NAME¶
guestfish - the libguestfs Filesystem Interactive SHell
SYNOPSIS¶
guestfish [--options] [commands]
guestfish
guestfish [--ro|--rw] -a disk.img
guestfish [--ro|--rw] -a disk.img -m dev[:mountpoint]
guestfish -d libvirt-domain
guestfish [--ro|--rw] -a disk.img -i
guestfish -d libvirt-domain -i
WARNING¶
Using guestfish in read/write mode on live virtual machines can be dangerous,
potentially causing disk corruption. Use the
--ro (read-only) option to
use guestfish safely if the disk image or virtual machine might be live.
DESCRIPTION¶
Guestfish is a shell and command-line tool for examining and modifying virtual
machine filesystems. It uses libguestfs and exposes all of the functionality
of the guestfs API, see
guestfs(3).
Guestfish gives you structured access to the libguestfs API, from shell scripts
or the command line or interactively. If you want to rescue a broken virtual
machine image, you should look at the
virt-rescue(1) command.
EXAMPLES¶
As an interactive shell¶
$ guestfish
Welcome to guestfish, the libguestfs filesystem interactive shell for
editing virtual machine filesystems.
Type: 'help' for a list of commands
'man' to read the manual
'quit' to quit the shell
><fs> add-ro disk.img
><fs> run
><fs> list-filesystems
/dev/sda1: ext4
/dev/vg_guest/lv_root: ext4
/dev/vg_guest/lv_swap: swap
><fs> mount /dev/vg_guest/lv_root /
><fs> cat /etc/fstab
# /etc/fstab
# Created by anaconda
[...]
><fs> exit
From shell scripts¶
Create a new "/etc/motd" file in a guest or disk image:
guestfish <<_EOF_
add disk.img
run
mount /dev/vg_guest/lv_root /
write /etc/motd "Welcome, new users"
_EOF_
List the LVM logical volumes in a disk image:
guestfish -a disk.img --ro <<_EOF_
run
lvs
_EOF_
List all the filesystems in a disk image:
guestfish -a disk.img --ro <<_EOF_
run
list-filesystems
_EOF_
On one command line¶
Update "/etc/resolv.conf" in a guest:
guestfish \
add disk.img : run : mount /dev/vg_guest/lv_root / : \
write /etc/resolv.conf "nameserver 1.2.3.4"
Edit "/boot/grub/grub.conf" interactively:
guestfish --rw --add disk.img \
--mount /dev/vg_guest/lv_root \
--mount /dev/sda1:/boot \
edit /boot/grub/grub.conf
Mount disks automatically¶
Use the
-i option to automatically mount the disks from a virtual
machine:
guestfish --ro -a disk.img -i cat /etc/group
guestfish --ro -d libvirt-domain -i cat /etc/group
Another way to edit "/boot/grub/grub.conf" interactively is:
guestfish --rw -a disk.img -i edit /boot/grub/grub.conf
As a script interpreter¶
Create a 100MB disk containing an ext2-formatted partition:
#!/usr/bin/guestfish -f
sparse test1.img 100M
run
part-disk /dev/sda mbr
mkfs ext2 /dev/sda1
Start with a prepared disk¶
An alternate way to create a 100MB disk called "test1.img" containing
a single ext2-formatted partition:
guestfish -N fs
To list what is available do:
guestfish -N help | less
Remote control¶
eval "`guestfish --listen`"
guestfish --remote add-ro disk.img
guestfish --remote run
guestfish --remote lvs
OPTIONS¶
- --help
- Displays general help on options.
- -h
- --cmd-help
- Lists all available guestfish commands.
- -h cmd
- --cmd-help cmd
- Displays detailed help on a single command
"cmd".
- -a image
- --add image
- Add a block device or virtual machine image to the shell.
The format of the disk image is auto-detected. To override this and force a
particular format use the --format=.. option.
Using this flag is mostly equivalent to using the "add" command,
with "readonly:true" if the --ro flag was given, and with
"format:..." if the --format=... flag was given.
- -c URI
- --connect URI
- When used in conjunction with the -d option, this
specifies the libvirt URI to use. The default is to use the default
libvirt connection.
- --csh
- If using the --listen option and a csh-like shell,
use this option. See section "REMOTE CONTROL AND CSH"
below.
- -d libvirt-domain
- --domain libvirt-domain
- Add disks from the named libvirt domain. If the --ro
option is also used, then any libvirt domain can be used. However in write
mode, only libvirt domains which are shut down can be named here.
Domain UUIDs can be used instead of names.
Using this flag is mostly equivalent to using the "add-domain"
command, with "readonly:true" if the --ro flag was given,
and with "format:..." if the --format=... flag was
given.
- -D
- --no-dest-paths
- Don't tab-complete paths on the guest filesystem. It is
useful to be able to hit the tab key to complete paths on the guest
filesystem, but this causes extra "hidden" guestfs calls to be
made, so this option is here to allow this feature to be disabled.
- --echo-keys
- When prompting for keys and passphrases, guestfish normally
turns echoing off so you cannot see what you are typing. If you are not
worried about Tempest attacks and there is no one else in the room you can
specify this flag to see what you are typing.
- -f file
- --file file
- Read commands from "file". To write pure
guestfish scripts, use:
#!/usr/bin/guestfish -f
- --format=raw|qcow2|..
- --format
- The default for the -a option is to auto-detect the
format of the disk image. Using this forces the disk format for -a
options which follow on the command line. Using --format with no
argument switches back to auto-detection for subsequent -a options.
For example:
guestfish --format=raw -a disk.img
forces raw format (no auto-detection) for "disk.img".
guestfish --format=raw -a disk.img --format -a another.img
forces raw format (no auto-detection) for "disk.img" and reverts
to auto-detection for "another.img".
If you have untrusted raw-format guest disk images, you should use this
option to specify the disk format. This avoids a possible security problem
with malicious guests (CVE-2010-3851). See also
"add-drive-opts".
- -i
- --inspector
- Using virt-inspector(1) code, inspect the disks
looking for an operating system and mount filesystems as they would be
mounted on the real virtual machine.
Typical usage is either:
guestfish -d myguest -i
(for an inactive libvirt domain called myguest), or:
guestfish --ro -d myguest -i
(for active domains, readonly), or specify the block device directly:
guestfish --rw -a /dev/Guests/MyGuest -i
Note that the command line syntax changed slightly over older versions of
guestfish. You can still use the old syntax:
guestfish [--ro] -i disk.img
guestfish [--ro] -i libvirt-domain
Using this flag is mostly equivalent to using the "inspect-os"
command and then using other commands to mount the filesystems that were
found.
- --keys-from-stdin
- Read key or passphrase parameters from stdin. The default
is to try to read passphrases from the user by opening
"/dev/tty".
- --listen
- Fork into the background and listen for remote commands.
See section "REMOTE CONTROL GUESTFISH OVER A SOCKET" below.
- --live
- Connect to a live virtual machine. (Experimental, see
"ATTACHING TO RUNNING DAEMONS" in guestfs(3)).
- -m dev[:mountpoint[:options]]
- --mount dev[:mountpoint[:options]]
- Mount the named partition or logical volume on the given
mountpoint.
If the mountpoint is omitted, it defaults to "/".
You have to mount something on "/" before most commands will work.
If any -m or --mount options are given, the guest is
automatically launched.
If you don't know what filesystems a disk image contains, you can either run
guestfish without this option, then list the partitions, filesystems and
LVs available (see "list-partitions",
"list-filesystems" and "lvs" commands), or you can use
the virt-filesystems(1) program.
The third (and rarely used) part of the mount parameter is the list of mount
options used to mount the underlying filesystem. If this is not given,
then the mount options are either the empty string or "ro" (the
latter if the --ro flag is used). By specifying the mount options,
you override this default choice. Probably the only time you would use
this is to enable ACLs and/or extended attributes if the filesystem can
support them:
-m /dev/sda1:/:acl,user_xattr
Using this flag is equivalent to using the "mount-options"
command.
- -n
- --no-sync
- Disable autosync. This is enabled by default. See the
discussion of autosync in the guestfs(3) manpage.
- -N type
- --new type
- -N help
- Prepare a fresh disk image formatted as "type".
This is an alternative to the -a option: whereas -a adds an
existing disk, -N creates a preformatted disk with a filesystem and
adds it. See "PREPARED DISK IMAGES" below.
- --pipe-error
- If writes fail to pipe commands (see "PIPES"
below), then the command returns an error.
The default (also for historical reasons) is to ignore such errors so that:
><fs> command_with_lots_of_output | head
doesn't give an error.
- --progress-bars
- Enable progress bars, even when guestfish is used
non-interactively.
Progress bars are enabled by default when guestfish is used as an
interactive shell.
- --no-progress-bars
- Disable progress bars.
- --remote[=pid]
- Send remote commands to $GUESTFISH_PID or "pid".
See section "REMOTE CONTROL GUESTFISH OVER A SOCKET" below.
- -r
- --ro
- This changes the -a, -d and -m options
so that disks are added and mounts are done read-only.
The option must always be used if the disk image or virtual machine might be
running, and is generally recommended in cases where you don't need write
access to the disk.
Note that prepared disk images created with -N are not affected by
this option. Also commands like "add" are not affected - you
have to specify the "readonly:true" option explicitly if you
need it.
See also "OPENING DISKS FOR READ AND WRITE" below.
- --selinux
- Enable SELinux support for the guest. See
"SELINUX" in guestfs(3).
- -v
- --verbose
- Enable very verbose messages. This is particularly useful
if you find a bug.
- -V
- --version
- Display the guestfish / libguestfs version number and
exit.
- -w
- --rw
- This changes the -a, -d and -m options
so that disks are added and mounts are done read-write.
See "OPENING DISKS FOR READ AND WRITE" below.
- -x
- Echo each command before executing it.
COMMANDS ON COMMAND LINE¶
Any additional (non-option) arguments are treated as commands to execute.
Commands to execute should be separated by a colon (":"), where the
colon is a separate parameter. Thus:
guestfish cmd [args...] : cmd [args...] : cmd [args...] ...
If there are no additional arguments, then we enter a shell, either an
interactive shell with a prompt (if the input is a terminal) or a
non-interactive shell.
In either command line mode or non-interactive shell, the first command that
gives an error causes the whole shell to exit. In interactive mode (with a
prompt) if a command fails, you can continue to enter commands.
USING launch (OR run)¶
As with
guestfs(3), you must first configure your guest by adding disks,
then launch it, then mount any disks you need, and finally issue
actions/commands. So the general order of the day is:
- •
- add or -a/--add
- •
- launch (aka run)
- •
- mount or -m/--mount
- •
- any other commands
"run" is a synonym for "launch". You must "launch"
(or "run") your guest before mounting or performing any other
commands.
The only exception is that if any of the
-i,
-m,
--mount,
-N or
--new options were given then "run" is done
automatically, simply because guestfish can't perform the action you asked for
without doing this.
OPENING DISKS FOR READ AND WRITE¶
The guestfish,
guestmount(1) and
virt-rescue(1) options
--ro and
--rw affect whether the other command line options
-a,
-c,
-d,
-i and
-m open disk images
read-only or for writing.
In libguestfs ≤ 1.10, guestfish, guestmount and virt-rescue defaulted to
opening disk images supplied on the command line for write. To open a disk
image read-only you have to do
-a image --ro.
This matters: If you accidentally open a live VM disk image writable then you
will cause irreversible disk corruption.
In a future libguestfs we intend to change the default the other way. Disk
images will be opened read-only. You will have to either specify
guestfish
--rw,
guestmount --rw,
virt-rescue --rw, or change the
configuration file "/etc/libguestfs-tools.conf" in order to get
write access for disk images specified by those other command line options.
This version of guestfish, guestmount and virt-rescue has a
--rw option
which does nothing (it is already the default). However it is highly
recommended that you use this option to indicate that you need write access,
and prepare your scripts for the day when this option will be required for
write access.
Note: This does
not affect commands like "add" and
"mount", or any other libguestfs program apart from guestfish and
guestmount.
QUOTING¶
You can quote ordinary parameters using either single or double quotes. For
example:
add "file with a space.img"
rm '/file name'
rm '/"'
A few commands require a list of strings to be passed. For these, use a
whitespace-separated list, enclosed in quotes. Strings containing whitespace
to be passed through must be enclosed in single quotes. A literal single quote
must be escaped with a backslash.
vgcreate VG "/dev/sda1 /dev/sdb1"
command "/bin/echo 'foo bar'"
command "/bin/echo \'foo\'"
ESCAPE SEQUENCES IN DOUBLE QUOTED ARGUMENTS¶
In double-quoted arguments (only) use backslash to insert special characters:
- "\a"
- Alert (bell) character.
- "\b"
- Backspace character.
- "\f"
- Form feed character.
- "\n"
- Newline character.
- "\r"
- Carriage return character.
- "\t"
- Horizontal tab character.
- "\v"
- Vertical tab character.
- "\""
- A literal double quote character.
- "\ooo"
- A character with octal value ooo. There must be
precisely 3 octal digits (unlike C).
- "\xhh"
- A character with hex value hh. There must be
precisely 2 hex digits.
In the current implementation "\000" and "\x00" cannot
be used in strings.
- "\\"
- A literal backslash character.
OPTIONAL ARGUMENTS¶
Some commands take optional arguments. These arguments appear in this
documentation as "[argname:..]". You can use them as in these
examples:
add-drive-opts filename
add-drive-opts filename readonly:true
add-drive-opts filename format:qcow2 readonly:false
Each optional argument can appear at most once. All optional arguments must
appear after the required ones.
NUMBERS¶
This section applies to all commands which can take integers as parameters.
SIZE SUFFIX¶
When the command takes a parameter measured in bytes, you can use one of the
following suffixes to specify kilobytes, megabytes and larger sizes:
- k or K or KiB
- The size in kilobytes (multiplied by 1024).
- KB
- The size in SI 1000 byte units.
- M or MiB
- The size in megabytes (multiplied by 1048576).
- MB
- The size in SI 1000000 byte units.
- G or GiB
- The size in gigabytes (multiplied by 2**30).
- GB
- The size in SI 10**9 byte units.
- T or TiB
- The size in terabytes (multiplied by 2**40).
- TB
- The size in SI 10**12 byte units.
- P or PiB
- The size in petabytes (multiplied by 2**50).
- PB
- The size in SI 10**15 byte units.
- E or EiB
- The size in exabytes (multiplied by 2**60).
- EB
- The size in SI 10**18 byte units.
- Z or ZiB
- The size in zettabytes (multiplied by 2**70).
- ZB
- The size in SI 10**21 byte units.
- Y or YiB
- The size in yottabytes (multiplied by 2**80).
- YB
- The size in SI 10**24 byte units.
For example:
truncate-size /file 1G
would truncate the file to 1 gigabyte.
Be careful because a few commands take sizes in kilobytes or megabytes (eg. the
parameter to "memsize" is specified in megabytes already). Adding a
suffix will probably not do what you expect.
OCTAL AND HEXADECIMAL NUMBERS¶
For specifying the radix (base) use the C convention: 0 to prefix an octal
number or "0x" to prefix a hexadecimal number. For example:
1234 decimal number 1234
02322 octal number, equivalent to decimal 1234
0x4d2 hexadecimal number, equivalent to decimal 1234
When using the "chmod" command, you almost always want to specify an
octal number for the mode, and you must prefix it with 0 (unlike the Unix
chmod(1) program):
chmod 0777 /public # OK
chmod 777 /public # WRONG! This is mode 777 decimal = 01411 octal.
Commands that return numbers usually print them in decimal, but some commands
print numbers in other radices (eg. "umask" prints the mode in
octal, preceded by 0).
WILDCARDS AND GLOBBING¶
Neither guestfish nor the underlying guestfs API performs wildcard expansion
(globbing) by default. So for example the following will not do what you
expect:
rm-rf /home/*
Assuming you don't have a directory called literally "/home/*" then
the above command will return an error.
To perform wildcard expansion, use the "glob" command.
glob rm-rf /home/*
runs "rm-rf" on each path that matches (ie. potentially running the
command many times), equivalent to:
rm-rf /home/jim
rm-rf /home/joe
rm-rf /home/mary
"glob" only works on simple guest paths and not on device names.
If you have several parameters, each containing a wildcard, then glob will
perform a Cartesian product.
Any line which starts with a
# character is treated as a comment and
ignored. The
# can optionally be preceded by whitespace, but
not
by a command. For example:
# this is a comment
# this is a comment
foo # NOT a comment
Blank lines are also ignored.
RUNNING COMMANDS LOCALLY¶
Any line which starts with a
! character is treated as a command sent to
the local shell ("/bin/sh" or whatever
system(3) uses). For
example:
!mkdir local
tgz-out /remote local/remote-data.tar.gz
will create a directory "local" on the host, and then export the
contents of "/remote" on the mounted filesystem to
"local/remote-data.tar.gz". (See "tgz-out").
To change the local directory, use the "lcd" command. "!cd"
will have no effect, due to the way that subprocesses work in Unix.
LOCAL COMMANDS WITH INLINE EXECUTION¶
If a line starts with
<! then the shell command is executed (as for
!), but subsequently any output (stdout) of the shell command is parsed
and executed as guestfish commands.
Thus you can use shell script to construct arbitrary guestfish commands which
are then parsed by guestfish.
For example it is tedious to create a sequence of files (eg. "/foo.1"
through "/foo.100") using guestfish commands alone. However this is
simple if we use a shell script to create the guestfish commands for us:
<! for n in `seq 1 100`; do echo write /foo.$n $n; done
or with names like "/foo.001":
<! for n in `seq 1 100`; do printf "write /foo.%03d %d\n" $n $n; done
When using guestfish interactively it can be helpful to just run the shell
script first (ie. remove the initial "<" character so it is just
an ordinary
! local command), see what guestfish commands it would run,
and when you are happy with those prepend the "<" character to
run the guestfish commands for real.
PIPES¶
Use "command <space> | command" to pipe the output of the first
command (a guestfish command) to the second command (any host command). For
example:
cat /etc/passwd | awk -F: '$3 == 0 { print }'
(where "cat" is the guestfish cat command, but "awk" is the
host awk program). The above command would list all accounts in the guest
filesystem which have UID 0, ie. root accounts including backdoors. Other
examples:
hexdump /bin/ls | head
list-devices | tail -1
tgz-out / - | tar ztf -
The space before the pipe symbol is required, any space after the pipe symbol is
optional. Everything after the pipe symbol is just passed straight to the host
shell, so it can contain redirections, globs and anything else that makes
sense on the host side.
To use a literal argument which begins with a pipe symbol, you have to quote it,
eg:
echo "|"
HOME DIRECTORIES¶
If a parameter starts with the character "~" then the tilde may be
expanded as a home directory path (either "~" for the current user's
home directory, or "~user" for another user).
Note that home directory expansion happens for users known
on the
host, not in the guest filesystem.
To use a literal argument which begins with a tilde, you have to quote it, eg:
echo "~"
ENCRYPTED DISKS¶
Libguestfs has some support for Linux guests encrypted according to the Linux
Unified Key Setup (LUKS) standard, which includes nearly all whole disk
encryption systems used by modern Linux guests. Currently only LVM-on-LUKS is
supported.
Identify encrypted block devices and partitions using "vfs-type":
><fs> vfs-type /dev/sda2
crypto_LUKS
Then open those devices using "luks-open". This creates a
device-mapper device called "/dev/mapper/luksdev".
><fs> luks-open /dev/sda2 luksdev
Enter key or passphrase ("key"): <enter the passphrase>
Finally you have to tell LVM to scan for volume groups on the newly created
mapper device:
vgscan
vg-activate-all true
The logical volume(s) can now be mounted in the usual way.
Before closing a LUKS device you must unmount any logical volumes on it and
deactivate the volume groups by calling "vg-activate false VG" on
each one. Then you can close the mapper device:
vg-activate false /dev/VG
luks-close /dev/mapper/luksdev
WINDOWS PATHS¶
If a path is prefixed with "win:" then you can use Windows-style drive
letters and paths (with some limitations). The following commands are
equivalent:
file /WINDOWS/system32/config/system.LOG
file win:\windows\system32\config\system.log
file WIN:C:\Windows\SYSTEM32\CONFIG\SYSTEM.LOG
The parameter is rewritten "behind the scenes" by looking up the
position where the drive is mounted, prepending that to the path, changing all
backslash characters to forward slash, then resolving the result using
"case-sensitive-path". For example if the E: drive was mounted on
"/e" then the parameter might be rewritten like this:
win:e:\foo\bar => /e/FOO/bar
This only works in argument positions that expect a path.
UPLOADING AND DOWNLOADING FILES¶
For commands such as "upload", "download",
"tar-in", "tar-out" and others which upload from or
download to a local file, you can use the special filename "-" to
mean "from stdin" or "to stdout". For example:
upload - /foo
reads stdin and creates from that a file "/foo" in the disk image,
and:
tar-out /etc - | tar tf -
writes the tarball to stdout and then pipes that into the external
"tar" command (see "PIPES").
When using "-" to read from stdin, the input is read up to the end of
stdin. You can also use a special "heredoc"-like syntax to read up
to some arbitrary end marker:
upload -<<END /foo
input line 1
input line 2
input line 3
END
Any string of characters can be used instead of "END". The end marker
must appear on a line of its own, without any preceding or following
characters (not even spaces).
Note that the "-<<" syntax only applies to parameters used to
upload local files (so-called "FileIn" parameters in the generator).
EXIT ON ERROR BEHAVIOUR¶
By default, guestfish will ignore any errors when in interactive mode (ie.
taking commands from a human over a tty), and will exit on the first error in
non-interactive mode (scripts, commands given on the command line).
If you prefix a command with a
- character, then that command will not
cause guestfish to exit, even if that (one) command returns an error.
REMOTE CONTROL GUESTFISH OVER A SOCKET¶
Guestfish can be remote-controlled over a socket. This is useful particularly in
shell scripts where you want to make several different changes to a
filesystem, but you don't want the overhead of starting up a guestfish process
each time.
Start a guestfish server process using:
eval "`guestfish --listen`"
and then send it commands by doing:
guestfish --remote cmd [...]
To cause the server to exit, send it the exit command:
guestfish --remote exit
Note that the server will normally exit if there is an error in a command. You
can change this in the usual way. See section "EXIT ON ERROR
BEHAVIOUR".
CONTROLLING MULTIPLE GUESTFISH PROCESSES¶
The "eval" statement sets the environment variable $GUESTFISH_PID,
which is how the
--remote option knows where to send the commands. You
can have several guestfish listener processes running using:
eval "`guestfish --listen`"
pid1=$GUESTFISH_PID
eval "`guestfish --listen`"
pid2=$GUESTFISH_PID
...
guestfish --remote=$pid1 cmd
guestfish --remote=$pid2 cmd
REMOTE CONTROL AND CSH¶
When using csh-like shells (csh, tcsh etc) you have to add the
--csh
option:
eval "`guestfish --listen --csh`"
REMOTE CONTROL DETAILS¶
Remote control happens over a Unix domain socket called
"/tmp/.guestfish-$UID/socket-$PID", where $UID is the effective user
ID of the process, and $PID is the process ID of the server.
Guestfish client and server versions must match exactly.
USING REMOTE CONTROL ROBUSTLY FROM SHELL SCRIPTS¶
From Bash, you can use the following code which creates a guestfish instance,
correctly quotes the command line, handles failure to start, and cleans up
guestfish when the script exits:
#!/bin/bash -
set -e
guestfish[0]="guestfish"
guestfish[1]="--listen"
guestfish[2]="--ro"
guestfish[3]="-a"
guestfish[4]="disk.img"
GUESTFISH_PID=
eval $("${guestfish[@]}")
if [ -z "$GUESTFISH_PID" ]; then
echo "error: guestfish didn't start up, see error messages above"
exit 1
fi
cleanup_guestfish ()
{
guestfish --remote -- exit >/dev/null 2>&1 ||:
}
trap cleanup_guestfish EXIT ERR
guestfish --remote -- run
# ...
REMOTE CONTROL RUN COMMAND HANGING¶
Using the "run" (or "launch") command remotely in a command
substitution context hangs, ie. don't do (note the backquotes):
a=`guestfish --remote run`
Since the "run" command produces no output on stdout, this is not
useful anyway. For further information see
<
https://bugzilla.redhat.com/show_bug.cgi?id=592910>.
PREPARED DISK IMAGES¶
Use the
-N type or
--new type parameter to select one of a set of
preformatted disk images that guestfish can make for you to save typing. This
is particularly useful for testing purposes. This option is used instead of
the
-a option, and like
-a can appear multiple times (and can be
mixed with
-a).
The new disk is called "test1.img" for the first
-N,
"test2.img" for the second and so on. Existing files in the current
directory are
overwritten.
The type briefly describes how the disk should be sized, partitioned, how
filesystem(s) should be created, and how content should be added. Optionally
the type can be followed by extra parameters, separated by ":"
(colon) characters. For example,
-N fs creates a default 100MB,
sparsely-allocated disk, containing a single partition, with the partition
formatted as ext2.
-N fs:ext4:1G is the same, but for an ext4
filesystem on a 1GB disk instead.
To list the available types and any extra parameters they take, run:
guestfish -N help | less
Note that the prepared filesystem is not mounted. You would usually have to use
the "mount /dev/sda1 /" command or add the
-m /dev/sda1
option.
If any
-N or
--new options are given, the guest is automatically
launched.
EXAMPLES¶
Create a 100MB disk with an ext4-formatted partition:
guestfish -N fs:ext4
Create a 32MB disk with a VFAT-formatted partition, and mount it:
guestfish -N fs:vfat:32M -m /dev/sda1
Create a blank 200MB disk:
guestfish -N disk:200M
PROGRESS BARS¶
Some (not all) long-running commands send progress notification messages as they
are running. Guestfish turns these messages into progress bars.
When a command that supports progress bars takes longer than two seconds to run,
and if progress bars are enabled, then you will see one appearing below the
command:
><fs> copy-size /large-file /another-file 2048M
/ 10% [#####-----------------------------------------] 00:30
The spinner on the left hand side moves round once for every progress
notification received from the backend. This is a (reasonably) golden
assurance that the command is "doing something" even if the progress
bar is not moving, because the command is able to send the progress
notifications. When the bar reaches 100% and the command finishes, the spinner
disappears.
Progress bars are enabled by default when guestfish is used interactively. You
can enable them even for non-interactive modes using
--progress-bars,
and you can disable them completely using
--no-progress-bars.
GUESTFISH COMMANDS¶
The commands in this section are guestfish convenience commands, in other words,
they are not part of the
guestfs(3) API.
help¶
help
help cmd
Without any parameter, this provides general help.
With a "cmd" parameter, this displays detailed help for that command.
quit | exit¶
This exits guestfish. You can also use "^D" key.
alloc¶
allocate¶
alloc filename size
This creates an empty (zeroed) file of the given size, and then adds so it can
be further examined.
For more advanced image creation, see
qemu-img(1) utility.
Size can be specified using standard suffixes, eg. "1M".
To create a sparse file, use "sparse" instead. To create a prepared
disk image, see "PREPARED DISK IMAGES".
copy-in¶
copy-in local [local ...] /remotedir
"copy-in" copies local files or directories recursively into the disk
image, placing them in the directory called "/remotedir" (which must
exist). This guestfish meta-command turns into a sequence of
"tar-in" and other commands as necessary.
Multiple local files and directories can be specified, but the last parameter
must always be a remote directory. Wildcards cannot be used.
copy-out¶
copy-out remote [remote ...] localdir
"copy-out" copies remote files or directories recursively out of the
disk image, placing them on the host disk in a local directory called
"localdir" (which must exist). This guestfish meta-command turns
into a sequence of "download", "tar-out" and other
commands as necessary.
Multiple remote files and directories can be specified, but the last parameter
must always be a local directory. To download to the current directory, use
"." as in:
copy-out /home .
Wildcards cannot be used in the ordinary command, but you can use them with the
help of "glob" like this:
glob copy-out /home/* .
delete-event¶
delete-event name
Delete the event handler which was previously registered as "name". If
multiple event handlers were registered with the same name, they are all
deleted.
See also the guestfish commands "event" and "list-events".
display¶
display filename
Use "display" (a graphical display program) to display an image file.
It downloads the file, and runs "display" on it.
To use an alternative program, set the "GUESTFISH_DISPLAY_IMAGE"
environment variable. For example to use the GNOME display program:
export GUESTFISH_DISPLAY_IMAGE=eog
See also
display(1).
echo¶
echo [params ...]
This echos the parameters to the terminal.
edit¶
emacs¶
edit filename
This is used to edit a file. It downloads the file, edits it locally using your
editor, then uploads the result.
The editor is $EDITOR. However if you use the alternate commands "vi"
or "emacs" you will get those corresponding editors.
event¶
event name eventset "shell script ..."
Register a shell script fragment which is executed when an event is raised. See
"guestfs_set_event_callback" in
guestfs(3) for a discussion
of the event API in libguestfs.
The "name" parameter is a name that you give to this event handler. It
can be any string (even the empty string) and is simply there so you can
delete the handler using the guestfish "delete-event" command.
The "eventset" parameter is a comma-separated list of one or more
events, for example "close" or "close,trace". The special
value "*" means all events.
The third and final parameter is the shell script fragment (or any external
command) that is executed when any of the events in the eventset occurs. It is
executed using "$SHELL -c", or if $SHELL is not set then
"/bin/sh -c".
The shell script fragment receives callback parameters as arguments $1, $2 etc.
The actual event that was called is available in the environment variable
$EVENT.
event "" close "echo closed"
event messages appliance,library,trace "echo $@"
event "" progress "echo progress: $3/$4"
event "" * "echo $EVENT $@"
See also the guestfish commands "delete-event" and
"list-events".
glob¶
glob command args...
Expand wildcards in any paths in the args list, and run "command"
repeatedly on each matching path.
See "WILDCARDS AND GLOBBING".
hexedit¶
hexedit <filename|device>
hexedit <filename|device> <max>
hexedit <filename|device> <start> <max>
Use hexedit (a hex editor) to edit all or part of a binary file or block device.
This command works by downloading potentially the whole file or device, editing
it locally, then uploading it. If the file or device is large, you have to
specify which part you wish to edit by using "max" and/or
"start" "max" parameters. "start" and
"max" are specified in bytes, with the usual modifiers allowed such
as "1M" (1 megabyte).
For example to edit the first few sectors of a disk you might do:
hexedit /dev/sda 1M
which would allow you to edit anywhere within the first megabyte of the disk.
To edit the superblock of an ext2 filesystem on "/dev/sda1", do:
hexedit /dev/sda1 0x400 0x400
(assuming the superblock is in the standard location).
This command requires the external
hexedit(1) program. You can specify
another program to use by setting the "HEXEDITOR" environment
variable.
See also "hexdump".
lcd¶
lcd directory
Change the local directory, ie. the current directory of guestfish itself.
Note that "!cd" won't do what you might expect.
list-events¶
list-events
List the event handlers registered using the guestfish "event"
command.
man¶
manual¶
man
Opens the manual page for guestfish.
more¶
less¶
more filename
less filename
This is used to view a file.
The default viewer is $PAGER. However if you use the alternate command
"less" you will get the "less" command specifically.
reopen¶
reopen
Close and reopen the libguestfs handle. It is not necessary to use this
normally, because the handle is closed properly when guestfish exits. However
this is occasionally useful for testing.
setenv¶
setenv VAR value
Set the environment variable "VAR" to the string "value".
To print the value of an environment variable use a shell command such as:
!echo $VAR
sparse¶
sparse filename size
This creates an empty sparse file of the given size, and then adds so it can be
further examined.
In all respects it works the same as the "alloc" command, except that
the image file is allocated sparsely, which means that disk blocks are not
assigned to the file until they are needed. Sparse disk files only use space
when written to, but they are slower and there is a danger you could run out
of real disk space during a write operation.
For more advanced image creation, see
qemu-img(1) utility.
Size can be specified using standard suffixes, eg. "1M".
supported¶
supported
This command returns a list of the optional groups known to the daemon, and
indicates which ones are supported by this build of the libguestfs appliance.
See also "AVAILABILITY" in
guestfs(3).
time¶
time command args...
Run the command as usual, but print the elapsed time afterwards. This can be
useful for benchmarking operations.
unsetenv¶
unsetenv VAR
Remove "VAR" from the environment.
COMMANDS¶
add-cdrom¶
add-cdrom filename
This function adds a virtual CD-ROM disk image to the guest.
This is equivalent to the qemu parameter
-cdrom filename.
Notes:
- •
- This call checks for the existence of "filename".
This stops you from specifying other types of drive which are supported by
qemu such as "nbd:" and "http:" URLs. To specify
those, use the general "config" call instead.
- •
- If you just want to add an ISO file (often you use this as
an efficient way to transfer large files into the guest), then you should
probably use "add-drive-ro" instead.
This function is deprecated. In new code, use the
"add_drive_opts" call instead.
Deprecated functions will not be removed from the API, but the fact that they
are deprecated indicates that there are problems with correct use of these
functions.
add-domain¶
domain¶
add-domain dom [libvirturi:..] [readonly:true|false] [iface:..] [live:true|false] [allowuuid:true|false] [readonlydisk:..]
This function adds the disk(s) attached to the named libvirt domain
"dom". It works by connecting to libvirt, requesting the domain and
domain XML from libvirt, parsing it for disks, and calling
"add-drive-opts" on each one.
The number of disks added is returned. This operation is atomic: if an error is
returned, then no disks are added.
This function does some minimal checks to make sure the libvirt domain is not
running (unless "readonly" is true). In a future version we will try
to acquire the libvirt lock on each disk.
Disks must be accessible locally. This often means that adding disks from a
remote libvirt connection (see <
http://libvirt.org/remote.html>) will
fail unless those disks are accessible via the same device path locally too.
The optional "libvirturi" parameter sets the libvirt URI (see
<
http://libvirt.org/uri.html>). If this is not set then we connect to
the default libvirt URI (or one set through an environment variable, see the
libvirt documentation for full details).
The optional "live" flag controls whether this call will try to
connect to a running virtual machine "guestfsd" process if it sees a
suitable <channel> element in the libvirt XML definition. The default
(if the flag is omitted) is never to try. See "ATTACHING TO RUNNING
DAEMONS" in
guestfs(3) for more information.
If the "allowuuid" flag is true (default is false) then a UUID
may be passed instead of the domain name. The "dom" string is
treated as a UUID first and looked up, and if that lookup fails then we treat
"dom" as a name as usual.
The optional "readonlydisk" parameter controls what we do for disks
which are marked <readonly/> in the libvirt XML. Possible values are:
- readonlydisk = "error"
- If "readonly" is false:
The whole call is aborted with an error if any disk with the
<readonly/> flag is found.
If "readonly" is true:
Disks with the <readonly/> flag are added read-only.
- readonlydisk = "read"
- If "readonly" is false:
Disks with the <readonly/> flag are added read-only. Other disks are
added read/write.
If "readonly" is true:
Disks with the <readonly/> flag are added read-only.
- readonlydisk = "write" (default)
- If "readonly" is false:
Disks with the <readonly/> flag are added read/write.
If "readonly" is true:
Disks with the <readonly/> flag are added read-only.
- readonlydisk = "ignore"
- If "readonly" is true or false:
Disks with the <readonly/> flag are skipped.
The other optional parameters are passed directly through to
"add-drive-opts".
This command has one or more optional arguments. See "OPTIONAL
ARGUMENTS".
add-drive¶
add-drive filename
This function is the equivalent of calling "add-drive-opts" with no
optional parameters, so the disk is added writable, with the format being
detected automatically.
Automatic detection of the format opens you up to a potential security hole when
dealing with untrusted raw-format images. See CVE-2010-3851 and RHBZ#642934.
Specifying the format closes this security hole. Therefore you should think
about replacing calls to this function with calls to
"add-drive-opts", and specifying the format.
add-drive-opts¶
add¶
add-drive-opts filename [readonly:true|false] [format:..] [iface:..] [name:..]
This function adds a virtual machine disk image "filename" to
libguestfs. The first time you call this function, the disk appears as
"/dev/sda", the second time as "/dev/sdb", and so on.
You don't necessarily need to be root when using libguestfs. However you
obviously do need sufficient permissions to access the filename for whatever
operations you want to perform (ie. read access if you just want to read the
image or write access if you want to modify the image).
This call checks that "filename" exists.
The optional arguments are:
- "readonly"
- If true then the image is treated as read-only. Writes are
still allowed, but they are stored in a temporary snapshot overlay which
is discarded at the end. The disk that you add is not modified.
- "format"
- This forces the image format. If you omit this (or use
"add-drive" or "add-drive-ro") then the format is
automatically detected. Possible formats include "raw" and
"qcow2".
Automatic detection of the format opens you up to a potential security hole
when dealing with untrusted raw-format images. See CVE-2010-3851 and
RHBZ#642934. Specifying the format closes this security hole.
- "iface"
- This rarely-used option lets you emulate the behaviour of
the deprecated "add-drive-with-if" call (q.v.)
- "name"
- The name the drive had in the original guest, e.g.
/dev/sdb. This is used as a hint to the guest inspection process if it is
available.
This command has one or more optional arguments. See "OPTIONAL
ARGUMENTS".
add-drive-ro¶
add-ro¶
add-drive-ro filename
This function is the equivalent of calling "add-drive-opts" with the
optional parameter "GUESTFS_ADD_DRIVE_OPTS_READONLY" set to 1, so
the disk is added read-only, with the format being detected automatically.
add-drive-ro-with-if¶
add-drive-ro-with-if filename iface
This is the same as "add-drive-ro" but it allows you to specify the
QEMU interface emulation to use at run time.
This function is deprecated. In new code, use the
"add_drive_opts" call instead.
Deprecated functions will not be removed from the API, but the fact that they
are deprecated indicates that there are problems with correct use of these
functions.
add-drive-with-if¶
add-drive-with-if filename iface
This is the same as "add-drive" but it allows you to specify the QEMU
interface emulation to use at run time.
This function is deprecated. In new code, use the
"add_drive_opts" call instead.
Deprecated functions will not be removed from the API, but the fact that they
are deprecated indicates that there are problems with correct use of these
functions.
aug-clear¶
aug-clear augpath
Set the value associated with "path" to "NULL". This is the
same as the
augtool(1) "clear" command.
aug-close¶
aug-close
Close the current Augeas handle and free up any resources used by it. After
calling this, you have to call "aug-init" again before you can use
any other Augeas functions.
aug-defnode¶
aug-defnode name expr val
Defines a variable "name" whose value is the result of evaluating
"expr".
If "expr" evaluates to an empty nodeset, a node is created, equivalent
to calling "aug-set" "expr", "value".
"name" will be the nodeset containing that single node.
On success this returns a pair containing the number of nodes in the nodeset,
and a boolean flag if a node was created.
aug-defvar¶
aug-defvar name expr
Defines an Augeas variable "name" whose value is the result of
evaluating "expr". If "expr" is NULL, then
"name" is undefined.
On success this returns the number of nodes in "expr", or 0 if
"expr" evaluates to something which is not a nodeset.
aug-get¶
aug-get augpath
Look up the value associated with "path". If "path" matches
exactly one node, the "value" is returned.
aug-init¶
aug-init root flags
Create a new Augeas handle for editing configuration files. If there was any
previous Augeas handle associated with this guestfs session, then it is
closed.
You must call this before using any other "aug-*" commands.
"root" is the filesystem root. "root" must not be NULL, use
"/" instead.
The flags are the same as the flags defined in <augeas.h>, the logical
or of the following integers:
- "AUG_SAVE_BACKUP" = 1
- Keep the original file with a ".augsave"
extension.
- "AUG_SAVE_NEWFILE" = 2
- Save changes into a file with extension
".augnew", and do not overwrite original. Overrides
"AUG_SAVE_BACKUP".
- "AUG_TYPE_CHECK" = 4
- Typecheck lenses.
This option is only useful when debugging Augeas lenses. Use of this option
may require additional memory for the libguestfs appliance. You may need
to set the "LIBGUESTFS_MEMSIZE" environment variable or call
"set-memsize".
- "AUG_NO_STDINC" = 8
- Do not use standard load path for modules.
- "AUG_SAVE_NOOP" = 16
- Make save a no-op, just record what would have been
changed.
- "AUG_NO_LOAD" = 32
- Do not load the tree in "aug-init".
To close the handle, you can call "aug-close".
To find out more about Augeas, see <
http://augeas.net/>.
aug-insert¶
aug-insert augpath label true|false
Create a new sibling "label" for "path", inserting it into
the tree before or after "path" (depending on the boolean flag
"before").
"path" must match exactly one existing node in the tree, and
"label" must be a label, ie. not contain "/",
"*" or end with a bracketed index "[N]".
aug-load¶
aug-load
Load files into the tree.
See "aug_load" in the Augeas documentation for the full gory details.
aug-ls¶
aug-ls augpath
This is just a shortcut for listing "aug-match" "path/*" and
sorting the resulting nodes into alphabetical order.
aug-match¶
aug-match augpath
Returns a list of paths which match the path expression "path". The
returned paths are sufficiently qualified so that they match exactly one node
in the current tree.
aug-mv¶
aug-mv src dest
Move the node "src" to "dest". "src" must match
exactly one node. "dest" is overwritten if it exists.
aug-rm¶
aug-rm augpath
Remove "path" and all of its children.
On success this returns the number of entries which were removed.
aug-save¶
aug-save
This writes all pending changes to disk.
The flags which were passed to "aug-init" affect exactly how files are
saved.
aug-set¶
aug-set augpath val
Set the value associated with "path" to "val".
In the Augeas API, it is possible to clear a node by setting the value to NULL.
Due to an oversight in the libguestfs API you cannot do that with this call.
Instead you must use the "aug-clear" call.
available¶
available 'groups ...'
This command is used to check the availability of some groups of functionality
in the appliance, which not all builds of the libguestfs appliance will be
able to provide.
The libguestfs groups, and the functions that those groups correspond to, are
listed in "AVAILABILITY" in
guestfs(3). You can also fetch
this list at runtime by calling "available-all-groups".
The argument "groups" is a list of group names, eg:
"["inotify", "augeas"]" would check for the
availability of the Linux inotify functions and Augeas (configuration file
editing) functions.
The command returns no error if
all requested groups are available.
It fails with an error if one or more of the requested groups is unavailable in
the appliance.
If an unknown group name is included in the list of groups then an error is
always returned.
Notes:
- •
- You must call "launch" before calling this
function.
The reason is because we don't know what groups are supported by the
appliance/daemon until it is running and can be queried.
- •
- If a group of functions is available, this does not
necessarily mean that they will work. You still have to check for errors
when calling individual API functions even if they are available.
- •
- It is usually the job of distro packagers to build complete
functionality into the libguestfs appliance. Upstream libguestfs, if built
from source with all requirements satisfied, will support everything.
- •
- This call was added in version 1.0.80. In previous versions
of libguestfs all you could do would be to speculatively execute a command
to find out if the daemon implemented it. See also
"version".
available-all-groups¶
available-all-groups
This command returns a list of all optional groups that this daemon knows about.
Note this returns both supported and unsupported groups. To find out which
ones the daemon can actually support you have to call "available" on
each member of the returned list.
See also "available" and "AVAILABILITY" in
guestfs(3).
base64-in¶
base64-in (base64file|-) filename
This command uploads base64-encoded data from "base64file" to
"filename".
Use "-" instead of a filename to read/write from stdin/stdout.
base64-out¶
base64-out filename (base64file|-)
This command downloads the contents of "filename", writing it out to
local file "base64file" encoded as base64.
Use "-" instead of a filename to read/write from stdin/stdout.
blkid¶
blkid device
This command returns block device attributes for "device". The
following fields are usually present in the returned hash. Other fields may
also be present.
- "UUID"
- The uuid of this device.
- "LABEL"
- The label of this device.
- "VERSION"
- The version of blkid command.
- "TYPE"
- The filesystem type or RAID of this device.
- "USAGE"
- The usage of this device, for example
"filesystem" or "raid".
blockdev-flushbufs¶
blockdev-flushbufs device
This tells the kernel to flush internal buffers associated with
"device".
This uses the
blockdev(8) command.
blockdev-getbsz¶
blockdev-getbsz device
This returns the block size of a device.
(Note this is different from both
size in blocks and
filesystem block
size).
This uses the
blockdev(8) command.
blockdev-getro¶
blockdev-getro device
Returns a boolean indicating if the block device is read-only (true if
read-only, false if not).
This uses the
blockdev(8) command.
blockdev-getsize64¶
blockdev-getsize64 device
This returns the size of the device in bytes.
See also "blockdev-getsz".
This uses the
blockdev(8) command.
blockdev-getss¶
blockdev-getss device
This returns the size of sectors on a block device. Usually 512, but can be
larger for modern devices.
(Note, this is not the size in sectors, use "blockdev-getsz" for
that).
This uses the
blockdev(8) command.
blockdev-getsz¶
blockdev-getsz device
This returns the size of the device in units of 512-byte sectors (even if the
sectorsize isn't 512 bytes ... weird).
See also "blockdev-getss" for the real sector size of the device, and
"blockdev-getsize64" for the more useful
size in bytes.
This uses the
blockdev(8) command.
blockdev-rereadpt¶
blockdev-rereadpt device
Reread the partition table on "device".
This uses the
blockdev(8) command.
blockdev-setbsz¶
blockdev-setbsz device blocksize
This sets the block size of a device.
(Note this is different from both
size in blocks and
filesystem block
size).
This uses the
blockdev(8) command.
blockdev-setro¶
blockdev-setro device
Sets the block device named "device" to read-only.
This uses the
blockdev(8) command.
blockdev-setrw¶
blockdev-setrw device
Sets the block device named "device" to read-write.
This uses the
blockdev(8) command.
btrfs-device-add¶
btrfs-device-add 'devices ...' fs
Add the list of device(s) in "devices" to the btrfs filesystem mounted
at "fs". If "devices" is an empty list, this does nothing.
btrfs-device-delete¶
btrfs-device-delete 'devices ...' fs
Remove the "devices" from the btrfs filesystem mounted at
"fs". If "devices" is an empty list, this does nothing.
btrfs-filesystem-balance¶
btrfs-filesystem-balance fs
Balance the chunks in the btrfs filesystem mounted at "fs" across the
underlying devices.
btrfs-filesystem-resize¶
btrfs-filesystem-resize mountpoint [size:N]
This command resizes a btrfs filesystem.
Note that unlike other resize calls, the filesystem has to be mounted and the
parameter is the mountpoint not the device (this is a requirement of btrfs
itself).
The optional parameters are:
- "size"
- The new size (in bytes) of the filesystem. If omitted, the
filesystem is resized to the maximum size.
See also
btrfs(8).
This command has one or more optional arguments. See "OPTIONAL
ARGUMENTS".
btrfs-filesystem-sync¶
btrfs-filesystem-sync fs
Force sync on the btrfs filesystem mounted at "fs".
btrfs-fsck¶
btrfs-fsck device [superblock:N] [repair:true|false]
Used to check a btrfs filesystem, "device" is the device file where
the filesystem is stored.
This command has one or more optional arguments. See "OPTIONAL
ARGUMENTS".
btrfs-set-seeding¶
btrfs-set-seeding device true|false
Enable or disable the seeding feature of a device that contains a btrfs
filesystem.
btrfs-subvolume-create¶
btrfs-subvolume-create dest
Create a btrfs subvolume. The "dest" argument is the destination
directory and the name of the snapshot, in the form
"/path/to/dest/name".
btrfs-subvolume-delete¶
btrfs-subvolume-delete subvolume
Delete the named btrfs subvolume.
btrfs-subvolume-list¶
btrfs-subvolume-list fs
List the btrfs snapshots and subvolumes of the btrfs filesystem which is mounted
at "fs".
btrfs-subvolume-set-default¶
btrfs-subvolume-set-default id fs
Set the subvolume of the btrfs filesystem "fs" which will be mounted
by default. See "btrfs-subvolume-list" to get a list of subvolumes.
btrfs-subvolume-snapshot¶
btrfs-subvolume-snapshot source dest
Create a writable snapshot of the btrfs subvolume "source". The
"dest" argument is the destination directory and the name of the
snapshot, in the form "/path/to/dest/name".
case-sensitive-path¶
case-sensitive-path path
This can be used to resolve case insensitive paths on a filesystem which is case
sensitive. The use case is to resolve paths which you have read from Windows
configuration files or the Windows Registry, to the true path.
The command handles a peculiarity of the Linux ntfs-3g filesystem driver (and
probably others), which is that although the underlying filesystem is
case-insensitive, the driver exports the filesystem to Linux as
case-sensitive.
One consequence of this is that special directories such as
"c:\windows" may appear as "/WINDOWS" or
"/windows" (or other things) depending on the precise details of how
they were created. In Windows itself this would not be a problem.
Bug or feature? You decide:
http://www.tuxera.com/community/ntfs-3g-faq/#posixfilenames1
<
http://www.tuxera.com/community/ntfs-3g-faq/#posixfilenames1>
This function resolves the true case of each element in the path and returns the
case-sensitive path.
Thus "case-sensitive-path" ("/Windows/System32") might
return "/WINDOWS/system32" (the exact return value would depend on
details of how the directories were originally created under Windows).
Note: This function does not handle drive names, backslashes etc.
See also "realpath".
cat¶
cat path
Return the contents of the file named "path".
Note that this function cannot correctly handle binary files (specifically,
files containing "\0" character which is treated as end of string).
For those you need to use the "read-file" or "download"
functions which have a more complex interface.
Because of the message protocol, there is a transfer limit of somewhere between
2MB and 4MB. See "PROTOCOL LIMITS" in
guestfs(3).
checksum¶
checksum csumtype path
This call computes the MD5, SHAx or CRC checksum of the file named
"path".
The type of checksum to compute is given by the "csumtype" parameter
which must have one of the following values:
- "crc"
- Compute the cyclic redundancy check (CRC) specified by
POSIX for the "cksum" command.
- "md5"
- Compute the MD5 hash (using the "md5sum"
program).
- "sha1"
- Compute the SHA1 hash (using the "sha1sum"
program).
- "sha224"
- Compute the SHA224 hash (using the "sha224sum"
program).
- "sha256"
- Compute the SHA256 hash (using the "sha256sum"
program).
- "sha384"
- Compute the SHA384 hash (using the "sha384sum"
program).
- "sha512"
- Compute the SHA512 hash (using the "sha512sum"
program).
The checksum is returned as a printable string.
To get the checksum for a device, use "checksum-device".
To get the checksums for many files, use "checksums-out".
checksum-device¶
checksum-device csumtype device
This call computes the MD5, SHAx or CRC checksum of the contents of the device
named "device". For the types of checksums supported see the
"checksum" command.
checksums-out¶
checksums-out csumtype directory (sumsfile|-)
This command computes the checksums of all regular files in
"directory" and then emits a list of those checksums to the local
output file "sumsfile".
This can be used for verifying the integrity of a virtual machine. However to be
properly secure you should pay attention to the output of the checksum command
(it uses the ones from GNU coreutils). In particular when the filename is not
printable, coreutils uses a special backslash syntax. For more information,
see the GNU coreutils info file.
Use "-" instead of a filename to read/write from stdin/stdout.
chmod¶
chmod mode path
Change the mode (permissions) of "path" to "mode". Only
numeric modes are supported.
Note: When using this command from guestfish, "mode" by default
would be decimal, unless you prefix it with 0 to get octal, ie. use 0700 not
700.
The mode actually set is affected by the umask.
chown¶
chown owner group path
Change the file owner to "owner" and group to "group".
Only numeric uid and gid are supported. If you want to use names, you will need
to locate and parse the password file yourself (Augeas support makes this
relatively easy).
command¶
command 'arguments ...'
This call runs a command from the guest filesystem. The filesystem must be
mounted, and must contain a compatible operating system (ie. something Linux,
with the same or compatible processor architecture).
The single parameter is an argv-style list of arguments. The first element is
the name of the program to run. Subsequent elements are parameters. The list
must be non-empty (ie. must contain a program name). Note that the command
runs directly, and is
not invoked via the shell (see "sh").
The return value is anything printed to
stdout by the command.
If the command returns a non-zero exit status, then this function returns an
error message. The error message string is the content of
stderr from
the command.
The $PATH environment variable will contain at least "/usr/bin" and
"/bin". If you require a program from another location, you should
provide the full path in the first parameter.
Shared libraries and data files required by the program must be available on
filesystems which are mounted in the correct places. It is the caller's
responsibility to ensure all filesystems that are needed are mounted at the
right locations.
Because of the message protocol, there is a transfer limit of somewhere between
2MB and 4MB. See "PROTOCOL LIMITS" in
guestfs(3).
command-lines¶
command-lines 'arguments ...'
This is the same as "command", but splits the result into a list of
lines.
See also: "sh-lines"
Because of the message protocol, there is a transfer limit of somewhere between
2MB and 4MB. See "PROTOCOL LIMITS" in
guestfs(3).
compress-device-out¶
compress-device-out ctype device (zdevice|-) [level:N]
This command compresses "device" and writes it out to the local file
"zdevice".
The "ctype" and optional "level" parameters have the same
meaning as in "compress-out".
Use "-" instead of a filename to read/write from stdin/stdout.
This command has one or more optional arguments. See "OPTIONAL
ARGUMENTS".
compress-out¶
compress-out ctype file (zfile|-) [level:N]
This command compresses "file" and writes it out to the local file
"zfile".
The compression program used is controlled by the "ctype" parameter.
Currently this includes: "compress", "gzip",
"bzip2", "xz" or "lzop". Some compression types
may not be supported by particular builds of libguestfs, in which case you
will get an error containing the substring "not supported".
The optional "level" parameter controls compression level. The meaning
and default for this parameter depends on the compression program being used.
Use "-" instead of a filename to read/write from stdin/stdout.
This command has one or more optional arguments. See "OPTIONAL
ARGUMENTS".
config¶
config qemuparam qemuvalue
This can be used to add arbitrary qemu command line parameters of the form
-param value. Actually it's not quite arbitrary - we prevent you from
setting some parameters which would interfere with parameters that we use.
The first character of "param" string must be a "-" (dash).
"value" can be NULL.
copy-device-to-device¶
copy-device-to-device src dest [srcoffset:N] [destoffset:N] [size:N]
The four calls "copy-device-to-device",
"copy-device-to-file", "copy-file-to-device", and
"copy-file-to-file" let you copy from a source (device|file) to a
destination (device|file).
Partial copies can be made since you can specify optionally the source offset,
destination offset and size to copy. These values are all specified in bytes.
If not given, the offsets both default to zero, and the size defaults to
copying as much as possible until we hit the end of the source.
The source and destination may be the same object. However overlapping regions
may not be copied correctly.
If the destination is a file, it is created if required. If the destination file
is not large enough, it is extended.
This command has one or more optional arguments. See "OPTIONAL
ARGUMENTS".
copy-device-to-file¶
copy-device-to-file src dest [srcoffset:N] [destoffset:N] [size:N]
See "copy-device-to-device" for a general overview of this call.
This command has one or more optional arguments. See "OPTIONAL
ARGUMENTS".
copy-file-to-device¶
copy-file-to-device src dest [srcoffset:N] [destoffset:N] [size:N]
See "copy-device-to-device" for a general overview of this call.
This command has one or more optional arguments. See "OPTIONAL
ARGUMENTS".
copy-file-to-file¶
copy-file-to-file src dest [srcoffset:N] [destoffset:N] [size:N]
See "copy-device-to-device" for a general overview of this call.
This is
not the function you want for copying files. This is for copying
blocks within existing files. See "cp", "cp-a" and
"mv" for general file copying and moving functions.
This command has one or more optional arguments. See "OPTIONAL
ARGUMENTS".
copy-size¶
copy-size src dest size
This command copies exactly "size" bytes from one source device or
file "src" to another destination device or file "dest".
Note this will fail if the source is too short or if the destination is not
large enough.
This function is deprecated. In new code, use the
"copy_device_to_device" call instead.
Deprecated functions will not be removed from the API, but the fact that they
are deprecated indicates that there are problems with correct use of these
functions.
cp src dest
This copies a file from "src" to "dest" where
"dest" is either a destination filename or destination directory.
cp-a¶
cp-a src dest
This copies a file or directory from "src" to "dest"
recursively using the "cp -a" command.
dd src dest
This command copies from one source device or file "src" to another
destination device or file "dest". Normally you would use this to
copy to or from a device or partition, for example to duplicate a filesystem.
If the destination is a device, it must be as large or larger than the source
file or device, otherwise the copy will fail. This command cannot do partial
copies (see "copy-device-to-device").
This function is deprecated. In new code, use the
"copy_device_to_device" call instead.
Deprecated functions will not be removed from the API, but the fact that they
are deprecated indicates that there are problems with correct use of these
functions.
df
This command runs the "df" command to report disk space used.
This command is mostly useful for interactive sessions. It is
not
intended that you try to parse the output string. Use "statvfs" from
programs.
df-h¶
df-h
This command runs the "df -h" command to report disk space used in
human-readable format.
This command is mostly useful for interactive sessions. It is
not
intended that you try to parse the output string. Use "statvfs" from
programs.
dmesg¶
dmesg
This returns the kernel messages ("dmesg" output) from the guest
kernel. This is sometimes useful for extended debugging of problems.
Another way to get the same information is to enable verbose messages with
"set-verbose" or by setting the environment variable
"LIBGUESTFS_DEBUG=1" before running the program.
download¶
download remotefilename (filename|-)
Download file "remotefilename" and save it as "filename" on
the local machine.
"filename" can also be a named pipe.
See also "upload", "cat".
Use "-" instead of a filename to read/write from stdin/stdout.
download-offset¶
download-offset remotefilename (filename|-) offset size
Download file "remotefilename" and save it as "filename" on
the local machine.
"remotefilename" is read for "size" bytes starting at
"offset" (this region must be within the file or device).
Note that there is no limit on the amount of data that can be downloaded with
this call, unlike with "pread", and this call always reads the full
amount unless an error occurs.
See also "download", "pread".
Use "-" instead of a filename to read/write from stdin/stdout.
drop-caches¶
drop-caches whattodrop
This instructs the guest kernel to drop its page cache, and/or dentries and
inode caches. The parameter "whattodrop" tells the kernel what
precisely to drop, see
http://linux-mm.org/Drop_Caches
<
http://linux-mm.org/Drop_Caches>
Setting "whattodrop" to 3 should drop everything.
This automatically calls
sync(2) before the operation, so that the
maximum guest memory is freed.
du path
This command runs the "du -s" command to estimate file space usage for
"path".
"path" can be a file or a directory. If "path" is a
directory then the estimate includes the contents of the directory and all
subdirectories (recursively).
The result is the estimated size in
kilobytes (ie. units of 1024 bytes).
e2fsck¶
e2fsck device [correct:true|false] [forceall:true|false]
This runs the ext2/ext3 filesystem checker on "device". It can take
the following optional arguments:
- "correct"
- Automatically repair the file system. This option will
cause e2fsck to automatically fix any filesystem problems that can be
safely fixed without human intervention.
This option may not be specified at the same time as the
"forceall" option.
- "forceall"
- Assume an answer of 'yes' to all questions; allows e2fsck
to be used non-interactively.
This option may not be specified at the same time as the "correct"
option.
This command has one or more optional arguments. See "OPTIONAL
ARGUMENTS".
e2fsck-f¶
e2fsck-f device
This runs "e2fsck -p -f device", ie. runs the ext2/ext3 filesystem
checker on "device", noninteractively (
-p), even if the
filesystem appears to be clean (
-f).
This function is deprecated. In new code, use the "e2fsck" call
instead.
Deprecated functions will not be removed from the API, but the fact that they
are deprecated indicates that there are problems with correct use of these
functions.
echo-daemon¶
echo-daemon 'words ...'
This command concatenates the list of "words" passed with single
spaces between them and returns the resulting string.
You can use this command to test the connection through to the daemon.
See also "ping-daemon".
egrep¶
egrep regex path
This calls the external "egrep" program and returns the matching
lines.
Because of the message protocol, there is a transfer limit of somewhere between
2MB and 4MB. See "PROTOCOL LIMITS" in
guestfs(3).
egrepi¶
egrepi regex path
This calls the external "egrep -i" program and returns the matching
lines.
Because of the message protocol, there is a transfer limit of somewhere between
2MB and 4MB. See "PROTOCOL LIMITS" in
guestfs(3).
equal¶
equal file1 file2
This compares the two files "file1" and "file2" and returns
true if their content is exactly equal, or false otherwise.
The external
cmp(1) program is used for the comparison.
exists¶
exists path
This returns "true" if and only if there is a file, directory (or
anything) with the given "path" name.
See also "is-file", "is-dir", "stat".
fallocate¶
fallocate path len
This command preallocates a file (containing zero bytes) named "path"
of size "len" bytes. If the file exists already, it is overwritten.
Do not confuse this with the guestfish-specific "alloc" command which
allocates a file in the host and attaches it as a device.
This function is deprecated. In new code, use the "fallocate64"
call instead.
Deprecated functions will not be removed from the API, but the fact that they
are deprecated indicates that there are problems with correct use of these
functions.
fallocate64¶
fallocate64 path len
This command preallocates a file (containing zero bytes) named "path"
of size "len" bytes. If the file exists already, it is overwritten.
Note that this call allocates disk blocks for the file. To create a sparse file
use "truncate-size" instead.
The deprecated call "fallocate" does the same, but owing to an
oversight it only allowed 30 bit lengths to be specified, effectively limiting
the maximum size of files created through that call to 1GB.
Do not confuse this with the guestfish-specific "alloc" and
"sparse" commands which create a file in the host and attach it as a
device.
fgrep¶
fgrep pattern path
This calls the external "fgrep" program and returns the matching
lines.
Because of the message protocol, there is a transfer limit of somewhere between
2MB and 4MB. See "PROTOCOL LIMITS" in
guestfs(3).
fgrepi¶
fgrepi pattern path
This calls the external "fgrep -i" program and returns the matching
lines.
Because of the message protocol, there is a transfer limit of somewhere between
2MB and 4MB. See "PROTOCOL LIMITS" in
guestfs(3).
file¶
file path
This call uses the standard
file(1) command to determine the type or
contents of the file.
This call will also transparently look inside various types of compressed file.
The exact command which runs is "file -zb path". Note in particular
that the filename is not prepended to the output (the
-b option).
The output depends on the output of the underlying
file(1) command and it
can change in future in ways beyond our control. In other words, the output is
not guaranteed by the ABI.
See also:
file(1), "vfs-type", "lstat",
"is-file", "is-blockdev" (etc), "is-zero".
file-architecture¶
file-architecture filename
This detects the architecture of the binary "filename", and returns it
if known.
Currently defined architectures are:
- "i386"
- This string is returned for all 32 bit i386, i486, i586,
i686 binaries irrespective of the precise processor requirements of the
binary.
- "x86_64"
- 64 bit x86-64.
- "sparc"
- 32 bit SPARC.
- "sparc64"
- 64 bit SPARC V9 and above.
- "ia64"
- Intel Itanium.
- "ppc"
- 32 bit Power PC.
- "ppc64"
- 64 bit Power PC.
Libguestfs may return other architecture strings in future.
The function works on at least the following types of files:
- •
- many types of Un*x and Linux binary
- •
- many types of Un*x and Linux shared library
- •
- Windows Win32 and Win64 binaries
- •
- Windows Win32 and Win64 DLLs
Win32 binaries and DLLs return "i386".
Win64 binaries and DLLs return "x86_64".
- •
- Linux kernel modules
- •
- Linux new-style initrd images
- •
- some non-x86 Linux vmlinuz kernels
What it can't do currently:
- •
- static libraries (libfoo.a)
- •
- Linux old-style initrd as compressed ext2 filesystem (RHEL
3)
- •
- x86 Linux vmlinuz kernels
x86 vmlinuz images (bzImage format) consist of a mix of 16-, 32- and
compressed code, and are horribly hard to unpack. If you want to find the
architecture of a kernel, use the architecture of the associated initrd or
kernel module(s) instead.
filesize¶
filesize file
This command returns the size of "file" in bytes.
To get other stats about a file, use "stat", "lstat",
"is-dir", "is-file" etc. To get the size of block devices,
use "blockdev-getsize64".
fill¶
fill c len path
This command creates a new file called "path". The initial content of
the file is "len" octets of "c", where "c" must
be a number in the range "[0..255]".
To fill a file with zero bytes (sparsely), it is much more efficient to use
"truncate-size". To create a file with a pattern of repeating bytes
use "fill-pattern".
fill-pattern¶
fill-pattern pattern len path
This function is like "fill" except that it creates a new file of
length "len" containing the repeating pattern of bytes in
"pattern". The pattern is truncated if necessary to ensure the
length of the file is exactly "len" bytes.
find¶
find directory
This command lists out all files and directories, recursively, starting at
"directory". It is essentially equivalent to running the shell
command "find directory -print" but some post-processing happens on
the output, described below.
This returns a list of strings
without any prefix. Thus if the directory
structure was:
/tmp/a
/tmp/b
/tmp/c/d
then the returned list from "find" "/tmp" would be 4
elements:
a
b
c
c/d
If "directory" is not a directory, then this command returns an error.
The returned list is sorted.
See also "find0".
Because of the message protocol, there is a transfer limit of somewhere between
2MB and 4MB. See "PROTOCOL LIMITS" in
guestfs(3).
find0¶
find0 directory (files|-)
This command lists out all files and directories, recursively, starting at
"directory", placing the resulting list in the external file called
"files".
This command works the same way as "find" with the following
exceptions:
- •
- The resulting list is written to an external file.
- •
- Items (filenames) in the result are separated by
"\0" characters. See find(1) option -print0.
- •
- This command is not limited in the number of names that it
can return.
- •
- The result list is not sorted.
Use "-" instead of a filename to read/write from stdin/stdout.
findfs-label¶
findfs-label label
This command searches the filesystems and returns the one which has the given
label. An error is returned if no such filesystem can be found.
To find the label of a filesystem, use "vfs-label".
findfs-uuid¶
findfs-uuid uuid
This command searches the filesystems and returns the one which has the given
UUID. An error is returned if no such filesystem can be found.
To find the UUID of a filesystem, use "vfs-uuid".
fsck¶
fsck fstype device
This runs the filesystem checker (fsck) on "device" which should have
filesystem type "fstype".
The returned integer is the status. See
fsck(8) for the list of status
codes from "fsck".
Notes:
- •
- Multiple status codes can be summed together.
- •
- A non-zero return code can mean "success", for
example if errors have been corrected on the filesystem.
- •
- Checking or repairing NTFS volumes is not supported (by
linux-ntfs).
This command is entirely equivalent to running "fsck -a -t fstype
device".
get-append¶
get-append
Return the additional kernel options which are added to the guest kernel command
line.
If "NULL" then no options are added.
get-attach-method¶
get-attach-method
Return the current attach method. See "set-attach-method".
get-autosync¶
get-autosync
Get the autosync flag.
get-direct¶
get-direct
Return the direct appliance mode flag.
get-e2attrs¶
get-e2attrs file
This returns the file attributes associated with "file".
The attributes are a set of bits associated with each inode which affect the
behaviour of the file. The attributes are returned as a string of letters
(described below). The string may be empty, indicating that no file attributes
are set for this file.
These attributes are only present when the file is located on an ext2/3/4
filesystem. Using this call on other filesystem types will result in an error.
The characters (file attributes) in the returned string are currently:
- 'A'
- When the file is accessed, its atime is not modified.
- 'a'
- The file is append-only.
- 'c'
- The file is compressed on-disk.
- 'D'
- (Directories only.) Changes to this directory are written
synchronously to disk.
- 'd'
- The file is not a candidate for backup (see
dump(8)).
- 'E'
- The file has compression errors.
- 'e'
- The file is using extents.
- 'h'
- The file is storing its blocks in units of the filesystem
blocksize instead of sectors.
- 'I'
- (Directories only.) The directory is using hashed
trees.
- 'i'
- The file is immutable. It cannot be modified, deleted or
renamed. No link can be created to this file.
- 'j'
- The file is data-journaled.
- 's'
- When the file is deleted, all its blocks will be
zeroed.
- 'S'
- Changes to this file are written synchronously to
disk.
- 'T'
- (Directories only.) This is a hint to the block allocator
that subdirectories contained in this directory should be spread across
blocks. If not present, the block allocator will try to group
subdirectories together.
- 't'
- For a file, this disables tail-merging. (Not used by
upstream implementations of ext2.)
- 'u'
- When the file is deleted, its blocks will be saved,
allowing the file to be undeleted.
- 'X'
- The raw contents of the compressed file may be
accessed.
- 'Z'
- The compressed file is dirty.
More file attributes may be added to this list later. Not all file attributes
may be set for all kinds of files. For detailed information, consult the
chattr(1) man page.
See also "set-e2attrs".
Don't confuse these attributes with extended attributes (see
"getxattr").
get-e2generation¶
get-e2generation file
This returns the ext2 file generation of a file. The generation (which used to
be called the "version") is a number associated with an inode. This
is most commonly used by NFS servers.
The generation is only present when the file is located on an ext2/3/4
filesystem. Using this call on other filesystem types will result in an error.
See "set-e2generation".
get-e2label¶
get-e2label device
This returns the ext2/3/4 filesystem label of the filesystem on
"device".
This function is deprecated. In new code, use the "vfs_label"
call instead.
Deprecated functions will not be removed from the API, but the fact that they
are deprecated indicates that there are problems with correct use of these
functions.
get-e2uuid¶
get-e2uuid device
This returns the ext2/3/4 filesystem UUID of the filesystem on
"device".
This function is deprecated. In new code, use the "vfs_uuid"
call instead.
Deprecated functions will not be removed from the API, but the fact that they
are deprecated indicates that there are problems with correct use of these
functions.
get-memsize¶
get-memsize
This gets the memory size in megabytes allocated to the qemu subprocess.
If "set-memsize" was not called on this handle, and if
"LIBGUESTFS_MEMSIZE" was not set, then this returns the compiled-in
default value for memsize.
For more information on the architecture of libguestfs, see
guestfs(3).
get-network¶
get-network
This returns the enable network flag.
get-path¶
get-path
Return the current search path.
This is always non-NULL. If it wasn't set already, then this will return the
default path.
get-pgroup¶
get-pgroup
This returns the process group flag.
get-pid¶
pid¶
get-pid
Return the process ID of the qemu subprocess. If there is no qemu subprocess,
then this will return an error.
This is an internal call used for debugging and testing.
get-qemu¶
get-qemu
Return the current qemu binary.
This is always non-NULL. If it wasn't set already, then this will return the
default qemu binary name.
get-recovery-proc¶
get-recovery-proc
Return the recovery process enabled flag.
get-selinux¶
get-selinux
This returns the current setting of the selinux flag which is passed to the
appliance at boot time. See "set-selinux".
For more information on the architecture of libguestfs, see
guestfs(3).
get-smp¶
get-smp
This returns the number of virtual CPUs assigned to the appliance.
get-state¶
get-state
This returns the current state as an opaque integer. This is only useful for
printing debug and internal error messages.
For more information on states, see
guestfs(3).
get-trace¶
get-trace
Return the command trace flag.
get-umask¶
get-umask
Return the current umask. By default the umask is 022 unless it has been set by
calling "umask".
get-verbose¶
get-verbose
This returns the verbose messages flag.
getcon¶
getcon
This gets the SELinux security context of the daemon.
See the documentation about SELINUX in
guestfs(3), and "setcon"
getxattr¶
getxattr path name
Get a single extended attribute from file "path" named
"name". This call follows symlinks. If you want to lookup an
extended attribute for the symlink itself, use "lgetxattr".
Normally it is better to get all extended attributes from a file in one go by
calling "getxattrs". However some Linux filesystem implementations
are buggy and do not provide a way to list out attributes. For these
filesystems (notably ntfs-3g) you have to know the names of the extended
attributes you want in advance and call this function.
Extended attribute values are blobs of binary data. If there is no extended
attribute named "name", this returns an error.
See also: "getxattrs", "lgetxattr",
attr(5).
getxattrs¶
getxattrs path
This call lists the extended attributes of the file or directory
"path".
At the system call level, this is a combination of the
listxattr(2) and
getxattr(2) calls.
See also: "lgetxattrs",
attr(5).
glob-expand¶
glob-expand pattern
This command searches for all the pathnames matching "pattern"
according to the wildcard expansion rules used by the shell.
If no paths match, then this returns an empty list (note: not an error).
It is just a wrapper around the C
glob(3) function with flags
"GLOB_MARK|GLOB_BRACE". See that manual page for more details.
Notice that there is no equivalent command for expanding a device name (eg.
"/dev/sd*"). Use "list-devices",
"list-partitions" etc functions instead.
grep¶
grep regex path
This calls the external "grep" program and returns the matching lines.
Because of the message protocol, there is a transfer limit of somewhere between
2MB and 4MB. See "PROTOCOL LIMITS" in
guestfs(3).
grepi¶
grepi regex path
This calls the external "grep -i" program and returns the matching
lines.
Because of the message protocol, there is a transfer limit of somewhere between
2MB and 4MB. See "PROTOCOL LIMITS" in
guestfs(3).
grub-install¶
grub-install root device
This command installs GRUB 1 (the Grand Unified Bootloader) on
"device", with the root directory being "root".
Notes:
- •
- There is currently no way in the API to install grub2,
which is used by most modern Linux guests. It is possible to run the grub2
command from the guest, although see the caveats in "RUNNING
COMMANDS" in guestfs(3).
- •
- This uses "grub-install" from the host.
Unfortunately grub is not always compatible with itself, so this only
works in rather narrow circumstances. Careful testing with each guest
version is advisable.
- •
- If grub-install reports the error "No suitable drive
was found in the generated device map." it may be that you need to
create a "/boot/grub/device.map" file first that contains the
mapping between grub device names and Linux device names. It is usually
sufficient to create a file containing:
(hd0) /dev/vda
replacing "/dev/vda" with the name of the installation
device.
head¶
head path
This command returns up to the first 10 lines of a file as a list of strings.
Because of the message protocol, there is a transfer limit of somewhere between
2MB and 4MB. See "PROTOCOL LIMITS" in
guestfs(3).
head-n¶
head-n nrlines path
If the parameter "nrlines" is a positive number, this returns the
first "nrlines" lines of the file "path".
If the parameter "nrlines" is a negative number, this returns lines
from the file "path", excluding the last "nrlines" lines.
If the parameter "nrlines" is zero, this returns an empty list.
Because of the message protocol, there is a transfer limit of somewhere between
2MB and 4MB. See "PROTOCOL LIMITS" in
guestfs(3).
hexdump¶
hexdump path
This runs "hexdump -C" on the given "path". The result is
the human-readable, canonical hex dump of the file.
Because of the message protocol, there is a transfer limit of somewhere between
2MB and 4MB. See "PROTOCOL LIMITS" in
guestfs(3).
initrd-cat¶
initrd-cat initrdpath filename
This command unpacks the file "filename" from the initrd file called
"initrdpath". The filename must be given
without the initial
"/" character.
For example, in guestfish you could use the following command to examine the
boot script (usually called "/init") contained in a Linux initrd or
initramfs image:
initrd-cat /boot/initrd-<version>.img init
See also "initrd-list".
Because of the message protocol, there is a transfer limit of somewhere between
2MB and 4MB. See "PROTOCOL LIMITS" in
guestfs(3).
initrd-list¶
initrd-list path
This command lists out files contained in an initrd.
The files are listed without any initial "/" character. The files are
listed in the order they appear (not necessarily alphabetical). Directory
names are listed as separate items.
Old Linux kernels (2.4 and earlier) used a compressed ext2 filesystem as initrd.
We
only support the newer initramfs format (compressed cpio files).
inotify-add-watch¶
inotify-add-watch path mask
Watch "path" for the events listed in "mask".
Note that if "path" is a directory then events within that directory
are watched, but this does
not happen recursively (in subdirectories).
Note for non-C or non-Linux callers: the inotify events are defined by the Linux
kernel ABI and are listed in "/usr/include/sys/inotify.h".
inotify-close¶
inotify-close
This closes the inotify handle which was previously opened by inotify_init. It
removes all watches, throws away any pending events, and deallocates all
resources.
inotify-files¶
inotify-files
This function is a helpful wrapper around "inotify-read" which just
returns a list of pathnames of objects that were touched. The returned
pathnames are sorted and deduplicated.
inotify-init¶
inotify-init maxevents
This command creates a new inotify handle. The inotify subsystem can be used to
notify events which happen to objects in the guest filesystem.
"maxevents" is the maximum number of events which will be queued up
between calls to "inotify-read" or "inotify-files". If
this is passed as 0, then the kernel (or previously set) default is used. For
Linux 2.6.29 the default was 16384 events. Beyond this limit, the kernel
throws away events, but records the fact that it threw them away by setting a
flag "IN_Q_OVERFLOW" in the returned structure list (see
"inotify-read").
Before any events are generated, you have to add some watches to the internal
watch list. See: "inotify-add-watch" and
"inotify-rm-watch".
Queued up events should be read periodically by calling "inotify-read"
(or "inotify-files" which is just a helpful wrapper around
"inotify-read"). If you don't read the events out often enough then
you risk the internal queue overflowing.
The handle should be closed after use by calling "inotify-close". This
also removes any watches automatically.
See also
inotify(7) for an overview of the inotify interface as exposed
by the Linux kernel, which is roughly what we expose via libguestfs. Note that
there is one global inotify handle per libguestfs instance.
inotify-read¶
inotify-read
Return the complete queue of events that have happened since the previous read
call.
If no events have happened, this returns an empty list.
Note: In order to make sure that all events have been read, you must call
this function repeatedly until it returns an empty list. The reason is that
the call will read events up to the maximum appliance-to-host message size and
leave remaining events in the queue.
inotify-rm-watch¶
inotify-rm-watch wd
Remove a previously defined inotify watch. See "inotify-add-watch".
inspect-get-arch¶
inspect-get-arch root
This returns the architecture of the inspected operating system. The possible
return values are listed under "file-architecture".
If the architecture could not be determined, then the string "unknown"
is returned.
Please read "INSPECTION" in
guestfs(3) for more details.
inspect-get-distro¶
inspect-get-distro root
This returns the distro (distribution) of the inspected operating system.
Currently defined distros are:
- "archlinux"
- Arch Linux.
- "buildroot"
- Buildroot-derived distro, but not one we specifically
recognize.
- "centos"
- CentOS.
- "cirros"
- Cirros.
- "debian"
- Debian.
- "fedora"
- Fedora.
- "freedos"
- FreeDOS.
- "gentoo"
- Gentoo.
- "linuxmint"
- Linux Mint.
- "mageia"
- Mageia.
- "mandriva"
- Mandriva.
- "meego"
- MeeGo.
- "opensuse"
- OpenSUSE.
- "pardus"
- Pardus.
- "redhat-based"
- Some Red Hat-derived distro.
- "rhel"
- Red Hat Enterprise Linux.
- "scientificlinux"
- Scientific Linux.
- "slackware"
- Slackware.
- "ttylinux"
- ttylinux.
- "ubuntu"
- Ubuntu.
- "unknown"
- The distro could not be determined.
- "windows"
- Windows does not have distributions. This string is
returned if the OS type is Windows.
Future versions of libguestfs may return other strings here. The caller should
be prepared to handle any string.
Please read "INSPECTION" in
guestfs(3) for more details.
inspect-get-drive-mappings¶
inspect-get-drive-mappings root
This call is useful for Windows which uses a primitive system of assigning drive
letters (like "C:") to partitions. This inspection API examines the
Windows Registry to find out how disks/partitions are mapped to drive letters,
and returns a hash table as in the example below:
C => /dev/vda2
E => /dev/vdb1
F => /dev/vdc1
Note that keys are drive letters. For Windows, the key is case insensitive and
just contains the drive letter, without the customary colon separator
character.
In future we may support other operating systems that also used drive letters,
but the keys for those might not be case insensitive and might be longer than
1 character. For example in OS-9, hard drives were named "h0",
"h1" etc.
For Windows guests, currently only hard drive mappings are returned. Removable
disks (eg. DVD-ROMs) are ignored.
For guests that do not use drive mappings, or if the drive mappings could not be
determined, this returns an empty hash table.
Please read "INSPECTION" in
guestfs(3) for more details. See
also "inspect-get-mountpoints", "inspect-get-filesystems".
inspect-get-filesystems¶
inspect-get-filesystems root
This returns a list of all the filesystems that we think are associated with
this operating system. This includes the root filesystem, other ordinary
filesystems, and non-mounted devices like swap partitions.
In the case of a multi-boot virtual machine, it is possible for a filesystem to
be shared between operating systems.
Please read "INSPECTION" in
guestfs(3) for more details. See
also "inspect-get-mountpoints".
inspect-get-format root
This returns the format of the inspected operating system. You can use it to
detect install images, live CDs and similar.
Currently defined formats are:
- "installed"
- This is an installed operating system.
- "installer"
- The disk image being inspected is not an installed
operating system, but a bootable install disk, live CD, or
similar.
- "unknown"
- The format of this disk image is not known.
Future versions of libguestfs may return other strings here. The caller should
be prepared to handle any string.
Please read "INSPECTION" in
guestfs(3) for more details.
inspect-get-hostname¶
inspect-get-hostname root
This function returns the hostname of the operating system as found by
inspection of the guest's configuration files.
If the hostname could not be determined, then the string "unknown" is
returned.
Please read "INSPECTION" in
guestfs(3) for more details.
inspect-get-icon¶
inspect-get-icon root [favicon:true|false] [highquality:true|false]
This function returns an icon corresponding to the inspected operating system.
The icon is returned as a buffer containing a PNG image (re-encoded to PNG if
necessary).
If it was not possible to get an icon this function returns a zero-length
(non-NULL) buffer.
Callers must check for this case.
Libguestfs will start by looking for a file called "/etc/favicon.png"
or "C:\etc\favicon.png" and if it has the correct format, the
contents of this file will be returned. You can disable favicons by passing
the optional "favicon" boolean as false (default is true).
If finding the favicon fails, then we look in other places in the guest for a
suitable icon.
If the optional "highquality" boolean is true then only high quality
icons are returned, which means only icons of high resolution with an alpha
channel. The default (false) is to return any icon we can, even if it is of
substandard quality.
Notes:
- •
- Unlike most other inspection API calls, the guest's disks
must be mounted up before you call this, since it needs to read
information from the guest filesystem during the call.
- •
- Security: The icon data comes from the untrusted
guest, and should be treated with caution. PNG files have been known to
contain exploits. Ensure that libpng (or other relevant libraries) are
fully up to date before trying to process or display the icon.
- •
- The PNG image returned can be any size. It might not be
square. Libguestfs tries to return the largest, highest quality icon
available. The application must scale the icon to the required size.
- •
- Extracting icons from Windows guests requires the external
"wrestool" program from the "icoutils" package, and
several programs ("bmptopnm", "pnmtopng",
"pamcut") from the "netpbm" package. These must be
installed separately.
- •
- Operating system icons are usually trademarks. Seek legal
advice before using trademarks in applications.
This command has one or more optional arguments. See "OPTIONAL
ARGUMENTS".
inspect-get-major-version¶
inspect-get-major-version root
This returns the major version number of the inspected operating system.
Windows uses a consistent versioning scheme which is
not reflected in the
popular public names used by the operating system. Notably the operating
system known as "Windows 7" is really version 6.1 (ie. major = 6,
minor = 1). You can find out the real versions corresponding to releases of
Windows by consulting Wikipedia or MSDN.
If the version could not be determined, then 0 is returned.
Please read "INSPECTION" in
guestfs(3) for more details.
inspect-get-minor-version¶
inspect-get-minor-version root
This returns the minor version number of the inspected operating system.
If the version could not be determined, then 0 is returned.
Please read "INSPECTION" in
guestfs(3) for more details. See
also "inspect-get-major-version".
inspect-get-mountpoints¶
inspect-get-mountpoints root
This returns a hash of where we think the filesystems associated with this
operating system should be mounted. Callers should note that this is at best
an educated guess made by reading configuration files such as
"/etc/fstab".
In particular note that this may return
filesystems which are non-existent or not mountable and callers should be
prepared to handle or ignore failures if they try to mount them.
Each element in the returned hashtable has a key which is the path of the
mountpoint (eg. "/boot") and a value which is the filesystem that
would be mounted there (eg. "/dev/sda1").
Non-mounted devices such as swap devices are
not returned in this list.
For operating systems like Windows which still use drive letters, this call will
only return an entry for the first drive "mounted on" "/".
For information about the mapping of drive letters to partitions, see
"inspect-get-drive-mappings".
Please read "INSPECTION" in
guestfs(3) for more details. See
also "inspect-get-filesystems".
inspect-get-package-format root
This function and "inspect-get-package-management" return the package
format and package management tool used by the inspected operating system. For
example for Fedora these functions would return "rpm" (package
format) and "yum" (package management).
This returns the string "unknown" if we could not determine the
package format
or if the operating system does not have a real
packaging system (eg. Windows).
Possible strings include: "rpm", "deb", "ebuild",
"pisi", "pacman", "pkgsrc". Future versions of
libguestfs may return other strings.
Please read "INSPECTION" in
guestfs(3) for more details.
inspect-get-package-management¶
inspect-get-package-management root
"inspect-get-package-format" and this function return the package
format and package management tool used by the inspected operating system. For
example for Fedora these functions would return "rpm" (package
format) and "yum" (package management).
This returns the string "unknown" if we could not determine the
package management tool
or if the operating system does not have a real
packaging system (eg. Windows).
Possible strings include: "yum", "up2date", "apt"
(for all Debian derivatives), "portage", "pisi",
"pacman", "urpmi", "zypper". Future versions of
libguestfs may return other strings.
Please read "INSPECTION" in
guestfs(3) for more details.
inspect-get-product-name¶
inspect-get-product-name root
This returns the product name of the inspected operating system. The product
name is generally some freeform string which can be displayed to the user, but
should not be parsed by programs.
If the product name could not be determined, then the string "unknown"
is returned.
Please read "INSPECTION" in
guestfs(3) for more details.
inspect-get-product-variant¶
inspect-get-product-variant root
This returns the product variant of the inspected operating system.
For Windows guests, this returns the contents of the Registry key
"HKLM\Software\Microsoft\Windows NT\CurrentVersion"
"InstallationType" which is usually a string such as
"Client" or "Server" (other values are possible). This can
be used to distinguish consumer and enterprise versions of Windows that have
the same version number (for example, Windows 7 and Windows 2008 Server are
both version 6.1, but the former is "Client" and the latter is
"Server").
For enterprise Linux guests, in future we intend this to return the product
variant such as "Desktop", "Server" and so on. But this is
not implemented at present.
If the product variant could not be determined, then the string
"unknown" is returned.
Please read "INSPECTION" in
guestfs(3) for more details. See
also "inspect-get-product-name",
"inspect-get-major-version".
inspect-get-roots¶
inspect-get-roots
This function is a convenient way to get the list of root devices, as returned
from a previous call to "inspect-os", but without redoing the whole
inspection process.
This returns an empty list if either no root devices were found or the caller
has not called "inspect-os".
Please read "INSPECTION" in
guestfs(3) for more details.
inspect-get-type¶
inspect-get-type root
This returns the type of the inspected operating system. Currently defined types
are:
- "linux"
- Any Linux-based operating system.
- "windows"
- Any Microsoft Windows operating system.
- "freebsd"
- FreeBSD.
- "netbsd"
- NetBSD.
- "hurd"
- GNU/Hurd.
- "dos"
- MS-DOS, FreeDOS and others.
- "unknown"
- The operating system type could not be determined.
Future versions of libguestfs may return other strings here. The caller should
be prepared to handle any string.
Please read "INSPECTION" in
guestfs(3) for more details.
inspect-get-windows-current-control-set¶
inspect-get-windows-current-control-set root
This returns the Windows CurrentControlSet of the inspected guest. The
CurrentControlSet is a registry key name such as "ControlSet001".
This call assumes that the guest is Windows and that the Registry could be
examined by inspection. If this is not the case then an error is returned.
Please read "INSPECTION" in
guestfs(3) for more details.
inspect-get-windows-systemroot¶
inspect-get-windows-systemroot root
This returns the Windows systemroot of the inspected guest. The systemroot is a
directory path such as "/WINDOWS".
This call assumes that the guest is Windows and that the systemroot could be
determined by inspection. If this is not the case then an error is returned.
Please read "INSPECTION" in
guestfs(3) for more details.
inspect-is-live¶
inspect-is-live root
If "inspect-get-format" returns "installer" (this is an
install disk), then this returns true if a live image was detected on the
disk.
Please read "INSPECTION" in
guestfs(3) for more details.
inspect-is-multipart¶
inspect-is-multipart root
If "inspect-get-format" returns "installer" (this is an
install disk), then this returns true if the disk is part of a set.
Please read "INSPECTION" in
guestfs(3) for more details.
inspect-is-netinst¶
inspect-is-netinst root
If "inspect-get-format" returns "installer" (this is an
install disk), then this returns true if the disk is a network installer, ie.
not a self-contained install CD but one which is likely to require network
access to complete the install.
Please read "INSPECTION" in
guestfs(3) for more details.
inspect-list-applications¶
inspect-list-applications root
Return the list of applications installed in the operating system.
Note: This call works differently from other parts of the inspection API.
You have to call "inspect-os", then
"inspect-get-mountpoints", then mount up the disks, before calling
this. Listing applications is a significantly more difficult operation which
requires access to the full filesystem. Also note that unlike the other
"inspect-get-*" calls which are just returning data cached in the
libguestfs handle, this call actually reads parts of the mounted filesystems
during the call.
This returns an empty list if the inspection code was not able to determine the
list of applications.
The application structure contains the following fields:
- "app_name"
- The name of the application. For Red Hat-derived and
Debian-derived Linux guests, this is the package name.
- "app_display_name"
- The display name of the application, sometimes localized to
the install language of the guest operating system.
If unavailable this is returned as an empty string "". Callers
needing to display something can use "app_name" instead.
- "app_epoch"
- For package managers which use epochs, this contains the
epoch of the package (an integer). If unavailable, this is returned as
0.
- "app_version"
- The version string of the application or package. If
unavailable this is returned as an empty string "".
- "app_release"
- The release string of the application or package, for
package managers that use this. If unavailable this is returned as an
empty string "".
- "app_install_path"
- The installation path of the application (on operating
systems such as Windows which use installation paths). This path is in the
format used by the guest operating system, it is not a libguestfs path.
If unavailable this is returned as an empty string "".
- "app_trans_path"
- The install path translated into a libguestfs path. If
unavailable this is returned as an empty string "".
- "app_publisher"
- The name of the publisher of the application, for package
managers that use this. If unavailable this is returned as an empty string
"".
- "app_url"
- The URL (eg. upstream URL) of the application. If
unavailable this is returned as an empty string "".
- "app_source_package"
- For packaging systems which support this, the name of the
source package. If unavailable this is returned as an empty string
"".
- "app_summary"
- A short (usually one line) description of the application
or package. If unavailable this is returned as an empty string
"".
- "app_description"
- A longer description of the application or package. If
unavailable this is returned as an empty string "".
Please read "INSPECTION" in
guestfs(3) for more details.
inspect-os¶
inspect-os
This function uses other libguestfs functions and certain heuristics to inspect
the disk(s) (usually disks belonging to a virtual machine), looking for
operating systems.
The list returned is empty if no operating systems were found.
If one operating system was found, then this returns a list with a single
element, which is the name of the root filesystem of this operating system. It
is also possible for this function to return a list containing more than one
element, indicating a dual-boot or multi-boot virtual machine, with each
element being the root filesystem of one of the operating systems.
You can pass the root string(s) returned to other "inspect-get-*"
functions in order to query further information about each operating system,
such as the name and version.
This function uses other libguestfs features such as "mount-ro" and
"umount-all" in order to mount and unmount filesystems and look at
the contents. This should be called with no disks currently mounted. The
function may also use Augeas, so any existing Augeas handle will be closed.
This function cannot decrypt encrypted disks. The caller must do that first
(supplying the necessary keys) if the disk is encrypted.
Please read "INSPECTION" in
guestfs(3) for more details.
See also "list-filesystems".
is-blockdev¶
is-blockdev path
This returns "true" if and only if there is a block device with the
given "path" name.
See also "stat".
is-chardev¶
is-chardev path
This returns "true" if and only if there is a character device with
the given "path" name.
See also "stat".
is-config¶
is-config
This returns true iff this handle is being configured (in the "CONFIG"
state).
For more information on states, see
guestfs(3).
is-dir¶
is-dir path
This returns "true" if and only if there is a directory with the given
"path" name. Note that it returns false for other objects like
files.
See also "stat".
is-fifo¶
is-fifo path
This returns "true" if and only if there is a FIFO (named pipe) with
the given "path" name.
See also "stat".
is-file¶
is-file path
This returns "true" if and only if there is a regular file with the
given "path" name. Note that it returns false for other objects like
directories.
See also "stat".
is-launching¶
is-launching
This returns true iff this handle is launching the subprocess (in the
"LAUNCHING" state).
For more information on states, see
guestfs(3).
is-lv¶
is-lv device
This command tests whether "device" is a logical volume, and returns
true iff this is the case.
is-ready¶
is-ready
This returns true iff this handle is ready to accept commands (in the
"READY" state).
For more information on states, see
guestfs(3).
is-socket¶
is-socket path
This returns "true" if and only if there is a Unix domain socket with
the given "path" name.
See also "stat".
is-symlink¶
is-symlink path
This returns "true" if and only if there is a symbolic link with the
given "path" name.
See also "stat".
is-zero¶
is-zero path
This returns true iff the file exists and the file is empty or it contains all
zero bytes.
is-zero-device¶
is-zero-device device
This returns true iff the device exists and contains all zero bytes.
Note that for large devices this can take a long time to run.
isoinfo¶
isoinfo isofile
This is the same as "isoinfo-device" except that it works for an ISO
file located inside some other mounted filesystem. Note that in the common
case where you have added an ISO file as a libguestfs device, you would
not call this. Instead you would call "isoinfo-device".
isoinfo-device¶
isoinfo-device device
"device" is an ISO device. This returns a struct of information read
from the primary volume descriptor (the ISO equivalent of the superblock) of
the device.
Usually it is more efficient to use the
isoinfo(1) command with the
-d option on the host to analyze ISO files, instead of going through
libguestfs.
For information on the primary volume descriptor fields, see
<
http://wiki.osdev.org/ISO_9660#The_Primary_Volume_Descriptor>
kill-subprocess¶
kill-subprocess
This kills the qemu subprocess. You should never need to call this.
launch¶
run¶
launch
Internally libguestfs is implemented by running a virtual machine using
qemu(1).
You should call this after configuring the handle (eg. adding drives) but before
performing any actions.
lchown¶
lchown owner group path
Change the file owner to "owner" and group to "group". This
is like "chown" but if "path" is a symlink then the link
itself is changed, not the target.
Only numeric uid and gid are supported. If you want to use names, you will need
to locate and parse the password file yourself (Augeas support makes this
relatively easy).
lgetxattr¶
lgetxattr path name
Get a single extended attribute from file "path" named
"name". If "path" is a symlink, then this call returns an
extended attribute from the symlink.
Normally it is better to get all extended attributes from a file in one go by
calling "getxattrs". However some Linux filesystem implementations
are buggy and do not provide a way to list out attributes. For these
filesystems (notably ntfs-3g) you have to know the names of the extended
attributes you want in advance and call this function.
Extended attribute values are blobs of binary data. If there is no extended
attribute named "name", this returns an error.
See also: "lgetxattrs", "getxattr",
attr(5).
lgetxattrs¶
lgetxattrs path
This is the same as "getxattrs", but if "path" is a symbolic
link, then it returns the extended attributes of the link itself.
list-9p¶
list-9p
List all 9p filesystems attached to the guest. A list of mount tags is returned.
list-devices¶
list-devices
List all the block devices.
The full block device names are returned, eg. "/dev/sda".
See also "list-filesystems".
list-dm-devices¶
list-dm-devices
List all device mapper devices.
The returned list contains "/dev/mapper/*" devices, eg. ones created
by a previous call to "luks-open".
Device mapper devices which correspond to logical volumes are
not
returned in this list. Call "lvs" if you want to list logical
volumes.
list-filesystems¶
list-filesystems
This inspection command looks for filesystems on partitions, block devices and
logical volumes, returning a list of devices containing filesystems and their
type.
The return value is a hash, where the keys are the devices containing
filesystems, and the values are the filesystem types. For example:
"/dev/sda1" => "ntfs"
"/dev/sda2" => "ext2"
"/dev/vg_guest/lv_root" => "ext4"
"/dev/vg_guest/lv_swap" => "swap"
The value can have the special value "unknown", meaning the content of
the device is undetermined or empty. "swap" means a Linux swap
partition.
This command runs other libguestfs commands, which might include
"mount" and "umount", and therefore you should use this
soon after launch and only when nothing is mounted.
Not all of the filesystems returned will be mountable. In particular, swap
partitions are returned in the list. Also this command does not check that
each filesystem found is valid and mountable, and some filesystems might be
mountable but require special options. Filesystems may not all belong to a
single logical operating system (use "inspect-os" to look for OSes).
list-md-devices¶
list-md-devices
List all Linux md devices.
list-partitions¶
list-partitions
List all the partitions detected on all block devices.
The full partition device names are returned, eg. "/dev/sda1"
This does not return logical volumes. For that you will need to call
"lvs".
See also "list-filesystems".
ll directory
List the files in "directory" (relative to the root directory, there
is no cwd) in the format of 'ls -la'.
This command is mostly useful for interactive sessions. It is
not
intended that you try to parse the output string.
llz¶
llz directory
List the files in "directory" in the format of 'ls -laZ'.
This command is mostly useful for interactive sessions. It is
not
intended that you try to parse the output string.
ln target linkname
This command creates a hard link using the "ln" command.
ln-f¶
ln-f target linkname
This command creates a hard link using the "ln -f" command. The
-f option removes the link ("linkname") if it exists already.
ln-s¶
ln-s target linkname
This command creates a symbolic link using the "ln -s" command.
ln-sf¶
ln-sf target linkname
This command creates a symbolic link using the "ln -sf" command, The
-f option removes the link ("linkname") if it exists already.
lremovexattr¶
lremovexattr xattr path
This is the same as "removexattr", but if "path" is a
symbolic link, then it removes an extended attribute of the link itself.
ls directory
List the files in "directory" (relative to the root directory, there
is no cwd). The '.' and '..' entries are not returned, but hidden files are
shown.
This command is mostly useful for interactive sessions. Programs should probably
use "readdir" instead.
lsetxattr¶
lsetxattr xattr val vallen path
This is the same as "setxattr", but if "path" is a symbolic
link, then it sets an extended attribute of the link itself.
lstat¶
lstat path
Returns file information for the given "path".
This is the same as "stat" except that if "path" is a
symbolic link, then the link is stat-ed, not the file it refers to.
This is the same as the
lstat(2) system call.
lstatlist¶
lstatlist path 'names ...'
This call allows you to perform the "lstat" operation on multiple
files, where all files are in the directory "path".
"names" is the list of files from this directory.
On return you get a list of stat structs, with a one-to-one correspondence to
the "names" list. If any name did not exist or could not be lstat'd,
then the "ino" field of that structure is set to "-1".
This call is intended for programs that want to efficiently list a directory
contents without making many round-trips. See also "lxattrlist" for
a similarly efficient call for getting extended attributes. Very long
directory listings might cause the protocol message size to be exceeded,
causing this call to fail. The caller must split up such requests into smaller
groups of names.
luks-add-key¶
luks-add-key device keyslot
This command adds a new key on LUKS device "device". "key"
is any existing key, and is used to access the device. "newkey" is
the new key to add. "keyslot" is the key slot that will be replaced.
Note that if "keyslot" already contains a key, then this command will
fail. You have to use "luks-kill-slot" first to remove that key.
This command has one or more key or passphrase parameters. Guestfish will prompt
for these separately.
luks-close¶
luks-close device
This closes a LUKS device that was created earlier by "luks-open" or
"luks-open-ro". The "device" parameter must be the name of
the LUKS mapping device (ie. "/dev/mapper/mapname") and
not
the name of the underlying block device.
luks-format device keyslot
This command erases existing data on "device" and formats the device
as a LUKS encrypted device. "key" is the initial key, which is added
to key slot "slot". (LUKS supports 8 key slots, numbered 0-7).
This command has one or more key or passphrase parameters. Guestfish will prompt
for these separately.
luks-format-cipher device keyslot cipher
This command is the same as "luks-format" but it also allows you to
set the "cipher" used.
This command has one or more key or passphrase parameters. Guestfish will prompt
for these separately.
luks-kill-slot¶
luks-kill-slot device keyslot
This command deletes the key in key slot "keyslot" from the encrypted
LUKS device "device". "key" must be one of the
other keys.
This command has one or more key or passphrase parameters. Guestfish will prompt
for these separately.
luks-open¶
luks-open device mapname
This command opens a block device which has been encrypted according to the
Linux Unified Key Setup (LUKS) standard.
"device" is the encrypted block device or partition.
The caller must supply one of the keys associated with the LUKS block device, in
the "key" parameter.
This creates a new block device called "/dev/mapper/mapname". Reads
and writes to this block device are decrypted from and encrypted to the
underlying "device" respectively.
If this block device contains LVM volume groups, then calling "vgscan"
followed by "vg-activate-all" will make them visible.
Use "list-dm-devices" to list all device mapper devices.
This command has one or more key or passphrase parameters. Guestfish will prompt
for these separately.
luks-open-ro¶
luks-open-ro device mapname
This is the same as "luks-open" except that a read-only mapping is
created.
This command has one or more key or passphrase parameters. Guestfish will prompt
for these separately.
lvcreate¶
lvcreate logvol volgroup mbytes
This creates an LVM logical volume called "logvol" on the volume group
"volgroup", with "size" megabytes.
lvcreate-free¶
lvcreate-free logvol volgroup percent
Create an LVM logical volume called "/dev/volgroup/logvol", using
approximately "percent" % of the free space remaining in the volume
group. Most usefully, when "percent" is 100 this will create the
largest possible LV.
lvm-canonical-lv-name¶
lvm-canonical-lv-name lvname
This converts alternative naming schemes for LVs that you might find to the
canonical name. For example, "/dev/mapper/VG-LV" is converted to
"/dev/VG/LV".
This command returns an error if the "lvname" parameter does not refer
to a logical volume.
See also "is-lv".
lvm-clear-filter¶
lvm-clear-filter
This undoes the effect of "lvm-set-filter". LVM will be able to see
every block device.
This command also clears the LVM cache and performs a volume group scan.
lvm-remove-all¶
lvm-remove-all
This command removes all LVM logical volumes, volume groups and physical
volumes.
lvm-set-filter¶
lvm-set-filter 'devices ...'
This sets the LVM device filter so that LVM will only be able to "see"
the block devices in the list "devices", and will ignore all other
attached block devices.
Where disk image(s) contain duplicate PVs or VGs, this command is useful to get
LVM to ignore the duplicates, otherwise LVM can get confused. Note also there
are two types of duplication possible: either cloned PVs/VGs which have
identical UUIDs; or VGs that are not cloned but just happen to have the same
name. In normal operation you cannot create this situation, but you can do it
outside LVM, eg. by cloning disk images or by bit twiddling inside the LVM
metadata.
This command also clears the LVM cache and performs a volume group scan.
You can filter whole block devices or individual partitions.
You cannot use this if any VG is currently in use (eg. contains a mounted
filesystem), even if you are not filtering out that VG.
lvremove¶
lvremove device
Remove an LVM logical volume "device", where "device" is the
path to the LV, such as "/dev/VG/LV".
You can also remove all LVs in a volume group by specifying the VG name,
"/dev/VG".
lvrename¶
lvrename logvol newlogvol
Rename a logical volume "logvol" with the new name
"newlogvol".
lvresize¶
lvresize device mbytes
This resizes (expands or shrinks) an existing LVM logical volume to
"mbytes". When reducing, data in the reduced part is lost.
lvresize-free¶
lvresize-free lv percent
This expands an existing logical volume "lv" so that it fills
"pc"% of the remaining free space in the volume group. Commonly you
would call this with pc = 100 which expands the logical volume as much as
possible, using all remaining free space in the volume group.
lvs¶
lvs
List all the logical volumes detected. This is the equivalent of the
lvs(8) command.
This returns a list of the logical volume device names (eg.
"/dev/VolGroup00/LogVol00").
See also "lvs-full", "list-filesystems".
lvs-full¶
lvs-full
List all the logical volumes detected. This is the equivalent of the
lvs(8) command. The "full" version includes all fields.
lvuuid¶
lvuuid device
This command returns the UUID of the LVM LV "device".
lxattrlist¶
lxattrlist path 'names ...'
This call allows you to get the extended attributes of multiple files, where all
files are in the directory "path". "names" is the list of
files from this directory.
On return you get a flat list of xattr structs which must be interpreted
sequentially. The first xattr struct always has a zero-length
"attrname". "attrval" in this struct is zero-length to
indicate there was an error doing "lgetxattr" for this file,
or is a C string which is a decimal number (the number of following
attributes for this file, which could be "0"). Then after the first
xattr struct are the zero or more attributes for the first named file. This
repeats for the second and subsequent files.
This call is intended for programs that want to efficiently list a directory
contents without making many round-trips. See also "lstatlist" for a
similarly efficient call for getting standard stats. Very long directory
listings might cause the protocol message size to be exceeded, causing this
call to fail. The caller must split up such requests into smaller groups of
names.
md-create¶
md-create name 'devices ...' [missingbitmap:N] [nrdevices:N] [spare:N] [chunk:N] [level:..]
Create a Linux md (RAID) device named "name" on the devices in the
list "devices".
The optional parameters are:
- "missingbitmap"
- A bitmap of missing devices. If a bit is set it means that
a missing device is added to the array. The least significant bit
corresponds to the first device in the array.
As examples:
If "devices = ["/dev/sda"]" and "missingbitmap =
0x1" then the resulting array would be "[<missing>,
"/dev/sda"]".
If "devices = ["/dev/sda"]" and "missingbitmap =
0x2" then the resulting array would be "["/dev/sda",
<missing>]".
This defaults to 0 (no missing devices).
The length of "devices" + the number of bits set in
"missingbitmap" must equal "nrdevices" +
"spare".
- "nrdevices"
- The number of active RAID devices.
If not set, this defaults to the length of "devices" plus the
number of bits set in "missingbitmap".
- "spare"
- The number of spare devices.
If not set, this defaults to 0.
- "chunk"
- The chunk size in bytes.
- "level"
- The RAID level, which can be one of: linear,
raid0, 0, stripe, raid1, 1,
mirror, raid4, 4, raid5, 5,
raid6, 6, raid10, 10. Some of these are
synonymous, and more levels may be added in future.
If not set, this defaults to "raid1".
This command has one or more optional arguments. See "OPTIONAL
ARGUMENTS".
md-detail¶
md-detail md
This command exposes the output of 'mdadm -DY <md>'. The following fields
are usually present in the returned hash. Other fields may also be present.
- "level"
- The raid level of the MD device.
- "devices"
- The number of underlying devices in the MD device.
- "metadata"
- The metadata version used.
- "uuid"
- The UUID of the MD device.
- "name"
- The name of the MD device.
md-stat¶
md-stat md
This call returns a list of the underlying devices which make up the single
software RAID array device "md".
To get a list of software RAID devices, call "list-md-devices".
Each structure returned corresponds to one device along with additional status
information:
- "mdstat_device"
- The name of the underlying device.
- "mdstat_index"
- The index of this device within the array.
- "mdstat_flags"
- Flags associated with this device. This is a string
containing (in no specific order) zero or more of the following
flags:
- "W"
- write-mostly
- "F"
- device is faulty
- "S"
- device is a RAID spare
- "R"
- replacement
md-stop¶
md-stop md
This command deactivates the MD array named "md". The device is
stopped, but it is not destroyed or zeroed.
mkdir¶
mkdir path
Create a directory named "path".
mkdir-mode¶
mkdir-mode path mode
This command creates a directory, setting the initial permissions of the
directory to "mode".
For common Linux filesystems, the actual mode which is set will be "mode
& ~umask & 01777". Non-native-Linux filesystems may interpret the
mode in other ways.
See also "mkdir", "umask"
mkdir-p¶
mkdir-p path
Create a directory named "path", creating any parent directories as
necessary. This is like the "mkdir -p" shell command.
mkdtemp¶
mkdtemp tmpl
This command creates a temporary directory. The "tmpl" parameter
should be a full pathname for the temporary directory name with the final six
characters being "XXXXXX".
For example: "/tmp/myprogXXXXXX" or "/Temp/myprogXXXXXX",
the second one being suitable for Windows filesystems.
The name of the temporary directory that was created is returned.
The temporary directory is created with mode 0700 and is owned by root.
The caller is responsible for deleting the temporary directory and its contents
after use.
See also:
mkdtemp(3)
mke2fs-J¶
mke2fs-J fstype blocksize device journal
This creates an ext2/3/4 filesystem on "device" with an external
journal on "journal". It is equivalent to the command:
mke2fs -t fstype -b blocksize -J device=<journal> <device>
See also "mke2journal".
mke2fs-JL¶
mke2fs-JL fstype blocksize device label
This creates an ext2/3/4 filesystem on "device" with an external
journal on the journal labeled "label".
See also "mke2journal-L".
mke2fs-JU¶
mke2fs-JU fstype blocksize device uuid
This creates an ext2/3/4 filesystem on "device" with an external
journal on the journal with UUID "uuid".
See also "mke2journal-U".
mke2journal¶
mke2journal blocksize device
This creates an ext2 external journal on "device". It is equivalent to
the command:
mke2fs -O journal_dev -b blocksize device
mke2journal-L¶
mke2journal-L blocksize label device
This creates an ext2 external journal on "device" with label
"label".
mke2journal-U¶
mke2journal-U blocksize uuid device
This creates an ext2 external journal on "device" with UUID
"uuid".
mkfifo¶
mkfifo mode path
This call creates a FIFO (named pipe) called "path" with mode
"mode". It is just a convenient wrapper around "mknod".
The mode actually set is affected by the umask.
mkfs¶
mkfs fstype device
This creates a filesystem on "device" (usually a partition or LVM
logical volume). The filesystem type is "fstype", for example
"ext3".
mkfs-b¶
mkfs-b fstype blocksize device
This call is similar to "mkfs", but it allows you to control the block
size of the resulting filesystem. Supported block sizes depend on the
filesystem type, but typically they are 1024, 2048 or 4096 only.
For VFAT and NTFS the "blocksize" parameter is treated as the
requested cluster size.
This function is deprecated. In new code, use the "mkfs_opts"
call instead.
Deprecated functions will not be removed from the API, but the fact that they
are deprecated indicates that there are problems with correct use of these
functions.
mkfs-btrfs¶
mkfs-btrfs 'devices ...' [allocstart:N] [bytecount:N] [datatype:..] [leafsize:N] [label:..] [metadata:..] [nodesize:N] [sectorsize:N]
Create a btrfs filesystem, allowing all configurables to be set. For more
information on the optional arguments, see
mkfs.btrfs(8).
Since btrfs filesystems can span multiple devices, this takes a non-empty list
of devices.
To create general filesystems, use "mkfs-opts".
This command has one or more optional arguments. See "OPTIONAL
ARGUMENTS".
mkfs-opts¶
mkfs-opts fstype device [blocksize:N] [features:..] [inode:N] [sectorsize:N]
This function creates a filesystem on "device". The filesystem type is
"fstype", for example "ext3".
The optional arguments are:
- "blocksize"
- The filesystem block size. Supported block sizes depend on
the filesystem type, but typically they are 1024, 2048 or 4096 for Linux
ext2/3 filesystems.
For VFAT and NTFS the "blocksize" parameter is treated as the
requested cluster size.
For UFS block sizes, please see mkfs.ufs(8).
- "features"
- This passes the -O parameter to the external mkfs
program.
For certain filesystem types, this allows extra filesystem features to be
selected. See mke2fs(8) and mkfs.ufs(8) for more details.
You cannot use this optional parameter with the "gfs" or
"gfs2" filesystem type.
- "inode"
- This passes the -I parameter to the external
mke2fs(8) program which sets the inode size (only for ext2/3/4
filesystems at present).
- "sectorsize"
- This passes the -S parameter to external
mkfs.ufs(8) program, which sets sector size for ufs
filesystem.
This command has one or more optional arguments. See "OPTIONAL
ARGUMENTS".
mkmountpoint¶
mkmountpoint exemptpath
"mkmountpoint" and "rmmountpoint" are specialized calls that
can be used to create extra mountpoints before mounting the first filesystem.
These calls are
only necessary in some very limited circumstances, mainly
the case where you want to mount a mix of unrelated and/or read-only
filesystems together.
For example, live CDs often contain a "Russian doll" nest of
filesystems, an ISO outer layer, with a squashfs image inside, with an ext2/3
image inside that. You can unpack this as follows in guestfish:
add-ro Fedora-11-i686-Live.iso
run
mkmountpoint /cd
mkmountpoint /sqsh
mkmountpoint /ext3fs
mount /dev/sda /cd
mount-loop /cd/LiveOS/squashfs.img /sqsh
mount-loop /sqsh/LiveOS/ext3fs.img /ext3fs
The inner filesystem is now unpacked under the /ext3fs mountpoint.
"mkmountpoint" is not compatible with "umount-all". You may
get unexpected errors if you try to mix these calls. It is safest to manually
unmount filesystems and remove mountpoints after use.
"umount-all" unmounts filesystems by sorting the paths longest first,
so for this to work for manual mountpoints, you must ensure that the innermost
mountpoints have the longest pathnames, as in the example code above.
For more details see <
https://bugzilla.redhat.com/show_bug.cgi?id=599503>
Autosync [see "set-autosync", this is set by default on handles] can
cause "umount-all" to be called when the handle is closed which can
also trigger these issues.
mknod¶
mknod mode devmajor devminor path
This call creates block or character special devices, or named pipes (FIFOs).
The "mode" parameter should be the mode, using the standard constants.
"devmajor" and "devminor" are the device major and minor
numbers, only used when creating block and character special devices.
Note that, just like
mknod(2), the mode must be bitwise OR'd with
S_IFBLK, S_IFCHR, S_IFIFO or S_IFSOCK (otherwise this call just creates a
regular file). These constants are available in the standard Linux header
files, or you can use "mknod-b", "mknod-c" or
"mkfifo" which are wrappers around this command which bitwise OR in
the appropriate constant for you.
The mode actually set is affected by the umask.
mknod-b¶
mknod-b mode devmajor devminor path
This call creates a block device node called "path" with mode
"mode" and device major/minor "devmajor" and
"devminor". It is just a convenient wrapper around
"mknod".
The mode actually set is affected by the umask.
mknod-c¶
mknod-c mode devmajor devminor path
This call creates a char device node called "path" with mode
"mode" and device major/minor "devmajor" and
"devminor". It is just a convenient wrapper around
"mknod".
The mode actually set is affected by the umask.
mkswap¶
mkswap device
Create a swap partition on "device".
mkswap-L¶
mkswap-L label device
Create a swap partition on "device" with label "label".
Note that you cannot attach a swap label to a block device (eg.
"/dev/sda"), just to a partition. This appears to be a limitation of
the kernel or swap tools.
mkswap-U¶
mkswap-U uuid device
Create a swap partition on "device" with UUID "uuid".
mkswap-file¶
mkswap-file path
Create a swap file.
This command just writes a swap file signature to an existing file. To create
the file itself, use something like "fallocate".
modprobe¶
modprobe modulename
This loads a kernel module in the appliance.
The kernel module must have been whitelisted when libguestfs was built (see
"appliance/kmod.whitelist.in" in the source).
mount¶
mount device mountpoint
Mount a guest disk at a position in the filesystem. Block devices are named
"/dev/sda", "/dev/sdb" and so on, as they were added to
the guest. If those block devices contain partitions, they will have the usual
names (eg. "/dev/sda1"). Also LVM "/dev/VG/LV"-style names
can be used.
The rules are the same as for
mount(2): A filesystem must first be
mounted on "/" before others can be mounted. Other filesystems can
only be mounted on directories which already exist.
The mounted filesystem is writable, if we have sufficient permissions on the
underlying device.
Before libguestfs 1.13.16, this call implicitly added the options
"sync" and "noatime". The "sync" option greatly
slowed writes and caused many problems for users. If your program might need
to work with older versions of libguestfs, use "mount-options"
instead (using an empty string for the first parameter if you don't want any
options).
mount-9p¶
mount-9p mounttag mountpoint [options:..]
Mount the virtio-9p filesystem with the tag "mounttag" on the
directory "mountpoint".
If required, "trans=virtio" will be automatically added to the
options. Any other options required can be passed in the optional
"options" parameter.
This command has one or more optional arguments. See "OPTIONAL
ARGUMENTS".
mount-local¶
mount-local localmountpoint [readonly:true|false] [options:..] [cachetimeout:N] [debugcalls:true|false]
This call exports the libguestfs-accessible filesystem to a local mountpoint
(directory) called "localmountpoint". Ordinary reads and writes to
files and directories under "localmountpoint" are redirected through
libguestfs.
If the optional "readonly" flag is set to true, then writes to the
filesystem return error "EROFS".
"options" is a comma-separated list of mount options. See
guestmount(1) for some useful options.
"cachetimeout" sets the timeout (in seconds) for cached directory
entries. The default is 60 seconds. See
guestmount(1) for further
information.
If "debugcalls" is set to true, then additional debugging information
is generated for every FUSE call.
When "mount-local" returns, the filesystem is ready, but is not
processing requests (access to it will block). You have to call
"mount-local-run" to run the main loop.
See "MOUNT LOCAL" in
guestfs(3) for full documentation.
This command has one or more optional arguments. See "OPTIONAL
ARGUMENTS".
mount-local-run¶
mount-local-run
Run the main loop which translates kernel calls to libguestfs calls.
This should only be called after "mount-local" returns successfully.
The call will not return until the filesystem is unmounted.
Note you must
not make concurrent libguestfs calls on the same
handle from another thread, with the exception of "umount-local".
You may call this from a different thread than the one which called
"mount-local", subject to the usual rules for threads and libguestfs
(see "MULTIPLE HANDLES AND MULTIPLE THREADS" in
guestfs(3)).
See "MOUNT LOCAL" in
guestfs(3) for full documentation.
mount-loop¶
mount-loop file mountpoint
This command lets you mount "file" (a filesystem image in a file) on a
mount point. It is entirely equivalent to the command "mount -o loop file
mountpoint".
mount-options¶
mount-options options device mountpoint
This is the same as the "mount" command, but it allows you to set the
mount options as for the
mount(8) -o flag.
If the "options" parameter is an empty string, then no options are
passed (all options default to whatever the filesystem uses).
mount-ro¶
mount-ro device mountpoint
This is the same as the "mount" command, but it mounts the filesystem
with the read-only (
-o ro) flag.
mount-vfs¶
mount-vfs options vfstype device mountpoint
This is the same as the "mount" command, but it allows you to set both
the mount options and the vfstype as for the
mount(8) -o and
-t flags.
mountpoints¶
mountpoints
This call is similar to "mounts". That call returns a list of devices.
This one returns a hash table (map) of device name to directory where the
device is mounted.
mounts¶
mounts
This returns the list of currently mounted filesystems. It returns the list of
devices (eg. "/dev/sda1", "/dev/VG/LV").
Some internal mounts are not shown.
See also: "mountpoints"
mv src dest
This moves a file from "src" to "dest" where
"dest" is either a destination filename or destination directory.
ntfs-3g-probe¶
ntfs-3g-probe true|false device
This command runs the
ntfs-3g.probe(8) command which probes an NTFS
"device" for mountability. (Not all NTFS volumes can be mounted
read-write, and some cannot be mounted at all).
"rw" is a boolean flag. Set it to true if you want to test if the
volume can be mounted read-write. Set it to false if you want to test if the
volume can be mounted read-only.
The return value is an integer which 0 if the operation would succeed, or some
non-zero value documented in the
ntfs-3g.probe(8) manual page.
ntfsclone-in¶
ntfsclone-in (backupfile|-) device
Restore the "backupfile" (from a previous call to
"ntfsclone-out") to "device", overwriting any existing
contents of this device.
Use "-" instead of a filename to read/write from stdin/stdout.
ntfsclone-out¶
ntfsclone-out device (backupfile|-) [metadataonly:true|false] [rescue:true|false] [ignorefscheck:true|false] [preservetimestamps:true|false] [force:true|false]
Stream the NTFS filesystem "device" to the local file
"backupfile". The format used for the backup file is a special
format used by the
ntfsclone(8) tool.
If the optional "metadataonly" flag is true, then
only the
metadata is saved, losing all the user data (this is useful for diagnosing
some filesystem problems).
The optional "rescue", "ignorefscheck",
"preservetimestamps" and "force" flags have precise
meanings detailed in the
ntfsclone(8) man page.
Use "ntfsclone-in" to restore the file back to a libguestfs device.
Use "-" instead of a filename to read/write from stdin/stdout.
This command has one or more optional arguments. See "OPTIONAL
ARGUMENTS".
ntfsfix¶
ntfsfix device [clearbadsectors:true|false]
This command repairs some fundamental NTFS inconsistencies, resets the NTFS
journal file, and schedules an NTFS consistency check for the first boot into
Windows.
This is
not an equivalent of Windows "chkdsk". It does
not scan the filesystem for inconsistencies.
The optional "clearbadsectors" flag clears the list of bad sectors.
This is useful after cloning a disk with bad sectors to a new disk.
This command has one or more optional arguments. See "OPTIONAL
ARGUMENTS".
ntfsresize¶
ntfsresize device
This command resizes an NTFS filesystem, expanding or shrinking it to the size
of the underlying device.
Note: After the resize operation, the filesystem is marked as requiring a
consistency check (for safety). You have to boot into Windows to perform this
check and clear this condition. Furthermore, ntfsresize refuses to resize
filesystems which have been marked in this way. So in effect it is not
possible to call ntfsresize multiple times on a single filesystem without
booting into Windows between each resize.
See also
ntfsresize(8).
This function is deprecated. In new code, use the
"ntfsresize_opts" call instead.
Deprecated functions will not be removed from the API, but the fact that they
are deprecated indicates that there are problems with correct use of these
functions.
ntfsresize-opts¶
ntfsresize-opts device [size:N] [force:true|false]
This command resizes an NTFS filesystem, expanding or shrinking it to the size
of the underlying device.
The optional parameters are:
- "size"
- The new size (in bytes) of the filesystem. If omitted, the
filesystem is resized to fit the container (eg. partition).
- "force"
- If this option is true, then force the resize of the
filesystem even if the filesystem is marked as requiring a consistency
check.
After the resize operation, the filesystem is always marked as requiring a
consistency check (for safety). You have to boot into Windows to perform
this check and clear this condition. If you don't set the
"force" option then it is not possible to call
"ntfsresize-opts" multiple times on a single filesystem without
booting into Windows between each resize.
See also
ntfsresize(8).
This command has one or more optional arguments. See "OPTIONAL
ARGUMENTS".
ntfsresize-size¶
ntfsresize-size device size
This command is the same as "ntfsresize" except that it allows you to
specify the new size (in bytes) explicitly.
This function is deprecated. In new code, use the
"ntfsresize_opts" call instead.
Deprecated functions will not be removed from the API, but the fact that they
are deprecated indicates that there are problems with correct use of these
functions.
part-add¶
part-add device prlogex startsect endsect
This command adds a partition to "device". If there is no partition
table on the device, call "part-init" first.
The "prlogex" parameter is the type of partition. Normally you should
pass "p" or "primary" here, but MBR partition tables also
support "l" (or "logical") and "e" (or
"extended") partition types.
"startsect" and "endsect" are the start and end of the
partition in
sectors. "endsect" may be negative, which means
it counts backwards from the end of the disk ("-1" is the last
sector).
Creating a partition which covers the whole disk is not so easy. Use
"part-disk" to do that.
part-del¶
part-del device partnum
This command deletes the partition numbered "partnum" on
"device".
Note that in the case of MBR partitioning, deleting an extended partition also
deletes any logical partitions it contains.
part-disk¶
part-disk device parttype
This command is simply a combination of "part-init" followed by
"part-add" to create a single primary partition covering the whole
disk.
"parttype" is the partition table type, usually "mbr" or
"gpt", but other possible values are described in
"part-init".
part-get-bootable¶
part-get-bootable device partnum
This command returns true if the partition "partnum" on
"device" has the bootable flag set.
See also "part-set-bootable".
part-get-mbr-id¶
part-get-mbr-id device partnum
Returns the MBR type byte (also known as the ID byte) from the numbered
partition "partnum".
Note that only MBR (old DOS-style) partitions have type bytes. You will get
undefined results for other partition table types (see
"part-get-parttype").
part-get-parttype¶
part-get-parttype device
This command examines the partition table on "device" and returns the
partition table type (format) being used.
Common return values include: "msdos" (a DOS/Windows style MBR
partition table), "gpt" (a GPT/EFI-style partition table). Other
values are possible, although unusual. See "part-init" for a full
list.
part-init¶
part-init device parttype
This creates an empty partition table on "device" of one of the
partition types listed below. Usually "parttype" should be either
"msdos" or "gpt" (for large disks).
Initially there are no partitions. Following this, you should call
"part-add" for each partition required.
Possible values for "parttype" are:
- efi
- gpt
- Intel EFI / GPT partition table.
This is recommended for >= 2 TB partitions that will be accessed from
Linux and Intel-based Mac OS X. It also has limited backwards
compatibility with the "mbr" format.
- mbr
- msdos
- The standard PC "Master Boot Record" (MBR) format
used by MS-DOS and Windows. This partition type will only work for
device sizes up to 2 TB. For large disks we recommend using
"gpt".
Other partition table types that may work but are not supported include:
- aix
- AIX disk labels.
- amiga
- rdb
- Amiga "Rigid Disk Block" format.
- bsd
- BSD disk labels.
- dasd
- DASD, used on IBM mainframes.
- dvh
- MIPS/SGI volumes.
- mac
- Old Mac partition format. Modern Macs use
"gpt".
- pc98
- NEC PC-98 format, common in Japan apparently.
- sun
- Sun disk labels.
part-list¶
part-list device
This command parses the partition table on "device" and returns the
list of partitions found.
The fields in the returned structure are:
- part_num
- Partition number, counting from 1.
- part_start
- Start of the partition in bytes. To get sectors you
have to divide by the device's sector size, see
"blockdev-getss".
- part_end
- End of the partition in bytes.
- part_size
- Size of the partition in bytes.
part-set-bootable¶
part-set-bootable device partnum true|false
This sets the bootable flag on partition numbered "partnum" on device
"device". Note that partitions are numbered from 1.
The bootable flag is used by some operating systems (notably Windows) to
determine which partition to boot from. It is by no means universally
recognized.
part-set-mbr-id¶
part-set-mbr-id device partnum idbyte
Sets the MBR type byte (also known as the ID byte) of the numbered partition
"partnum" to "idbyte". Note that the type bytes quoted in
most documentation are in fact hexadecimal numbers, but usually documented
without any leading "0x" which might be confusing.
Note that only MBR (old DOS-style) partitions have type bytes. You will get
undefined results for other partition table types (see
"part-get-parttype").
part-set-name¶
part-set-name device partnum name
This sets the partition name on partition numbered "partnum" on device
"device". Note that partitions are numbered from 1.
The partition name can only be set on certain types of partition table. This
works on "gpt" but not on "mbr" partitions.
part-to-dev¶
part-to-dev partition
This function takes a partition name (eg. "/dev/sdb1") and removes the
partition number, returning the device name (eg. "/dev/sdb").
The named partition must exist, for example as a string returned from
"list-partitions".
See also "part-to-partnum".
part-to-partnum¶
part-to-partnum partition
This function takes a partition name (eg. "/dev/sdb1") and returns the
partition number (eg. 1).
The named partition must exist, for example as a string returned from
"list-partitions".
See also "part-to-dev".
ping-daemon¶
ping-daemon
This is a test probe into the guestfs daemon running inside the qemu subprocess.
Calling this function checks that the daemon responds to the ping message,
without affecting the daemon or attached block device(s) in any other way.
pread¶
pread path count offset
This command lets you read part of a file. It reads "count" bytes of
the file, starting at "offset", from file "path".
This may read fewer bytes than requested. For further details see the
pread(2) system call.
See also "pwrite", "pread-device".
Because of the message protocol, there is a transfer limit of somewhere between
2MB and 4MB. See "PROTOCOL LIMITS" in
guestfs(3).
pread-device¶
pread-device device count offset
This command lets you read part of a file. It reads "count" bytes of
"device", starting at "offset".
This may read fewer bytes than requested. For further details see the
pread(2) system call.
See also "pread".
Because of the message protocol, there is a transfer limit of somewhere between
2MB and 4MB. See "PROTOCOL LIMITS" in
guestfs(3).
pvcreate¶
pvcreate device
This creates an LVM physical volume on the named "device", where
"device" should usually be a partition name such as
"/dev/sda1".
pvremove¶
pvremove device
This wipes a physical volume "device" so that LVM will no longer
recognise it.
The implementation uses the "pvremove" command which refuses to wipe
physical volumes that contain any volume groups, so you have to remove those
first.
pvresize¶
pvresize device
This resizes (expands or shrinks) an existing LVM physical volume to match the
new size of the underlying device.
pvresize-size¶
pvresize-size device size
This command is the same as "pvresize" except that it allows you to
specify the new size (in bytes) explicitly.
pvs¶
pvs
List all the physical volumes detected. This is the equivalent of the
pvs(8) command.
This returns a list of just the device names that contain PVs (eg.
"/dev/sda2").
See also "pvs-full".
pvs-full¶
pvs-full
List all the physical volumes detected. This is the equivalent of the
pvs(8) command. The "full" version includes all fields.
pvuuid¶
pvuuid device
This command returns the UUID of the LVM PV "device".
pwrite¶
pwrite path content offset
This command writes to part of a file. It writes the data buffer
"content" to the file "path" starting at offset
"offset".
This command implements the
pwrite(2) system call, and like that system
call it may not write the full data requested. The return value is the number
of bytes that were actually written to the file. This could even be 0,
although short writes are unlikely for regular files in ordinary
circumstances.
See also "pread", "pwrite-device".
Because of the message protocol, there is a transfer limit of somewhere between
2MB and 4MB. See "PROTOCOL LIMITS" in
guestfs(3).
pwrite-device¶
pwrite-device device content offset
This command writes to part of a device. It writes the data buffer
"content" to "device" starting at offset
"offset".
This command implements the
pwrite(2) system call, and like that system
call it may not write the full data requested (although short writes to disk
devices and partitions are probably impossible with standard Linux kernels).
See also "pwrite".
Because of the message protocol, there is a transfer limit of somewhere between
2MB and 4MB. See "PROTOCOL LIMITS" in
guestfs(3).
read-file¶
read-file path
This calls returns the contents of the file "path" as a buffer.
Unlike "cat", this function can correctly handle files that contain
embedded ASCII NUL characters. However unlike "download", this
function is limited in the total size of file that can be handled.
Because of the message protocol, there is a transfer limit of somewhere between
2MB and 4MB. See "PROTOCOL LIMITS" in
guestfs(3).
read-lines¶
read-lines path
Return the contents of the file named "path".
The file contents are returned as a list of lines. Trailing "LF" and
"CRLF" character sequences are
not returned.
Note that this function cannot correctly handle binary files (specifically,
files containing "\0" character which is treated as end of line).
For those you need to use the "read-file" function which has a more
complex interface.
readdir¶
readdir dir
This returns the list of directory entries in directory "dir".
All entries in the directory are returned, including "." and
"..". The entries are
not sorted, but returned in the same
order as the underlying filesystem.
Also this call returns basic file type information about each file. The
"ftyp" field will contain one of the following characters:
- 'b'
- Block special
- 'c'
- Char special
- 'd'
- Directory
- 'f'
- FIFO (named pipe)
- 'l'
- Symbolic link
- 'r'
- Regular file
- 's'
- Socket
- 'u'
- Unknown file type
- '?'
- The readdir(3) call returned a "d_type"
field with an unexpected value
This function is primarily intended for use by programs. To get a simple list of
names, use "ls". To get a printable directory for human consumption,
use "ll".
readlink¶
readlink path
This command reads the target of a symbolic link.
readlinklist¶
readlinklist path 'names ...'
This call allows you to do a "readlink" operation on multiple files,
where all files are in the directory "path". "names" is
the list of files from this directory.
On return you get a list of strings, with a one-to-one correspondence to the
"names" list. Each string is the value of the symbolic link.
If the
readlink(2) operation fails on any name, then the corresponding result
string is the empty string "". However the whole operation is
completed even if there were
readlink(2) errors, and so you can call this
function with names where you don't know if they are symbolic links already
(albeit slightly less efficient).
This call is intended for programs that want to efficiently list a directory
contents without making many round-trips. Very long directory listings might
cause the protocol message size to be exceeded, causing this call to fail. The
caller must split up such requests into smaller groups of names.
realpath¶
realpath path
Return the canonicalized absolute pathname of "path". The returned
path has no ".", ".." or symbolic link path elements.
removexattr¶
removexattr xattr path
This call removes the extended attribute named "xattr" of the file
"path".
See also: "lremovexattr",
attr(5).
resize2fs¶
resize2fs device
This resizes an ext2, ext3 or ext4 filesystem to match the size of the
underlying device.
See also "RESIZE2FS ERRORS" in
guestfs(3).
resize2fs-M¶
resize2fs-M device
This command is the same as "resize2fs", but the filesystem is resized
to its minimum size. This works like the
-M option to the
"resize2fs" command.
To get the resulting size of the filesystem you should call
"tune2fs-l" and read the "Block size" and "Block
count" values. These two numbers, multiplied together, give the resulting
size of the minimal filesystem in bytes.
See also "RESIZE2FS ERRORS" in
guestfs(3).
resize2fs-size¶
resize2fs-size device size
This command is the same as "resize2fs" except that it allows you to
specify the new size (in bytes) explicitly.
See also "RESIZE2FS ERRORS" in
guestfs(3).
rm path
Remove the single file "path".
rm-rf¶
rm-rf path
Remove the file or directory "path", recursively removing the contents
if its a directory. This is like the "rm -rf" shell command.
rmdir¶
rmdir path
Remove the single directory "path".
rmmountpoint¶
rmmountpoint exemptpath
This calls removes a mountpoint that was previously created with
"mkmountpoint". See "mkmountpoint" for full details.
scrub-device¶
scrub-device device
This command writes patterns over "device" to make data retrieval more
difficult.
It is an interface to the
scrub(1) program. See that manual page for more
details.
scrub-file¶
scrub-file file
This command writes patterns over a file to make data retrieval more difficult.
The file is
removed after scrubbing.
It is an interface to the
scrub(1) program. See that manual page for more
details.
scrub-freespace¶
scrub-freespace dir
This command creates the directory "dir" and then fills it with files
until the filesystem is full, and scrubs the files as for
"scrub-file", and deletes them. The intention is to scrub any free
space on the partition containing "dir".
It is an interface to the
scrub(1) program. See that manual page for more
details.
set-append¶
append¶
set-append append
This function is used to add additional options to the guest kernel command
line.
The default is "NULL" unless overridden by setting
"LIBGUESTFS_APPEND" environment variable.
Setting "append" to "NULL" means
no additional
options are passed (libguestfs always adds a few of its own).
set-attach-method¶
attach-method¶
set-attach-method attachmethod
Set the method that libguestfs uses to connect to the back end guestfsd daemon.
Possible methods are:
- "appliance"
- Launch an appliance and connect to it. This is the ordinary
method and the default.
- "unix:path"
- Connect to the Unix domain socket path.
This method lets you connect to an existing daemon or (using virtio-serial)
to a live guest. For more information, see "ATTACHING TO RUNNING
DAEMONS" in guestfs(3).
set-autosync¶
autosync¶
set-autosync true|false
If "autosync" is true, this enables autosync. Libguestfs will make a
best effort attempt to make filesystems consistent and synchronized when the
handle is closed (also if the program exits without closing handles).
This is enabled by default (since libguestfs 1.5.24, previously it was disabled
by default).
set-direct¶
direct¶
set-direct true|false
If the direct appliance mode flag is enabled, then stdin and stdout are passed
directly through to the appliance once it is launched.
One consequence of this is that log messages aren't caught by the library and
handled by "set-log-message-callback", but go straight to stdout.
You probably don't want to use this unless you know what you are doing.
The default is disabled.
set-e2attrs¶
set-e2attrs file attrs [clear:true|false]
This sets or clears the file attributes "attrs" associated with the
inode "file".
"attrs" is a string of characters representing file attributes. See
"get-e2attrs" for a list of possible attributes. Not all attributes
can be changed.
If optional boolean "clear" is not present or false, then the
"attrs" listed are set in the inode.
If "clear" is true, then the "attrs" listed are cleared in
the inode.
In both cases, other attributes not present in the "attrs" string are
left unchanged.
These attributes are only present when the file is located on an ext2/3/4
filesystem. Using this call on other filesystem types will result in an error.
This command has one or more optional arguments. See "OPTIONAL
ARGUMENTS".
set-e2generation¶
set-e2generation file generation
This sets the ext2 file generation of a file.
See "get-e2generation".
set-e2label¶
set-e2label device label
This sets the ext2/3/4 filesystem label of the filesystem on "device"
to "label". Filesystem labels are limited to 16 characters.
You can use either "tune2fs-l" or "get-e2label" to return
the existing label on a filesystem.
This function is deprecated. In new code, use the "set_label"
call instead.
Deprecated functions will not be removed from the API, but the fact that they
are deprecated indicates that there are problems with correct use of these
functions.
set-e2uuid¶
set-e2uuid device uuid
This sets the ext2/3/4 filesystem UUID of the filesystem on "device"
to "uuid". The format of the UUID and alternatives such as
"clear", "random" and "time" are described in
the
tune2fs(8) manpage.
You can use either "tune2fs-l" or "get-e2uuid" to return the
existing UUID of a filesystem.
set-label¶
set-label device label
Set the filesystem label on "device" to "label".
Only some filesystem types support labels, and libguestfs supports setting
labels on only a subset of these.
On ext2/3/4 filesystems, labels are limited to 16 bytes.
On NTFS filesystems, labels are limited to 128 unicode characters.
To read the label on a filesystem, call "vfs-label".
set-memsize¶
memsize¶
set-memsize memsize
This sets the memory size in megabytes allocated to the qemu subprocess. This
only has any effect if called before "launch".
You can also change this by setting the environment variable
"LIBGUESTFS_MEMSIZE" before the handle is created.
For more information on the architecture of libguestfs, see
guestfs(3).
set-network¶
network¶
set-network true|false
If "network" is true, then the network is enabled in the libguestfs
appliance. The default is false.
This affects whether commands are able to access the network (see "RUNNING
COMMANDS" in
guestfs(3)).
You must call this before calling "launch", otherwise it has no
effect.
set-path¶
path¶
set-path searchpath
Set the path that libguestfs searches for kernel and initrd.img.
The default is "$libdir/guestfs" unless overridden by setting
"LIBGUESTFS_PATH" environment variable.
Setting "path" to "NULL" restores the default path.
set-pgroup¶
pgroup¶
set-pgroup true|false
If "pgroup" is true, child processes are placed into their own process
group.
The practical upshot of this is that signals like "SIGINT" (from users
pressing "^C") won't be received by the child process.
The default for this flag is false, because usually you want "^C" to
kill the subprocess. Guestfish sets this flag to true when used interactively,
so that "^C" can cancel long-running commands gracefully (see
"user-cancel").
set-qemu¶
qemu¶
set-qemu qemu
Set the qemu binary that we will use.
The default is chosen when the library was compiled by the configure script.
You can also override this by setting the "LIBGUESTFS_QEMU"
environment variable.
Setting "qemu" to "NULL" restores the default qemu binary.
Note that you should call this function as early as possible after creating the
handle. This is because some pre-launch operations depend on testing qemu
features (by running "qemu -help"). If the qemu binary changes, we
don't retest features, and so you might see inconsistent results. Using the
environment variable "LIBGUESTFS_QEMU" is safest of all since that
picks the qemu binary at the same time as the handle is created.
set-recovery-proc¶
recovery-proc¶
set-recovery-proc true|false
If this is called with the parameter "false" then "launch"
does not create a recovery process. The purpose of the recovery process is to
stop runaway qemu processes in the case where the main program aborts
abruptly.
This only has any effect if called before "launch", and the default is
true.
About the only time when you would want to disable this is if the main process
will fork itself into the background ("daemonize" itself). In this
case the recovery process thinks that the main program has disappeared and so
kills qemu, which is not very helpful.
set-selinux¶
selinux¶
set-selinux true|false
This sets the selinux flag that is passed to the appliance at boot time. The
default is "selinux=0" (disabled).
Note that if SELinux is enabled, it is always in Permissive mode
("enforcing=0").
For more information on the architecture of libguestfs, see
guestfs(3).
set-smp¶
smp¶
set-smp smp
Change the number of virtual CPUs assigned to the appliance. The default is 1.
Increasing this may improve performance, though often it has no effect.
This function must be called before "launch".
set-trace¶
trace¶
set-trace true|false
If the command trace flag is set to 1, then libguestfs calls, parameters and
return values are traced.
If you want to trace C API calls into libguestfs (and other libraries) then
possibly a better way is to use the external
ltrace(1) command.
Command traces are disabled unless the environment variable
"LIBGUESTFS_TRACE" is defined and set to 1.
Trace messages are normally sent to "stderr", unless you register a
callback to send them somewhere else (see "set-event-callback").
set-verbose¶
verbose¶
set-verbose true|false
If "verbose" is true, this turns on verbose messages.
Verbose messages are disabled unless the environment variable
"LIBGUESTFS_DEBUG" is defined and set to 1.
Verbose messages are normally sent to "stderr", unless you register a
callback to send them somewhere else (see "set-event-callback").
setcon¶
setcon context
This sets the SELinux security context of the daemon to the string
"context".
See the documentation about SELINUX in
guestfs(3).
setxattr¶
setxattr xattr val vallen path
This call sets the extended attribute named "xattr" of the file
"path" to the value "val" (of length "vallen").
The value is arbitrary 8 bit data.
See also: "lsetxattr",
attr(5).
sfdisk¶
sfdisk device cyls heads sectors 'lines ...'
This is a direct interface to the
sfdisk(8) program for creating
partitions on block devices.
"device" should be a block device, for example "/dev/sda".
"cyls", "heads" and "sectors" are the number of
cylinders, heads and sectors on the device, which are passed directly to
sfdisk as the
-C,
-H and
-S parameters. If you pass 0 for
any of these, then the corresponding parameter is omitted. Usually for 'large'
disks, you can just pass 0 for these, but for small (floppy-sized) disks,
sfdisk (or rather, the kernel) cannot work out the right geometry and you will
need to tell it.
"lines" is a list of lines that we feed to "sfdisk". For
more information refer to the
sfdisk(8) manpage.
To create a single partition occupying the whole disk, you would pass
"lines" as a single element list, when the single element being the
string "," (comma).
See also: "sfdisk-l", "sfdisk-N", "part-init"
This function is deprecated. In new code, use the "part_add"
call instead.
Deprecated functions will not be removed from the API, but the fact that they
are deprecated indicates that there are problems with correct use of these
functions.
sfdiskM¶
sfdiskM device 'lines ...'
This is a simplified interface to the "sfdisk" command, where
partition sizes are specified in megabytes only (rounded to the nearest
cylinder) and you don't need to specify the cyls, heads and sectors parameters
which were rarely if ever used anyway.
See also: "sfdisk", the
sfdisk(8) manpage and
"part-disk"
This function is deprecated. In new code, use the "part_add"
call instead.
Deprecated functions will not be removed from the API, but the fact that they
are deprecated indicates that there are problems with correct use of these
functions.
sfdisk-N¶
sfdisk-N device partnum cyls heads sectors line
This runs
sfdisk(8) option to modify just the single partition
"n" (note: "n" counts from 1).
For other parameters, see "sfdisk". You should usually pass 0 for the
cyls/heads/sectors parameters.
See also: "part-add"
This function is deprecated. In new code, use the "part_add"
call instead.
Deprecated functions will not be removed from the API, but the fact that they
are deprecated indicates that there are problems with correct use of these
functions.
sfdisk-disk-geometry¶
sfdisk-disk-geometry device
This displays the disk geometry of "device" read from the partition
table. Especially in the case where the underlying block device has been
resized, this can be different from the kernel's idea of the geometry (see
"sfdisk-kernel-geometry").
The result is in human-readable format, and not designed to be parsed.
sfdisk-kernel-geometry¶
sfdisk-kernel-geometry device
This displays the kernel's idea of the geometry of "device".
The result is in human-readable format, and not designed to be parsed.
sfdisk-l¶
sfdisk-l device
This displays the partition table on "device", in the human-readable
output of the
sfdisk(8) command. It is not intended to be parsed.
See also: "part-list"
This function is deprecated. In new code, use the "part_list"
call instead.
Deprecated functions will not be removed from the API, but the fact that they
are deprecated indicates that there are problems with correct use of these
functions.
sh command
This call runs a command from the guest filesystem via the guest's
"/bin/sh".
This is like "command", but passes the command to:
/bin/sh -c "command"
Depending on the guest's shell, this usually results in wildcards being
expanded, shell expressions being interpolated and so on.
All the provisos about "command" apply to this call.
sh-lines¶
sh-lines command
This is the same as "sh", but splits the result into a list of lines.
See also: "command-lines"
sleep¶
sleep secs
Sleep for "secs" seconds.
stat¶
stat path
Returns file information for the given "path".
This is the same as the
stat(2) system call.
statvfs¶
statvfs path
Returns file system statistics for any mounted file system. "path"
should be a file or directory in the mounted file system (typically it is the
mount point itself, but it doesn't need to be).
This is the same as the
statvfs(2) system call.
strings¶
strings path
This runs the
strings(1) command on a file and returns the list of
printable strings found.
Because of the message protocol, there is a transfer limit of somewhere between
2MB and 4MB. See "PROTOCOL LIMITS" in
guestfs(3).
strings-e¶
strings-e encoding path
This is like the "strings" command, but allows you to specify the
encoding of strings that are looked for in the source file "path".
Allowed encodings are:
- s
- Single 7-bit-byte characters like ASCII and the
ASCII-compatible parts of ISO-8859-X (this is what "strings"
uses).
- S
- Single 8-bit-byte characters.
- b
- 16-bit big endian strings such as those encoded in UTF-16BE
or UCS-2BE.
- l (lower case letter L)
- 16-bit little endian such as UTF-16LE and UCS-2LE. This is
useful for examining binaries in Windows guests.
- B
- 32-bit big endian such as UCS-4BE.
- L
- 32-bit little endian such as UCS-4LE.
The returned strings are transcoded to UTF-8.
Because of the message protocol, there is a transfer limit of somewhere between
2MB and 4MB. See "PROTOCOL LIMITS" in
guestfs(3).
swapoff-device¶
swapoff-device device
This command disables the libguestfs appliance swap device or partition named
"device". See "swapon-device".
swapoff-file¶
swapoff-file file
This command disables the libguestfs appliance swap on file.
swapoff-label¶
swapoff-label label
This command disables the libguestfs appliance swap on labeled swap partition.
swapoff-uuid¶
swapoff-uuid uuid
This command disables the libguestfs appliance swap partition with the given
UUID.
swapon-device¶
swapon-device device
This command enables the libguestfs appliance to use the swap device or
partition named "device". The increased memory is made available for
all commands, for example those run using "command" or
"sh".
Note that you should not swap to existing guest swap partitions unless you know
what you are doing. They may contain hibernation information, or other
information that the guest doesn't want you to trash. You also risk leaking
information about the host to the guest this way. Instead, attach a new host
device to the guest and swap on that.
swapon-file¶
swapon-file file
This command enables swap to a file. See "swapon-device" for other
notes.
swapon-label¶
swapon-label label
This command enables swap to a labeled swap partition. See
"swapon-device" for other notes.
swapon-uuid¶
swapon-uuid uuid
This command enables swap to a swap partition with the given UUID. See
"swapon-device" for other notes.
sync¶
sync
This syncs the disk, so that any writes are flushed through to the underlying
disk image.
You should always call this if you have modified a disk image, before closing
the handle.
tail¶
tail path
This command returns up to the last 10 lines of a file as a list of strings.
Because of the message protocol, there is a transfer limit of somewhere between
2MB and 4MB. See "PROTOCOL LIMITS" in
guestfs(3).
tail-n¶
tail-n nrlines path
If the parameter "nrlines" is a positive number, this returns the last
"nrlines" lines of the file "path".
If the parameter "nrlines" is a negative number, this returns lines
from the file "path", starting with the "-nrlines"th line.
If the parameter "nrlines" is zero, this returns an empty list.
Because of the message protocol, there is a transfer limit of somewhere between
2MB and 4MB. See "PROTOCOL LIMITS" in
guestfs(3).
tar-in¶
tar-in (tarfile|-) directory
This command uploads and unpacks local file "tarfile" (an
uncompressed tar file) into "directory".
To upload a compressed tarball, use "tgz-in" or "txz-in".
Use "-" instead of a filename to read/write from stdin/stdout.
tar-out¶
tar-out directory (tarfile|-)
This command packs the contents of "directory" and downloads it to
local file "tarfile".
To download a compressed tarball, use "tgz-out" or
"txz-out".
Use "-" instead of a filename to read/write from stdin/stdout.
tgz-in¶
tgz-in (tarball|-) directory
This command uploads and unpacks local file "tarball" (a
gzip
compressed tar file) into "directory".
To upload an uncompressed tarball, use "tar-in".
Use "-" instead of a filename to read/write from stdin/stdout.
tgz-out¶
tgz-out directory (tarball|-)
This command packs the contents of "directory" and downloads it to
local file "tarball".
To download an uncompressed tarball, use "tar-out".
Use "-" instead of a filename to read/write from stdin/stdout.
touch¶
touch path
Touch acts like the
touch(1) command. It can be used to update the
timestamps on a file, or, if the file does not exist, to create a new
zero-length file.
This command only works on regular files, and will fail on other file types such
as directories, symbolic links, block special etc.
truncate¶
truncate path
This command truncates "path" to a zero-length file. The file must
exist already.
truncate-size¶
truncate-size path size
This command truncates "path" to size "size" bytes. The file
must exist already.
If the current file size is less than "size" then the file is extended
to the required size with zero bytes. This creates a sparse file (ie. disk
blocks are not allocated for the file until you write to it). To create a
non-sparse file of zeroes, use "fallocate64" instead.
tune2fs¶
tune2fs device [force:true|false] [maxmountcount:N] [mountcount:N] [errorbehavior:..] [group:N] [intervalbetweenchecks:N] [reservedblockspercentage:N] [lastmounteddirectory:..] [reservedblockscount:N] [user:N]
This call allows you to adjust various filesystem parameters of an
ext2/ext3/ext4 filesystem called "device".
The optional parameters are:
- "force"
- Force tune2fs to complete the operation even in the face of
errors. This is the same as the tune2fs "-f" option.
- "maxmountcount"
- Set the number of mounts after which the filesystem is
checked by e2fsck(8). If this is 0 then the number of mounts is
disregarded. This is the same as the tune2fs "-c" option.
- "mountcount"
- Set the number of times the filesystem has been mounted.
This is the same as the tune2fs "-C" option.
- "errorbehavior"
- Change the behavior of the kernel code when errors are
detected. Possible values currently are: "continue",
"remount-ro", "panic". In practice these options don't
really make any difference, particularly for write errors.
This is the same as the tune2fs "-e" option.
- "group"
- Set the group which can use reserved filesystem blocks.
This is the same as the tune2fs "-g" option except that it can
only be specified as a number.
- "intervalbetweenchecks"
- Adjust the maximal time between two filesystem checks (in
seconds). If the option is passed as 0 then time-dependent checking is
disabled.
This is the same as the tune2fs "-i" option.
- "reservedblockspercentage"
- Set the percentage of the filesystem which may only be
allocated by privileged processes. This is the same as the tune2fs
"-m" option.
- "lastmounteddirectory"
- Set the last mounted directory. This is the same as the
tune2fs "-M" option.
- "reservedblockscount" Set the number of reserved
filesystem blocks. This is the same as the tune2fs "-r"
option.
- "user"
- Set the user who can use the reserved filesystem blocks.
This is the same as the tune2fs "-u" option except that it can
only be specified as a number.
To get the current values of filesystem parameters, see "tune2fs-l".
For precise details of how tune2fs works, see the
tune2fs(8) man page.
This command has one or more optional arguments. See "OPTIONAL
ARGUMENTS".
tune2fs-l¶
tune2fs-l device
This returns the contents of the ext2, ext3 or ext4 filesystem superblock on
"device".
It is the same as running "tune2fs -l device". See
tune2fs(8)
manpage for more details. The list of fields returned isn't clearly defined,
and depends on both the version of "tune2fs" that libguestfs was
built against, and the filesystem itself.
txz-in¶
txz-in (tarball|-) directory
This command uploads and unpacks local file "tarball" (an
xz
compressed tar file) into "directory".
Use "-" instead of a filename to read/write from stdin/stdout.
txz-out¶
txz-out directory (tarball|-)
This command packs the contents of "directory" and downloads it to
local file "tarball" (as an xz compressed tar archive).
Use "-" instead of a filename to read/write from stdin/stdout.
umask¶
umask mask
This function sets the mask used for creating new files and device nodes to
"mask & 0777".
Typical umask values would be 022 which creates new files with permissions like
"-rw-r--r--" or "-rwxr-xr-x", and 002 which creates new
files with permissions like "-rw-rw-r--" or "-rwxrwxr-x".
The default umask is 022. This is important because it means that directories
and device nodes will be created with 0644 or 0755 mode even if you specify
0777.
See also "get-umask",
umask(2), "mknod",
"mkdir".
This call returns the previous umask.
umount¶
unmount¶
umount pathordevice
This unmounts the given filesystem. The filesystem may be specified either by
its mountpoint (path) or the device which contains the filesystem.
umount-all¶
unmount-all¶
umount-all
This unmounts all mounted filesystems.
Some internal mounts are not unmounted by this call.
umount-local¶
umount-local [retry:true|false]
If libguestfs is exporting the filesystem on a local mountpoint, then this
unmounts it.
See "MOUNT LOCAL" in
guestfs(3) for full documentation.
This command has one or more optional arguments. See "OPTIONAL
ARGUMENTS".
upload¶
upload (filename|-) remotefilename
Upload local file "filename" to "remotefilename" on the
filesystem.
"filename" can also be a named pipe.
See also "download".
Use "-" instead of a filename to read/write from stdin/stdout.
upload-offset¶
upload-offset (filename|-) remotefilename offset
Upload local file "filename" to "remotefilename" on the
filesystem.
"remotefilename" is overwritten starting at the byte
"offset" specified. The intention is to overwrite parts of existing
files or devices, although if a non-existant file is specified then it is
created with a "hole" before "offset". The size of the
data written is implicit in the size of the source "filename".
Note that there is no limit on the amount of data that can be uploaded with this
call, unlike with "pwrite", and this call always writes the full
amount unless an error occurs.
See also "upload", "pwrite".
Use "-" instead of a filename to read/write from stdin/stdout.
utimens¶
utimens path atsecs atnsecs mtsecs mtnsecs
This command sets the timestamps of a file with nanosecond precision.
"atsecs, atnsecs" are the last access time (atime) in secs and
nanoseconds from the epoch.
"mtsecs, mtnsecs" are the last modification time (mtime) in secs and
nanoseconds from the epoch.
If the *nsecs field contains the special value "-1" then the
corresponding timestamp is set to the current time. (The *secs field is
ignored in this case).
If the *nsecs field contains the special value "-2" then the
corresponding timestamp is left unchanged. (The *secs field is ignored in this
case).
version¶
version
Return the libguestfs version number that the program is linked against.
Note that because of dynamic linking this is not necessarily the version of
libguestfs that you compiled against. You can compile the program, and then at
runtime dynamically link against a completely different
"libguestfs.so" library.
This call was added in version 1.0.58. In previous versions of libguestfs there
was no way to get the version number. From C code you can use dynamic linker
functions to find out if this symbol exists (if it doesn't, then it's an
earlier version).
The call returns a structure with four elements. The first three
("major", "minor" and "release") are numbers and
correspond to the usual version triplet. The fourth element
("extra") is a string and is normally empty, but may be used for
distro-specific information.
To construct the original version string:
"$major.$minor.$release$extra"
See also: "LIBGUESTFS VERSION NUMBERS" in
guestfs(3).
Note: Don't use this call to test for availability of features. In
enterprise distributions we backport features from later versions into earlier
versions, making this an unreliable way to test for features. Use
"available" instead.
vfs-label¶
vfs-label device
This returns the filesystem label of the filesystem on "device".
If the filesystem is unlabeled, this returns the empty string.
To find a filesystem from the label, use "findfs-label".
vfs-type¶
vfs-type device
This command gets the filesystem type corresponding to the filesystem on
"device".
For most filesystems, the result is the name of the Linux VFS module which would
be used to mount this filesystem if you mounted it without specifying the
filesystem type. For example a string such as "ext3" or
"ntfs".
vfs-uuid¶
vfs-uuid device
This returns the filesystem UUID of the filesystem on "device".
If the filesystem does not have a UUID, this returns the empty string.
To find a filesystem from the UUID, use "findfs-uuid".
vg-activate¶
vg-activate true|false 'volgroups ...'
This command activates or (if "activate" is false) deactivates all
logical volumes in the listed volume groups "volgroups".
This command is the same as running "vgchange -a y|n volgroups..."
Note that if "volgroups" is an empty list then
all volume
groups are activated or deactivated.
vg-activate-all¶
vg-activate-all true|false
This command activates or (if "activate" is false) deactivates all
logical volumes in all volume groups.
This command is the same as running "vgchange -a y|n"
vgcreate¶
vgcreate volgroup 'physvols ...'
This creates an LVM volume group called "volgroup" from the non-empty
list of physical volumes "physvols".
vglvuuids¶
vglvuuids vgname
Given a VG called "vgname", this returns the UUIDs of all the logical
volumes created in this volume group.
You can use this along with "lvs" and "lvuuid" calls to
associate logical volumes and volume groups.
See also "vgpvuuids".
vgmeta vgname
"vgname" is an LVM volume group. This command examines the volume
group and returns its metadata.
Note that the metadata is an internal structure used by LVM, subject to change
at any time, and is provided for information only.
vgpvuuids¶
vgpvuuids vgname
Given a VG called "vgname", this returns the UUIDs of all the physical
volumes that this volume group resides on.
You can use this along with "pvs" and "pvuuid" calls to
associate physical volumes and volume groups.
See also "vglvuuids".
vgremove¶
vgremove vgname
Remove an LVM volume group "vgname", (for example "VG").
This also forcibly removes all logical volumes in the volume group (if any).
vgrename¶
vgrename volgroup newvolgroup
Rename a volume group "volgroup" with the new name
"newvolgroup".
vgs¶
vgs
List all the volumes groups detected. This is the equivalent of the
vgs(8) command.
This returns a list of just the volume group names that were detected (eg.
"VolGroup00").
See also "vgs-full".
vgs-full¶
vgs-full
List all the volumes groups detected. This is the equivalent of the
vgs(8) command. The "full" version includes all fields.
vgscan¶
vgscan
This rescans all block devices and rebuilds the list of LVM physical volumes,
volume groups and logical volumes.
vguuid¶
vguuid vgname
This command returns the UUID of the LVM VG named "vgname".
wc-c¶
wc-c path
This command counts the characters in a file, using the "wc -c"
external command.
wc-l¶
wc-l path
This command counts the lines in a file, using the "wc -l" external
command.
wc-w¶
wc-w path
This command counts the words in a file, using the "wc -w" external
command.
wipefs¶
wipefs device
This command erases filesystem or RAID signatures from the specified
"device" to make the filesystem invisible to libblkid.
This does not erase the filesystem itself nor any other data from the
"device".
Compare with "zero" which zeroes the first few blocks of a device.
write¶
write path content
This call creates a file called "path". The content of the file is the
string "content" (which can contain any 8 bit data).
See also "write-append".
Because of the message protocol, there is a transfer limit of somewhere between
2MB and 4MB. See "PROTOCOL LIMITS" in
guestfs(3).
write-append¶
write-append path content
This call appends "content" to the end of file "path". If
"path" does not exist, then a new file is created.
See also "write".
Because of the message protocol, there is a transfer limit of somewhere between
2MB and 4MB. See "PROTOCOL LIMITS" in
guestfs(3).
write-file¶
write-file path content size
This call creates a file called "path". The contents of the file is
the string "content" (which can contain any 8 bit data), with length
"size".
As a special case, if "size" is 0 then the length is calculated using
"strlen" (so in this case the content cannot contain embedded ASCII
NULs).
NB. Owing to a bug, writing content containing ASCII NUL characters does
not work, even if the length is specified.
Because of the message protocol, there is a transfer limit of somewhere between
2MB and 4MB. See "PROTOCOL LIMITS" in
guestfs(3).
This function is deprecated. In new code, use the "write" call
instead.
Deprecated functions will not be removed from the API, but the fact that they
are deprecated indicates that there are problems with correct use of these
functions.
zegrep¶
zegrep regex path
This calls the external "zegrep" program and returns the matching
lines.
Because of the message protocol, there is a transfer limit of somewhere between
2MB and 4MB. See "PROTOCOL LIMITS" in
guestfs(3).
zegrepi¶
zegrepi regex path
This calls the external "zegrep -i" program and returns the matching
lines.
Because of the message protocol, there is a transfer limit of somewhere between
2MB and 4MB. See "PROTOCOL LIMITS" in
guestfs(3).
zero¶
zero device
This command writes zeroes over the first few blocks of "device".
How many blocks are zeroed isn't specified (but it's
not enough to
securely wipe the device). It should be sufficient to remove any partition
tables, filesystem superblocks and so on.
If blocks are already zero, then this command avoids writing zeroes. This
prevents the underlying device from becoming non-sparse or growing
unnecessarily.
See also: "zero-device", "scrub-device",
"is-zero-device"
zero-device¶
zero-device device
This command writes zeroes over the entire "device". Compare with
"zero" which just zeroes the first few blocks of a device.
If blocks are already zero, then this command avoids writing zeroes. This
prevents the underlying device from becoming non-sparse or growing
unnecessarily.
zero-free-space¶
zero-free-space directory
Zero the free space in the filesystem mounted on "directory". The
filesystem must be mounted read-write.
The filesystem contents are not affected, but any free space in the filesystem
is freed.
In future (but not currently) these zeroed blocks will be "sparsified"
- that is, given back to the host.
zerofree¶
zerofree device
This runs the
zerofree program on "device". This program claims
to zero unused inodes and disk blocks on an ext2/3 filesystem, thus making it
possible to compress the filesystem more effectively.
You should
not run this program if the filesystem is mounted.
It is possible that using this program can damage the filesystem or data on the
filesystem.
zfgrep¶
zfgrep pattern path
This calls the external "zfgrep" program and returns the matching
lines.
Because of the message protocol, there is a transfer limit of somewhere between
2MB and 4MB. See "PROTOCOL LIMITS" in
guestfs(3).
zfgrepi¶
zfgrepi pattern path
This calls the external "zfgrep -i" program and returns the matching
lines.
Because of the message protocol, there is a transfer limit of somewhere between
2MB and 4MB. See "PROTOCOL LIMITS" in
guestfs(3).
zfile¶
zfile meth path
This command runs "file" after first decompressing "path"
using "method".
"method" must be one of "gzip", "compress" or
"bzip2".
Since 1.0.63, use "file" instead which can now process compressed
files.
This function is deprecated. In new code, use the "file" call
instead.
Deprecated functions will not be removed from the API, but the fact that they
are deprecated indicates that there are problems with correct use of these
functions.
zgrep¶
zgrep regex path
This calls the external "zgrep" program and returns the matching
lines.
Because of the message protocol, there is a transfer limit of somewhere between
2MB and 4MB. See "PROTOCOL LIMITS" in
guestfs(3).
zgrepi¶
zgrepi regex path
This calls the external "zgrep -i" program and returns the matching
lines.
Because of the message protocol, there is a transfer limit of somewhere between
2MB and 4MB. See "PROTOCOL LIMITS" in
guestfs(3).
EXIT STATUS¶
guestfish returns 0 if the commands completed without error, or 1 if there was
an error.
ENVIRONMENT VARIABLES¶
- EDITOR
- The "edit" command uses $EDITOR as the editor. If
not set, it uses "vi".
- FEBOOTSTRAP_KERNEL
- FEBOOTSTRAP_MODULES
- These two environment variables allow the kernel that
libguestfs uses in the appliance to be selected. If $FEBOOTSTRAP_KERNEL is
not set, then the most recent host kernel is chosen. For more information
about kernel selection, see febootstrap-supermin-helper(8). This
feature is only available in febootstrap ≥ 3.8.
- GUESTFISH_DISPLAY_IMAGE
- The "display" command uses
$GUESTFISH_DISPLAY_IMAGE to display images. If not set, it uses
display(1).
- GUESTFISH_PID
- Used with the --remote option to specify the remote
guestfish process to control. See section "REMOTE CONTROL GUESTFISH
OVER A SOCKET".
- HEXEDITOR
- The "hexedit" command uses $HEXEDITOR as the
external hex editor. If not specified, the external hexedit(1)
program is used.
- HOME
- If compiled with GNU readline support, various files in the
home directory can be used. See "FILES".
- LIBGUESTFS_APPEND
- Pass additional options to the guest kernel.
- LIBGUESTFS_DEBUG
- Set "LIBGUESTFS_DEBUG=1" to enable verbose
messages. This has the same effect as using the -v option.
- LIBGUESTFS_MEMSIZE
- Set the memory allocated to the qemu process, in megabytes.
For example:
LIBGUESTFS_MEMSIZE=700
- LIBGUESTFS_PATH
- Set the path that guestfish uses to search for kernel and
initrd.img. See the discussion of paths in guestfs(3).
- LIBGUESTFS_QEMU
- Set the default qemu binary that libguestfs uses. If not
set, then the qemu which was found at compile time by the configure script
is used.
- LIBGUESTFS_TRACE
- Set "LIBGUESTFS_TRACE=1" to enable command
traces.
- PAGER
- The "more" command uses $PAGER as the pager. If
not set, it uses "more".
- TMPDIR
- Location of temporary directory, defaults to
"/tmp" except for the cached supermin appliance which defaults
to "/var/tmp".
If libguestfs was compiled to use the supermin appliance then the real
appliance is cached in this directory, shared between all handles
belonging to the same EUID. You can use $TMPDIR to configure another
directory to use in case "/var/tmp" is not large enough.
FILES¶
- $HOME/.libguestfs-tools.rc
- /etc/libguestfs-tools.conf
- This configuration file controls the default read-only or
read-write mode ( --ro or --rw).
See "OPENING DISKS FOR READ AND WRITE".
- $HOME/.guestfish
- If compiled with GNU readline support, then the command
history is saved in this file.
- $HOME/.inputrc
- /etc/inputrc
- If compiled with GNU readline support, then these files can
be used to configure readline. For further information, please see
"INITIALIZATION FILE" in readline(3).
To write rules which only apply to guestfish, use:
$if guestfish
...
$endif
Variables that you can set in inputrc that change the behaviour of guestfish
in useful ways include:
- completion-ignore-case (default: on)
- By default, guestfish will ignore case when tab-completing
paths on the disk. Use:
set completion-ignore-case off
to make guestfish case sensitive.
- test1.img
- test2.img (etc)
- When using the -N or --new option, the
prepared disk or filesystem will be created in the file
"test1.img" in the current directory. The second use of
-N will use "test2.img" and so on. Any existing file with
the same name will be overwritten.
SEE ALSO¶
guestfs(3), <
http://libguestfs.org/>,
virt-alignment-scan(1),
virt-cat(1),
virt-copy-in(1),
virt-copy-out(1),
virt-df(1),
virt-edit(1),
virt-filesystems(1),
virt-inspector(1),
virt-list-filesystems(1),
virt-list-partitions(1),
virt-ls(1),
virt-make-fs(1),
virt-rescue(1),
virt-resize(1),
virt-sparsify(1),
virt-sysprep(1),
virt-tar(1),
virt-tar-in(1),
virt-tar-out(1),
virt-win-reg(1),
display(1),
hexedit(1),
febootstrap-supermin-helper(8).
AUTHORS¶
Richard W.M. Jones ("rjones at redhat dot com")
COPYRIGHT¶
Copyright (C) 2009-2012 Red Hat Inc. <
http://libguestfs.org/>
This program is free software; you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by the Free Software
Foundation; either version 2 of the License, or (at your option) any later
version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY
WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with
this program; if not, write to the Free Software Foundation, Inc., 51 Franklin
Street, Fifth Floor, Boston, MA 02110-1301 USA.