guestfish
- guestfish -a disk.img
+ guestfish [--ro|--rw] -a disk.img
- guestfish -a disk.img -m dev[:mountpoint]
+ guestfish [--ro|--rw] -a disk.img -m dev[:mountpoint]
guestfish -d libvirt-domain
- guestfish -i libvirt-domain
+ guestfish [--ro|--rw] -a disk.img -i
- guestfish -i disk.img [disk.img ...]
+ guestfish -d libvirt-domain -i
=head1 WARNING
(read-only) option to use guestfish safely if the disk image or
virtual machine might be live.
+=head1 DESCRIPTION
+
+Guestfish is a shell and command-line tool for examining and modifying
+virtual machine filesystems. It uses libguestfs and exposes all of
+the functionality of the guestfs API, see L<guestfs(3)>.
+
+Guestfish gives you structured access to the libguestfs API, from
+shell scripts or the command line or interactively. If you want to
+rescue a broken virtual machine image, you should look at the
+L<virt-rescue(1)> command.
+
=head1 EXAMPLES
=head2 As an interactive shell
'man' to read the manual
'quit' to quit the shell
- ><fs> man
+ ><fs> add-ro disk.img
+ ><fs> run
+ ><fs> list-filesystems
+ /dev/sda1: ext4
+ /dev/vg_guest/lv_root: ext4
+ /dev/vg_guest/lv_swap: swap
+ ><fs> mount /dev/vg_guest/lv_root /
+ ><fs> cat /etc/fstab
+ # /etc/fstab
+ # Created by anaconda
+ [...]
+ ><fs> exit
=head2 From shell scripts
-Create a new C</etc/motd> file in a guest:
+Create a new C</etc/motd> file in a guest or disk image:
guestfish <<_EOF_
add disk.img
write /etc/motd "Welcome, new users"
_EOF_
-List the LVM logical volumes in a guest:
+List the LVM logical volumes in a disk image:
guestfish -a disk.img --ro <<_EOF_
run
lvs
_EOF_
+List all the filesystems in a disk image:
+
+ guestfish -a disk.img --ro <<_EOF_
+ run
+ list-filesystems
+ _EOF_
+
=head2 On one command line
Update C</etc/resolv.conf> in a guest:
Edit C</boot/grub/grub.conf> interactively:
- guestfish --add disk.img \
+ guestfish --rw --add disk.img \
--mount /dev/vg_guest/lv_root \
--mount /dev/sda1:/boot \
edit /boot/grub/grub.conf
-=head2 Using virt-inspector
+=head2 Mount disks automatically
+
+Use the I<-i> option to automatically mount the
+disks from a virtual machine:
+
+ guestfish --ro -a disk.img -i cat /etc/group
+
+ guestfish --ro -d libvirt-domain -i cat /etc/group
-Use the I<-i> option to get virt-inspector to mount
-the filesystems automatically as they would be mounted
-in the virtual machine:
+Another way to edit C</boot/grub/grub.conf> interactively is:
- guestfish --ro -i disk.img cat /etc/group
+ guestfish --rw -a disk.img -i edit /boot/grub/grub.conf
=head2 As a script interpreter
To list what is available do:
- guestfish -N list | less
+ guestfish -N help | less
=head2 Remote control
- eval `guestfish --listen --ro`
- guestfish --remote add disk.img
+ eval "`guestfish --listen`"
+ guestfish --remote add-ro disk.img
guestfish --remote run
guestfish --remote lvs
-=head1 DESCRIPTION
-
-Guestfish is a shell and command-line tool for examining and modifying
-virtual machine filesystems. It uses libguestfs and exposes all of
-the functionality of the guestfs API, see L<guestfs(3)>.
-
-Guestfish gives you structured access to the libguestfs API, from
-shell scripts or the command line or interactively. If you want to
-rescue a broken virtual machine image, you should look at the
-L<virt-rescue(1)> command.
-
=head1 OPTIONS
=over 4
Add a block device or virtual machine image to the shell.
+The format of the disk image is auto-detected. To override this and
+force a particular format use the I<--format=..> option.
+
=item B<-c URI> | B<--connect URI>
When used in conjunction with the I<-d> option, this specifies
the libvirt URI to use. The default is to use the default libvirt
connection.
+=item B<--csh>
+
+If using the I<--listen> option and a csh-like shell, use this option.
+See section L</REMOTE CONTROL AND CSH> below.
+
=item B<-d libvirt-domain> | B<--domain libvirt-domain>
Add disks from the named libvirt domain. If the I<--ro> option is
this causes extra "hidden" guestfs calls to be made, so this option is
here to allow this feature to be disabled.
+=item B<--echo-keys>
+
+When prompting for keys and passphrases, guestfish normally turns
+echoing off so you cannot see what you are typing. If you are not
+worried about Tempest attacks and there is no one else in the room
+you can specify this flag to see what you are typing.
+
=item B<-f file> | B<--file file>
Read commands from C<file>. To write pure guestfish
#!/usr/bin/guestfish -f
+=item B<--format=raw|qcow2|..> | B<--format>
+
+The default for the I<-a> option is to auto-detect the format of the
+disk image. Using this forces the disk format for I<-a> options which
+follow on the command line. Using I<--format> with no argument
+switches back to auto-detection for subsequent I<-a> options.
+
+For example:
+
+ guestfish --format=raw -a disk.img
+
+forces raw format (no auto-detection) for C<disk.img>.
+
+ guestfish --format=raw -a disk.img --format -a another.img
+
+forces raw format (no auto-detection) for C<disk.img> and reverts to
+auto-detection for C<another.img>.
+
+If you have untrusted raw-format guest disk images, you should use
+this option to specify the disk format. This avoids a possible
+security problem with malicious guests (CVE-2010-3851). See also
+L</add-drive-opts>.
+
=item B<-i> | B<--inspector>
-Run virt-inspector on the named libvirt domain or list of disk
-images. If virt-inspector is available and if it can identify
-the domain or disk images, then partitions will be mounted
-correctly at start-up.
+Using L<virt-inspector(1)> code, inspect the disks looking for
+an operating system and mount filesystems as they would be
+mounted on the real virtual machine.
Typical usage is either:
- guestfish -i myguest
+ guestfish -d myguest -i
(for an inactive libvirt domain called I<myguest>), or:
- guestfish --ro -i myguest
+ guestfish --ro -d myguest -i
(for active domains, readonly), or specify the block device directly:
- guestfish -i /dev/Guests/MyGuest
+ guestfish --rw -a /dev/Guests/MyGuest -i
-You cannot use I<-a>, I<-m>, I<-N>, I<--listen>, I<--remote> or
-I<--selinux> in conjunction with this option, and options other than
-I<--ro> might not behave correctly.
+Note that the command line syntax changed slightly over older
+versions of guestfish. You can still use the old syntax:
-See also: L<virt-inspector(1)>.
+ guestfish [--ro] -i disk.img
+
+ guestfish [--ro] -i libvirt-domain
=item B<--keys-from-stdin>
If any I<-m> or I<--mount> options are given, the guest is
automatically launched.
-If you don't know what filesystems a disk image contains, you
-can either run guestfish without this option, then list the partitions
-and LVs available (see L</list-partitions> and L</lvs> commands),
-or you can use the L<virt-list-filesystems(1)> program.
+If you don't know what filesystems a disk image contains, you can
+either run guestfish without this option, then list the partitions,
+filesystems and LVs available (see L</list-partitions>,
+L</list-filesystems> and L</lvs> commands), or you can use the
+L<virt-filesystems(1)> program.
=item B<-n> | B<--no-sync>
Disable autosync. This is enabled by default. See the discussion
of autosync in the L<guestfs(3)> manpage.
-=item B<-N type> | B<--new type> | B<-N list>
+=item B<-N type> | B<--new type> | B<-N help>
Prepare a fresh disk image formatted as "type". This is an
alternative to the I<-a> option: whereas I<-a> adds an existing disk,
I<-N> creates a preformatted disk with a filesystem and adds it.
See L</PREPARED DISK IMAGES> below.
+=item B<--progress-bars>
+
+Enable progress bars, even when guestfish is used non-interactively.
+
+Progress bars are enabled by default when guestfish is used as an
+interactive shell.
+
+=item B<--no-progress-bars>
+
+Disable progress bars.
+
=item B<--remote[=pid]>
Send remote commands to C<$GUESTFISH_PID> or C<pid>. See section
Note that prepared disk images created with I<-N> are not affected by
the I<--ro> option.
+See also L</OPENING DISKS FOR READ AND WRITE> below.
+
=item B<--selinux>
Enable SELinux support for the guest. See L<guestfs(3)/SELINUX>.
Display the guestfish / libguestfs version number and exit.
+=item B<-w> | B<--rw>
+
+This option does nothing at the moment.
+See L</OPENING DISKS FOR READ AND WRITE> below.
+
=item B<-x>
Echo each command before executing it.
C<run> is a synonym for C<launch>. You must C<launch> (or C<run>)
your guest before mounting or performing any other commands.
-The only exception is that if the I<-m> or I<--mount> option was
-given, the guest is automatically run for you (simply because
-guestfish can't mount the disks you asked for without doing this).
+The only exception is that if any of the I<-i>, I<-m>, I<--mount>,
+I<-N> or I<--new> options were given then C<run> is done
+automatically, simply because guestfish can't perform the action you
+asked for without doing this.
+
+=head1 OPENING DISKS FOR READ AND WRITE
+
+The guestfish (and L<guestmount(1)>) options I<--ro> and I<--rw>
+affect whether the other command line options I<-a>, I<-c>, I<-d>,
+I<-i> and I<-m> open disk images read-only or for writing.
+
+In libguestfs E<lt> 1.6.2, guestfish and guestmount defaulted to
+opening disk images supplied on the command line for write. To open a
+disk image read-only you have to do I<-a image --ro>.
+
+This matters: If you accidentally open a live VM disk image writable
+then you will cause irreversible disk corruption.
+
+By libguestfs 1.8 we intend to change the default the other way. Disk
+images will be opened read-only. You will have to either specify
+I<guestfish --rw> or change a configuration file in order to get write
+access for disk images specified by those other command line options.
+
+This version of guestfish has a I<--rw> option which does nothing (it
+is already the default). However it is highly recommended that you
+use this option to indicate that guestfish needs write access, and to
+prepare your scripts for the day when this option will be required for
+write access.
+
+B<Note:> This does I<not> affect commands like L</add> and L</mount>,
+or any other libguestfs program apart from guestfish and guestmount.
=head1 QUOTING
command "/bin/echo 'foo bar'"
command "/bin/echo \'foo\'"
+=head1 OPTIONAL ARGUMENTS
+
+Some commands take optional arguments. These arguments appear in this
+documentation as C<[argname:..]>. You can use them as in these
+examples:
+
+ add-drive-opts filename
+
+ add-drive-opts filename readonly:true
+
+ add-drive-opts filename format:qcow2 readonly:false
+
+Each optional argument can appear at most once. All optional
+arguments must appear after the required ones.
+
=head1 NUMBERS
This section applies to all commands which can take integers
rm-rf /home/*
-Assuming you don't have a directory literally called C</home/*>
+Assuming you don't have a directory called literally C</home/*>
then the above command will return an error.
To perform wildcard expansion, use the C<glob> command.
C<glob> only works on simple guest paths and not on device names.
If you have several parameters, each containing a wildcard, then glob
-will perform a cartesian product.
+will perform a Cartesian product.
=head1 COMMENTS
Finally you have to tell LVM to scan for volume groups on
the newly created mapper device:
- ><fs> vgscan
- ><fs> vg-activate-all true
+ vgscan
+ vg-activate-all true
The logical volume(s) can now be mounted in the usual way.
it and deactivate the volume groups by calling C<vg-activate false VG>
on each one. Then you can close the mapper device:
- ><fs> vg-activate false /dev/VG
- ><fs> luks-close /dev/mapper/luksdev
+ vg-activate false /dev/VG
+ luks-close /dev/mapper/luksdev
=head1 WINDOWS PATHS
Start a guestfish server process using:
- eval `guestfish --listen`
+ eval "`guestfish --listen`"
and then send it commands by doing:
which is how the I<--remote> option knows where to send the commands.
You can have several guestfish listener processes running using:
- eval `guestfish --listen`
+ eval "`guestfish --listen`"
pid1=$GUESTFISH_PID
- eval `guestfish --listen`
+ eval "`guestfish --listen`"
pid2=$GUESTFISH_PID
...
guestfish --remote=$pid1 cmd
guestfish --remote=$pid2 cmd
+=head2 REMOTE CONTROL AND CSH
+
+When using csh-like shells (csh, tcsh etc) you have to add the
+I<--csh> option:
+
+ eval "`guestfish --listen --csh`"
+
=head2 REMOTE CONTROL DETAILS
Remote control happens over a Unix domain socket called
To list the available types and any extra parameters they take, run:
- guestfish -N list | less
+ guestfish -N help | less
Note that the prepared filesystem is not mounted. You would usually
have to use the C<mount /dev/sda1 /> command or add the
guestfish -N disk:200M
-=head1 GUESTFISH COMMANDS
-
-The commands in this section are guestfish convenience commands, in
-other words, they are not part of the L<guestfs(3)> API.
+=head1 PROGRESS BARS
-=head2 alloc | allocate
+Some (not all) long-running commands send progress notification
+messages as they are running. Guestfish turns these messages into
+progress bars.
- alloc filename size
+When a command that supports progress bars takes longer than two
+seconds to run, and if progress bars are enabled, then you will see
+one appearing below the command:
-This creates an empty (zeroed) file of the given size, and then adds
-so it can be further examined.
+ ><fs> copy-size /large-file /another-file 2048M
+ / 10% [#####-----------------------------------------] 00:30
-For more advanced image creation, see L<qemu-img(1)> utility.
+The spinner on the left hand side moves round once for every progress
+notification received from the backend. This is a (reasonably) golden
+assurance that the command is "doing something" even if the progress
+bar is not moving, because the command is able to send the progress
+notifications. When the bar reaches 100% and the command finishes,
+the spinner disappears.
-Size can be specified using standard suffixes, eg. C<1M>.
+Progress bars are enabled by default when guestfish is used
+interactively. You can enable them even for non-interactive modes
+using I<--progress-bars>, and you can disable them completely using
+I<--no-progress-bars>.
-=head2 echo
-
- echo [params ...]
-
-This echos the parameters to the terminal.
-
-=head2 edit | vi | emacs
-
- edit filename
-
-This is used to edit a file. It downloads the file, edits it
-locally using your editor, then uploads the result.
-
-The editor is C<$EDITOR>. However if you use the alternate
-commands C<vi> or C<emacs> you will get those corresponding
-editors.
-
-NOTE: This will not work reliably for large files
-(> 2 MB) or binary files containing \0 bytes.
-
-=head2 glob
-
- glob command args...
-
-Expand wildcards in any paths in the args list, and run C<command>
-repeatedly on each matching path.
+=head1 GUESTFISH COMMANDS
-See section WILDCARDS AND GLOBBING.
+The commands in this section are guestfish convenience commands, in
+other words, they are not part of the L<guestfs(3)> API.
=head2 help
help
help cmd
-Without any parameter, this lists all commands. With a C<cmd>
-parameter, this displays detailed help for a command.
-
-=head2 lcd
+Without any parameter, this provides general help.
- lcd directory
-
-Change the local directory, ie. the current directory of guestfish
-itself.
-
-Note that C<!cd> won't do what you might expect.
-
-=head2 man | manual
-
- man
-
-Opens the manual page for guestfish.
-
-=head2 more | less
-
- more filename
-
- less filename
-
-This is used to view a file.
-
-The default viewer is C<$PAGER>. However if you use the alternate
-command C<less> you will get the C<less> command specifically.
-
-NOTE: This will not work reliably for large files
-(> 2 MB) or binary files containing \0 bytes.
+With a C<cmd> parameter, this displays detailed help for that command.
=head2 quit | exit
This exits guestfish. You can also use C<^D> key.
-=head2 reopen
-
- reopen
-
-Close and reopen the libguestfs handle. It is not necessary to use
-this normally, because the handle is closed properly when guestfish
-exits. However this is occasionally useful for testing.
-
-=head2 sparse
-
- sparse filename size
-
-This creates an empty sparse file of the given size, and then adds
-so it can be further examined.
-
-In all respects it works the same as the C<alloc> command, except that
-the image file is allocated sparsely, which means that disk blocks are
-not assigned to the file until they are needed. Sparse disk files
-only use space when written to, but they are slower and there is a
-danger you could run out of real disk space during a write operation.
-
-For more advanced image creation, see L<qemu-img(1)> utility.
-
-Size can be specified using standard suffixes, eg. C<1M>.
-
-=head2 supported
-
- supported
-
-This command returns a list of the optional groups
-known to the daemon, and indicates which ones are
-supported by this build of the libguestfs appliance.
-
-See also L<guestfs(3)/AVAILABILITY>.
-
-=head2 time
-
- time command args...
-
-Run the command as usual, but print the elapsed time afterwards. This
-can be useful for benchmarking operations.
+@FISH_COMMANDS@
=head1 COMMANDS
process to control. See section
L</REMOTE CONTROL GUESTFISH OVER A SOCKET>.
+=item HEXEDITOR
+
+The L</hexedit> command uses C<$HEXEDITOR> as the external hex
+editor. If not specified, the external L<hexedit(1)> program
+is used.
+
=item HOME
If compiled with GNU readline support, various files in the
Location of temporary directory, defaults to C</tmp>.
-If libguestfs was compiled to use the supermin appliance then each
-handle will require rather a large amount of space in this directory
-for short periods of time (~ 80 MB). You can use C<$TMPDIR> to
+If libguestfs was compiled to use the supermin appliance then the
+real appliance is cached in this directory, shared between all
+handles belonging to the same EUID. You can use C<$TMPDIR> to
configure another directory to use in case C</tmp> is not large
enough.
L<virt-cat(1)>,
L<virt-df(1)>,
L<virt-edit(1)>,
+L<virt-filesystems(1)>,
+L<virt-inspector(1)>,
L<virt-list-filesystems(1)>,
L<virt-list-partitions(1)>,
L<virt-ls(1)>,
L<virt-rescue(1)>,
L<virt-resize(1)>,
L<virt-tar(1)>,
-L<virt-win-reg(1)>.
+L<virt-win-reg(1)>,
+L<hexedit(1)>.
=head1 AUTHORS