I am testing out Genode Sculpt on a spare x86 machine and I ran into a question that doesn't seem to have a clear answer in the documentation.
I am attempting to create the following setup: * All Genode/Sculpt software on removable USB boot drive * All virtual machine data on encrypted volume stored on NVMe
From my experimentation, the default applications in the Leitzentrale seem to be focused around a single block device, the one you select for the depot with "use". Since I have the depot on USB, I'm unable to create a file vault residing on the NVMe. To accomplish this setup, I'd imagine that I will need to create a file vault on the NVMe storage, then create the VM using the file vault to hold the file system.
Unless I'm missing an easier solution, it seems like I may need to create a modified version of the file vault than can reside on partitions from other block devices... but before I proceed too far down that path I'd appreciate any feedback/ideas from someone with experience. Thanks!
I found the answer to my admittedly naive question. My first attempt was temporarily "using" the NVMe fs and copying the resulting <start> section from /config/managed into the /config/managed file created when the USB fs is "used". This worked but was quite a kludgey process. Then quite by accident I discovered that "inspecting" a second filesystem makes it available for selection when setting up components.
With the NVMe available through "inspection" I was able to set up a file vault on the NVMe with my core system residing on USB. I was then able to set up a tinycore VM on the file vault fs.
I was quite happy to find that this is possible out of the box. I'd suggest elaborating on "inspection" in the documentation as this may be confusing for new users!
Hi,
[…]
I was quite happy to find that this is possible out of the box. I'd suggest elaborating on "inspection" in the documentation as this may be confusing for new users!
I am glad you could help yourself but I am afraid you merely found the pragmatic workaround for utilizing multiple block devices as that use-case is not yet properly addressed with the current Sculpt. Since this not “officially” supported and diverting the inspection functionality is a happy little accident we refrain from documenting this behaviour.
That being said, you can make it work by managing the NVMe device manually. That involves starting an appropriately configured 'part_block' as well as an 'ext2_fs' instance. You can use the pkgs published in my depot (see 'cnuke → Tools (Extra)) as they are not available in the genodelabs depot. The following examplary launcher reference those pkgs since configuring the block session, i.e. setting the label for the partition, is not possible via the GUI:
# nvme-part_block <launcher pkg="cnuke/pkg/part_block/2024-04-11" priority="-1"> <route> <service name="Block"> <child name="nvme" label="1"/> </service> <service name="Report" label="partitions"> <parent/> </service> </route> </launcher>
# nvme-part_2_fs <launcher pkg="cnuke/pkg/ext2_fs/2024-04-11" priority="-1"> <route> <service name="Block"> <child name="nvme-part_block" label="2"/> </service> <service name="RM"> <parent/> </service> </route> </launcher>
You can store the launcher on your USB stick (config/24.04/launcher) and start them manually or add them to your persistent deply config (so that they get started when you 'Use' the USB stick). Afterwards you just point the other components to 'nvme-part_2_fs'.
Regards Josef
On Tue, 2024-06-18 at 12:13 +0200, Josef Söntgen wrote:
I am glad you could help yourself but I am afraid you merely found the pragmatic workaround for utilizing multiple block devices as that use-case is not yet properly addressed with the current Sculpt.
Thanks for the context -- I thought I must be missing something obvious as it seems like this must be a common use case (copying files to/from other media, etc). In any case I'm glad that it is possible even if not fully fleshed out.
You can use the pkgs published in my depot (see 'cnuke → Tools (Extra)) as they are not available in the genodelabs depot.
This is enormously helpful as I haven't been able to find a good guide to the various non-core software that is available. (If Genode meets my needs long term this is one area where I may attempt to contribute.)
I realize my confusion is because I am trying to run before I can walk. I'm attempting to quickly map out the boundaries of what is possible to be sure that Genode is a good fit for my use case, and after that I plan to do a deeper, more careful study. Thanks again for the help in getting oriented.
In case anyone else has trouble with this: I had formatted my NVMe *device* in Genode, which created an ext2 filesystem on the raw block device. This is technically valid, but I mistakenly assumed it had created a single partition which is more common. I was getting errors about partition 2, so I changed the label to "1" to indicate partition 1, but that still didn't work.
After booting from a Linux ISO, creating a GPT partition table, and creating a single ext2 partition, I was able to go back into Genode and make it work.
Not such a difficult problem to track down in the end, and it's been helpful exposure to how the XML configuration works.
-
Josef Söntgen -
mntn