5 guestfish - the libguestfs Filesystem Interactive SHell
9 guestfish [--options] [commands]
15 guestfish -a disk.img -m dev[:mountpoint]
17 guestfish -i libvirt-domain
19 guestfish -i disk.img [disk.img ...]
23 =head2 As an interactive shell
27 Welcome to guestfish, the libguestfs filesystem interactive shell for
28 editing virtual machine filesystems.
30 Type: 'help' for help with commands
31 'quit' to quit the shell
35 =head2 From shell scripts
37 Create a new C</etc/motd> file in a guest:
42 mount /dev/vg_guest/lv_root /
43 write_file /etc/motd "Welcome, new users" 0
46 List the LVM logical volumes in a guest:
48 guestfish -a disk.img --ro <<_EOF_
53 =head2 On one command line
55 Update C</etc/resolv.conf> in a guest:
58 add disk.img : run : mount /dev/vg_guest/lv_root / : \
59 write-file /etc/resolv.conf "nameserver 1.2.3.4" 0
61 Edit C</boot/grub/grub.conf> interactively:
63 guestfish --add disk.img \
64 --mount /dev/vg_guest/lv_root \
65 --mount /dev/sda1:/boot \
66 edit /boot/grub/grub.conf
68 =head2 Using virt-inspector
70 Use the I<-i> option to get virt-inspector to mount
71 the filesystems automatically as they would be mounted
72 in the virtual machine:
74 guestfish --ro -i disk.img cat /etc/group
76 =head2 As a script interpreter
78 Create a 50MB disk containing an ext2-formatted partition:
80 #!/usr/bin/guestfish -f
81 alloc /tmp/output.img 50M
83 part-disk /dev/sda mbr
88 eval `guestfish --listen --ro`
89 guestfish --remote add disk.img
90 guestfish --remote run
91 guestfish --remote lvs
95 Guestfish is a shell and command-line tool for examining and modifying
96 virtual machine filesystems. It uses libguestfs and exposes all of
97 the functionality of the guestfs API, see L<guestfs(3)>.
99 Guestfish gives you structured access to the libguestfs API, from
100 shell scripts or the command line or interactively. If you want to
101 rescue a broken virtual machine image, you should look at the
102 L<virt-rescue(1)> command.
104 Using guestfish in read/write mode on live virtual machines can be
105 dangerous, potentially causing disk corruption. Use the I<--ro>
106 (read-only) option to use guestfish safely if the disk image or
107 virtual machine might be live.
115 Displays general help on options.
117 =item B<-h> | B<--cmd-help>
119 Lists all available guestfish commands.
121 =item B<-h cmd> | B<--cmd-help cmd>
123 Displays detailed help on a single command C<cmd>.
125 =item B<-a image> | B<--add image>
127 Add a block device or virtual machine image to the shell.
129 =item B<-D> | B<--no-dest-paths>
131 Don't tab-complete paths on the guest filesystem. It is useful to be
132 able to hit the tab key to complete paths on the guest filesystem, but
133 this causes extra "hidden" guestfs calls to be made, so this option is
134 here to allow this feature to be disabled.
136 =item B<-f file> | B<--file file>
138 Read commands from C<file>. To write pure guestfish
141 #!/usr/bin/guestfish -f
143 =item B<-i> | B<--inspector>
145 Run virt-inspector on the named libvirt domain or list of disk
146 images. If virt-inspector is available and if it can identify
147 the domain or disk images, then partitions will be mounted
148 correctly at start-up.
150 Typical usage is either:
154 (for an inactive libvirt domain called I<myguest>), or:
156 guestfish --ro -i myguest
158 (for active domains, readonly), or specify the block device directly:
160 guestfish -i /dev/Guests/MyGuest
162 You cannot use I<-a>, I<-m>, I<--listen>, I<--remote> or I<--selinux>
163 in conjunction with this option, and options other than I<--ro> might
164 not behave correctly.
166 See also: L<virt-inspector(1)>.
170 Fork into the background and listen for remote commands. See section
171 I<REMOTE CONTROL GUESTFISH OVER A SOCKET> below.
173 =item B<-m dev[:mountpoint]> | B<--mount dev[:mountpoint]>
175 Mount the named partition or logical volume on the given mountpoint.
177 If the mountpoint is omitted, it defaults to C</>.
179 You have to mount something on C</> before most commands will work.
181 If any C<-m> or C<--mount> options are given, the guest is
182 automatically launched.
184 If you don't know what filesystems a disk image contains, you
185 can either run guestfish without this option, then list the partitions
186 and LVs available (see L</list-partitions> and L</lvs> commands),
187 or you can use the L<virt-list-filesystems(1)> program.
189 =item B<-n> | B<--no-sync>
191 Disable autosync. This is enabled by default. See the discussion
192 of autosync in the L<guestfs(3)> manpage.
194 =item B<--remote[=pid]>
196 Send remote commands to C<$GUESTFISH_PID> or C<pid>. See section
197 I<REMOTE CONTROL GUESTFISH OVER A SOCKET> below.
199 =item B<-r> | B<--ro>
201 This changes the C<-a> and C<-m> options so that disks are added and
202 mounts are done read-only (see L<guestfs(3)/guestfs_mount_ro>).
204 The option must always be used if the disk image or virtual machine
205 might be running, and is generally recommended in cases where you
206 don't need write access to the disk.
210 Enable SELinux support for the guest. See L<guestfs(3)/SELINUX>.
212 =item B<-v> | B<--verbose>
214 Enable very verbose messages. This is particularly useful if you find
217 =item B<-V> | B<--version>
219 Display the guestfish / libguestfs version number and exit.
223 Echo each command before executing it.
227 =head1 COMMANDS ON COMMAND LINE
229 Any additional (non-option) arguments are treated as commands to
232 Commands to execute should be separated by a colon (C<:>), where the
233 colon is a separate parameter. Thus:
235 guestfish cmd [args...] : cmd [args...] : cmd [args...] ...
237 If there are no additional arguments, then we enter a shell, either an
238 interactive shell with a prompt (if the input is a terminal) or a
239 non-interactive shell.
241 In either command line mode or non-interactive shell, the first
242 command that gives an error causes the whole shell to exit. In
243 interactive mode (with a prompt) if a command fails, you can continue
246 =head1 USING launch (OR run)
248 As with L<guestfs(3)>, you must first configure your guest by adding
249 disks, then launch it, then mount any disks you need, and finally
250 issue actions/commands. So the general order of the day is:
272 C<run> is a synonym for C<launch>. You must C<launch> (or C<run>)
273 your guest before mounting or performing any other commands.
275 The only exception is that if the C<-m> or C<--mount> option was
276 given, the guest is automatically run for you (simply because
277 guestfish can't mount the disks you asked for without doing this).
281 You can quote ordinary parameters using either single or double
284 add "file with a space.img"
290 A few commands require a list of strings to be passed. For these, use
291 a whitespace-separated list, enclosed in quotes. Strings containing whitespace
292 to be passed through must be enclosed in single quotes. A literal single quote
293 must be escaped with a backslash.
295 vgcreate VG "/dev/sda1 /dev/sdb1"
296 command "/bin/echo 'foo bar'"
297 command "/bin/echo \'foo\'"
301 Commands which take integers as parameters use the C convention which
302 is to use C<0> to prefix an octal number or C<0x> to prefix a
303 hexadecimal number. For example:
305 1234 decimal number 1234
306 02322 octal number, equivalent to decimal 1234
307 0x4d2 hexadecimal number, equivalent to decimal 1234
309 When using the C<chmod> command, you almost always want to specify an
310 octal number for the mode, and you must prefix it with C<0> (unlike
311 the Unix L<chmod(1)> program):
313 chmod 0777 /public # OK
314 chmod 777 /public # WRONG! This is mode 777 decimal = 01411 octal.
316 Commands that return numbers currently always print them in decimal.
318 =head1 WILDCARDS AND GLOBBING
320 Neither guestfish nor the underlying guestfs API performs
321 wildcard expansion (globbing) by default. So for example the
322 following will not do what you expect:
326 Assuming you don't have a directory literally called C</home/*>
327 then the above command will return an error.
329 To perform wildcard expansion, use the C<glob> command.
333 runs C<rm-rf> on each path that matches (ie. potentially running
334 the command many times), equivalent to:
340 C<glob> only works on simple guest paths and not on device names.
342 If you have several parameters, each containing a wildcard, then glob
343 will perform a cartesian product.
347 Any line which starts with a I<#> character is treated as a comment
348 and ignored. The I<#> can optionally be preceeded by whitespace,
349 but B<not> by a command. For example:
355 Blank lines are also ignored.
357 =head1 RUNNING COMMANDS LOCALLY
359 Any line which starts with a I<!> character is treated as a command
360 sent to the local shell (C</bin/sh> or whatever L<system(3)> uses).
364 tgz-out /remote local/remote-data.tar.gz
366 will create a directory C<local> on the host, and then export
367 the contents of C</remote> on the mounted filesystem to
368 C<local/remote-data.tar.gz>. (See C<tgz-out>).
370 To change the local directory, use the C<lcd> command. C<!cd> will
371 have no effect, due to the way that subprocesses work in Unix.
375 Use C<command E<lt>spaceE<gt> | command> to pipe the output of the
376 first command (a guestfish command) to the second command (any host
377 command). For example:
379 cat /etc/passwd | awk -F: '$3 == 0 { print }'
381 (where C<cat> is the guestfish cat command, but C<awk> is the host awk
382 program). The above command would list all accounts in the guest
383 filesystem which have UID 0, ie. root accounts including backdoors.
386 hexdump /bin/ls | head
387 list-devices | tail -1
388 tgz-out / - | tar ztf -
390 The space before the pipe symbol is required, any space after the pipe
391 symbol is optional. Everything after the pipe symbol is just passed
392 straight to the host shell, so it can contain redirections, globs and
393 anything else that makes sense on the host side.
395 To use a literal argument which begins with a pipe symbol, you have
400 =head1 HOME DIRECTORIES
402 If a parameter starts with the character C<~> then the tilde may be
403 expanded as a home directory path (either C<~> for the current user's
404 home directory, or C<~user> for another user).
406 Note that home directory expansion happens for users known I<on the
407 host>, not in the guest filesystem.
409 To use a literal argument which begins with a tilde, you have to quote
416 If a path is prefixed with C<win:> then you can use Windows-style
417 paths (with some limitations). The following commands are equivalent:
419 file /WINDOWS/system32/config/system.LOG
421 file win:/windows/system32/config/system.log
423 file win:\windows\system32\config\system.log
425 file WIN:C:\Windows\SYSTEM32\conFIG\SYSTEM.LOG
427 This syntax implicitly calls C<case-sensitive-path> (q.v.) so it also
428 handles case insensitivity like Windows would. This only works in
429 argument positions that expect a path.
431 =head1 EXIT ON ERROR BEHAVIOUR
433 By default, guestfish will ignore any errors when in interactive mode
434 (ie. taking commands from a human over a tty), and will exit on the
435 first error in non-interactive mode (scripts, commands given on the
438 If you prefix a command with a I<-> character, then that command will
439 not cause guestfish to exit, even if that (one) command returns an
442 =head1 REMOTE CONTROL GUESTFISH OVER A SOCKET
444 Guestfish can be remote-controlled over a socket. This is useful
445 particularly in shell scripts where you want to make several different
446 changes to a filesystem, but you don't want the overhead of starting
447 up a guestfish process each time.
449 Start a guestfish server process using:
451 eval `guestfish --listen`
453 and then send it commands by doing:
455 guestfish --remote cmd [...]
457 To cause the server to exit, send it the exit command:
459 guestfish --remote exit
461 Note that the server will normally exit if there is an error in a
462 command. You can change this in the usual way. See section I<EXIT ON
465 =head2 CONTROLLING MULTIPLE GUESTFISH PROCESSES
467 The C<eval> statement sets the environment variable C<$GUESTFISH_PID>,
468 which is how the C<--remote> option knows where to send the commands.
469 You can have several guestfish listener processes running using:
471 eval `guestfish --listen`
473 eval `guestfish --listen`
476 guestfish --remote=$pid1 cmd
477 guestfish --remote=$pid2 cmd
479 =head2 REMOTE CONTROL DETAILS
481 Remote control happens over a Unix domain socket called
482 C</tmp/.guestfish-$UID/socket-$PID>, where C<$UID> is the effective
483 user ID of the process, and C<$PID> is the process ID of the server.
485 Guestfish client and server versions must match exactly.
487 =head1 GUESTFISH COMMANDS
489 The commands in this section are guestfish convenience commands, in
490 other words, they are not part of the L<guestfs(3)> API.
492 =head2 alloc | allocate
496 This creates an empty (zeroed) file of the given size, and then adds
497 so it can be further examined.
499 For more advanced image creation, see L<qemu-img(1)> utility.
501 Size can be specified (where C<nn> means a number):
505 =item C<nn> or C<nn>K or C<nn>KB
507 number of kilobytes, eg: C<1440> = standard 3.5in floppy
509 =item C<nn>M or C<nn>MB
513 =item C<nn>G or C<nn>GB
517 =item C<nn>T or C<nn>TB
521 =item C<nn>P or C<nn>PB
525 =item C<nn>E or C<nn>EB
531 number of 512 byte sectors
539 This echos the parameters to the terminal.
541 =head2 edit | vi | emacs
545 This is used to edit a file. It downloads the file, edits it
546 locally using your editor, then uploads the result.
548 The editor is C<$EDITOR>. However if you use the alternate
549 commands C<vi> or C<emacs> you will get those corresponding
552 NOTE: This will not work reliably for large files
553 (> 2 MB) or binary files containing \0 bytes.
559 Expand wildcards in any paths in the args list, and run C<command>
560 repeatedly on each matching path.
562 See section WILDCARDS AND GLOBBING.
569 Without any parameter, this lists all commands. With a C<cmd>
570 parameter, this displays detailed help for a command.
576 Change the local directory, ie. the current directory of guestfish
579 Note that C<!cd> won't do what you might expect.
587 This is used to view a file.
589 The default viewer is C<$PAGER>. However if you use the alternate
590 command C<less> you will get the C<less> command specifically.
592 NOTE: This will not work reliably for large files
593 (> 2 MB) or binary files containing \0 bytes.
597 This exits guestfish. You can also use C<^D> key.
603 Close and reopen the libguestfs handle. It is not necessary to use
604 this normally, because the handle is closed properly when guestfish
605 exits. However this is occasionally useful for testing.
611 This creates an empty sparse file of the given size, and then adds
612 so it can be further examined.
614 In all respects it works the same as the C<alloc> command, except that
615 the image file is allocated sparsely, which means that disk blocks are
616 not assigned to the file until they are needed. Sparse disk files
617 only use space when written to, but they are slower and there is a
618 danger you could run out of real disk space during a write operation.
620 For more advanced image creation, see L<qemu-img(1)> utility.
622 Size can be specified (where C<nn> means a number):
626 =item C<nn> or C<nn>K or C<nn>KB
628 number of kilobytes, eg: C<1440> = standard 3.5in floppy
630 =item C<nn>M or C<nn>MB
634 =item C<nn>G or C<nn>GB
638 =item C<nn>T or C<nn>TB
642 =item C<nn>P or C<nn>PB
646 =item C<nn>E or C<nn>EB
652 number of 512 byte sectors
660 Run the command as usual, but print the elapsed time afterwards. This
661 can be useful for benchmarking operations.
667 =head1 ENVIRONMENT VARIABLES
673 The C<edit> command uses C<$EDITOR> as the editor. If not
678 Used with the I<--remote> option to specify the remote guestfish
679 process to control. See section I<REMOTE CONTROL GUESTFISH OVER A
684 If compiled with GNU readline support, then the command history
685 is saved in C<$HOME/.guestfish>
687 =item LIBGUESTFS_APPEND
689 Pass additional options to the guest kernel.
691 =item LIBGUESTFS_DEBUG
693 Set C<LIBGUESTFS_DEBUG=1> to enable verbose messages. This has the
694 same effect as using the B<-v> option.
696 =item LIBGUESTFS_MEMSIZE
698 Set the memory allocated to the qemu process, in megabytes. For
701 LIBGUESTFS_MEMSIZE=700
703 =item LIBGUESTFS_PATH
705 Set the path that guestfish uses to search for kernel and initrd.img.
706 See the discussion of paths in L<guestfs(3)>.
708 =item LIBGUESTFS_QEMU
710 Set the default qemu binary that libguestfs uses. If not set, then
711 the qemu which was found at compile time by the configure script is
714 =item LIBGUESTFS_TRACE
716 Set C<LIBGUESTFS_TRACE=1> to enable command traces.
720 The C<more> command uses C<$PAGER> as the pager. If not
721 set, it uses C<more>.
725 Location of temporary directory, defaults to C</tmp>.
727 If libguestfs was compiled to use the supermin appliance then each
728 handle will require rather a large amount of space in this directory
729 for short periods of time (~ 80 MB). You can use C<$TMPDIR> to
730 configure another directory to use in case C</tmp> is not large
737 guestfish returns I<0> if the commands completed without error, or
738 I<1> if there was an error.
743 L<http://libguestfs.org/>,
747 L<virt-list-filesystems(1)>,
748 L<virt-list-partitions(1)>,
758 Richard W.M. Jones (C<rjones at redhat dot com>)
762 Copyright (C) 2009 Red Hat Inc.
763 L<http://libguestfs.org/>
765 This program is free software; you can redistribute it and/or modify
766 it under the terms of the GNU General Public License as published by
767 the Free Software Foundation; either version 2 of the License, or
768 (at your option) any later version.
770 This program is distributed in the hope that it will be useful,
771 but WITHOUT ANY WARRANTY; without even the implied warranty of
772 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
773 GNU General Public License for more details.
775 You should have received a copy of the GNU General Public License
776 along with this program; if not, write to the Free Software
777 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.