Any way to attach a USB drive to a VM by label?
140 views
Skip to first unread message
Qubes Guy
May 17, 2018, 8:57:09 PM5/17/18
to qubes-users
I've successfully used qvm-block (in Dom0) to attach USB drives to different VMs (persistently), but I've noticed that Qubes (or Linux) sometimes gives them to different devices over time. In other words, on Monday, my BIG_TOSHIBA drive will be on /dev/sda, but it'll be assigned to /dev/sdj when I boot up on Wednesday. This is throwing off my VeraCrypt / FreeFileSync backup routine. (Another way of saying this is if I say "qvm-block attach MyVM sys-usb:sda --persistent" when one of the three drives I use for MyVM is currently attached to that, this will fail if Qubes moves that drive to a different device-name (during boot) that isn't one of the three I previously attached (when I go to start up that VM).
I thought about persistently attaching all 10 of my USB drives to the VM (some HDs, some flash, one SSD - I never use all of them at once - don't ask!) because that would certainly fix this problem, but I get the following error when I try to start the VM: "ERROR: Start failed: XML error: target 'xvdi' duplicated for disk sources '/dev/sdc' and '/dev/sde', see /var/log/libvirt/libxl/libxl-driver.log for details".
Note that I did all the persistent attachment commands while the VM was not running. If I detach all those, start the VM, do the persistent attachments, shut down the VM and then restart it, I get an error along the lines of "qrexec process failed to respond in 60 seconds".
So, I guess I'm asking if there's a way to just persistently attach 2 or 3 external USB drives and have them consistently available on the same device names when I start the VM so VeraCrypt doesn't balk? (VeraCrypt ultimately doesn't care what device a drive is attached to (it could be sda - sdj on my system) because it shows the attached drive as "/media/user/BIG_TOSHIBA, but if a drive isn't where it's supposed to be, that'll fail.
In case you're curious, the error messages in /var/log/libvirt/libxl/libxl-driver.log are meaningless to me, but if you want me to post it, I can.
Any help you guys can give me would be greatly appreciated! Thanks...
Qubes Guy
May 17, 2018, 9:00:26 PM5/17/18
to qubes-users
By the way, I'm running version 4.0 of Qubes on a fairly recent laptop with 8GB of RAM...
awokd
May 18, 2018, 3:14:57 AM5/18/18
to Qubes Guy, qubes-users
On Fri, May 18, 2018 1:00 am, Qubes Guy wrote:
> On Thursday, May 17, 2018 at 8:57:09 PM UTC-4, Qubes Guy wrote:
>> So, I guess I'm asking if there's a way to just persistently attach 2 or
>> 3 external USB drives and have them consistently available on the same
>> device names when I start the VM so VeraCrypt doesn't balk? (VeraCrypt
>> ultimately doesn't care what device a drive is attached to (it could be
>> sda - sdj on my system) because it shows the attached drive as
>> "/media/user/BIG_TOSHIBA, but if a drive isn't where it's supposed to
>> be, that'll fail.
> On Thursday, May 17, 2018 at 8:57:09 PM UTC-4, Qubes Guy wrote:
>> So, I guess I'm asking if there's a way to just persistently attach 2 or
>> 3 external USB drives and have them consistently available on the same
>> device names when I start the VM so VeraCrypt doesn't balk? (VeraCrypt
>> ultimately doesn't care what device a drive is attached to (it could be
>> sda - sdj on my system) because it shows the attached drive as
>> "/media/user/BIG_TOSHIBA, but if a drive isn't where it's supposed to
>> be, that'll fail.
> By the way, I'm running version 4.0 of Qubes on a fairly recent laptop
> with 8GB of RAM...
Can you make sys-usb's /etc/fstab persistent, then specify /dev names
> with 8GB of RAM...
there by drive UUID?
Qubes Guy
May 18, 2018, 10:05:14 AM5/18/18
to qubes-users
I'm not sure what you mean by either of those things. Are you saying I should put entries in the fstab file in sys-usb to permanently mount those drives? If so, what would the commands look like? (As a side note, I tried to persistently mount a NAS share using the fstab file in my Debian template (and various other things) and couldn't get that to work, but I do know about the fstab file. I'm gonna try to use NFS instead...)
Marek Marczykowski-Górecki
May 18, 2018, 2:19:09 PM5/18/18
to Qubes Guy, qubes-users
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
It isn't available yet, related issue:
https://github.com/QubesOS/qubes-issues/issues/3437
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAlr/GRUACgkQ24/THMrX
1yzuqAf7Bw2L6SpZhPlLrhX20eFvagLuPpKbuMl/yVLMDhRBZqK86kIonC3Zvm1b
eR6cTQ540PNHJiqL0uescJIHS7sHJDnnqC7Y0x12GIlEKWU+1pobRDZIwfErMiD/
2FzJisSgk8tiLIwmyhcrWyUyVxuk6e1TpG5sVdUMb3lTqjiqPPChZBRlLFsYmraK
PvBvY9DCeL6unSIUJqadxBtfeh5KDmSXauLS7T/vxVfEWbsNxI+ZrgGWPALkniZK
MaXGp6hYrmnycl6o8xi74CWoGvwruhUrFOVxAn8hrFR0OA5PmeWVQjtRJ4j0okmL
qXHoFWHbMVltipYLNvBYZANXcIc3bw==
=BsRg
-----END PGP SIGNATURE-----
Hash: SHA256
https://github.com/QubesOS/qubes-issues/issues/3437
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAlr/GRUACgkQ24/THMrX
1yzuqAf7Bw2L6SpZhPlLrhX20eFvagLuPpKbuMl/yVLMDhRBZqK86kIonC3Zvm1b
eR6cTQ540PNHJiqL0uescJIHS7sHJDnnqC7Y0x12GIlEKWU+1pobRDZIwfErMiD/
2FzJisSgk8tiLIwmyhcrWyUyVxuk6e1TpG5sVdUMb3lTqjiqPPChZBRlLFsYmraK
PvBvY9DCeL6unSIUJqadxBtfeh5KDmSXauLS7T/vxVfEWbsNxI+ZrgGWPALkniZK
MaXGp6hYrmnycl6o8xi74CWoGvwruhUrFOVxAn8hrFR0OA5PmeWVQjtRJ4j0okmL
qXHoFWHbMVltipYLNvBYZANXcIc3bw==
=BsRg
-----END PGP SIGNATURE-----
Qubes Guy
May 18, 2018, 3:48:36 PM5/18/18
to qubes-users
Qubes Guy
May 18, 2018, 3:49:19 PM5/18/18
to qubes-users
On Friday, May 18, 2018 at 2:19:09 PM UTC-4, Marek Marczykowski-Górecki wrote:
David Hobach
May 18, 2018, 5:59:09 PM5/18/18
to Qubes Guy, qubes-users
On 05/18/2018 08:19 PM, Marek Marczykowski-Górecki wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> On Thu, May 17, 2018 at 05:57:09PM -0700, Qubes Guy wrote:
>> I've successfully used qvm-block (in Dom0) to attach USB drives to different VMs (persistently), but I've noticed that Qubes (or Linux) sometimes gives them to different devices over time. In other words, on Monday, my BIG_TOSHIBA drive will be on /dev/sda, but it'll be assigned to /dev/sdj when I boot up on Wednesday. This is throwing off my VeraCrypt / FreeFileSync backup routine. (Another way of saying this is if I say "qvm-block attach MyVM sys-usb:sda --persistent" when one of the three drives I use for MyVM is currently attached to that, this will fail if Qubes moves that drive to a different device-name (during boot) that isn't one of the three I previously attached (when I go to start up that VM).
>>
>> I thought about persistently attaching all 10 of my USB drives to the VM (some HDs, some flash, one SSD - I never use all of them at once - don't ask!) because that would certainly fix this problem, but I get the following error when I try to start the VM: "ERROR: Start failed: XML error: target 'xvdi' duplicated for disk sources '/dev/sdc' and '/dev/sde', see /var/log/libvirt/libxl/libxl-driver.log for details".
>>
>> Note that I did all the persistent attachment commands while the VM was not running. If I detach all those, start the VM, do the persistent attachments, shut down the VM and then restart it, I get an error along the lines of "qrexec process failed to respond in 60 seconds".
>>
>> So, I guess I'm asking if there's a way to just persistently attach 2 or 3 external USB drives and have them consistently available on the same device names when I start the VM so VeraCrypt doesn't balk? (VeraCrypt ultimately doesn't care what device a drive is attached to (it could be sda - sdj on my system) because it shows the attached drive as "/media/user/BIG_TOSHIBA, but if a drive isn't where it's supposed to be, that'll fail.
>>
>> In case you're curious, the error messages in /var/log/libvirt/libxl/libxl-driver.log are meaningless to me, but if you want me to post it, I can.
>>
>> Any help you guys can give me would be greatly appreciated! Thanks...
>
> It isn't available yet, related issue:
> https://github.com/QubesOS/qubes-issues/issues/3437
As a workaround you could mount the device via uuid or file system label
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> On Thu, May 17, 2018 at 05:57:09PM -0700, Qubes Guy wrote:
>> I've successfully used qvm-block (in Dom0) to attach USB drives to different VMs (persistently), but I've noticed that Qubes (or Linux) sometimes gives them to different devices over time. In other words, on Monday, my BIG_TOSHIBA drive will be on /dev/sda, but it'll be assigned to /dev/sdj when I boot up on Wednesday. This is throwing off my VeraCrypt / FreeFileSync backup routine. (Another way of saying this is if I say "qvm-block attach MyVM sys-usb:sda --persistent" when one of the three drives I use for MyVM is currently attached to that, this will fail if Qubes moves that drive to a different device-name (during boot) that isn't one of the three I previously attached (when I go to start up that VM).
>>
>> I thought about persistently attaching all 10 of my USB drives to the VM (some HDs, some flash, one SSD - I never use all of them at once - don't ask!) because that would certainly fix this problem, but I get the following error when I try to start the VM: "ERROR: Start failed: XML error: target 'xvdi' duplicated for disk sources '/dev/sdc' and '/dev/sde', see /var/log/libvirt/libxl/libxl-driver.log for details".
>>
>> Note that I did all the persistent attachment commands while the VM was not running. If I detach all those, start the VM, do the persistent attachments, shut down the VM and then restart it, I get an error along the lines of "qrexec process failed to respond in 60 seconds".
>>
>> So, I guess I'm asking if there's a way to just persistently attach 2 or 3 external USB drives and have them consistently available on the same device names when I start the VM so VeraCrypt doesn't balk? (VeraCrypt ultimately doesn't care what device a drive is attached to (it could be sda - sdj on my system) because it shows the attached drive as "/media/user/BIG_TOSHIBA, but if a drive isn't where it's supposed to be, that'll fail.
>>
>> In case you're curious, the error messages in /var/log/libvirt/libxl/libxl-driver.log are meaningless to me, but if you want me to post it, I can.
>>
>> Any help you guys can give me would be greatly appreciated! Thanks...
>
> It isn't available yet, related issue:
> https://github.com/QubesOS/qubes-issues/issues/3437
in sys-usb, create a loop device from the container you want to pass to
another VM and use qvm-block on that loop device (for which you can
define the name yourself).
Of course that's only convenient if you script it...
Qubes Guy
May 18, 2018, 7:04:57 PM5/18/18
to qubes-users
David Hobach
May 19, 2018, 4:23:09 AM5/19/18
to Qubes Guy, qubes-users
implemented then.
Anyway for reference I was talking about something like
in your sys-usb:
1. mount -U [uuid] [mount point]
2. losetup -f --show [your veracrypt file on the mounted file system]
in dom0:
3. qvm-block a [target VM] "sys-usb:[output of 2]"
4. Open the veracrypt block device now attached to [target VM]. (luks
supports that, not sure about veracrypt)
You can script all of that from dom0 using qvm-run. Essentially the idea
was to attach the Veracrypt file to [target VM] instead of attaching the
USB device itself.
qvm-block also supported files itself in 3.2 (i.e. 1. & 2. could be done
with qvm-block), but from my experience that didn't work so well in the
past.
In 4.0 it was then removed I think; qvm-block -p [target VM] [some file]
would have made for some really interesting applications such as the one
described above without much need for scripting.
Qubes Guy
May 19, 2018, 9:37:55 AM5/19/18
to qubes-users
Djon Snow
Aug 11, 2018, 10:12:31 AM8/11/18
to qubes-users
суббота, 19 мая 2018 г., 16:37:55 UTC+3 пользователь Qubes Guy написал:
how to connect USB to standalone VM kali linux?
Reply all
Reply to author
Forward
0 new messages