'awokd' via qubes-users:
Claudia:
So I was wondering, is it possible to run the Qubes dom0 kernel directly
on the hardware instead of under Xen? How might one go about this? And
how much work would it involve?
I've had similar troubleshooting needs. Closest I found was to download
Fedora 25 and test under that. What's missing are any Qubes specific
patches to Fedora itself, which makes the testing results a bit iffy.
Yeah, I've been using Fedora 25 as a test reference, but like you said
there's still a big difference between Fedora and Qubes (Qubes kernel,
Qubes packages, Xen, VT-x, to name a few). It's still a needle in a
haystack.
But anyway... Success! It is in fact quite possible to run Qubes without
Xen, and surprisingly not all that difficult. (And on top of that, in my
case Qubes without Xen was able to detect the hardware it couldn't
detect under Xen!)
So, background info, any Xen dom0 kernel can run as a regular kernel
too. Basically the only difference is that CONFIG_XEN_DOM0 is turned on
in dom0 kernels, but it can still run without Xen. It's just that grub,
I assume, checks if it's running under Xen, and if so, doesn't create
non-Xen menu options (unless you do what I did below).
Here's basically what I had to do:
# tar -C / -cvzf ~/boot-backup.tar.gz boot/
# qubes-dom0-update grub2-efi
# chmod ugo+x /etc/grub.d/10_linux
# echo GRUB_CMDLINE_LINUX=\"$(cat /boot/efi/EFI/qubes/xen.cfg | grep
kernel | cut -d ' ' -f 4- | head -n 1)\" >> /etc/default/grub
# grub2-mkconfig -o /boot/efi/EFI/fedora/grub.cfg
# efibootmgr -c -d /dev/sda -p 1 -L "Fedora-Grub" -l
"\EFI\fedora\grubx64.efi"
Note: this will change your default EFI boot entry! You can change it
back with `efibootmgr -o`. Here's a nice tutorial if you're not familiar
with efibootmgr:
https://www.linuxbabe.com/command-line/how-to-use-linux-efibootmgr-examples
Reboot, and if necessary press f12 and select "Fedora-Grub" in UEFI boot
options. Log in and verify that /proc/xen is not present.
Note: Fedora documentation tells you to install the "shim" package as
well, and boot into the EFI shim to install a grub menu entry. I used
efibootmgr instead as it is much simpler and already installed. In any
case, don't try to run grub2-install. https://fedoraproject.org/wiki/GRUB_2
Note: This should work even with secure boot enabled, but I didn't try it.
Note: You should be able to do something similar on legacy boot systems.
In fact it should be even easier, since you're already using grub. The
important part is the chmod /etc/grub/10_linux.
Random thought: Maybe one day in the distant future, if/when Qubes
supports KVM, maybe we'll be able to switch back and forth between Xen
and KVM at boot time?
-------------------------------------------------
This free account was provided by VFEmail.net - report spam to ab...@vfemail.net
ONLY AT VFEmail! - Use our Metadata Mitigator to keep your email out of the
NSA's hands!
$24.95 ONETIME Lifetime accounts with Privacy Features!
15GB disk! No bandwidth quotas!
Commercial and Bulk Mail Options!
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/1000a856-eab2-cc61-870e-ee371479b907%40vfemail.net.
