Skip to content

anaconda rescue is broken #5609

New issue
New issue
Open
Bug
Open
anaconda rescue is broken#5609
Bug
Labels
C: installerThis issue pertains to the Qubes OS installer.P: defaultPriority: default. Default priority for new issues, to be replaced given sufficient information.affects-4.1This issue affects Qubes OS 4.1.affects-4.2This issue affects Qubes OS 4.2.needs diagnosisRequires technical diagnosis from developer. Replace with "diagnosed" or remove if otherwise closed.
@ghost

Description

@ghost
ghost
opened on Jan 29, 2020

Qubes OS version
I've tried Qubes OS R4.1 only (built it on 26 Jan 2020).

Affected component(s) or functionality
qubes-anaconda

Brief summary
Anaconda rescue isn't working because the functionality to find the Linux partition has been recently removed in this patch - 0024-Do-not-mount-pre-existing-partitions-and-do-not-dete.patch
Whilst it is the right thing to do from the security point of view as Marek mentioned:

anaconda installer mounts every single partition it finds on the disk, and analyze various files found there (/etc/os-release, /etc/fstab etc). Something that can easily end up badly. Imagine you're reinstalling your system over previous compromised one - the amount of parsing of pre-existing disk content here makes it quite likely that it would be possible to plant files that would re-compromise qubes installer...

it should not impact the anaconda rescue functionality.

To Reproduce

  1. Install Qubes OS (probably version 4.1, not sure if 4.0 is affected)
  2. Boot from the installation media again and select Rescue mode
  3. choose 1. Continue when anaconda rescue meets you

Expected behavior
anaconda rescue should find my Linux partition and mount it as normally expected.

Actual behavior
anaconda rescue meets me with the You don't have any Linux partitions message.

Additional context
People seeing You don't have any Linux partitions message might be spending hours trying to figure what's going on.

The requirements for the future patches should include adding some meaningful message when the upstream code gets chopped off. Something like this message would suffice:
[Qubes OS] The functionality <name it> has been removed because of security reasons: X, Y, Z...

A quick & dirty workaround for anyone stumbled on this
A really quick & dirty ad-hoc workaround would be to rename all find_existing_installations to _find_existing_installations in the /usr/lib*/python*/site-packages/pyanaconda/rescue.py file and then re-run anaconda rescue: anaconda --rescue --lang us

Solutions you've tried
Removing 0024-Do-not-mount-pre-existing-partitions-and-do-not-dete.patch fixes the issue.

Related, non-duplicate issues
#2835
QubesOS/qubes-anaconda#7 (comment)

Metadata

Metadata

Assignees

No one assigned

    Labels

    C: installerThis issue pertains to the Qubes OS installer.P: defaultPriority: default. Default priority for new issues, to be replaced given sufficient information.affects-4.1This issue affects Qubes OS 4.1.affects-4.2This issue affects Qubes OS 4.2.needs diagnosisRequires technical diagnosis from developer. Replace with "diagnosed" or remove if otherwise closed.

    Type

    Bug

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions