virt-ls: Add virt-ls -lR option for complex file iteration.

[libguestfs.git] / cat / virt-ls.pod

=encoding utf8

=head1 NAME

virt-ls - List files in a virtual machine

=head1 SYNOPSIS

 virt-ls [--options] -d domname directory [directory ...]

 virt-ls [--options] -a disk.img [-a disk.img ...] directory [directory ...]

Old style:

 virt-ls [--options] domname directory

 virt-ls [--options] disk.img [disk.img ...] directory

=head1 DESCRIPTION

C<virt-ls> lists filenames, file sizes, checksums, extended attributes
and more from a virtual machine or disk image.

Multiple directory names can be given, in which case the output from
each is concatenated.

To list directories from a libvirt guest use the I<-d> option to
specify the name of the guest.  For a disk image, use the I<-a>
option.

C<virt-ls> can do many simple file listings.  For more complicated
cases you may need to use L<guestfish(1)>, or write a program directly
to the L<guestfs(3)> API.

=head1 EXAMPLES

Get a list of all files and directories in a virtual machine:

 virt-ls -R -d guest /

List all setuid or setgid programs in a Linux virtual machine:

 virt-ls -lR -d guest / | grep '^- [42]'

List all public-writable directories in a Linux virtual machine:

 virt-ls -lR -d guest / | grep '^d ...7'

List all Unix domain sockets in a Linux virtual machine:

 virt-ls -lR -d guest / | grep '^s'

List all regular files with filenames ending in '.png':

 virt-ls -lR -d guest / | grep -i '^-.*\.png$'

To display files larger than 10MB in home directories:

 virt-ls -lR -d guest /home | awk '$3 > 10*1024*1024'

Find everything modified in the last 7 days:

 virt-ls -lR -d guest --time-days / | awk '$6 <= 7'

Find regular files modified in the last 24 hours:

 virt-ls -lR -d guest --time-days / | grep '^-' | awk '$6 < 1'

=head2 DIFFERENCES IN SNAPSHOTS AND BACKING FILES

Find the differences between files in a guest and an earlier snapshot
of the same guest.

 virt-ls -lR -a snapshot.img / --uids --time-t > old
 virt-ls -lR -a current.img / --uids --time-t > new
 diff -u old new | less

The commands above won't find files where the content has changed but
the metadata (eg. file size and modification date) is the same.  To do
that, you need to add the I<--checksum> parameter to both C<virt-ls>
commands.  I<--checksum> can be quite slow since it has to read and
compute a checksum of every regular file in the virtual machine.

=head1 OUTPUT MODES

C<virt-ls> has four output modes, controlled by different
combinations of the I<-l> and I<-R> options.

=head2 SIMPLE LISTING

A simple listing is like the ordinary L<ls(1)> command:

 $ virt-ls -d guest /
 bin
 boot
 [etc.]

=head2 LONG LISTING

With the I<-l> (I<--long>) option, the output is like the C<ls -l>
command (more specifically, like the C<guestfs_ll> function).

 $ virt-ls -l -d guest /
 total 204
 dr-xr-xr-x.   2 root root   4096 2009-08-25 19:06 bin
 dr-xr-xr-x.   5 root root   3072 2009-08-25 19:06 boot
 [etc.]

Note that while this is useful for displaying a directory, do not try
parsing this output in another program.  Use L</RECURSIVE LONG LISTING>
instead.

=head2 RECURSIVE LISTING

With the I<-R> (I<--recursive>) option, C<virt-ls> lists the names of
files and directories recursively:

 $ virt-ls -R -d guest /tmp
 foo
 foo/bar
 [etc.]

To generate this output, C<virt-ls> runs the C<guestfs_find0> function
and converts C<\0> characters to C<\n>.

=head2 RECURSIVE LONG LISTING

Using I<-lR> options together changes the output to display
directories recursively, with file stats, and optionally other
features such as checksums and extended attributes.

Most of the interesting features of C<virt-ls> are only available when
using I<-lR> mode.

The fields are normally space-separated.  Filenames are B<not> quoted,
so you cannot use the output in another program (because filenames can
contain spaces and other unsafe characters).  If the guest was
untrusted and someone knew you were using C<virt-ls> to analyze the
guest, they could play tricks on you by creating filenames with
embedded newline characters.  To B<safely> parse the output in another
program, use the I<--csv> (Comma-Separated Values) option.

Note that this output format is completely unrelated to the C<ls -lR>
command.

 $ virt-ls -lR -d guest /bin
 d 0555       4096 /bin
 - 0755        123 /bin/alsaunmute
 - 0755      28328 /bin/arch
 l 0777          4 /bin/awk -> gawk
 - 0755      27216 /bin/basename
 - 0755     943360 /bin/bash
 [etc.]

These basic fields are always shown:

=over 4

=item type

The file type, one of:
C<-> (regular file),
C<d> (directory),
C<c> (character device),
C<b> (block device),
C<p> (named pipe),
C<l> (symbolic link),
C<s> (socket) or
C<u> (unknown).

=item permissions

The Unix permissions, displayed as a 4 digit octal number.

=item size

The size of the file.  This is shown in bytes unless I<-h> or
I<--human-readable> option is given, in which case this is shown as a
human-readable number.

=item path

The full path of the file or directory.

=item link

For symbolic links only, the link target.

=back

In I<-lR> mode, additional command line options enable the display of
more fields.

With the I<--uids> flag, these additional fields are displayed before
the path:

=over 4

=item uid

=item gid

The UID and GID of the owner of the file (displayed numerically).
Note these only make sense in the context of a Unix-like guest.

=back

With the I<--times> flag, these additional fields are displayed:

=over 4

=item atime

The time of last access.

=item mtime

The time of last modification.

=item ctime

The time of last status change.

=back

The time fields are displayed as string dates and times, unless one of
the I<--time-t>, I<--time-relative> or I<--time-days> flags is given.

With the I<--extra-stats> flag, these additional fields are displayed:

=over 4

=item device

The device containing the file (displayed as major:minor).
This may not match devices as known to the guest.

=item inode

The inode number.

=item nlink

The number of hard links.

=item rdev

For block and char special files, the device
(displayed as major:minor).

=item blocks

The number of 512 byte blocks allocated to the file.

=back

With the I<--checksum> flag, the checksum of the file contents is
shown (only for regular files).  Computing file checksums can take a
considerable amount of time.

=head1 OPTIONS

=over 4

=item B<--help>

Display brief help.

=item B<-a> file

=item B<--add> file

Add I<file> which should be a disk image from a virtual machine.  If
the virtual machine has multiple block devices, you must supply all of
them with separate I<-a> options.

The format of the disk image is auto-detected.  To override this and
force a particular format use the I<--format=..> option.

=item B<--checksum>

=item B<--checksum=crc|md5|sha1|sha224|sha256|sha384|sha512>

Display checksum over file contents for regular files.  With no
argument, this defaults to using I<md5>.  Using an argument, you can
select the checksum type to use.

This option only has effect in I<-lR> output mode.  See
L</RECURSIVE LONG LISTING> above.

=item B<-c> URI

=item B<--connect> URI

If using libvirt, connect to the given I<URI>.  If omitted, then we
connect to the default libvirt hypervisor.

If you specify guest block devices directly (I<-a>), then libvirt is
not used at all.

=item B<--csv>

Write out the results in CSV format (comma-separated values).  This
format can be imported easily into databases and spreadsheets, but
read L</NOTE ABOUT CSV FORMAT> below.

=item B<-d> guest

=item B<--domain> guest

Add all the disks from the named libvirt guest.  Domain UUIDs can be
used instead of names.

=item B<--echo-keys>

When prompting for keys and passphrases, virt-ls normally turns
echoing off so you cannot see what you are typing.  If you are not
worried about Tempest attacks and there is no one else in the room you
can specify this flag to see what you are typing.

=item B<--extra-stats>

Display extra stats.

This option only has effect in I<-lR> output mode.  See
L</RECURSIVE LONG LISTING> above.

=item B<--format=raw|qcow2|..>

=item B<--format>

The default for the I<-a> option is to auto-detect the format of the
disk image.  Using this forces the disk format for I<-a> options which
follow on the command line.  Using I<--format> with no argument
switches back to auto-detection for subsequent I<-a> options.

For example:

 virt-ls --format=raw -a disk.img /dir

forces raw format (no auto-detection) for C<disk.img>.

 virt-ls --format=raw -a disk.img --format -a another.img /dir

forces raw format (no auto-detection) for C<disk.img> and reverts to
auto-detection for C<another.img>.

If you have untrusted raw-format guest disk images, you should use
this option to specify the disk format.  This avoids a possible
security problem with malicious guests (CVE-2010-3851).

=item B<-h>

=item B<--human-readable>

Display file sizes in human-readable format.

This option only has effect in I<-lR> output mode.  See
L</RECURSIVE LONG LISTING> above.

=item B<--keys-from-stdin>

Read key or passphrase parameters from stdin.  The default is
to try to read passphrases from the user by opening C</dev/tty>.

=item B<-l> | B<--long>

=item B<-R> | B<--recursive>

Select the mode.  With neither of these options, C<virt-ls> produces a
simple, flat list of the files in the named directory.  See
L</SIMPLE LISTING>.

C<virt-ls -l> produces a "long listing", which shows more detail.  See
L</LONG LISTING>.

C<virt-ls -R> produces a recursive list of files starting at the named
directory.  See L</RECURSIVE LISTING>.

C<virt-ls -lR> produces a recursive long listing which can be more
easily parsed.  See L</RECURSIVE LONG LISTING>.

=item B<--times>

Display time fields.

This option only has effect in I<-lR> output mode.  See
L</RECURSIVE LONG LISTING> above.

=item B<--time-days>

Display time fields as days before now (negative if in the future).

Note that C<0> in output means "up to 1 day before now", or that the
age of the file is between 0 and 86399 seconds.

This option only has effect in I<-lR> output mode.  See
L</RECURSIVE LONG LISTING> above.

=item B<--time-relative>

Display time fields as seconds before now (negative if in the future).

This option only has effect in I<-lR> output mode.  See
L</RECURSIVE LONG LISTING> above.

=item B<--time-t>

Display time fields as seconds since the Unix epoch.

This option only has effect in I<-lR> output mode.  See
L</RECURSIVE LONG LISTING> above.

=item B<--uids>

Display UID and GID fields.

This option only has effect in I<-lR> output mode.  See
L</RECURSIVE LONG LISTING> above.

=item B<-v>

=item B<--verbose>

Enable verbose messages for debugging.

=item B<-V>

=item B<--version>

Display version number and exit.

=item B<-x>

Enable tracing of libguestfs API calls.

=back

=head1 OLD-STYLE COMMAND LINE ARGUMENTS

Previous versions of virt-ls allowed you to write either:

 virt-ls disk.img [disk.img ...] /dir

or

 virt-ls guestname /dir

whereas in this version you should use I<-a> or I<-d> respectively
to avoid the confusing case where a disk image might have the same
name as a guest.

For compatibility the old style is still supported.

=head1 NOTE ABOUT CSV FORMAT

Comma-separated values (CSV) is a deceptive format.  It I<seems> like
it should be easy to parse, but it is definitely not easy to parse.

Myth: Just split fields at commas.  Reality: This does I<not> work
reliably.  This example has two columns:

 "foo,bar",baz

Myth: Read the file one line at a time.  Reality: This does I<not>
work reliably.  This example has one row:

 "foo
 bar",baz

For shell scripts, use C<csvtool> (L<http://merjis.com/developers/csv>
also packaged in major Linux distributions).

For other languages, use a CSV processing library (eg. C<Text::CSV>
for Perl or Python's built-in csv library).

Most spreadsheets and databases can import CSV directly.

=head1 SHELL QUOTING

Libvirt guest names can contain arbitrary characters, some of which
have meaning to the shell such as C<#> and space.  You may need to
quote or escape these characters on the command line.  See the shell
manual page L<sh(1)> for details.

=head1 SEE ALSO

L<guestfs(3)>,
L<guestfish(1)>,
L<virt-cat(1)>,
L<virt-copy-out(1)>,
L<virt-tar-out(1)>,
L<Sys::Guestfs(3)>,
L<Sys::Guestfs::Lib(3)>,
L<Sys::Virt(3)>,
L<http://libguestfs.org/>.

=head1 AUTHOR

Richard W.M. Jones L<http://people.redhat.com/~rjones/>

=head1 COPYRIGHT

Copyright (C) 2009-2011 Red Hat Inc.

This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.