure what's going on.

The requirements for the future patches should include adding some meaningful message when the upstream code gets chopped off. Something like this message would suffice: [Qubes OS] The functionality <name it> has been removed because of security reasons: X, Y, Z...

A quick & dirty workaround for anyone stumbled on this A really quick & dirty ad-hoc workaround would be to rename all find_existing_installations to _find_existing_installations in the /usr/lib*/python*/site-packages/pyanaconda/rescue.py file and then re-run anaconda rescue: anaconda --rescue --lang us

Solutions you've tried Removing 0024-Do-not-mount-pre-existing-partitions-and-do-not-dete.patch fixes the issue.

Related, non-duplicate issues https://github.com/QubesOS/qubes-issues/issues/2835 https://github.com/QubesOS/qubes-anaconda/pull/7#issuecomment-579855024

ydirson commented 3 years ago

I'm hit by this with 4.0.4, and with 4.1-20210422

jopr1 commented 1 year ago

I am experiencing this problem with the latest installation. is this still a solution?

How does someone do this step? @arno01

/usr/lib*/python*/site-packages/pyanaconda/rescue.py file and then re-run anaconda rescue: anaconda --rescue --lang us

can you give details step by step how to accomplish this?

A really quick & dirty ad-hoc workaround would be to rename all find_existing_installations to _find_existing_installations in the /usr/lib*/python*/site-packages/pyanaconda/rescue.py file and then re-run anaconda rescue: anaconda --rescue --lang us