Menu
Article linux

Portable Ubuntu USB Stick with Persistent Storage

TeckYian Lim

TeckYian Lim

• 3 min read

UNetBootin allows creation of a such a stick, but it only takes care of creating stuff that's needed for legacy BIOS boot[1]. If you are using UEFI (Macs don't do legacy boot), things won't work as expected. To get it working, add persistent to the "Try Ubuntu without installing" entry of grub.cfg and loopback.cfg in the /boot/grub folder of the USB stick that was created. (Or create a new menu entry)

...
menuentry "Try Ubuntu without installing" {
	set gfxpayload=keep
	linux	/casper/vmlinuz  file=/cdrom/preseed/ubuntu.seed boot=casper  quiet splash persistent ---  
	initrd	/casper/initrd.lz
}
...

The casper-rw file is where persistency is stored. This is simply a large file, and formatted with a filesystem, say ext4.

Creating this file in Linux is easy:

dd if=/dev/zero of=casper-rw count=4192 bs=1M
mkfs.ext4 -F casper-rw

With this file on the usb stick, passing the persistent paramerter to the kernel boot options will mount this partition when booting. Any changes made to the root file system will be stored in this file.

To verify that this is configured correctly, run df -h. You should see that theres a line that says:

Filesystem             Size  Used Avail Use% Mounted on
...
/cow                   3.9G 1019M  2.7G  28% /
...

Bonus Round 0 - Hostname!

Perhaps you want to have a fixed host name for your usb stick. This can be done easily by editing the same menu entry by adding hostname=yournamehere.

Bonus Round 1 - Larger Persistent Storage

The limitation of using a loopback file is that the file can't be larger that the maximum file size supported by the underlying filesystem. Since the Ubuntu stick uses FAT32, we are stuck with a maximum of 4GB. This can be overcame by creating an actual partition for the files instead. So long as the partition has the label casper-rw.

Special names

Besides casper-rw, you can also create a home-rw to be automatically mounted as /home.

Furthermore, you can also create casper-sn* and home-sn* to be used as snapshots. These snapshots are copied to the filesystem after the persistent volumes are mounted. (More details here.)

Bonus Round 2 - Encrypted home

First create a fully encrypted partition. Current Ubuntu Live images (last checked 18.04) have dm-crypt included.

Create encrypted partiton with dm-crypt and LUKS

  1. Install cryptsetup if not available: apt install cryptsetup-bin
  2. Create encrypted partition: cryptsetup -v -y luksFormat /dev/sdXX
  3. Open encrypted partition: cryptsetup luksOpen /dev/sdXX home-rw
  4. Check status if desires: `cryptsetup -v status home-rw'
  5. Fill with zeros for security: dd if=/dev/zero of=/dev/mapper/home-rw bs=1M status=progress (This can take a very long time)
  6. Format with desired filesystem: mkfs.ext4 /dev/mapper/home-rw

Automounting

Encrypted partitions can't be picked up by casper boot's automounting, and editing /etc/fstab doesn't work, this file is regenerated each time on boot. Instead edit /usr/share/initramfs-tools/scripts/casper-bottom/12fstab.(No longer works with 18.04, you'll have to regenerate the squashfs file, too much work.)

Run blkid and take note of the UUID of the encrypted partition. Edit /etc/crypttab such that the volume with be setup automatically during boot. Not specifying a passkey will present you a prompt to enter teh passkey during boot.

#name device passkey type
home-rw UUID="..." none luks

Finally, add/create a line in rc.local to mount:

#!/bin/sh -e
mount -t ext4 /dev/mapper/home-rw /home

Note: since this is done after the live system creates the user, the default ubuntu user will have no home directory. Graphical login for the ubuntu user will fail. Can be fixed with copying over the added home directory.

Final notes

Live systems can be fragile. apt upgrade can break stuff. I recommend keeping the home parition seperate and upgrading the live image every once in a while rather than upgrading individual packages. Also, surprisingly,
Nvidia drivers .run installation works.

Maybe a completely customized LiveUSB is more worth the time? Maybe next time

Edit:

  • 2/6/2019 - fixed typos and missin luksFormat in encryption setup

  1. If you don't bother about legacy boot, simply copying the files over from the iso image will work as well. Remember to include all hidden files ad well, and to set boot flags if there's more than 1 partition. ↩︎

Share
Show Comments

Topics

web: 4 tensorflow: 4 code-snippet: 3 heroku: 2 dsp: 2 signal processing: 2 linux: 2 short read: 2 cloudflare: 1 gcp: 1 cloud: 1 egpu: 1 xorg: 1 hardware: 1 macOS: 1 fmcw: 1 radar: 1 config: 1 tpu: 1 wolfson_dac: 1 raspberrypi1: 1 raspberrypi: 1 paper reading: 1 audio: 1 tf.estimator: 1 ubuntu: 1 wip: 1 machine learning: 1 cli: 1 scripting: 1 bash: 1 working document: 0