5 guestfish - the libguestfs Filesystem Interactive SHell
9 guestfish [--options] [commands]
15 guestfish -a disk.img -m dev[:mountpoint]
17 guestfish -i libvirt-domain
19 guestfish -i disk.img [disk.img ...]
23 =head2 As an interactive shell
27 Welcome to guestfish, the libguestfs filesystem interactive shell for
28 editing virtual machine filesystems.
30 Type: 'help' for a list of commands
31 'man' to read the manual
32 'quit' to quit the shell
36 =head2 From shell scripts
38 Create a new C</etc/motd> file in a guest:
43 mount /dev/vg_guest/lv_root /
44 write /etc/motd "Welcome, new users"
47 List the LVM logical volumes in a guest:
49 guestfish -a disk.img --ro <<_EOF_
54 =head2 On one command line
56 Update C</etc/resolv.conf> in a guest:
59 add disk.img : run : mount /dev/vg_guest/lv_root / : \
60 write /etc/resolv.conf "nameserver 1.2.3.4"
62 Edit C</boot/grub/grub.conf> interactively:
64 guestfish --add disk.img \
65 --mount /dev/vg_guest/lv_root \
66 --mount /dev/sda1:/boot \
67 edit /boot/grub/grub.conf
69 =head2 Using virt-inspector
71 Use the I<-i> option to get virt-inspector to mount
72 the filesystems automatically as they would be mounted
73 in the virtual machine:
75 guestfish --ro -i disk.img cat /etc/group
77 =head2 As a script interpreter
79 Create a 100MB disk containing an ext2-formatted partition:
81 #!/usr/bin/guestfish -f
84 part-disk /dev/sda mbr
87 =head2 Start with a prepared disk
89 An alternate way to create a 100MB disk called C<test1.img> containing
90 a single ext2-formatted partition:
94 To list what is available do:
96 guestfish -N list | less
100 eval `guestfish --listen --ro`
101 guestfish --remote add disk.img
102 guestfish --remote run
103 guestfish --remote lvs
107 Guestfish is a shell and command-line tool for examining and modifying
108 virtual machine filesystems. It uses libguestfs and exposes all of
109 the functionality of the guestfs API, see L<guestfs(3)>.
111 Guestfish gives you structured access to the libguestfs API, from
112 shell scripts or the command line or interactively. If you want to
113 rescue a broken virtual machine image, you should look at the
114 L<virt-rescue(1)> command.
116 Using guestfish in read/write mode on live virtual machines can be
117 dangerous, potentially causing disk corruption. Use the I<--ro>
118 (read-only) option to use guestfish safely if the disk image or
119 virtual machine might be live.
127 Displays general help on options.
129 =item B<-h> | B<--cmd-help>
131 Lists all available guestfish commands.
133 =item B<-h cmd> | B<--cmd-help cmd>
135 Displays detailed help on a single command C<cmd>.
137 =item B<-a image> | B<--add image>
139 Add a block device or virtual machine image to the shell.
141 =item B<-D> | B<--no-dest-paths>
143 Don't tab-complete paths on the guest filesystem. It is useful to be
144 able to hit the tab key to complete paths on the guest filesystem, but
145 this causes extra "hidden" guestfs calls to be made, so this option is
146 here to allow this feature to be disabled.
148 =item B<-f file> | B<--file file>
150 Read commands from C<file>. To write pure guestfish
153 #!/usr/bin/guestfish -f
155 =item B<-i> | B<--inspector>
157 Run virt-inspector on the named libvirt domain or list of disk
158 images. If virt-inspector is available and if it can identify
159 the domain or disk images, then partitions will be mounted
160 correctly at start-up.
162 Typical usage is either:
166 (for an inactive libvirt domain called I<myguest>), or:
168 guestfish --ro -i myguest
170 (for active domains, readonly), or specify the block device directly:
172 guestfish -i /dev/Guests/MyGuest
174 You cannot use I<-a>, I<-m>, I<-N>, I<--listen>, I<--remote> or
175 I<--selinux> in conjunction with this option, and options other than
176 I<--ro> might not behave correctly.
178 See also: L<virt-inspector(1)>.
182 Fork into the background and listen for remote commands. See section
183 L</REMOTE CONTROL GUESTFISH OVER A SOCKET> below.
185 =item B<-m dev[:mountpoint]> | B<--mount dev[:mountpoint]>
187 Mount the named partition or logical volume on the given mountpoint.
189 If the mountpoint is omitted, it defaults to C</>.
191 You have to mount something on C</> before most commands will work.
193 If any I<-m> or I<--mount> options are given, the guest is
194 automatically launched.
196 If you don't know what filesystems a disk image contains, you
197 can either run guestfish without this option, then list the partitions
198 and LVs available (see L</list-partitions> and L</lvs> commands),
199 or you can use the L<virt-list-filesystems(1)> program.
201 =item B<-n> | B<--no-sync>
203 Disable autosync. This is enabled by default. See the discussion
204 of autosync in the L<guestfs(3)> manpage.
206 =item B<-N type> | B<--new type> | B<-N list>
208 Prepare a fresh disk image formatted as "type". This is an
209 alternative to the I<-a> option: whereas I<-a> adds an existing disk,
210 I<-N> creates a preformatted disk with a filesystem and adds it.
211 See L</PREPARED DISK IMAGES> below.
213 =item B<--remote[=pid]>
215 Send remote commands to C<$GUESTFISH_PID> or C<pid>. See section
216 L</REMOTE CONTROL GUESTFISH OVER A SOCKET> below.
218 =item B<-r> | B<--ro>
220 This changes the I<-a> and I<-m> options so that disks are added and
221 mounts are done read-only (see L<guestfs(3)/guestfs_mount_ro>).
223 The option must always be used if the disk image or virtual machine
224 might be running, and is generally recommended in cases where you
225 don't need write access to the disk.
227 Note that prepared disk images created with I<-N> are not affected by
232 Enable SELinux support for the guest. See L<guestfs(3)/SELINUX>.
234 =item B<-v> | B<--verbose>
236 Enable very verbose messages. This is particularly useful if you find
239 =item B<-V> | B<--version>
241 Display the guestfish / libguestfs version number and exit.
245 Echo each command before executing it.
249 =head1 COMMANDS ON COMMAND LINE
251 Any additional (non-option) arguments are treated as commands to
254 Commands to execute should be separated by a colon (C<:>), where the
255 colon is a separate parameter. Thus:
257 guestfish cmd [args...] : cmd [args...] : cmd [args...] ...
259 If there are no additional arguments, then we enter a shell, either an
260 interactive shell with a prompt (if the input is a terminal) or a
261 non-interactive shell.
263 In either command line mode or non-interactive shell, the first
264 command that gives an error causes the whole shell to exit. In
265 interactive mode (with a prompt) if a command fails, you can continue
268 =head1 USING launch (OR run)
270 As with L<guestfs(3)>, you must first configure your guest by adding
271 disks, then launch it, then mount any disks you need, and finally
272 issue actions/commands. So the general order of the day is:
294 C<run> is a synonym for C<launch>. You must C<launch> (or C<run>)
295 your guest before mounting or performing any other commands.
297 The only exception is that if the I<-m> or I<--mount> option was
298 given, the guest is automatically run for you (simply because
299 guestfish can't mount the disks you asked for without doing this).
303 You can quote ordinary parameters using either single or double
306 add "file with a space.img"
312 A few commands require a list of strings to be passed. For these, use
313 a whitespace-separated list, enclosed in quotes. Strings containing whitespace
314 to be passed through must be enclosed in single quotes. A literal single quote
315 must be escaped with a backslash.
317 vgcreate VG "/dev/sda1 /dev/sdb1"
318 command "/bin/echo 'foo bar'"
319 command "/bin/echo \'foo\'"
323 This section applies to all commands which can take integers
328 When the command takes a parameter measured in bytes, you can use one
329 of the following suffixes to specify kilobytes, megabytes and larger
334 =item B<k> or B<K> or B<KiB>
336 The size in kilobytes (multiplied by 1024).
340 The size in SI 1000 byte units.
344 The size in megabytes (multiplied by 1048576).
348 The size in SI 1000000 byte units.
352 The size in gigabytes (multiplied by 2**30).
356 The size in SI 10**9 byte units.
360 The size in terabytes (multiplied by 2**40).
364 The size in SI 10**12 byte units.
368 The size in petabytes (multiplied by 2**50).
372 The size in SI 10**15 byte units.
376 The size in exabytes (multiplied by 2**60).
380 The size in SI 10**18 byte units.
384 The size in zettabytes (multiplied by 2**70).
388 The size in SI 10**21 byte units.
392 The size in yottabytes (multiplied by 2**80).
396 The size in SI 10**24 byte units.
402 truncate-size /file 1G
404 would truncate the file to 1 gigabyte.
406 Be careful because a few commands take sizes in kilobytes or megabytes
407 (eg. the parameter to L</memsize> is specified in megabytes already).
408 Adding a suffix will probably not do what you expect.
410 =head2 OCTAL AND HEXADECIMAL NUMBERS
412 For specifying the radix (base) use the C convention: C<0> to prefix
413 an octal number or C<0x> to prefix a hexadecimal number. For example:
415 1234 decimal number 1234
416 02322 octal number, equivalent to decimal 1234
417 0x4d2 hexadecimal number, equivalent to decimal 1234
419 When using the C<chmod> command, you almost always want to specify an
420 octal number for the mode, and you must prefix it with C<0> (unlike
421 the Unix L<chmod(1)> program):
423 chmod 0777 /public # OK
424 chmod 777 /public # WRONG! This is mode 777 decimal = 01411 octal.
426 Commands that return numbers usually print them in decimal, but
427 some commands print numbers in other radices (eg. C<umask> prints
428 the mode in octal, preceeded by C<0>).
430 =head1 WILDCARDS AND GLOBBING
432 Neither guestfish nor the underlying guestfs API performs
433 wildcard expansion (globbing) by default. So for example the
434 following will not do what you expect:
438 Assuming you don't have a directory literally called C</home/*>
439 then the above command will return an error.
441 To perform wildcard expansion, use the C<glob> command.
445 runs C<rm-rf> on each path that matches (ie. potentially running
446 the command many times), equivalent to:
452 C<glob> only works on simple guest paths and not on device names.
454 If you have several parameters, each containing a wildcard, then glob
455 will perform a cartesian product.
459 Any line which starts with a I<#> character is treated as a comment
460 and ignored. The I<#> can optionally be preceeded by whitespace,
461 but B<not> by a command. For example:
467 Blank lines are also ignored.
469 =head1 RUNNING COMMANDS LOCALLY
471 Any line which starts with a I<!> character is treated as a command
472 sent to the local shell (C</bin/sh> or whatever L<system(3)> uses).
476 tgz-out /remote local/remote-data.tar.gz
478 will create a directory C<local> on the host, and then export
479 the contents of C</remote> on the mounted filesystem to
480 C<local/remote-data.tar.gz>. (See C<tgz-out>).
482 To change the local directory, use the C<lcd> command. C<!cd> will
483 have no effect, due to the way that subprocesses work in Unix.
487 Use C<command E<lt>spaceE<gt> | command> to pipe the output of the
488 first command (a guestfish command) to the second command (any host
489 command). For example:
491 cat /etc/passwd | awk -F: '$3 == 0 { print }'
493 (where C<cat> is the guestfish cat command, but C<awk> is the host awk
494 program). The above command would list all accounts in the guest
495 filesystem which have UID 0, ie. root accounts including backdoors.
498 hexdump /bin/ls | head
499 list-devices | tail -1
500 tgz-out / - | tar ztf -
502 The space before the pipe symbol is required, any space after the pipe
503 symbol is optional. Everything after the pipe symbol is just passed
504 straight to the host shell, so it can contain redirections, globs and
505 anything else that makes sense on the host side.
507 To use a literal argument which begins with a pipe symbol, you have
512 =head1 HOME DIRECTORIES
514 If a parameter starts with the character C<~> then the tilde may be
515 expanded as a home directory path (either C<~> for the current user's
516 home directory, or C<~user> for another user).
518 Note that home directory expansion happens for users known I<on the
519 host>, not in the guest filesystem.
521 To use a literal argument which begins with a tilde, you have to quote
528 If a path is prefixed with C<win:> then you can use Windows-style
529 paths (with some limitations). The following commands are equivalent:
531 file /WINDOWS/system32/config/system.LOG
533 file win:/windows/system32/config/system.log
535 file win:\windows\system32\config\system.log
537 file WIN:C:\Windows\SYSTEM32\conFIG\SYSTEM.LOG
539 This syntax implicitly calls C<case-sensitive-path> (q.v.) so it also
540 handles case insensitivity like Windows would. This only works in
541 argument positions that expect a path.
543 =head1 UPLOADING AND DOWNLOADING FILES
545 For commands such as C<upload>, C<download>, C<tar-in>, C<tar-out> and
546 others which upload from or download to a local file, you can use the
547 special filename C<-> to mean "from stdin" or "to stdout". For example:
551 reads stdin and creates from that a file C</foo> in the disk image,
554 tar-out /etc - | tar tf -
556 writes the tarball to stdout and then pipes that into the external
557 "tar" command (see L</PIPES>).
559 When using C<-> to read from stdin, the input is read up to the end of
560 stdin. You can also use a special "heredoc"-like syntax to read up to
561 some arbitrary end marker:
569 Any string of characters can be used instead of C<END>. The end
570 marker must appear on a line of its own, without any preceeding or
571 following characters (not even spaces).
573 Note that the C<-E<lt>E<lt>> syntax only applies to parameters used to
574 upload local files (so-called "FileIn" parameters in the generator).
576 =head1 EXIT ON ERROR BEHAVIOUR
578 By default, guestfish will ignore any errors when in interactive mode
579 (ie. taking commands from a human over a tty), and will exit on the
580 first error in non-interactive mode (scripts, commands given on the
583 If you prefix a command with a I<-> character, then that command will
584 not cause guestfish to exit, even if that (one) command returns an
587 =head1 REMOTE CONTROL GUESTFISH OVER A SOCKET
589 Guestfish can be remote-controlled over a socket. This is useful
590 particularly in shell scripts where you want to make several different
591 changes to a filesystem, but you don't want the overhead of starting
592 up a guestfish process each time.
594 Start a guestfish server process using:
596 eval `guestfish --listen`
598 and then send it commands by doing:
600 guestfish --remote cmd [...]
602 To cause the server to exit, send it the exit command:
604 guestfish --remote exit
606 Note that the server will normally exit if there is an error in a
607 command. You can change this in the usual way. See section
608 L</EXIT ON ERROR BEHAVIOUR>.
610 =head2 CONTROLLING MULTIPLE GUESTFISH PROCESSES
612 The C<eval> statement sets the environment variable C<$GUESTFISH_PID>,
613 which is how the I<--remote> option knows where to send the commands.
614 You can have several guestfish listener processes running using:
616 eval `guestfish --listen`
618 eval `guestfish --listen`
621 guestfish --remote=$pid1 cmd
622 guestfish --remote=$pid2 cmd
624 =head2 REMOTE CONTROL DETAILS
626 Remote control happens over a Unix domain socket called
627 C</tmp/.guestfish-$UID/socket-$PID>, where C<$UID> is the effective
628 user ID of the process, and C<$PID> is the process ID of the server.
630 Guestfish client and server versions must match exactly.
632 =head1 PREPARED DISK IMAGES
634 Use the I<-N type> or I<--new type> parameter to select one of a set
635 of preformatted disk images that guestfish can make for you to save
636 typing. This is particularly useful for testing purposes. This
637 option is used instead of the I<-a> option, and like I<-a> can appear
638 multiple times (and can be mixed with I<-a>).
640 The new disk is called C<test1.img> for the first I<-N>, C<test2.img>
641 for the second and so on. Existing files in the current directory are
644 The type briefly describes how the disk should be sized, partitioned,
645 how filesystem(s) should be created, and how content should be added.
646 Optionally the type can be followed by extra parameters, separated by
647 C<:> (colon) characters. For example, I<-N fs> creates a default
648 100MB, sparsely-allocated disk, containing a single partition, with
649 the partition formatted as ext2. I<-N fs:ext4:1G> is the same, but
650 for an ext4 filesystem on a 1GB disk instead.
652 To list the available types and any extra parameters they take, run:
654 guestfish -N list | less
656 Note that the prepared filesystem is not mounted. You would usually
657 have to use the C<mount /dev/sda1 /> command or add the
658 I<-m /dev/sda1> option.
660 If any I<-N> or I<--new> options are given, the guest is automatically
665 Create a 100MB disk with an ext4-formatted partition:
669 Create a 32MB disk with a VFAT-formatted partition, and mount it:
671 guestfish -N fs:vfat:32M -m /dev/sda1
673 Create a blank 200MB disk:
675 guestfish -N disk:200M
677 =head1 GUESTFISH COMMANDS
679 The commands in this section are guestfish convenience commands, in
680 other words, they are not part of the L<guestfs(3)> API.
682 =head2 alloc | allocate
686 This creates an empty (zeroed) file of the given size, and then adds
687 so it can be further examined.
689 For more advanced image creation, see L<qemu-img(1)> utility.
691 Size can be specified using standard suffixes, eg. C<1M>.
697 This echos the parameters to the terminal.
699 =head2 edit | vi | emacs
703 This is used to edit a file. It downloads the file, edits it
704 locally using your editor, then uploads the result.
706 The editor is C<$EDITOR>. However if you use the alternate
707 commands C<vi> or C<emacs> you will get those corresponding
710 NOTE: This will not work reliably for large files
711 (> 2 MB) or binary files containing \0 bytes.
717 Expand wildcards in any paths in the args list, and run C<command>
718 repeatedly on each matching path.
720 See section WILDCARDS AND GLOBBING.
727 Without any parameter, this lists all commands. With a C<cmd>
728 parameter, this displays detailed help for a command.
734 Change the local directory, ie. the current directory of guestfish
737 Note that C<!cd> won't do what you might expect.
743 Opens the manual page for guestfish.
751 This is used to view a file.
753 The default viewer is C<$PAGER>. However if you use the alternate
754 command C<less> you will get the C<less> command specifically.
756 NOTE: This will not work reliably for large files
757 (> 2 MB) or binary files containing \0 bytes.
761 This exits guestfish. You can also use C<^D> key.
767 Close and reopen the libguestfs handle. It is not necessary to use
768 this normally, because the handle is closed properly when guestfish
769 exits. However this is occasionally useful for testing.
775 This creates an empty sparse file of the given size, and then adds
776 so it can be further examined.
778 In all respects it works the same as the C<alloc> command, except that
779 the image file is allocated sparsely, which means that disk blocks are
780 not assigned to the file until they are needed. Sparse disk files
781 only use space when written to, but they are slower and there is a
782 danger you could run out of real disk space during a write operation.
784 For more advanced image creation, see L<qemu-img(1)> utility.
786 Size can be specified using standard suffixes, eg. C<1M>.
792 Run the command as usual, but print the elapsed time afterwards. This
793 can be useful for benchmarking operations.
799 =head1 ENVIRONMENT VARIABLES
805 The C<edit> command uses C<$EDITOR> as the editor. If not
810 Used with the I<--remote> option to specify the remote guestfish
811 process to control. See section
812 L</REMOTE CONTROL GUESTFISH OVER A SOCKET>.
816 If compiled with GNU readline support, then the command history
817 is saved in C<$HOME/.guestfish>
819 =item LIBGUESTFS_APPEND
821 Pass additional options to the guest kernel.
823 =item LIBGUESTFS_DEBUG
825 Set C<LIBGUESTFS_DEBUG=1> to enable verbose messages. This has the
826 same effect as using the B<-v> option.
828 =item LIBGUESTFS_MEMSIZE
830 Set the memory allocated to the qemu process, in megabytes. For
833 LIBGUESTFS_MEMSIZE=700
835 =item LIBGUESTFS_PATH
837 Set the path that guestfish uses to search for kernel and initrd.img.
838 See the discussion of paths in L<guestfs(3)>.
840 =item LIBGUESTFS_QEMU
842 Set the default qemu binary that libguestfs uses. If not set, then
843 the qemu which was found at compile time by the configure script is
846 =item LIBGUESTFS_TRACE
848 Set C<LIBGUESTFS_TRACE=1> to enable command traces.
852 The C<more> command uses C<$PAGER> as the pager. If not
853 set, it uses C<more>.
857 Location of temporary directory, defaults to C</tmp>.
859 If libguestfs was compiled to use the supermin appliance then each
860 handle will require rather a large amount of space in this directory
861 for short periods of time (~ 80 MB). You can use C<$TMPDIR> to
862 configure another directory to use in case C</tmp> is not large
869 guestfish returns 0 if the commands completed without error, or
870 1 if there was an error.
875 L<http://libguestfs.org/>,
879 L<virt-list-filesystems(1)>,
880 L<virt-list-partitions(1)>,
890 Richard W.M. Jones (C<rjones at redhat dot com>)
894 Copyright (C) 2009-2010 Red Hat Inc.
895 L<http://libguestfs.org/>
897 This program is free software; you can redistribute it and/or modify
898 it under the terms of the GNU General Public License as published by
899 the Free Software Foundation; either version 2 of the License, or
900 (at your option) any later version.
902 This program is distributed in the hope that it will be useful,
903 but WITHOUT ANY WARRANTY; without even the implied warranty of
904 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
905 GNU General Public License for more details.
907 You should have received a copy of the GNU General Public License
908 along with this program; if not, write to the Free Software
909 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.