5 guestfish - the libguestfs Filesystem Interactive SHell
9 guestfish [--options] [commands]
15 guestfish -a disk.img -m dev[:mountpoint]
17 guestfish -i libvirt-domain
19 guestfish -i disk.img [disk.img ...]
23 Using guestfish in read/write mode on live virtual machines can be
24 dangerous, potentially causing disk corruption. Use the I<--ro>
25 (read-only) option to use guestfish safely if the disk image or
26 virtual machine might be live.
30 =head2 As an interactive shell
34 Welcome to guestfish, the libguestfs filesystem interactive shell for
35 editing virtual machine filesystems.
37 Type: 'help' for help with commands
38 'quit' to quit the shell
42 =head2 From shell scripts
44 Create a new C</etc/motd> file in a guest:
49 mount /dev/vg_guest/lv_root /
50 write_file /etc/motd "Welcome, new users" 0
53 List the LVM logical volumes in a guest:
55 guestfish -a disk.img --ro <<_EOF_
60 =head2 On one command line
62 Update C</etc/resolv.conf> in a guest:
65 add disk.img : run : mount /dev/vg_guest/lv_root / : \
66 write-file /etc/resolv.conf "nameserver 1.2.3.4" 0
68 Edit C</boot/grub/grub.conf> interactively:
70 guestfish --add disk.img \
71 --mount /dev/vg_guest/lv_root \
72 --mount /dev/sda1:/boot \
73 edit /boot/grub/grub.conf
75 =head2 Using virt-inspector
77 Use the I<-i> option to get virt-inspector to mount
78 the filesystems automatically as they would be mounted
79 in the virtual machine:
81 guestfish --ro -i disk.img cat /etc/group
83 =head2 As a script interpreter
85 Create a 50MB disk containing an ext2-formatted partition:
87 #!/usr/bin/guestfish -f
88 alloc /tmp/output.img 50M
90 part-disk /dev/sda mbr
95 eval `guestfish --listen --ro`
96 guestfish --remote add disk.img
97 guestfish --remote run
98 guestfish --remote lvs
102 Guestfish is a shell and command-line tool for examining and modifying
103 virtual machine filesystems. It uses libguestfs and exposes all of
104 the functionality of the guestfs API, see L<guestfs(3)>.
106 Guestfish gives you structured access to the libguestfs API, from
107 shell scripts or the command line or interactively. If you want to
108 rescue a broken virtual machine image, you should look at the
109 L<virt-rescue(1)> command.
117 Displays general help on options.
119 =item B<-h> | B<--cmd-help>
121 Lists all available guestfish commands.
123 =item B<-h cmd> | B<--cmd-help cmd>
125 Displays detailed help on a single command C<cmd>.
127 =item B<-a image> | B<--add image>
129 Add a block device or virtual machine image to the shell.
131 =item B<-D> | B<--no-dest-paths>
133 Don't tab-complete paths on the guest filesystem. It is useful to be
134 able to hit the tab key to complete paths on the guest filesystem, but
135 this causes extra "hidden" guestfs calls to be made, so this option is
136 here to allow this feature to be disabled.
138 =item B<-f file> | B<--file file>
140 Read commands from C<file>. To write pure guestfish
143 #!/usr/bin/guestfish -f
145 =item B<-i> | B<--inspector>
147 Run virt-inspector on the named libvirt domain or list of disk
148 images. If virt-inspector is available and if it can identify
149 the domain or disk images, then partitions will be mounted
150 correctly at start-up.
152 Typical usage is either:
156 (for an inactive libvirt domain called I<myguest>), or:
158 guestfish --ro -i myguest
160 (for active domains, readonly), or specify the block device directly:
162 guestfish -i /dev/Guests/MyGuest
164 You cannot use I<-a>, I<-m>, I<--listen>, I<--remote> or I<--selinux>
165 in conjunction with this option, and options other than I<--ro> might
166 not behave correctly.
168 See also: L<virt-inspector(1)>.
172 Fork into the background and listen for remote commands. See section
173 L</REMOTE CONTROL GUESTFISH OVER A SOCKET> below.
175 =item B<-m dev[:mountpoint]> | B<--mount dev[:mountpoint]>
177 Mount the named partition or logical volume on the given mountpoint.
179 If the mountpoint is omitted, it defaults to C</>.
181 You have to mount something on C</> before most commands will work.
183 If any I<-m> or I<--mount> options are given, the guest is
184 automatically launched.
186 If you don't know what filesystems a disk image contains, you
187 can either run guestfish without this option, then list the partitions
188 and LVs available (see L</list-partitions> and L</lvs> commands),
189 or you can use the L<virt-list-filesystems(1)> program.
191 =item B<-n> | B<--no-sync>
193 Disable autosync. This is enabled by default. See the discussion
194 of autosync in the L<guestfs(3)> manpage.
196 =item B<--remote[=pid]>
198 Send remote commands to C<$GUESTFISH_PID> or C<pid>. See section
199 L</REMOTE CONTROL GUESTFISH OVER A SOCKET> below.
201 =item B<-r> | B<--ro>
203 This changes the I<-a> and I<-m> options so that disks are added and
204 mounts are done read-only (see L<guestfs(3)/guestfs_mount_ro>).
206 The option must always be used if the disk image or virtual machine
207 might be running, and is generally recommended in cases where you
208 don't need write access to the disk.
212 Enable SELinux support for the guest. See L<guestfs(3)/SELINUX>.
214 =item B<-v> | B<--verbose>
216 Enable very verbose messages. This is particularly useful if you find
219 =item B<-V> | B<--version>
221 Display the guestfish / libguestfs version number and exit.
225 Echo each command before executing it.
229 =head1 COMMANDS ON COMMAND LINE
231 Any additional (non-option) arguments are treated as commands to
234 Commands to execute should be separated by a colon (C<:>), where the
235 colon is a separate parameter. Thus:
237 guestfish cmd [args...] : cmd [args...] : cmd [args...] ...
239 If there are no additional arguments, then we enter a shell, either an
240 interactive shell with a prompt (if the input is a terminal) or a
241 non-interactive shell.
243 In either command line mode or non-interactive shell, the first
244 command that gives an error causes the whole shell to exit. In
245 interactive mode (with a prompt) if a command fails, you can continue
248 =head1 USING launch (OR run)
250 As with L<guestfs(3)>, you must first configure your guest by adding
251 disks, then launch it, then mount any disks you need, and finally
252 issue actions/commands. So the general order of the day is:
274 C<run> is a synonym for C<launch>. You must C<launch> (or C<run>)
275 your guest before mounting or performing any other commands.
277 The only exception is that if the I<-m> or I<--mount> option was
278 given, the guest is automatically run for you (simply because
279 guestfish can't mount the disks you asked for without doing this).
283 You can quote ordinary parameters using either single or double
286 add "file with a space.img"
292 A few commands require a list of strings to be passed. For these, use
293 a whitespace-separated list, enclosed in quotes. Strings containing whitespace
294 to be passed through must be enclosed in single quotes. A literal single quote
295 must be escaped with a backslash.
297 vgcreate VG "/dev/sda1 /dev/sdb1"
298 command "/bin/echo 'foo bar'"
299 command "/bin/echo \'foo\'"
303 Commands which take integers as parameters use the C convention which
304 is to use C<0> to prefix an octal number or C<0x> to prefix a
305 hexadecimal number. For example:
307 1234 decimal number 1234
308 02322 octal number, equivalent to decimal 1234
309 0x4d2 hexadecimal number, equivalent to decimal 1234
311 When using the C<chmod> command, you almost always want to specify an
312 octal number for the mode, and you must prefix it with C<0> (unlike
313 the Unix L<chmod(1)> program):
315 chmod 0777 /public # OK
316 chmod 777 /public # WRONG! This is mode 777 decimal = 01411 octal.
318 Commands that return numbers currently always print them in decimal.
320 =head1 WILDCARDS AND GLOBBING
322 Neither guestfish nor the underlying guestfs API performs
323 wildcard expansion (globbing) by default. So for example the
324 following will not do what you expect:
328 Assuming you don't have a directory literally called C</home/*>
329 then the above command will return an error.
331 To perform wildcard expansion, use the C<glob> command.
335 runs C<rm-rf> on each path that matches (ie. potentially running
336 the command many times), equivalent to:
342 C<glob> only works on simple guest paths and not on device names.
344 If you have several parameters, each containing a wildcard, then glob
345 will perform a cartesian product.
349 Any line which starts with a I<#> character is treated as a comment
350 and ignored. The I<#> can optionally be preceeded by whitespace,
351 but B<not> by a command. For example:
357 Blank lines are also ignored.
359 =head1 RUNNING COMMANDS LOCALLY
361 Any line which starts with a I<!> character is treated as a command
362 sent to the local shell (C</bin/sh> or whatever L<system(3)> uses).
366 tgz-out /remote local/remote-data.tar.gz
368 will create a directory C<local> on the host, and then export
369 the contents of C</remote> on the mounted filesystem to
370 C<local/remote-data.tar.gz>. (See C<tgz-out>).
372 To change the local directory, use the C<lcd> command. C<!cd> will
373 have no effect, due to the way that subprocesses work in Unix.
377 Use C<command E<lt>spaceE<gt> | command> to pipe the output of the
378 first command (a guestfish command) to the second command (any host
379 command). For example:
381 cat /etc/passwd | awk -F: '$3 == 0 { print }'
383 (where C<cat> is the guestfish cat command, but C<awk> is the host awk
384 program). The above command would list all accounts in the guest
385 filesystem which have UID 0, ie. root accounts including backdoors.
388 hexdump /bin/ls | head
389 list-devices | tail -1
390 tgz-out / - | tar ztf -
392 The space before the pipe symbol is required, any space after the pipe
393 symbol is optional. Everything after the pipe symbol is just passed
394 straight to the host shell, so it can contain redirections, globs and
395 anything else that makes sense on the host side.
397 To use a literal argument which begins with a pipe symbol, you have
402 =head1 HOME DIRECTORIES
404 If a parameter starts with the character C<~> then the tilde may be
405 expanded as a home directory path (either C<~> for the current user's
406 home directory, or C<~user> for another user).
408 Note that home directory expansion happens for users known I<on the
409 host>, not in the guest filesystem.
411 To use a literal argument which begins with a tilde, you have to quote
418 If a path is prefixed with C<win:> then you can use Windows-style
419 paths (with some limitations). The following commands are equivalent:
421 file /WINDOWS/system32/config/system.LOG
423 file win:/windows/system32/config/system.log
425 file win:\windows\system32\config\system.log
427 file WIN:C:\Windows\SYSTEM32\conFIG\SYSTEM.LOG
429 This syntax implicitly calls C<case-sensitive-path> (q.v.) so it also
430 handles case insensitivity like Windows would. This only works in
431 argument positions that expect a path.
433 =head1 UPLOADING AND DOWNLOADING FILES
435 For commands such as C<upload>, C<download>, C<tar-in>, C<tar-out> and
436 others which upload from or download to a local file, you can use the
437 special filename C<-> to mean "from stdin" or "to stdout". For example:
441 reads stdin and creates from that a file C</foo> in the disk image,
444 tar-out /etc - | tar tf -
446 writes the tarball to stdout and then pipes that into the external
447 "tar" command (see L</PIPES>).
449 When using C<-> to read from stdin, the input is read up to the end of
452 =head1 EXIT ON ERROR BEHAVIOUR
454 By default, guestfish will ignore any errors when in interactive mode
455 (ie. taking commands from a human over a tty), and will exit on the
456 first error in non-interactive mode (scripts, commands given on the
459 If you prefix a command with a I<-> character, then that command will
460 not cause guestfish to exit, even if that (one) command returns an
463 =head1 REMOTE CONTROL GUESTFISH OVER A SOCKET
465 Guestfish can be remote-controlled over a socket. This is useful
466 particularly in shell scripts where you want to make several different
467 changes to a filesystem, but you don't want the overhead of starting
468 up a guestfish process each time.
470 Start a guestfish server process using:
472 eval `guestfish --listen`
474 and then send it commands by doing:
476 guestfish --remote cmd [...]
478 To cause the server to exit, send it the exit command:
480 guestfish --remote exit
482 Note that the server will normally exit if there is an error in a
483 command. You can change this in the usual way. See section
484 L</EXIT ON ERROR BEHAVIOUR>.
486 =head2 CONTROLLING MULTIPLE GUESTFISH PROCESSES
488 The C<eval> statement sets the environment variable C<$GUESTFISH_PID>,
489 which is how the I<--remote> option knows where to send the commands.
490 You can have several guestfish listener processes running using:
492 eval `guestfish --listen`
494 eval `guestfish --listen`
497 guestfish --remote=$pid1 cmd
498 guestfish --remote=$pid2 cmd
500 =head2 REMOTE CONTROL DETAILS
502 Remote control happens over a Unix domain socket called
503 C</tmp/.guestfish-$UID/socket-$PID>, where C<$UID> is the effective
504 user ID of the process, and C<$PID> is the process ID of the server.
506 Guestfish client and server versions must match exactly.
508 =head1 GUESTFISH COMMANDS
510 The commands in this section are guestfish convenience commands, in
511 other words, they are not part of the L<guestfs(3)> API.
513 =head2 alloc | allocate
517 This creates an empty (zeroed) file of the given size, and then adds
518 so it can be further examined.
520 For more advanced image creation, see L<qemu-img(1)> utility.
522 Size can be specified (where C<nn> means a number):
526 =item C<nn> or C<nn>K or C<nn>KB
528 number of kilobytes, eg: C<1440> = standard 3.5in floppy
530 =item C<nn>M or C<nn>MB
534 =item C<nn>G or C<nn>GB
538 =item C<nn>T or C<nn>TB
542 =item C<nn>P or C<nn>PB
546 =item C<nn>E or C<nn>EB
552 number of 512 byte sectors
560 This echos the parameters to the terminal.
562 =head2 edit | vi | emacs
566 This is used to edit a file. It downloads the file, edits it
567 locally using your editor, then uploads the result.
569 The editor is C<$EDITOR>. However if you use the alternate
570 commands C<vi> or C<emacs> you will get those corresponding
573 NOTE: This will not work reliably for large files
574 (> 2 MB) or binary files containing \0 bytes.
580 Expand wildcards in any paths in the args list, and run C<command>
581 repeatedly on each matching path.
583 See section WILDCARDS AND GLOBBING.
590 Without any parameter, this lists all commands. With a C<cmd>
591 parameter, this displays detailed help for a command.
597 Change the local directory, ie. the current directory of guestfish
600 Note that C<!cd> won't do what you might expect.
608 This is used to view a file.
610 The default viewer is C<$PAGER>. However if you use the alternate
611 command C<less> you will get the C<less> command specifically.
613 NOTE: This will not work reliably for large files
614 (> 2 MB) or binary files containing \0 bytes.
618 This exits guestfish. You can also use C<^D> key.
624 Close and reopen the libguestfs handle. It is not necessary to use
625 this normally, because the handle is closed properly when guestfish
626 exits. However this is occasionally useful for testing.
632 This creates an empty sparse file of the given size, and then adds
633 so it can be further examined.
635 In all respects it works the same as the C<alloc> command, except that
636 the image file is allocated sparsely, which means that disk blocks are
637 not assigned to the file until they are needed. Sparse disk files
638 only use space when written to, but they are slower and there is a
639 danger you could run out of real disk space during a write operation.
641 For more advanced image creation, see L<qemu-img(1)> utility.
643 Size can be specified (where C<nn> means a number):
647 =item C<nn> or C<nn>K or C<nn>KB
649 number of kilobytes, eg: C<1440> = standard 3.5in floppy
651 =item C<nn>M or C<nn>MB
655 =item C<nn>G or C<nn>GB
659 =item C<nn>T or C<nn>TB
663 =item C<nn>P or C<nn>PB
667 =item C<nn>E or C<nn>EB
673 number of 512 byte sectors
681 Run the command as usual, but print the elapsed time afterwards. This
682 can be useful for benchmarking operations.
690 guestfish returns 0 if the commands completed without error, or
691 1 if there was an error.
693 =head1 ENVIRONMENT VARIABLES
699 The C<edit> command uses C<$EDITOR> as the editor. If not
704 Used with the I<--remote> option to specify the remote guestfish
705 process to control. See section
706 L</REMOTE CONTROL GUESTFISH OVER A SOCKET>.
710 If compiled with GNU readline support, various files in the
711 home directory can be used. See L</FILES>.
713 =item LIBGUESTFS_APPEND
715 Pass additional options to the guest kernel.
717 =item LIBGUESTFS_DEBUG
719 Set C<LIBGUESTFS_DEBUG=1> to enable verbose messages. This has the
720 same effect as using the B<-v> option.
722 =item LIBGUESTFS_MEMSIZE
724 Set the memory allocated to the qemu process, in megabytes. For
727 LIBGUESTFS_MEMSIZE=700
729 =item LIBGUESTFS_PATH
731 Set the path that guestfish uses to search for kernel and initrd.img.
732 See the discussion of paths in L<guestfs(3)>.
734 =item LIBGUESTFS_QEMU
736 Set the default qemu binary that libguestfs uses. If not set, then
737 the qemu which was found at compile time by the configure script is
740 =item LIBGUESTFS_TRACE
742 Set C<LIBGUESTFS_TRACE=1> to enable command traces.
746 The C<more> command uses C<$PAGER> as the pager. If not
747 set, it uses C<more>.
751 Location of temporary directory, defaults to C</tmp>.
753 If libguestfs was compiled to use the supermin appliance then each
754 handle will require rather a large amount of space in this directory
755 for short periods of time (~ 80 MB). You can use C<$TMPDIR> to
756 configure another directory to use in case C</tmp> is not large
765 =item $HOME/.guestfish
767 If compiled with GNU readline support, then the command history
768 is saved in this file.
774 If compiled with GNU readline support, then these files can be used to
775 configure readline. For further information, please see
776 L<readline(3)/INITIALIZATION FILE>.
778 To write rules which only apply to guestfish, use:
789 L<http://libguestfs.org/>,
793 L<virt-list-filesystems(1)>,
794 L<virt-list-partitions(1)>,
804 Richard W.M. Jones (C<rjones at redhat dot com>)
808 Copyright (C) 2009-2010 Red Hat Inc.
809 L<http://libguestfs.org/>
811 This program is free software; you can redistribute it and/or modify
812 it under the terms of the GNU General Public License as published by
813 the Free Software Foundation; either version 2 of the License, or
814 (at your option) any later version.
816 This program is distributed in the hope that it will be useful,
817 but WITHOUT ANY WARRANTY; without even the implied warranty of
818 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
819 GNU General Public License for more details.
821 You should have received a copy of the GNU General Public License
822 along with this program; if not, write to the Free Software
823 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.