guestfish

Langue: en

Version: 2010-10-09 (fedora - 01/12/10)

Section: 1 (Commandes utilisateur)

Sommaire

NAME

guestfish - the libguestfs Filesystem Interactive SHell

SYNOPSIS

  guestfish [--options] [commands]
 
  guestfish
 
  guestfish -a disk.img
 
  guestfish -a disk.img -m dev[:mountpoint]
 
  guestfish -d libvirt-domain
 
  guestfish -a disk.img -i
 
  guestfish -d libvirt-domain -i
 
 

WARNING

Using guestfish in read/write mode on live virtual machines can be dangerous, potentially causing disk corruption. Use the --ro (read-only) option to use guestfish safely if the disk image or virtual machine might be live.

DESCRIPTION

Guestfish is a shell and command-line tool for examining and modifying virtual machine filesystems. It uses libguestfs and exposes all of the functionality of the guestfs API, see guestfs(3).

Guestfish gives you structured access to the libguestfs API, from shell scripts or the command line or interactively. If you want to rescue a broken virtual machine image, you should look at the virt-rescue(1) command.

EXAMPLES

As an interactive shell

  $ guestfish
  
  Welcome to guestfish, the libguestfs filesystem interactive shell for
  editing virtual machine filesystems.
  
  Type: 'help' for a list of commands
        'man' to read the manual
        'quit' to quit the shell
  
  ><fs> add-ro disk.img
  ><fs> run
  ><fs> list-filesystems
  /dev/sda1: ext4
  /dev/vg_guest/lv_root: ext4
  /dev/vg_guest/lv_swap: swap
  ><fs> mount /dev/vg_guest/lv_root /
  ><fs> cat /etc/fstab
  # /etc/fstab
  # Created by anaconda
  [...]
  ><fs> exit
 
 

From shell scripts

Create a new "/etc/motd" file in a guest or disk image:
  guestfish <<_EOF_
  add disk.img
  run
  mount /dev/vg_guest/lv_root /
  write /etc/motd "Welcome, new users"
  _EOF_
 
 

List the LVM logical volumes in a disk image:

  guestfish -a disk.img --ro <<_EOF_
  run
  lvs
  _EOF_
 
 

List all the filesystems in a disk image:

  guestfish -a disk.img --ro <<_EOF_
  run
  list-filesystems
  _EOF_
 
 

On one command line

Update "/etc/resolv.conf" in a guest:
  guestfish \
    add disk.img : run : mount /dev/vg_guest/lv_root / : \
    write /etc/resolv.conf "nameserver 1.2.3.4"
 
 

Edit "/boot/grub/grub.conf" interactively:

  guestfish --add disk.img \
    --mount /dev/vg_guest/lv_root \
    --mount /dev/sda1:/boot \
    edit /boot/grub/grub.conf
 
 

Mount disks automatically

Use the -i option to automatically mount the disks from a virtual machine:
  guestfish --ro -a disk.img -i cat /etc/group
 
  guestfish --ro -d libvirt-domain -i cat /etc/group
 
 

Another way to edit "/boot/grub/grub.conf" interactively is:

  guestfish -a disk.img -i edit /boot/grub/grub.conf
 
 

As a script interpreter

Create a 100MB disk containing an ext2-formatted partition:
  #!/usr/bin/guestfish -f
  sparse test1.img 100M
  run
  part-disk /dev/sda mbr
  mkfs ext2 /dev/sda1
 
 

Start with a prepared disk

An alternate way to create a 100MB disk called "test1.img" containing a single ext2-formatted partition:
  guestfish -N fs
 
 

To list what is available do:

  guestfish -N help | less
 
 

Remote control

  eval `guestfish --listen`
  guestfish --remote add-ro disk.img
  guestfish --remote run
  guestfish --remote lvs
 
 

OPTIONS

--help
Displays general help on options.
-h | --cmd-help
Lists all available guestfish commands.
-h cmd | --cmd-help cmd
Displays detailed help on a single command "cmd".
-a image | --add image
Add a block device or virtual machine image to the shell.
-c URI | --connect URI
When used in conjunction with the -d option, this specifies the libvirt URI to use. The default is to use the default libvirt connection.
-d libvirt-domain | --domain libvirt-domain
Add disks from the named libvirt domain. If the --ro option is also used, then any libvirt domain can be used. However in write mode, only libvirt domains which are shut down can be named here.
-D | --no-dest-paths
Don't tab-complete paths on the guest filesystem. It is useful to be able to hit the tab key to complete paths on the guest filesystem, but this causes extra ``hidden'' guestfs calls to be made, so this option is here to allow this feature to be disabled.
--echo-keys
When prompting for keys and passphrases, guestfish normally turns echoing off so you cannot see what you are typing. If you are not worried about Tempest attacks and there is no one else in the room you can specify this flag to see what you are typing.
-f file | --file file
Read commands from "file". To write pure guestfish scripts, use:
  #!/usr/bin/guestfish -f
 
 
-i | --inspector
Using virt-inspector(1) code, inspect the disks looking for an operating system and mount filesystems as they would be mounted on the real virtual machine.

Typical usage is either:

  guestfish -d myguest -i
 
 

(for an inactive libvirt domain called myguest), or:

  guestfish --ro -d myguest -i
 
 

(for active domains, readonly), or specify the block device directly:

  guestfish -a /dev/Guests/MyGuest -i
 
 

Note that the command line syntax changed slightly over older versions of guestfish. You can still use the old syntax:

  guestfish [--ro] -i disk.img
 
  guestfish [--ro] -i libvirt-domain
 
 
--keys-from-stdin
Read key or passphrase parameters from stdin. The default is to try to read passphrases from the user by opening "/dev/tty".
--listen
Fork into the background and listen for remote commands. See section ``REMOTE CONTROL GUESTFISH OVER A SOCKET'' below.
-m dev[:mountpoint] | --mount dev[:mountpoint]
Mount the named partition or logical volume on the given mountpoint.

If the mountpoint is omitted, it defaults to "/".

You have to mount something on "/" before most commands will work.

If any -m or --mount options are given, the guest is automatically launched.

If you don't know what filesystems a disk image contains, you can either run guestfish without this option, then list the partitions and LVs available (see ``list-partitions'' and ``lvs'' commands), or you can use the virt-list-filesystems(1) program.

-n | --no-sync
Disable autosync. This is enabled by default. See the discussion of autosync in the guestfs(3) manpage.
-N type | --new type | -N help
Prepare a fresh disk image formatted as ``type''. This is an alternative to the -a option: whereas -a adds an existing disk, -N creates a preformatted disk with a filesystem and adds it. See ``PREPARED DISK IMAGES'' below.
--progress-bars
Enable progress bars, even when guestfish is used non-interactively.

Progress bars are enabled by default when guestfish is used as an interactive shell.

--no-progress-bars
Disable progress bars.
--remote[=pid]
Send remote commands to $GUESTFISH_PID or "pid". See section ``REMOTE CONTROL GUESTFISH OVER A SOCKET'' below.
-r | --ro
This changes the -a and -m options so that disks are added and mounts are done read-only (see ``guestfs_mount_ro'' in guestfs(3)).

The option must always be used if the disk image or virtual machine might be running, and is generally recommended in cases where you don't need write access to the disk.

Note that prepared disk images created with -N are not affected by the --ro option.

--selinux
Enable SELinux support for the guest. See ``SELINUX'' in guestfs(3).
-v | --verbose
Enable very verbose messages. This is particularly useful if you find a bug.
-V | --version
Display the guestfish / libguestfs version number and exit.
-x
Echo each command before executing it.

COMMANDS ON COMMAND LINE

Any additional (non-option) arguments are treated as commands to execute.

Commands to execute should be separated by a colon (":"), where the colon is a separate parameter. Thus:

  guestfish cmd [args...] : cmd [args...] : cmd [args...] ...
 
 

If there are no additional arguments, then we enter a shell, either an interactive shell with a prompt (if the input is a terminal) or a non-interactive shell.

In either command line mode or non-interactive shell, the first command that gives an error causes the whole shell to exit. In interactive mode (with a prompt) if a command fails, you can continue to enter commands.

USING launch (OR run)

As with guestfs(3), you must first configure your guest by adding disks, then launch it, then mount any disks you need, and finally issue actions/commands. So the general order of the day is:
*
add or -a/--add
*
launch (aka run)
*
mount or -m/--mount
*
any other commands

"run" is a synonym for "launch". You must "launch" (or "run") your guest before mounting or performing any other commands.

The only exception is that if any of the -i, -m, --mount, -N or --new options were given then "run" is done automatically, simply because guestfish can't perform the action you asked for without doing this.

QUOTING

You can quote ordinary parameters using either single or double quotes. For example:
  add "file with a space.img"
 
  rm '/file name'
 
  rm '/"'
 
 

A few commands require a list of strings to be passed. For these, use a whitespace-separated list, enclosed in quotes. Strings containing whitespace to be passed through must be enclosed in single quotes. A literal single quote must be escaped with a backslash.

  vgcreate VG "/dev/sda1 /dev/sdb1"
  command "/bin/echo 'foo      bar'"
  command "/bin/echo \'foo\'"
 
 

NUMBERS

This section applies to all commands which can take integers as parameters.

SIZE SUFFIX

When the command takes a parameter measured in bytes, you can use one of the following suffixes to specify kilobytes, megabytes and larger sizes:
k or K or KiB
The size in kilobytes (multiplied by 1024).
KB
The size in SI 1000 byte units.
M or MiB
The size in megabytes (multiplied by 1048576).
MB
The size in SI 1000000 byte units.
G or GiB
The size in gigabytes (multiplied by 2**30).
GB
The size in SI 10**9 byte units.
T or TiB
The size in terabytes (multiplied by 2**40).
TB
The size in SI 10**12 byte units.
P or PiB
The size in petabytes (multiplied by 2**50).
PB
The size in SI 10**15 byte units.
E or EiB
The size in exabytes (multiplied by 2**60).
EB
The size in SI 10**18 byte units.
Z or ZiB
The size in zettabytes (multiplied by 2**70).
ZB
The size in SI 10**21 byte units.
Y or YiB
The size in yottabytes (multiplied by 2**80).
YB
The size in SI 10**24 byte units.

For example:

  truncate-size /file 1G
 
 

would truncate the file to 1 gigabyte.

Be careful because a few commands take sizes in kilobytes or megabytes (eg. the parameter to ``memsize'' is specified in megabytes already). Adding a suffix will probably not do what you expect.

OCTAL AND HEXADECIMAL NUMBERS

For specifying the radix (base) use the C convention: 0 to prefix an octal number or "0x" to prefix a hexadecimal number. For example:
  1234      decimal number 1234
  02322     octal number, equivalent to decimal 1234
  0x4d2     hexadecimal number, equivalent to decimal 1234
 
 

When using the "chmod" command, you almost always want to specify an octal number for the mode, and you must prefix it with 0 (unlike the Unix chmod(1) program):

  chmod 0777 /public  # OK
  chmod 777 /public   # WRONG! This is mode 777 decimal = 01411 octal.
 
 

Commands that return numbers usually print them in decimal, but some commands print numbers in other radices (eg. "umask" prints the mode in octal, preceeded by 0).

WILDCARDS AND GLOBBING

Neither guestfish nor the underlying guestfs API performs wildcard expansion (globbing) by default. So for example the following will not do what you expect:
  rm-rf /home/*
 
 

Assuming you don't have a directory called literally "/home/*" then the above command will return an error.

To perform wildcard expansion, use the "glob" command.

  glob rm-rf /home/*
 
 

runs "rm-rf" on each path that matches (ie. potentially running the command many times), equivalent to:

  rm-rf /home/jim
  rm-rf /home/joe
  rm-rf /home/mary
 
 

"glob" only works on simple guest paths and not on device names.

If you have several parameters, each containing a wildcard, then glob will perform a Cartesian product.

COMMENTS

Any line which starts with a # character is treated as a comment and ignored. The # can optionally be preceeded by whitespace, but not by a command. For example:
  # this is a comment
          # this is a comment
  foo # NOT a comment
 
 

Blank lines are also ignored.

RUNNING COMMANDS LOCALLY

Any line which starts with a ! character is treated as a command sent to the local shell ("/bin/sh" or whatever system(3) uses). For example:
  !mkdir local
  tgz-out /remote local/remote-data.tar.gz
 
 

will create a directory "local" on the host, and then export the contents of "/remote" on the mounted filesystem to "local/remote-data.tar.gz". (See "tgz-out").

To change the local directory, use the "lcd" command. "!cd" will have no effect, due to the way that subprocesses work in Unix.

PIPES

Use "command <space> | command" to pipe the output of the first command (a guestfish command) to the second command (any host command). For example:
  cat /etc/passwd | awk -F: '$3 == 0 { print }'
 
 

(where "cat" is the guestfish cat command, but "awk" is the host awk program). The above command would list all accounts in the guest filesystem which have UID 0, ie. root accounts including backdoors. Other examples:

  hexdump /bin/ls | head
  list-devices | tail -1
  tgz-out / - | tar ztf -
 
 

The space before the pipe symbol is required, any space after the pipe symbol is optional. Everything after the pipe symbol is just passed straight to the host shell, so it can contain redirections, globs and anything else that makes sense on the host side.

To use a literal argument which begins with a pipe symbol, you have to quote it, eg:

  echo "|"
 
 

HOME DIRECTORIES

If a parameter starts with the character "~" then the tilde may be expanded as a home directory path (either "~" for the current user's home directory, or "~user" for another user).

Note that home directory expansion happens for users known on the host, not in the guest filesystem.

To use a literal argument which begins with a tilde, you have to quote it, eg:

  echo "~"
 
 

ENCRYPTED DISKS

Libguestfs has some support for Linux guests encrypted according to the Linux Unified Key Setup (LUKS) standard, which includes nearly all whole disk encryption systems used by modern Linux guests. Currently only LVM-on-LUKS is supported.

Identify encrypted block devices and partitions using ``vfs-type'':

  ><fs> vfs-type /dev/sda2
  crypto_LUKS
 
 

Then open those devices using ``luks-open''. This creates a device-mapper device called "/dev/mapper/luksdev".

  ><fs> luks-open /dev/sda2 luksdev
  Enter key or passphrase ("key"): <enter the passphrase>
 
 

Finally you have to tell LVM to scan for volume groups on the newly created mapper device:

  vgscan
  vg-activate-all true
 
 

The logical volume(s) can now be mounted in the usual way.

Before closing a LUKS device you must unmount any logical volumes on it and deactivate the volume groups by calling "vg-activate false VG" on each one. Then you can close the mapper device:

  vg-activate false /dev/VG
  luks-close /dev/mapper/luksdev
 
 

WINDOWS PATHS

If a path is prefixed with "win:" then you can use Windows-style paths (with some limitations). The following commands are equivalent:
  file /WINDOWS/system32/config/system.LOG
 
  file win:/windows/system32/config/system.log
 
  file win:\windows\system32\config\system.log
 
  file WIN:C:\Windows\SYSTEM32\conFIG\SYSTEM.LOG
 
 

This syntax implicitly calls "case-sensitive-path" (q.v.) so it also handles case insensitivity like Windows would. This only works in argument positions that expect a path.

UPLOADING AND DOWNLOADING FILES

For commands such as "upload", "download", "tar-in", "tar-out" and others which upload from or download to a local file, you can use the special filename "-" to mean ``from stdin'' or ``to stdout''. For example:
  upload - /foo
 
 

reads stdin and creates from that a file "/foo" in the disk image, and:

  tar-out /etc - | tar tf -
 
 

writes the tarball to stdout and then pipes that into the external ``tar'' command (see ``PIPES'').

When using "-" to read from stdin, the input is read up to the end of stdin. You can also use a special ``heredoc''-like syntax to read up to some arbitrary end marker:

  upload -<<END /foo
  input line 1
  input line 2
  input line 3
  END
 
 

Any string of characters can be used instead of "END". The end marker must appear on a line of its own, without any preceeding or following characters (not even spaces).

Note that the "-<<" syntax only applies to parameters used to upload local files (so-called ``FileIn'' parameters in the generator).

EXIT ON ERROR BEHAVIOUR

By default, guestfish will ignore any errors when in interactive mode (ie. taking commands from a human over a tty), and will exit on the first error in non-interactive mode (scripts, commands given on the command line).

If you prefix a command with a - character, then that command will not cause guestfish to exit, even if that (one) command returns an error.

REMOTE CONTROL GUESTFISH OVER A SOCKET

Guestfish can be remote-controlled over a socket. This is useful particularly in shell scripts where you want to make several different changes to a filesystem, but you don't want the overhead of starting up a guestfish process each time.

Start a guestfish server process using:

  eval `guestfish --listen`
 
 

and then send it commands by doing:

  guestfish --remote cmd [...]
 
 

To cause the server to exit, send it the exit command:

  guestfish --remote exit
 
 

Note that the server will normally exit if there is an error in a command. You can change this in the usual way. See section ``EXIT ON ERROR BEHAVIOUR''.

CONTROLLING MULTIPLE GUESTFISH PROCESSES

The "eval" statement sets the environment variable $GUESTFISH_PID, which is how the --remote option knows where to send the commands. You can have several guestfish listener processes running using:
  eval `guestfish --listen`
  pid1=$GUESTFISH_PID
  eval `guestfish --listen`
  pid2=$GUESTFISH_PID
  ...
  guestfish --remote=$pid1 cmd
  guestfish --remote=$pid2 cmd
 
 

REMOTE CONTROL DETAILS

Remote control happens over a Unix domain socket called "/tmp/.guestfish-$UID/socket-$PID", where $UID is the effective user ID of the process, and $PID is the process ID of the server.

Guestfish client and server versions must match exactly.

PREPARED DISK IMAGES

Use the -N type or --new type parameter to select one of a set of preformatted disk images that guestfish can make for you to save typing. This is particularly useful for testing purposes. This option is used instead of the -a option, and like -a can appear multiple times (and can be mixed with -a).

The new disk is called "test1.img" for the first -N, "test2.img" for the second and so on. Existing files in the current directory are overwritten.

The type briefly describes how the disk should be sized, partitioned, how filesystem(s) should be created, and how content should be added. Optionally the type can be followed by extra parameters, separated by ":" (colon) characters. For example, -N fs creates a default 100MB, sparsely-allocated disk, containing a single partition, with the partition formatted as ext2. -N fs:ext4:1G is the same, but for an ext4 filesystem on a 1GB disk instead.

To list the available types and any extra parameters they take, run:

  guestfish -N help | less
 
 

Note that the prepared filesystem is not mounted. You would usually have to use the "mount /dev/sda1 /" command or add the -m /dev/sda1 option.

If any -N or --new options are given, the guest is automatically launched.

EXAMPLES

Create a 100MB disk with an ext4-formatted partition:
  guestfish -N fs:ext4
 
 

Create a 32MB disk with a VFAT-formatted partition, and mount it:

  guestfish -N fs:vfat:32M -m /dev/sda1
 
 

Create a blank 200MB disk:

  guestfish -N disk:200M
 
 

PROGRESS BARS

Some (not all) long-running commands send progress notification messages as they are running. Guestfish turns these messages into progress bars.

When a command that supports progress bars takes longer than two seconds to run, and if progress bars are enabled, then you will see one appearing below the command:

  ><fs> copy-size /large-file /another-file 2048M
  / 10% [#####-----------------------------------------] 00:30
 
 

The spinner on the left hand side moves round once for every progress notification received from the backend. This is a (reasonably) golden assurance that the command is ``doing something'' even if the progress bar is not moving, because the command is able to send the progress notifications. When the bar reaches 100% and the command finishes, the spinner disappears.

Progress bars are enabled by default when guestfish is used interactively. You can enable them even for non-interactive modes using --progress-bars, and you can disable them completely using --no-progress-bars.

GUESTFISH COMMANDS

The commands in this section are guestfish convenience commands, in other words, they are not part of the guestfs(3) API.

help

  help
  help cmd
 
 

Without any parameter, this lists all commands. With a "cmd" parameter, this displays detailed help for a command.

quit | exit

This exits guestfish. You can also use "^D" key.

alloc

allocate

  alloc filename size
 
 

This creates an empty (zeroed) file of the given size, and then adds so it can be further examined.

For more advanced image creation, see qemu-img(1) utility.

Size can be specified using standard suffixes, eg. "1M".

To create a sparse file, use ``sparse'' instead. To create a prepared disk image, see ``PREPARED DISK IMAGES''.

copy-in

  copy-in local [local ...] /remotedir
 
 

"copy-in" copies local files or directories recursively into the disk image, placing them in the directory called "/remotedir" (which must exist). This guestfish meta-command turns into a sequence of ``tar-in'' and other commands as necessary.

Multiple local files and directories can be specified, but the last parameter must always be a remote directory. Wildcards cannot be used.

copy-out

  copy-out remote [remote ...] localdir
 
 

"copy-out" copies remote files or directories recursively out of the disk image, placing them on the host disk in a local directory called "localdir" (which must exist). This guestfish meta-command turns into a sequence of ``download'', ``tar-out'' and other commands as necessary.

Multiple remote files and directories can be specified, but the last parameter must always be a local directory. To download to the current directory, use "." as in:

  copy-out /home .
 
 

Wildcards cannot be used in the ordinary command, but you can use them with the help of ``glob'' like this:

  glob copy-out /home/* .
 
 

echo

  echo [params ...]
 
 

This echos the parameters to the terminal.

edit

vi

emacs

  edit filename
 
 

This is used to edit a file. It downloads the file, edits it locally using your editor, then uploads the result.

The editor is $EDITOR. However if you use the alternate commands "vi" or "emacs" you will get those corresponding editors.

glob

  glob command args...
 
 

Expand wildcards in any paths in the args list, and run "command" repeatedly on each matching path.

See ``WILDCARDS AND GLOBBING''.

hexedit

  hexedit <filename|device>
  hexedit <filename|device> <max>
  hexedit <filename|device> <start> <max>
 
 

Use hexedit (a hex editor) to edit all or part of a binary file or block device.

This command works by downloading potentially the whole file or device, editing it locally, then uploading it. If the file or device is large, you have to specify which part you wish to edit by using "max" and/or "start" "max" parameters. "start" and "max" are specified in bytes, with the usual modifiers allowed such as "1M" (1 megabyte).

For example to edit the first few sectors of a disk you might do:

  hexedit /dev/sda 1M
 
 

which would allow you to edit anywhere within the first megabyte of the disk.

To edit the superblock of an ext2 filesystem on "/dev/sda1", do:

  hexedit /dev/sda1 0x400 0x400
 
 

(assuming the superblock is in the standard location).

This command requires the external hexedit(1) program. You can specify another program to use by setting the "HEXEDITOR" environment variable.

See also ``hexdump''.

lcd

  lcd directory
 
 

Change the local directory, ie. the current directory of guestfish itself.

Note that "!cd" won't do what you might expect.

man

manual

   man
 
 

Opens the manual page for guestfish.

more

less

  more filename
 
  less filename
 
 

This is used to view a file.

The default viewer is $PAGER. However if you use the alternate command "less" you will get the "less" command specifically.

reopen

   reopen
 
 

Close and reopen the libguestfs handle. It is not necessary to use this normally, because the handle is closed properly when guestfish exits. However this is occasionally useful for testing.

sparse

  sparse filename size
 
 

This creates an empty sparse file of the given size, and then adds so it can be further examined.

In all respects it works the same as the ``alloc'' command, except that the image file is allocated sparsely, which means that disk blocks are not assigned to the file until they are needed. Sparse disk files only use space when written to, but they are slower and there is a danger you could run out of real disk space during a write operation.

For more advanced image creation, see qemu-img(1) utility.

Size can be specified using standard suffixes, eg. "1M".

supported

  supported
 
 

This command returns a list of the optional groups known to the daemon, and indicates which ones are supported by this build of the libguestfs appliance.

See also ``AVAILABILITY'' in guestfs(3).

time

  time command args...
 
 

Run the command as usual, but print the elapsed time afterwards. This can be useful for benchmarking operations.

COMMANDS

add-cdrom

cdrom

  add-cdrom filename
 
 

This function adds a virtual CD-ROM disk image to the guest.

This is equivalent to the qemu parameter "-cdrom filename".

Notes:

*
This call checks for the existence of "filename". This stops you from specifying other types of drive which are supported by qemu such as "nbd:" and "http:" URLs. To specify those, use the general ``config'' call instead.
*
If you just want to add an ISO file (often you use this as an efficient way to transfer large files into the guest), then you should probably use ``add-drive-ro'' instead.

add-drive

add

  add-drive filename
 
 

This function adds a virtual machine disk image "filename" to the guest. The first time you call this function, the disk appears as IDE disk 0 ("/dev/sda") in the guest, the second time as "/dev/sdb", and so on.

You don't necessarily need to be root when using libguestfs. However you obviously do need sufficient permissions to access the filename for whatever operations you want to perform (ie. read access if you just want to read the image or write access if you want to modify the image).

This is equivalent to the qemu parameter "-drive file=filename,cache=off,if=...".

"cache=off" is omitted in cases where it is not supported by the underlying filesystem.

"if=..." is set at compile time by the configuration option "./configure --with-drive-if=...". In the rare case where you might need to change this at run time, use ``add-drive-with-if'' or ``add-drive-ro-with-if''.

Note that this call checks for the existence of "filename". This stops you from specifying other types of drive which are supported by qemu such as "nbd:" and "http:" URLs. To specify those, use the general ``config'' call instead.

add-drive-ro

add-ro

  add-drive-ro filename
 
 

This adds a drive in snapshot mode, making it effectively read-only.

Note that writes to the device are allowed, and will be seen for the duration of the guestfs handle, but they are written to a temporary file which is discarded as soon as the guestfs handle is closed. We don't currently have any method to enable changes to be committed, although qemu can support this.

This is equivalent to the qemu parameter "-drive file=filename,snapshot=on,if=...".

"if=..." is set at compile time by the configuration option "./configure --with-drive-if=...". In the rare case where you might need to change this at run time, use ``add-drive-with-if'' or ``add-drive-ro-with-if''.

Note that this call checks for the existence of "filename". This stops you from specifying other types of drive which are supported by qemu such as "nbd:" and "http:" URLs. To specify those, use the general ``config'' call instead.

add-drive-ro-with-if

  add-drive-ro-with-if filename iface
 
 

This is the same as ``add-drive-ro'' but it allows you to specify the QEMU interface emulation to use at run time.

add-drive-with-if

  add-drive-with-if filename iface
 
 

This is the same as ``add-drive'' but it allows you to specify the QEMU interface emulation to use at run time.

aug-clear

  aug-clear augpath
 
 

Set the value associated with "path" to "NULL". This is the same as the augtool(1) "clear" command.

aug-close

  aug-close
 
 

Close the current Augeas handle and free up any resources used by it. After calling this, you have to call ``aug-init'' again before you can use any other Augeas functions.

aug-defnode

  aug-defnode name expr val
 
 

Defines a variable "name" whose value is the result of evaluating "expr".

If "expr" evaluates to an empty nodeset, a node is created, equivalent to calling ``aug-set'' "expr", "value". "name" will be the nodeset containing that single node.

On success this returns a pair containing the number of nodes in the nodeset, and a boolean flag if a node was created.

aug-defvar

  aug-defvar name expr
 
 

Defines an Augeas variable "name" whose value is the result of evaluating "expr". If "expr" is NULL, then "name" is undefined.

On success this returns the number of nodes in "expr", or 0 if "expr" evaluates to something which is not a nodeset.

aug-get

  aug-get augpath
 
 

Look up the value associated with "path". If "path" matches exactly one node, the "value" is returned.

aug-init

  aug-init root flags
 
 

Create a new Augeas handle for editing configuration files. If there was any previous Augeas handle associated with this guestfs session, then it is closed.

You must call this before using any other ``aug-*'' commands.

"root" is the filesystem root. "root" must not be NULL, use "/" instead.

The flags are the same as the flags defined in <augeas.h>, the logical or of the following integers:

AUG_SAVE_BACKUP = 1
Keep the original file with a ".augsave" extension.
AUG_SAVE_NEWFILE = 2
Save changes into a file with extension ".augnew", and do not overwrite original. Overrides "AUG_SAVE_BACKUP".
AUG_TYPE_CHECK = 4
Typecheck lenses (can be expensive).
AUG_NO_STDINC = 8
Do not use standard load path for modules.
AUG_SAVE_NOOP = 16
Make save a no-op, just record what would have been changed.
AUG_NO_LOAD = 32
Do not load the tree in ``aug-init''.

To close the handle, you can call ``aug-close''.

To find out more about Augeas, see <http://augeas.net/>.

aug-insert

  aug-insert augpath label true|false
 
 

Create a new sibling "label" for "path", inserting it into the tree before or after "path" (depending on the boolean flag "before").

"path" must match exactly one existing node in the tree, and "label" must be a label, ie. not contain "/", "*" or end with a bracketed index "[N]".

aug-load

  aug-load
 
 

Load files into the tree.

See "aug_load" in the Augeas documentation for the full gory details.

aug-ls

  aug-ls augpath
 
 

This is just a shortcut for listing ``aug-match'' "path/*" and sorting the resulting nodes into alphabetical order.

aug-match

  aug-match augpath
 
 

Returns a list of paths which match the path expression "path". The returned paths are sufficiently qualified so that they match exactly one node in the current tree.

aug-mv

  aug-mv src dest
 
 

Move the node "src" to "dest". "src" must match exactly one node. "dest" is overwritten if it exists.

aug-rm

  aug-rm augpath
 
 

Remove "path" and all of its children.

On success this returns the number of entries which were removed.

aug-save

  aug-save
 
 

This writes all pending changes to disk.

The flags which were passed to ``aug-init'' affect exactly how files are saved.

aug-set

  aug-set augpath val
 
 

Set the value associated with "path" to "val".

In the Augeas API, it is possible to clear a node by setting the value to NULL. Due to an oversight in the libguestfs API you cannot do that with this call. Instead you must use the ``aug-clear'' call.

available

  available 'groups ...'
 
 

This command is used to check the availability of some groups of functionality in the appliance, which not all builds of the libguestfs appliance will be able to provide.

The libguestfs groups, and the functions that those groups correspond to, are listed in ``AVAILABILITY'' in guestfs(3). You can also fetch this list at runtime by calling ``available-all-groups''.

The argument "groups" is a list of group names, eg: "["inotify", "augeas"]" would check for the availability of the Linux inotify functions and Augeas (configuration file editing) functions.

The command returns no error if all requested groups are available.

It fails with an error if one or more of the requested groups is unavailable in the appliance.

If an unknown group name is included in the list of groups then an error is always returned.

Notes:

*
You must call ``launch'' before calling this function.

The reason is because we don't know what groups are supported by the appliance/daemon until it is running and can be queried.

*
If a group of functions is available, this does not necessarily mean that they will work. You still have to check for errors when calling individual API functions even if they are available.
*
It is usually the job of distro packagers to build complete functionality into the libguestfs appliance. Upstream libguestfs, if built from source with all requirements satisfied, will support everything.
*
This call was added in version 1.0.80. In previous versions of libguestfs all you could do would be to speculatively execute a command to find out if the daemon implemented it. See also ``version''.

available-all-groups

  available-all-groups
 
 

This command returns a list of all optional groups that this daemon knows about. Note this returns both supported and unsupported groups. To find out which ones the daemon can actually support you have to call ``available'' on each member of the returned list.

See also ``available'' and ``AVAILABILITY'' in guestfs(3).

base64-in

  base64-in (base64file|-) filename
 
 

This command uploads base64-encoded data from "base64file" to "filename".

Use "-" instead of a filename to read/write from stdin/stdout.

base64-out

  base64-out filename (base64file|-)
 
 

This command downloads the contents of "filename", writing it out to local file "base64file" encoded as base64.

Use "-" instead of a filename to read/write from stdin/stdout.

blockdev-flushbufs

  blockdev-flushbufs device
 
 

This tells the kernel to flush internal buffers associated with "device".

This uses the blockdev(8) command.

blockdev-getbsz

  blockdev-getbsz device
 
 

This returns the block size of a device.

(Note this is different from both size in blocks and filesystem block size).

This uses the blockdev(8) command.

blockdev-getro

  blockdev-getro device
 
 

Returns a boolean indicating if the block device is read-only (true if read-only, false if not).

This uses the blockdev(8) command.

blockdev-getsize64

  blockdev-getsize64 device
 
 

This returns the size of the device in bytes.

See also ``blockdev-getsz''.

This uses the blockdev(8) command.

blockdev-getss

  blockdev-getss device
 
 

This returns the size of sectors on a block device. Usually 512, but can be larger for modern devices.

(Note, this is not the size in sectors, use ``blockdev-getsz'' for that).

This uses the blockdev(8) command.

blockdev-getsz

  blockdev-getsz device
 
 

This returns the size of the device in units of 512-byte sectors (even if the sectorsize isn't 512 bytes ... weird).

See also ``blockdev-getss'' for the real sector size of the device, and ``blockdev-getsize64'' for the more useful size in bytes.

This uses the blockdev(8) command.

blockdev-rereadpt

  blockdev-rereadpt device
 
 

Reread the partition table on "device".

This uses the blockdev(8) command.

blockdev-setbsz

  blockdev-setbsz device blocksize
 
 

This sets the block size of a device.

(Note this is different from both size in blocks and filesystem block size).

This uses the blockdev(8) command.

blockdev-setro

  blockdev-setro device
 
 

Sets the block device named "device" to read-only.

This uses the blockdev(8) command.

blockdev-setrw

  blockdev-setrw device
 
 

Sets the block device named "device" to read-write.

This uses the blockdev(8) command.

case-sensitive-path

  case-sensitive-path path
 
 

This can be used to resolve case insensitive paths on a filesystem which is case sensitive. The use case is to resolve paths which you have read from Windows configuration files or the Windows Registry, to the true path.

The command handles a peculiarity of the Linux ntfs-3g filesystem driver (and probably others), which is that although the underlying filesystem is case-insensitive, the driver exports the filesystem to Linux as case-sensitive.

One consequence of this is that special directories such as "c:\windows" may appear as "/WINDOWS" or "/windows" (or other things) depending on the precise details of how they were created. In Windows itself this would not be a problem.

Bug or feature? You decide: http://www.tuxera.com/community/ntfs-3g-faq/#posixfilenames1 <http://www.tuxera.com/community/ntfs-3g-faq/#posixfilenames1>

This function resolves the true case of each element in the path and returns the case-sensitive path.

Thus ``case-sensitive-path'' (``/Windows/System32'') might return "/WINDOWS/system32" (the exact return value would depend on details of how the directories were originally created under Windows).

Note: This function does not handle drive names, backslashes etc.

See also ``realpath''.

cat

  cat path
 
 

Return the contents of the file named "path".

Note that this function cannot correctly handle binary files (specifically, files containing "\0" character which is treated as end of string). For those you need to use the ``read-file'' or ``download'' functions which have a more complex interface.

Because of the message protocol, there is a transfer limit of somewhere between 2MB and 4MB. See ``PROTOCOL LIMITS'' in guestfs(3).

checksum

  checksum csumtype path
 
 

This call computes the MD5, SHAx or CRC checksum of the file named "path".

The type of checksum to compute is given by the "csumtype" parameter which must have one of the following values:

crc
Compute the cyclic redundancy check (CRC) specified by POSIX for the "cksum" command.
md5
Compute the MD5 hash (using the "md5sum" program).
sha1
Compute the SHA1 hash (using the "sha1sum" program).
sha224
Compute the SHA224 hash (using the "sha224sum" program).
sha256
Compute the SHA256 hash (using the "sha256sum" program).
sha384
Compute the SHA384 hash (using the "sha384sum" program).
sha512
Compute the SHA512 hash (using the "sha512sum" program).

The checksum is returned as a printable string.

To get the checksum for a device, use ``checksum-device''.

To get the checksums for many files, use ``checksums-out''.

checksum-device

  checksum-device csumtype device
 
 

This call computes the MD5, SHAx or CRC checksum of the contents of the device named "device". For the types of checksums supported see the ``checksum'' command.

checksums-out

  checksums-out csumtype directory (sumsfile|-)
 
 

This command computes the checksums of all regular files in "directory" and then emits a list of those checksums to the local output file "sumsfile".

This can be used for verifying the integrity of a virtual machine. However to be properly secure you should pay attention to the output of the checksum command (it uses the ones from GNU coreutils). In particular when the filename is not printable, coreutils uses a special backslash syntax. For more information, see the GNU coreutils info file.

Use "-" instead of a filename to read/write from stdin/stdout.

chmod

  chmod mode path
 
 

Change the mode (permissions) of "path" to "mode". Only numeric modes are supported.

Note: When using this command from guestfish, "mode" by default would be decimal, unless you prefix it with 0 to get octal, ie. use 0700 not 700.

The mode actually set is affected by the umask.

chown

  chown owner group path
 
 

Change the file owner to "owner" and group to "group".

Only numeric uid and gid are supported. If you want to use names, you will need to locate and parse the password file yourself (Augeas support makes this relatively easy).

command

  command 'arguments ...'
 
 

This call runs a command from the guest filesystem. The filesystem must be mounted, and must contain a compatible operating system (ie. something Linux, with the same or compatible processor architecture).

The single parameter is an argv-style list of arguments. The first element is the name of the program to run. Subsequent elements are parameters. The list must be non-empty (ie. must contain a program name). Note that the command runs directly, and is not invoked via the shell (see ``sh'').

The return value is anything printed to stdout by the command.

If the command returns a non-zero exit status, then this function returns an error message. The error message string is the content of stderr from the command.

The $PATH environment variable will contain at least "/usr/bin" and "/bin". If you require a program from another location, you should provide the full path in the first parameter.

Shared libraries and data files required by the program must be available on filesystems which are mounted in the correct places. It is the caller's responsibility to ensure all filesystems that are needed are mounted at the right locations.

Because of the message protocol, there is a transfer limit of somewhere between 2MB and 4MB. See ``PROTOCOL LIMITS'' in guestfs(3).

command-lines

  command-lines 'arguments ...'
 
 

This is the same as ``command'', but splits the result into a list of lines.

See also: ``sh-lines''

Because of the message protocol, there is a transfer limit of somewhere between 2MB and 4MB. See ``PROTOCOL LIMITS'' in guestfs(3).

config

  config qemuparam qemuvalue
 
 

This can be used to add arbitrary qemu command line parameters of the form "-param value". Actually it's not quite arbitrary - we prevent you from setting some parameters which would interfere with parameters that we use.

The first character of "param" string must be a "-" (dash).

"value" can be NULL.

copy-size

  copy-size src dest size
 
 

This command copies exactly "size" bytes from one source device or file "src" to another destination device or file "dest".

Note this will fail if the source is too short or if the destination is not large enough.

cp

  cp src dest
 
 

This copies a file from "src" to "dest" where "dest" is either a destination filename or destination directory.

cp-a

  cp-a src dest
 
 

This copies a file or directory from "src" to "dest" recursively using the "cp -a" command.

dd

  dd src dest
 
 

This command copies from one source device or file "src" to another destination device or file "dest". Normally you would use this to copy to or from a device or partition, for example to duplicate a filesystem.

If the destination is a device, it must be as large or larger than the source file or device, otherwise the copy will fail. This command cannot do partial copies (see ``copy-size'').

debug

  debug subcmd 'extraargs ...'
 
 

The ``debug'' command exposes some internals of "guestfsd" (the guestfs daemon) that runs inside the qemu subprocess.

There is no comprehensive help for this command. You have to look at the file "daemon/debug.c" in the libguestfs source to find out what you can do.

debug-upload

  debug-upload (filename|-) tmpname mode
 
 

The ``debug-upload'' command uploads a file to the libguestfs appliance.

There is no comprehensive help for this command. You have to look at the file "daemon/debug.c" in the libguestfs source to find out what it is for.

Use "-" instead of a filename to read/write from stdin/stdout.

df

  df
 
 

This command runs the "df" command to report disk space used.

This command is mostly useful for interactive sessions. It is not intended that you try to parse the output string. Use "statvfs" from programs.

df-h

  df-h
 
 

This command runs the "df -h" command to report disk space used in human-readable format.

This command is mostly useful for interactive sessions. It is not intended that you try to parse the output string. Use "statvfs" from programs.

dmesg

  dmesg
 
 

This returns the kernel messages ("dmesg" output) from the guest kernel. This is sometimes useful for extended debugging of problems.

Another way to get the same information is to enable verbose messages with ``set-verbose'' or by setting the environment variable "LIBGUESTFS_DEBUG=1" before running the program.

download

  download remotefilename (filename|-)
 
 

Download file "remotefilename" and save it as "filename" on the local machine.

"filename" can also be a named pipe.

See also ``upload'', ``cat''.

Use "-" instead of a filename to read/write from stdin/stdout.

download-offset

  download-offset remotefilename (filename|-) offset size
 
 

Download file "remotefilename" and save it as "filename" on the local machine.

"remotefilename" is read for "size" bytes starting at "offset" (this region must be within the file or device).

Note that there is no limit on the amount of data that can be downloaded with this call, unlike with ``pread'', and this call always reads the full amount unless an error occurs.

See also ``download'', ``pread''.

Use "-" instead of a filename to read/write from stdin/stdout.

drop-caches

  drop-caches whattodrop
 
 

This instructs the guest kernel to drop its page cache, and/or dentries and inode caches. The parameter "whattodrop" tells the kernel what precisely to drop, see http://linux-mm.org/Drop_Caches <http://linux-mm.org/Drop_Caches>

Setting "whattodrop" to 3 should drop everything.

This automatically calls sync(2) before the operation, so that the maximum guest memory is freed.

du

  du path
 
 

This command runs the "du -s" command to estimate file space usage for "path".

"path" can be a file or a directory. If "path" is a directory then the estimate includes the contents of the directory and all subdirectories (recursively).

The result is the estimated size in kilobytes (ie. units of 1024 bytes).

e2fsck-f

  e2fsck-f device
 
 

This runs "e2fsck -p -f device", ie. runs the ext2/ext3 filesystem checker on "device", noninteractively ("-p"), even if the filesystem appears to be clean ("-f").

This command is only needed because of ``resize2fs'' (q.v.). Normally you should use ``fsck''.

echo-daemon

  echo-daemon 'words ...'
 
 

This command concatenates the list of "words" passed with single spaces between them and returns the resulting string.

You can use this command to test the connection through to the daemon.

See also ``ping-daemon''.

egrep

  egrep regex path
 
 

This calls the external "egrep" program and returns the matching lines.

Because of the message protocol, there is a transfer limit of somewhere between 2MB and 4MB. See ``PROTOCOL LIMITS'' in guestfs(3).

egrepi

  egrepi regex path
 
 

This calls the external "egrep -i" program and returns the matching lines.

Because of the message protocol, there is a transfer limit of somewhere between 2MB and 4MB. See ``PROTOCOL LIMITS'' in guestfs(3).

equal

  equal file1 file2
 
 

This compares the two files "file1" and "file2" and returns true if their content is exactly equal, or false otherwise.

The external cmp(1) program is used for the comparison.

exists

  exists path
 
 

This returns "true" if and only if there is a file, directory (or anything) with the given "path" name.

See also ``is-file'', ``is-dir'', ``stat''.

fallocate

  fallocate path len
 
 

This command preallocates a file (containing zero bytes) named "path" of size "len" bytes. If the file exists already, it is overwritten.

Do not confuse this with the guestfish-specific "alloc" command which allocates a file in the host and attaches it as a device.

This function is deprecated. In new code, use the "fallocate64" call instead.

Deprecated functions will not be removed from the API, but the fact that they are deprecated indicates that there are problems with correct use of these functions.

fallocate64

  fallocate64 path len
 
 

This command preallocates a file (containing zero bytes) named "path" of size "len" bytes. If the file exists already, it is overwritten.

Note that this call allocates disk blocks for the file. To create a sparse file use ``truncate-size'' instead.

The deprecated call ``fallocate'' does the same, but owing to an oversight it only allowed 30 bit lengths to be specified, effectively limiting the maximum size of files created through that call to 1GB.

Do not confuse this with the guestfish-specific "alloc" and "sparse" commands which create a file in the host and attach it as a device.

fgrep

  fgrep pattern path
 
 

This calls the external "fgrep" program and returns the matching lines.

Because of the message protocol, there is a transfer limit of somewhere between 2MB and 4MB. See ``PROTOCOL LIMITS'' in guestfs(3).

fgrepi

  fgrepi pattern path
 
 

This calls the external "fgrep -i" program and returns the matching lines.

Because of the message protocol, there is a transfer limit of somewhere between 2MB and 4MB. See ``PROTOCOL LIMITS'' in guestfs(3).

file

  file path
 
 

This call uses the standard file(1) command to determine the type or contents of the file.

This call will also transparently look inside various types of compressed file.

The exact command which runs is "file -zb path". Note in particular that the filename is not prepended to the output (the "-b" option).

This command can also be used on "/dev/" devices (and partitions, LV names). You can for example use this to determine if a device contains a filesystem, although it's usually better to use ``vfs-type''.

If the "path" does not begin with "/dev/" then this command only works for the content of regular files. For other file types (directory, symbolic link etc) it will just return the string "directory" etc.

file-architecture

  file-architecture filename
 
 

This detects the architecture of the binary "filename", and returns it if known.

Currently defined architectures are:

i386
This string is returned for all 32 bit i386, i486, i586, i686 binaries irrespective of the precise processor requirements of the binary.
x86_64
64 bit x86-64.
sparc
32 bit SPARC.
sparc64
64 bit SPARC V9 and above.
ia64
Intel Itanium.
ppc
32 bit Power PC.
ppc64
64 bit Power PC.

Libguestfs may return other architecture strings in future.

The function works on at least the following types of files:

*
many types of Un*x and Linux binary
*
many types of Un*x and Linux shared library
*
Windows Win32 and Win64 binaries
*
Windows Win32 and Win64 DLLs

Win32 binaries and DLLs return "i386".

Win64 binaries and DLLs return "x86_64".

*
Linux kernel modules
*
Linux new-style initrd images
*
some non-x86 Linux vmlinuz kernels

What it can't do currently:

*
static libraries (libfoo.a)
*
Linux old-style initrd as compressed ext2 filesystem (RHEL 3)
*
x86 Linux vmlinuz kernels

x86 vmlinuz images (bzImage format) consist of a mix of 16-, 32- and compressed code, and are horribly hard to unpack. If you want to find the architecture of a kernel, use the architecture of the associated initrd or kernel module(s) instead.

filesize

  filesize file
 
 

This command returns the size of "file" in bytes.

To get other stats about a file, use ``stat'', ``lstat'', ``is-dir'', ``is-file'' etc. To get the size of block devices, use ``blockdev-getsize64''.

fill

  fill c len path
 
 

This command creates a new file called "path". The initial content of the file is "len" octets of "c", where "c" must be a number in the range "[0..255]".

To fill a file with zero bytes (sparsely), it is much more efficient to use ``truncate-size''. To create a file with a pattern of repeating bytes use ``fill-pattern''.

fill-pattern

  fill-pattern pattern len path
 
 

This function is like ``fill'' except that it creates a new file of length "len" containing the repeating pattern of bytes in "pattern". The pattern is truncated if necessary to ensure the length of the file is exactly "len" bytes.

find

  find directory
 
 

This command lists out all files and directories, recursively, starting at "directory". It is essentially equivalent to running the shell command "find directory -print" but some post-processing happens on the output, described below.

This returns a list of strings without any prefix. Thus if the directory structure was:

  /tmp/a
  /tmp/b
  /tmp/c/d
 
 

then the returned list from ``find'' "/tmp" would be 4 elements:

  a
  b
  c
  c/d
 
 

If "directory" is not a directory, then this command returns an error.

The returned list is sorted.

See also ``find0''.

Because of the message protocol, there is a transfer limit of somewhere between 2MB and 4MB. See ``PROTOCOL LIMITS'' in guestfs(3).

find0

  find0 directory (files|-)
 
 

This command lists out all files and directories, recursively, starting at "directory", placing the resulting list in the external file called "files".

This command works the same way as ``find'' with the following exceptions:

*
The resulting list is written to an external file.
*
Items (filenames) in the result are separated by "\0" characters. See find(1) option -print0.
*
This command is not limited in the number of names that it can return.
*
The result list is not sorted.

Use "-" instead of a filename to read/write from stdin/stdout.

findfs-label

  findfs-label label
 
 

This command searches the filesystems and returns the one which has the given label. An error is returned if no such filesystem can be found.

To find the label of a filesystem, use ``vfs-label''.

findfs-uuid

  findfs-uuid uuid
 
 

This command searches the filesystems and returns the one which has the given UUID. An error is returned if no such filesystem can be found.

To find the UUID of a filesystem, use ``vfs-uuid''.

fsck

  fsck fstype device
 
 

This runs the filesystem checker (fsck) on "device" which should have filesystem type "fstype".

The returned integer is the status. See fsck(8) for the list of status codes from "fsck".

Notes:

*
Multiple status codes can be summed together.
*
A non-zero return code can mean ``success'', for example if errors have been corrected on the filesystem.
*
Checking or repairing NTFS volumes is not supported (by linux-ntfs).

This command is entirely equivalent to running "fsck -a -t fstype device".

get-append

  get-append
 
 

Return the additional kernel options which are added to the guest kernel command line.

If "NULL" then no options are added.

get-autosync

  get-autosync
 
 

Get the autosync flag.

get-direct

  get-direct
 
 

Return the direct appliance mode flag.

get-e2label

  get-e2label device
 
 

This returns the ext2/3/4 filesystem label of the filesystem on "device".

This function is deprecated. In new code, use the "vfs_label" call instead.

Deprecated functions will not be removed from the API, but the fact that they are deprecated indicates that there are problems with correct use of these functions.

get-e2uuid

  get-e2uuid device
 
 

This returns the ext2/3/4 filesystem UUID of the filesystem on "device".

This function is deprecated. In new code, use the "vfs_uuid" call instead.

Deprecated functions will not be removed from the API, but the fact that they are deprecated indicates that there are problems with correct use of these functions.

get-memsize

  get-memsize
 
 

This gets the memory size in megabytes allocated to the qemu subprocess.

If ``set-memsize'' was not called on this handle, and if "LIBGUESTFS_MEMSIZE" was not set, then this returns the compiled-in default value for memsize.

For more information on the architecture of libguestfs, see guestfs(3).

get-network

  get-network
 
 

This returns the enable network flag.

get-path

  get-path
 
 

Return the current search path.

This is always non-NULL. If it wasn't set already, then this will return the default path.

get-pid

pid

  get-pid
 
 

Return the process ID of the qemu subprocess. If there is no qemu subprocess, then this will return an error.

This is an internal call used for debugging and testing.

get-qemu

  get-qemu
 
 

Return the current qemu binary.

This is always non-NULL. If it wasn't set already, then this will return the default qemu binary name.

get-recovery-proc

  get-recovery-proc
 
 

Return the recovery process enabled flag.

get-selinux

  get-selinux
 
 

This returns the current setting of the selinux flag which is passed to the appliance at boot time. See ``set-selinux''.

For more information on the architecture of libguestfs, see guestfs(3).

get-state

  get-state
 
 

This returns the current state as an opaque integer. This is only useful for printing debug and internal error messages.

For more information on states, see guestfs(3).

get-trace

  get-trace
 
 

Return the command trace flag.

get-umask

  get-umask
 
 

Return the current umask. By default the umask is 022 unless it has been set by calling ``umask''.

get-verbose

  get-verbose
 
 

This returns the verbose messages flag.

getcon

  getcon
 
 

This gets the SELinux security context of the daemon.

See the documentation about SELINUX in guestfs(3), and ``setcon''

getxattrs

  getxattrs path
 
 

This call lists the extended attributes of the file or directory "path".

At the system call level, this is a combination of the listxattr(2) and getxattr(2) calls.

See also: ``lgetxattrs'', attr(5).

glob-expand

  glob-expand pattern
 
 

This command searches for all the pathnames matching "pattern" according to the wildcard expansion rules used by the shell.

If no paths match, then this returns an empty list (note: not an error).

It is just a wrapper around the C glob(3) function with flags "GLOB_MARK|GLOB_BRACE". See that manual page for more details.

grep

  grep regex path
 
 

This calls the external "grep" program and returns the matching lines.

Because of the message protocol, there is a transfer limit of somewhere between 2MB and 4MB. See ``PROTOCOL LIMITS'' in guestfs(3).

grepi

  grepi regex path
 
 

This calls the external "grep -i" program and returns the matching lines.

Because of the message protocol, there is a transfer limit of somewhere between 2MB and 4MB. See ``PROTOCOL LIMITS'' in guestfs(3).

grub-install

  grub-install root device
 
 

This command installs GRUB (the Grand Unified Bootloader) on "device", with the root directory being "root".

Note: If grub-install reports the error ``No suitable drive was found in the generated device map.'' it may be that you need to create a "/boot/grub/device.map" file first that contains the mapping between grub device names and Linux device names. It is usually sufficient to create a file containing:

  (hd0) /dev/vda
 
 

replacing "/dev/vda" with the name of the installation device.

head

  head path
 
 

This command returns up to the first 10 lines of a file as a list of strings.

Because of the message protocol, there is a transfer limit of somewhere between 2MB and 4MB. See ``PROTOCOL LIMITS'' in guestfs(3).

head-n

  head-n nrlines path
 
 

If the parameter "nrlines" is a positive number, this returns the first "nrlines" lines of the file "path".

If the parameter "nrlines" is a negative number, this returns lines from the file "path", excluding the last "nrlines" lines.

If the parameter "nrlines" is zero, this returns an empty list.

Because of the message protocol, there is a transfer limit of somewhere between 2MB and 4MB. See ``PROTOCOL LIMITS'' in guestfs(3).

hexdump

  hexdump path
 
 

This runs "hexdump -C" on the given "path". The result is the human-readable, canonical hex dump of the file.

Because of the message protocol, there is a transfer limit of somewhere between 2MB and 4MB. See ``PROTOCOL LIMITS'' in guestfs(3).

initrd-cat

  initrd-cat initrdpath filename
 
 

This command unpacks the file "filename" from the initrd file called "initrdpath". The filename must be given without the initial "/" character.

For example, in guestfish you could use the following command to examine the boot script (usually called "/init") contained in a Linux initrd or initramfs image:

  initrd-cat /boot/initrd-<version>.img init
 
 

See also ``initrd-list''.

Because of the message protocol, there is a transfer limit of somewhere between 2MB and 4MB. See ``PROTOCOL LIMITS'' in guestfs(3).

initrd-list

  initrd-list path
 
 

This command lists out files contained in an initrd.

The files are listed without any initial "/" character. The files are listed in the order they appear (not necessarily alphabetical). Directory names are listed as separate items.

Old Linux kernels (2.4 and earlier) used a compressed ext2 filesystem as initrd. We only support the newer initramfs format (compressed cpio files).

inotify-add-watch

  inotify-add-watch path mask
 
 

Watch "path" for the events listed in "mask".

Note that if "path" is a directory then events within that directory are watched, but this does not happen recursively (in subdirectories).

Note for non-C or non-Linux callers: the inotify events are defined by the Linux kernel ABI and are listed in "/usr/include/sys/inotify.h".

inotify-close

  inotify-close
 
 

This closes the inotify handle which was previously opened by inotify_init. It removes all watches, throws away any pending events, and deallocates all resources.

inotify-files

  inotify-files
 
 

This function is a helpful wrapper around ``inotify-read'' which just returns a list of pathnames of objects that were touched. The returned pathnames are sorted and deduplicated.

inotify-init

  inotify-init maxevents
 
 

This command creates a new inotify handle. The inotify subsystem can be used to notify events which happen to objects in the guest filesystem.

"maxevents" is the maximum number of events which will be queued up between calls to ``inotify-read'' or ``inotify-files''. If this is passed as 0, then the kernel (or previously set) default is used. For Linux 2.6.29 the default was 16384 events. Beyond this limit, the kernel throws away events, but records the fact that it threw them away by setting a flag "IN_Q_OVERFLOW" in the returned structure list (see ``inotify-read'').

Before any events are generated, you have to add some watches to the internal watch list. See: ``inotify-add-watch'', ``inotify-rm-watch'' and ``inotify-watch-all''.

Queued up events should be read periodically by calling ``inotify-read'' (or ``inotify-files'' which is just a helpful wrapper around ``inotify-read''). If you don't read the events out often enough then you risk the internal queue overflowing.

The handle should be closed after use by calling ``inotify-close''. This also removes any watches automatically.

See also inotify(7) for an overview of the inotify interface as exposed by the Linux kernel, which is roughly what we expose via libguestfs. Note that there is one global inotify handle per libguestfs instance.

inotify-read

  inotify-read
 
 

Return the complete queue of events that have happened since the previous read call.

If no events have happened, this returns an empty list.

Note: In order to make sure that all events have been read, you must call this function repeatedly until it returns an empty list. The reason is that the call will read events up to the maximum appliance-to-host message size and leave remaining events in the queue.

inotify-rm-watch

  inotify-rm-watch wd
 
 

Remove a previously defined inotify watch. See ``inotify-add-watch''.

inspect-get-arch

  inspect-get-arch root
 
 

This function should only be called with a root device string as returned by ``inspect-os''.

This returns the architecture of the inspected operating system. The possible return values are listed under ``file-architecture''.

If the architecture could not be determined, then the string "unknown" is returned.

Please read ``INSPECTION'' in guestfs(3) for more details.

inspect-get-distro

  inspect-get-distro root
 
 

This function should only be called with a root device string as returned by ``inspect-os''.

This returns the distro (distribution) of the inspected operating system.

Currently defined distros are:

debian
Debian or a Debian-derived distro such as Ubuntu.
fedora
Fedora.
redhat-based
Some Red Hat-derived distro.
rhel
Red Hat Enterprise Linux and some derivatives.
windows
Windows does not have distributions. This string is returned if the OS type is Windows.
unknown
The distro could not be determined.

Future versions of libguestfs may return other strings here. The caller should be prepared to handle any string.

Please read ``INSPECTION'' in guestfs(3) for more details.

inspect-get-filesystems

  inspect-get-filesystems root
 
 

This function should only be called with a root device string as returned by ``inspect-os''.

This returns a list of all the filesystems that we think are associated with this operating system. This includes the root filesystem, other ordinary filesystems, and non-mounted devices like swap partitions.

In the case of a multi-boot virtual machine, it is possible for a filesystem to be shared between operating systems.

Please read ``INSPECTION'' in guestfs(3) for more details. See also ``inspect-get-mountpoints''.

inspect-get-major-version

  inspect-get-major-version root
 
 

This function should only be called with a root device string as returned by ``inspect-os''.

This returns the major version number of the inspected operating system.

Windows uses a consistent versioning scheme which is not reflected in the popular public names used by the operating system. Notably the operating system known as ``Windows 7'' is really version 6.1 (ie. major = 6, minor = 1). You can find out the real versions corresponding to releases of Windows by consulting Wikipedia or MSDN.

If the version could not be determined, then 0 is returned.

Please read ``INSPECTION'' in guestfs(3) for more details.

inspect-get-minor-version

  inspect-get-minor-version root
 
 

This function should only be called with a root device string as returned by ``inspect-os''.

This returns the minor version number of the inspected operating system.

If the version could not be determined, then 0 is returned.

Please read ``INSPECTION'' in guestfs(3) for more details. See also ``inspect-get-major-version''.

inspect-get-mountpoints

  inspect-get-mountpoints root
 
 

This function should only be called with a root device string as returned by ``inspect-os''.

This returns a hash of where we think the filesystems associated with this operating system should be mounted. Callers should note that this is at best an educated guess made by reading configuration files such as "/etc/fstab".

Each element in the returned hashtable has a key which is the path of the mountpoint (eg. "/boot") and a value which is the filesystem that would be mounted there (eg. "/dev/sda1").

Non-mounted devices such as swap devices are not returned in this list.

Please read ``INSPECTION'' in guestfs(3) for more details. See also ``inspect-get-filesystems''.

inspect-get-product-name

  inspect-get-product-name root
 
 

This function should only be called with a root device string as returned by ``inspect-os''.

This returns the product name of the inspected operating system. The product name is generally some freeform string which can be displayed to the user, but should not be parsed by programs.

If the product name could not be determined, then the string "unknown" is returned.

Please read ``INSPECTION'' in guestfs(3) for more details.

inspect-get-type

  inspect-get-type root
 
 

This function should only be called with a root device string as returned by ``inspect-os''.

This returns the type of the inspected operating system. Currently defined types are:

linux
Any Linux-based operating system.
windows
Any Microsoft Windows operating system.
unknown
The operating system type could not be determined.

Future versions of libguestfs may return other strings here. The caller should be prepared to handle any string.

Please read ``INSPECTION'' in guestfs(3) for more details.

inspect-os

  inspect-os
 
 

This function uses other libguestfs functions and certain heuristics to inspect the disk(s) (usually disks belonging to a virtual machine), looking for operating systems.

The list returned is empty if no operating systems were found.

If one operating system was found, then this returns a list with a single element, which is the name of the root filesystem of this operating system. It is also possible for this function to return a list containing more than one element, indicating a dual-boot or multi-boot virtual machine, with each element being the root filesystem of one of the operating systems.

You can pass the root string(s) returned to other ``inspect-get-*'' functions in order to query further information about each operating system, such as the name and version.

This function uses other libguestfs features such as ``mount-ro'' and ``umount-all'' in order to mount and unmount filesystems and look at the contents. This should be called with no disks currently mounted. The function may also use Augeas, so any existing Augeas handle will be closed.

This function cannot decrypt encrypted disks. The caller must do that first (supplying the necessary keys) if the disk is encrypted.

Please read ``INSPECTION'' in guestfs(3) for more details.

See also ``list-filesystems''.

is-blockdev

  is-blockdev path
 
 

This returns "true" if and only if there is a block device with the given "path" name.

See also ``stat''.

is-busy

  is-busy
 
 

This returns true iff this handle is busy processing a command (in the "BUSY" state).

For more information on states, see guestfs(3).

is-chardev

  is-chardev path
 
 

This returns "true" if and only if there is a character device with the given "path" name.

See also ``stat''.

is-config

  is-config
 
 

This returns true iff this handle is being configured (in the "CONFIG" state).

For more information on states, see guestfs(3).

is-dir

  is-dir path
 
 

This returns "true" if and only if there is a directory with the given "path" name. Note that it returns false for other objects like files.

See also ``stat''.

is-fifo

  is-fifo path
 
 

This returns "true" if and only if there is a FIFO (named pipe) with the given "path" name.

See also ``stat''.

is-file

  is-file path
 
 

This returns "true" if and only if there is a regular file with the given "path" name. Note that it returns false for other objects like directories.

See also ``stat''.

is-launching

  is-launching
 
 

This returns true iff this handle is launching the subprocess (in the "LAUNCHING" state).

For more information on states, see guestfs(3).

is-lv

  is-lv device
 
 

This command tests whether "device" is a logical volume, and returns true iff this is the case.

is-ready

  is-ready
 
 

This returns true iff this handle is ready to accept commands (in the "READY" state).

For more information on states, see guestfs(3).

is-socket

  is-socket path
 
 

This returns "true" if and only if there is a Unix domain socket with the given "path" name.

See also ``stat''.

  is-symlink path
 
 

This returns "true" if and only if there is a symbolic link with the given "path" name.

See also ``stat''.

kill-subprocess

  kill-subprocess
 
 

This kills the qemu subprocess. You should never need to call this.

launch

run

  launch
 
 

Internally libguestfs is implemented by running a virtual machine using qemu(1).

You should call this after configuring the handle (eg. adding drives) but before performing any actions.

lchown

  lchown owner group path
 
 

Change the file owner to "owner" and group to "group". This is like ``chown'' but if "path" is a symlink then the link itself is changed, not the target.

Only numeric uid and gid are supported. If you want to use names, you will need to locate and parse the password file yourself (Augeas support makes this relatively easy).

lgetxattrs

  lgetxattrs path
 
 

This is the same as ``getxattrs'', but if "path" is a symbolic link, then it returns the extended attributes of the link itself.

list-devices

  list-devices
 
 

List all the block devices.

The full block device names are returned, eg. "/dev/sda".

See also ``list-filesystems''.

list-filesystems

  list-filesystems
 
 

This inspection command looks for filesystems on partitions, block devices and logical volumes, returning a list of devices containing filesystems and their type.

The return value is a hash, where the keys are the devices containing filesystems, and the values are the filesystem types. For example:

  "/dev/sda1" => "ntfs"
  "/dev/sda2" => "ext2"
  "/dev/vg_guest/lv_root" => "ext4"
  "/dev/vg_guest/lv_swap" => "swap"
 
 

The value can have the special value ``unknown'', meaning the content of the device is undetermined or empty. ``swap'' means a Linux swap partition.

This command runs other libguestfs commands, which might include ``mount'' and ``umount'', and therefore you should use this soon after launch and only when nothing is mounted.

Not all of the filesystems returned will be mountable. In particular, swap partitions are returned in the list. Also this command does not check that each filesystem found is valid and mountable, and some filesystems might be mountable but require special options. Filesystems may not all belong to a single logical operating system (use ``inspect-os'' to look for OSes).

list-partitions

  list-partitions
 
 

List all the partitions detected on all block devices.

The full partition device names are returned, eg. "/dev/sda1"

This does not return logical volumes. For that you will need to call ``lvs''.

See also ``list-filesystems''.

ll

  ll directory
 
 

List the files in "directory" (relative to the root directory, there is no cwd) in the format of 'ls -la'.

This command is mostly useful for interactive sessions. It is not intended that you try to parse the output string.

ln

  ln target linkname
 
 

This command creates a hard link using the "ln" command.

ln-f

  ln-f target linkname
 
 

This command creates a hard link using the "ln -f" command. The "-f" option removes the link ("linkname") if it exists already.

ln-s

  ln-s target linkname
 
 

This command creates a symbolic link using the "ln -s" command.

ln-sf

  ln-sf target linkname
 
 

This command creates a symbolic link using the "ln -sf" command, The "-f" option removes the link ("linkname") if it exists already.

lremovexattr

  lremovexattr xattr path
 
 

This is the same as ``removexattr'', but if "path" is a symbolic link, then it removes an extended attribute of the link itself.

ls

  ls directory
 
 

List the files in "directory" (relative to the root directory, there is no cwd). The '.' and '..' entries are not returned, but hidden files are shown.

This command is mostly useful for interactive sessions. Programs should probably use ``readdir'' instead.

lsetxattr

  lsetxattr xattr val vallen path
 
 

This is the same as ``setxattr'', but if "path" is a symbolic link, then it sets an extended attribute of the link itself.

lstat

  lstat path
 
 

Returns file information for the given "path".

This is the same as ``stat'' except that if "path" is a symbolic link, then the link is stat-ed, not the file it refers to.

This is the same as the lstat(2) system call.

lstatlist

  lstatlist path 'names ...'
 
 

This call allows you to perform the ``lstat'' operation on multiple files, where all files are in the directory "path". "names" is the list of files from this directory.

On return you get a list of stat structs, with a one-to-one correspondence to the "names" list. If any name did not exist or could not be lstat'd, then the "ino" field of that structure is set to "-1".

This call is intended for programs that want to efficiently list a directory contents without making many round-trips. See also ``lxattrlist'' for a similarly efficient call for getting extended attributes. Very long directory listings might cause the protocol message size to be exceeded, causing this call to fail. The caller must split up such requests into smaller groups of names.

luks-add-key

  luks-add-key device keyslot
 
 

This command adds a new key on LUKS device "device". "key" is any existing key, and is used to access the device. "newkey" is the new key to add. "keyslot" is the key slot that will be replaced.

Note that if "keyslot" already contains a key, then this command will fail. You have to use ``luks-kill-slot'' first to remove that key.

This command has one or more key or passphrase parameters. Guestfish will prompt for these separately.

luks-close

  luks-close device
 
 

This closes a LUKS device that was created earlier by ``luks-open'' or ``luks-open-ro''. The "device" parameter must be the name of the LUKS mapping device (ie. "/dev/mapper/mapname") and not the name of the underlying block device.

luks-format

  luks-format device keyslot
 
 

This command erases existing data on "device" and formats the device as a LUKS encrypted device. "key" is the initial key, which is added to key slot "slot". (LUKS supports 8 key slots, numbered 0-7).

This command has one or more key or passphrase parameters. Guestfish will prompt for these separately.

This command is dangerous. Without careful use you can easily destroy all your data.

luks-format-cipher

  luks-format-cipher device keyslot cipher
 
 

This command is the same as ``luks-format'' but it also allows you to set the "cipher" used.

This command has one or more key or passphrase parameters. Guestfish will prompt for these separately.

This command is dangerous. Without careful use you can easily destroy all your data.

luks-kill-slot

  luks-kill-slot device keyslot
 
 

This command deletes the key in key slot "keyslot" from the encrypted LUKS device "device". "key" must be one of the other keys.

This command has one or more key or passphrase parameters. Guestfish will prompt for these separately.

luks-open

  luks-open device mapname
 
 

This command opens a block device which has been encrypted according to the Linux Unified Key Setup (LUKS) standard.

"device" is the encrypted block device or partition.

The caller must supply one of the keys associated with the LUKS block device, in the "key" parameter.

This creates a new block device called "/dev/mapper/mapname". Reads and writes to this block device are decrypted from and encrypted to the underlying "device" respectively.

If this block device contains LVM volume groups, then calling ``vgscan'' followed by ``vg-activate-all'' will make them visible.

This command has one or more key or passphrase parameters. Guestfish will prompt for these separately.

luks-open-ro

  luks-open-ro device mapname
 
 

This is the same as ``luks-open'' except that a read-only mapping is created.

This command has one or more key or passphrase parameters. Guestfish will prompt for these separately.

lvcreate

  lvcreate logvol volgroup mbytes
 
 

This creates an LVM logical volume called "logvol" on the volume group "volgroup", with "size" megabytes.

lvm-clear-filter

  lvm-clear-filter
 
 

This undoes the effect of ``lvm-set-filter''. LVM will be able to see every block device.

This command also clears the LVM cache and performs a volume group scan.

lvm-remove-all

  lvm-remove-all
 
 

This command removes all LVM logical volumes, volume groups and physical volumes.

This command is dangerous. Without careful use you can easily destroy all your data.

lvm-set-filter

  lvm-set-filter 'devices ...'
 
 

This sets the LVM device filter so that LVM will only be able to ``see'' the block devices in the list "devices", and will ignore all other attached block devices.

Where disk image(s) contain duplicate PVs or VGs, this command is useful to get LVM to ignore the duplicates, otherwise LVM can get confused. Note also there are two types of duplication possible: either cloned PVs/VGs which have identical UUIDs; or VGs that are not cloned but just happen to have the same name. In normal operation you cannot create this situation, but you can do it outside LVM, eg. by cloning disk images or by bit twiddling inside the LVM metadata.

This command also clears the LVM cache and performs a volume group scan.

You can filter whole block devices or individual partitions.

You cannot use this if any VG is currently in use (eg. contains a mounted filesystem), even if you are not filtering out that VG.

lvremove

  lvremove device
 
 

Remove an LVM logical volume "device", where "device" is the path to the LV, such as "/dev/VG/LV".

You can also remove all LVs in a volume group by specifying the VG name, "/dev/VG".

lvrename

  lvrename logvol newlogvol
 
 

Rename a logical volume "logvol" with the new name "newlogvol".

lvresize

  lvresize device mbytes
 
 

This resizes (expands or shrinks) an existing LVM logical volume to "mbytes". When reducing, data in the reduced part is lost.

lvresize-free

  lvresize-free lv percent
 
 

This expands an existing logical volume "lv" so that it fills "pc"% of the remaining free space in the volume group. Commonly you would call this with pc = 100 which expands the logical volume as much as possible, using all remaining free space in the volume group.

lvs

  lvs
 
 

List all the logical volumes detected. This is the equivalent of the lvs(8) command.

This returns a list of the logical volume device names (eg. "/dev/VolGroup00/LogVol00").

See also ``lvs-full'', ``list-filesystems''.

lvs-full

  lvs-full
 
 

List all the logical volumes detected. This is the equivalent of the lvs(8) command. The ``full'' version includes all fields.

lvuuid

  lvuuid device
 
 

This command returns the UUID of the LVM LV "device".

lxattrlist

  lxattrlist path 'names ...'
 
 

This call allows you to get the extended attributes of multiple files, where all files are in the directory "path". "names" is the list of files from this directory.

On return you get a flat list of xattr structs which must be interpreted sequentially. The first xattr struct always has a zero-length "attrname". "attrval" in this struct is zero-length to indicate there was an error doing "lgetxattr" for this file, or is a C string which is a decimal number (the number of following attributes for this file, which could be "0"). Then after the first xattr struct are the zero or more attributes for the first named file. This repeats for the second and subsequent files.

This call is intended for programs that want to efficiently list a directory contents without making many round-trips. See also ``lstatlist'' for a similarly efficient call for getting standard stats. Very long directory listings might cause the protocol message size to be exceeded, causing this call to fail. The caller must split up such requests into smaller groups of names.

mkdir

  mkdir path
 
 

Create a directory named "path".

mkdir-mode

  mkdir-mode path mode
 
 

This command creates a directory, setting the initial permissions of the directory to "mode".

For common Linux filesystems, the actual mode which is set will be "mode & ~umask & 01777". Non-native-Linux filesystems may interpret the mode in other ways.

See also ``mkdir'', ``umask''

mkdir-p

  mkdir-p path
 
 

Create a directory named "path", creating any parent directories as necessary. This is like the "mkdir -p" shell command.

mkdtemp

  mkdtemp template
 
 

This command creates a temporary directory. The "template" parameter should be a full pathname for the temporary directory name with the final six characters being ``XXXXXX''.

For example: ``/tmp/myprogXXXXXX'' or ``/Temp/myprogXXXXXX'', the second one being suitable for Windows filesystems.

The name of the temporary directory that was created is returned.

The temporary directory is created with mode 0700 and is owned by root.

The caller is responsible for deleting the temporary directory and its contents after use.

See also: mkdtemp(3)

mke2fs-J

  mke2fs-J fstype blocksize device journal
 
 

This creates an ext2/3/4 filesystem on "device" with an external journal on "journal". It is equivalent to the command:

  mke2fs -t fstype -b blocksize -J device=<journal> <device>
 
 

See also ``mke2journal''.

mke2fs-JL

  mke2fs-JL fstype blocksize device label
 
 

This creates an ext2/3/4 filesystem on "device" with an external journal on the journal labeled "label".

See also ``mke2journal-L''.

mke2fs-JU

  mke2fs-JU fstype blocksize device uuid
 
 

This creates an ext2/3/4 filesystem on "device" with an external journal on the journal with UUID "uuid".

See also ``mke2journal-U''.

mke2journal

  mke2journal blocksize device
 
 

This creates an ext2 external journal on "device". It is equivalent to the command:

  mke2fs -O journal_dev -b blocksize device
 
 

mke2journal-L

  mke2journal-L blocksize label device
 
 

This creates an ext2 external journal on "device" with label "label".

mke2journal-U

  mke2journal-U blocksize uuid device
 
 

This creates an ext2 external journal on "device" with UUID "uuid".

mkfifo

  mkfifo mode path
 
 

This call creates a FIFO (named pipe) called "path" with mode "mode". It is just a convenient wrapper around ``mknod''.

The mode actually set is affected by the umask.

mkfs

  mkfs fstype device
 
 

This creates a filesystem on "device" (usually a partition or LVM logical volume). The filesystem type is "fstype", for example "ext3".

mkfs-b

  mkfs-b fstype blocksize device
 
 

This call is similar to ``mkfs'', but it allows you to control the block size of the resulting filesystem. Supported block sizes depend on the filesystem type, but typically they are 1024, 2048 or 4096 only.

For VFAT and NTFS the "blocksize" parameter is treated as the requested cluster size.

mkmountpoint

  mkmountpoint exemptpath
 
 

``mkmountpoint'' and ``rmmountpoint'' are specialized calls that can be used to create extra mountpoints before mounting the first filesystem.

These calls are only necessary in some very limited circumstances, mainly the case where you want to mount a mix of unrelated and/or read-only filesystems together.

For example, live CDs often contain a ``Russian doll'' nest of filesystems, an ISO outer layer, with a squashfs image inside, with an ext2/3 image inside that. You can unpack this as follows in guestfish:

  add-ro Fedora-11-i686-Live.iso
  run
  mkmountpoint /cd
  mkmountpoint /squash
  mkmountpoint /ext3
  mount /dev/sda /cd
  mount-loop /cd/LiveOS/squashfs.img /squash
  mount-loop /squash/LiveOS/ext3fs.img /ext3
 
 

The inner filesystem is now unpacked under the /ext3 mountpoint.

mknod

  mknod mode devmajor devminor path
 
 

This call creates block or character special devices, or named pipes (FIFOs).

The "mode" parameter should be the mode, using the standard constants. "devmajor" and "devminor" are the device major and minor numbers, only used when creating block and character special devices.

Note that, just like mknod(2), the mode must be bitwise OR'd with S_IFBLK, S_IFCHR, S_IFIFO or S_IFSOCK (otherwise this call just creates a regular file). These constants are available in the standard Linux header files, or you can use ``mknod-b'', ``mknod-c'' or ``mkfifo'' which are wrappers around this command which bitwise OR in the appropriate constant for you.

The mode actually set is affected by the umask.

mknod-b

  mknod-b mode devmajor devminor path
 
 

This call creates a block device node called "path" with mode "mode" and device major/minor "devmajor" and "devminor". It is just a convenient wrapper around ``mknod''.

The mode actually set is affected by the umask.

mknod-c

  mknod-c mode devmajor devminor path
 
 

This call creates a char device node called "path" with mode "mode" and device major/minor "devmajor" and "devminor". It is just a convenient wrapper around ``mknod''.

The mode actually set is affected by the umask.

mkswap

  mkswap device
 
 

Create a swap partition on "device".

mkswap-L

  mkswap-L label device
 
 

Create a swap partition on "device" with label "label".

Note that you cannot attach a swap label to a block device (eg. "/dev/sda"), just to a partition. This appears to be a limitation of the kernel or swap tools.

mkswap-U

  mkswap-U uuid device
 
 

Create a swap partition on "device" with UUID "uuid".

mkswap-file

  mkswap-file path
 
 

Create a swap file.

This command just writes a swap file signature to an existing file. To create the file itself, use something like ``fallocate''.

modprobe

  modprobe modulename
 
 

This loads a kernel module in the appliance.

The kernel module must have been whitelisted when libguestfs was built (see "appliance/kmod.whitelist.in" in the source).

mount

  mount device mountpoint
 
 

Mount a guest disk at a position in the filesystem. Block devices are named "/dev/sda", "/dev/sdb" and so on, as they were added to the guest. If those block devices contain partitions, they will have the usual names (eg. "/dev/sda1"). Also LVM "/dev/VG/LV"-style names can be used.

The rules are the same as for mount(2): A filesystem must first be mounted on "/" before others can be mounted. Other filesystems can only be mounted on directories which already exist.

The mounted filesystem is writable, if we have sufficient permissions on the underlying device.

Important note: When you use this call, the filesystem options "sync" and "noatime" are set implicitly. This was originally done because we thought it would improve reliability, but it turns out that -o sync has a very large negative performance impact and negligible effect on reliability. Therefore we recommend that you avoid using ``mount'' in any code that needs performance, and instead use ``mount-options'' (use an empty string for the first parameter if you don't want any options).

mount-loop

  mount-loop file mountpoint
 
 

This command lets you mount "file" (a filesystem image in a file) on a mount point. It is entirely equivalent to the command "mount -o loop file mountpoint".

mount-options

  mount-options options device mountpoint
 
 

This is the same as the ``mount'' command, but it allows you to set the mount options as for the mount(8) -o flag.

If the "options" parameter is an empty string, then no options are passed (all options default to whatever the filesystem uses).

mount-ro

  mount-ro device mountpoint
 
 

This is the same as the ``mount'' command, but it mounts the filesystem with the read-only (-o ro) flag.

mount-vfs

  mount-vfs options vfstype device mountpoint
 
 

This is the same as the ``mount'' command, but it allows you to set both the mount options and the vfstype as for the mount(8) -o and -t flags.

mountpoints

  mountpoints
 
 

This call is similar to ``mounts''. That call returns a list of devices. This one returns a hash table (map) of device name to directory where the device is mounted.

mounts

  mounts
 
 

This returns the list of currently mounted filesystems. It returns the list of devices (eg. "/dev/sda1", "/dev/VG/LV").

Some internal mounts are not shown.

See also: ``mountpoints''

mv

  mv src dest
 
 

This moves a file from "src" to "dest" where "dest" is either a destination filename or destination directory.

ntfs-3g-probe

  ntfs-3g-probe true|false device
 
 

This command runs the ntfs-3g.probe(8) command which probes an NTFS "device" for mountability. (Not all NTFS volumes can be mounted read-write, and some cannot be mounted at all).

"rw" is a boolean flag. Set it to true if you want to test if the volume can be mounted read-write. Set it to false if you want to test if the volume can be mounted read-only.

The return value is an integer which 0 if the operation would succeed, or some non-zero value documented in the ntfs-3g.probe(8) manual page.

ntfsresize

  ntfsresize device
 
 

This command resizes an NTFS filesystem, expanding or shrinking it to the size of the underlying device. See also ntfsresize(8).

ntfsresize-size

  ntfsresize-size device size
 
 

This command is the same as ``ntfsresize'' except that it allows you to specify the new size (in bytes) explicitly.

part-add

  part-add device prlogex startsect endsect
 
 

This command adds a partition to "device". If there is no partition table on the device, call ``part-init'' first.

The "prlogex" parameter is the type of partition. Normally you should pass "p" or "primary" here, but MBR partition tables also support "l" (or "logical") and "e" (or "extended") partition types.

"startsect" and "endsect" are the start and end of the partition in sectors. "endsect" may be negative, which means it counts backwards from the end of the disk ("-1" is the last sector).

Creating a partition which covers the whole disk is not so easy. Use ``part-disk'' to do that.

part-del

  part-del device partnum
 
 

This command deletes the partition numbered "partnum" on "device".

Note that in the case of MBR partitioning, deleting an extended partition also deletes any logical partitions it contains.

part-disk

  part-disk device parttype
 
 

This command is simply a combination of ``part-init'' followed by ``part-add'' to create a single primary partition covering the whole disk.

"parttype" is the partition table type, usually "mbr" or "gpt", but other possible values are described in ``part-init''.

This command is dangerous. Without careful use you can easily destroy all your data.

part-get-bootable

  part-get-bootable device partnum
 
 

This command returns true if the partition "partnum" on "device" has the bootable flag set.

See also ``part-set-bootable''.

part-get-mbr-id

  part-get-mbr-id device partnum
 
 

Returns the MBR type byte (also known as the ID byte) from the numbered partition "partnum".

Note that only MBR (old DOS-style) partitions have type bytes. You will get undefined results for other partition table types (see ``part-get-parttype'').

part-get-parttype

  part-get-parttype device
 
 

This command examines the partition table on "device" and returns the partition table type (format) being used.

Common return values include: "msdos" (a DOS/Windows style MBR partition table), "gpt" (a GPT/EFI-style partition table). Other values are possible, although unusual. See ``part-init'' for a full list.

part-init

  part-init device parttype
 
 

This creates an empty partition table on "device" of one of the partition types listed below. Usually "parttype" should be either "msdos" or "gpt" (for large disks).

Initially there are no partitions. Following this, you should call ``part-add'' for each partition required.

Possible values for "parttype" are:

efi | gpt
Intel EFI / GPT partition table.

This is recommended for >= 2 TB partitions that will be accessed from Linux and Intel-based Mac OS X. It also has limited backwards compatibility with the "mbr" format.

mbr | msdos
The standard PC ``Master Boot Record'' (MBR) format used by MS-DOS and Windows. This partition type will only work for device sizes up to 2 TB. For large disks we recommend using "gpt".

Other partition table types that may work but are not supported include:

aix
AIX disk labels.
amiga | rdb
Amiga ``Rigid Disk Block'' format.
bsd
BSD disk labels.
dasd
DASD, used on IBM mainframes.
dvh
MIPS/SGI volumes.
mac
Old Mac partition format. Modern Macs use "gpt".
pc98
NEC PC-98 format, common in Japan apparently.
sun
Sun disk labels.

part-list

  part-list device
 
 

This command parses the partition table on "device" and returns the list of partitions found.

The fields in the returned structure are:

part_num
Partition number, counting from 1.
part_start
Start of the partition in bytes. To get sectors you have to divide by the device's sector size, see ``blockdev-getss''.
part_end
End of the partition in bytes.
part_size
Size of the partition in bytes.

part-set-bootable

  part-set-bootable device partnum true|false
 
 

This sets the bootable flag on partition numbered "partnum" on device "device". Note that partitions are numbered from 1.

The bootable flag is used by some operating systems (notably Windows) to determine which partition to boot from. It is by no means universally recognized.

part-set-mbr-id

  part-set-mbr-id device partnum idbyte
 
 

Sets the MBR type byte (also known as the ID byte) of the numbered partition "partnum" to "idbyte". Note that the type bytes quoted in most documentation are in fact hexadecimal numbers, but usually documented without any leading ``0x'' which might be confusing.

Note that only MBR (old DOS-style) partitions have type bytes. You will get undefined results for other partition table types (see ``part-get-parttype'').

part-set-name

  part-set-name device partnum name
 
 

This sets the partition name on partition numbered "partnum" on device "device". Note that partitions are numbered from 1.

The partition name can only be set on certain types of partition table. This works on "gpt" but not on "mbr" partitions.

part-to-dev

  part-to-dev partition
 
 

This function takes a partition name (eg. ``/dev/sdb1'') and removes the partition number, returning the device name (eg. ``/dev/sdb'').

The named partition must exist, for example as a string returned from ``list-partitions''.

ping-daemon

  ping-daemon
 
 

This is a test probe into the guestfs daemon running inside the qemu subprocess. Calling this function checks that the daemon responds to the ping message, without affecting the daemon or attached block device(s) in any other way.

pread

  pread path count offset
 
 

This command lets you read part of a file. It reads "count" bytes of the file, starting at "offset", from file "path".

This may read fewer bytes than requested. For further details see the pread(2) system call.

See also ``pwrite'', ``pread-device''.

Because of the message protocol, there is a transfer limit of somewhere between 2MB and 4MB. See ``PROTOCOL LIMITS'' in guestfs(3).

pread-device

  pread-device device count offset
 
 

This command lets you read part of a file. It reads "count" bytes of "device", starting at "offset".

This may read fewer bytes than requested. For further details see the pread(2) system call.

See also ``pread''.

Because of the message protocol, there is a transfer limit of somewhere between 2MB and 4MB. See ``PROTOCOL LIMITS'' in guestfs(3).

pvcreate

  pvcreate device
 
 

This creates an LVM physical volume on the named "device", where "device" should usually be a partition name such as "/dev/sda1".

pvremove

  pvremove device
 
 

This wipes a physical volume "device" so that LVM will no longer recognise it.

The implementation uses the "pvremove" command which refuses to wipe physical volumes that contain any volume groups, so you have to remove those first.

pvresize

  pvresize device
 
 

This resizes (expands or shrinks) an existing LVM physical volume to match the new size of the underlying device.

pvresize-size

  pvresize-size device size
 
 

This command is the same as ``pvresize'' except that it allows you to specify the new size (in bytes) explicitly.

pvs

  pvs
 
 

List all the physical volumes detected. This is the equivalent of the pvs(8) command.

This returns a list of just the device names that contain PVs (eg. "/dev/sda2").

See also ``pvs-full''.

pvs-full

  pvs-full
 
 

List all the physical volumes detected. This is the equivalent of the pvs(8) command. The ``full'' version includes all fields.

pvuuid

  pvuuid device
 
 

This command returns the UUID of the LVM PV "device".

pwrite

  pwrite path content offset
 
 

This command writes to part of a file. It writes the data buffer "content" to the file "path" starting at offset "offset".

This command implements the pwrite(2) system call, and like that system call it may not write the full data requested. The return value is the number of bytes that were actually written to the file. This could even be 0, although short writes are unlikely for regular files in ordinary circumstances.

See also ``pread'', ``pwrite-device''.

Because of the message protocol, there is a transfer limit of somewhere between 2MB and 4MB. See ``PROTOCOL LIMITS'' in guestfs(3).

pwrite-device

  pwrite-device device content offset
 
 

This command writes to part of a device. It writes the data buffer "content" to "device" starting at offset "offset".

This command implements the pwrite(2) system call, and like that system call it may not write the full data requested (although short writes to disk devices and partitions are probably impossible with standard Linux kernels).

See also ``pwrite''.

Because of the message protocol, there is a transfer limit of somewhere between 2MB and 4MB. See ``PROTOCOL LIMITS'' in guestfs(3).

read-file

  read-file path
 
 

This calls returns the contents of the file "path" as a buffer.

Unlike ``cat'', this function can correctly handle files that contain embedded ASCII NUL characters. However unlike ``download'', this function is limited in the total size of file that can be handled.

Because of the message protocol, there is a transfer limit of somewhere between 2MB and 4MB. See ``PROTOCOL LIMITS'' in guestfs(3).

read-lines

  read-lines path
 
 

Return the contents of the file named "path".

The file contents are returned as a list of lines. Trailing "LF" and "CRLF" character sequences are not returned.

Note that this function cannot correctly handle binary files (specifically, files containing "\0" character which is treated as end of line). For those you need to use the ``read-file'' function which has a more complex interface.

readdir

  readdir dir
 
 

This returns the list of directory entries in directory "dir".

All entries in the directory are returned, including "." and "..". The entries are not sorted, but returned in the same order as the underlying filesystem.

Also this call returns basic file type information about each file. The "ftyp" field will contain one of the following characters:

'b'
Block special
'c'
Char special
'd'
Directory
'f'
FIFO (named pipe)
'l'
Symbolic link
'r'
Regular file
's'
Socket
'u'
Unknown file type
'?'
The readdir(3) call returned a "d_type" field with an unexpected value

This function is primarily intended for use by programs. To get a simple list of names, use ``ls''. To get a printable directory for human consumption, use ``ll''.

  readlink path
 
 

This command reads the target of a symbolic link.

  readlinklist path 'names ...'
 
 

This call allows you to do a "readlink" operation on multiple files, where all files are in the directory "path". "names" is the list of files from this directory.

On return you get a list of strings, with a one-to-one correspondence to the "names" list. Each string is the value of the symbolic link.

If the readlink(2) operation fails on any name, then the corresponding result string is the empty string "". However the whole operation is completed even if there were readlink(2) errors, and so you can call this function with names where you don't know if they are symbolic links already (albeit slightly less efficient).

This call is intended for programs that want to efficiently list a directory contents without making many round-trips. Very long directory listings might cause the protocol message size to be exceeded, causing this call to fail. The caller must split up such requests into smaller groups of names.

realpath

  realpath path
 
 

Return the canonicalized absolute pathname of "path". The returned path has no ".", ".." or symbolic link path elements.

removexattr

  removexattr xattr path
 
 

This call removes the extended attribute named "xattr" of the file "path".

See also: ``lremovexattr'', attr(5).

resize2fs

  resize2fs device
 
 

This resizes an ext2, ext3 or ext4 filesystem to match the size of the underlying device.

Note: It is sometimes required that you run ``e2fsck-f'' on the "device" before calling this command. For unknown reasons "resize2fs" sometimes gives an error about this and sometimes not. In any case, it is always safe to call ``e2fsck-f'' before calling this function.

resize2fs-size

  resize2fs-size device size
 
 

This command is the same as ``resize2fs'' except that it allows you to specify the new size (in bytes) explicitly.

rm

  rm path
 
 

Remove the single file "path".

rm-rf

  rm-rf path
 
 

Remove the file or directory "path", recursively removing the contents if its a directory. This is like the "rm -rf" shell command.

rmdir

  rmdir path
 
 

Remove the single directory "path".

rmmountpoint

  rmmountpoint exemptpath
 
 

This calls removes a mountpoint that was previously created with ``mkmountpoint''. See ``mkmountpoint'' for full details.

scrub-device

  scrub-device device
 
 

This command writes patterns over "device" to make data retrieval more difficult.

It is an interface to the scrub(1) program. See that manual page for more details.

This command is dangerous. Without careful use you can easily destroy all your data.

scrub-file

  scrub-file file
 
 

This command writes patterns over a file to make data retrieval more difficult.

The file is removed after scrubbing.

It is an interface to the scrub(1) program. See that manual page for more details.

scrub-freespace

  scrub-freespace dir
 
 

This command creates the directory "dir" and then fills it with files until the filesystem is full, and scrubs the files as for ``scrub-file'', and deletes them. The intention is to scrub any free space on the partition containing "dir".

It is an interface to the scrub(1) program. See that manual page for more details.

set-append

append

  set-append append
 
 

This function is used to add additional options to the guest kernel command line.

The default is "NULL" unless overridden by setting "LIBGUESTFS_APPEND" environment variable.

Setting "append" to "NULL" means no additional options are passed (libguestfs always adds a few of its own).

set-autosync

autosync

  set-autosync true|false
 
 

If "autosync" is true, this enables autosync. Libguestfs will make a best effort attempt to run ``umount-all'' followed by ``sync'' when the handle is closed (also if the program exits without closing handles).

This is disabled by default (except in guestfish where it is enabled by default).

set-direct

direct

  set-direct true|false
 
 

If the direct appliance mode flag is enabled, then stdin and stdout are passed directly through to the appliance once it is launched.

One consequence of this is that log messages aren't caught by the library and handled by ``set-log-message-callback'', but go straight to stdout.

You probably don't want to use this unless you know what you are doing.

The default is disabled.

set-e2label

  set-e2label device label
 
 

This sets the ext2/3/4 filesystem label of the filesystem on "device" to "label". Filesystem labels are limited to 16 characters.

You can use either ``tune2fs-l'' or ``get-e2label'' to return the existing label on a filesystem.

set-e2uuid

  set-e2uuid device uuid
 
 

This sets the ext2/3/4 filesystem UUID of the filesystem on "device" to "uuid". The format of the UUID and alternatives such as "clear", "random" and "time" are described in the tune2fs(8) manpage.

You can use either ``tune2fs-l'' or ``get-e2uuid'' to return the existing UUID of a filesystem.

set-memsize

memsize

  set-memsize memsize
 
 

This sets the memory size in megabytes allocated to the qemu subprocess. This only has any effect if called before ``launch''.

You can also change this by setting the environment variable "LIBGUESTFS_MEMSIZE" before the handle is created.

For more information on the architecture of libguestfs, see guestfs(3).

set-network

network

  set-network true|false
 
 

If "network" is true, then the network is enabled in the libguestfs appliance. The default is false.

This affects whether commands are able to access the network (see ``RUNNING COMMANDS'' in guestfs(3)).

You must call this before calling ``launch'', otherwise it has no effect.

set-path

path

  set-path searchpath
 
 

Set the path that libguestfs searches for kernel and initrd.img.

The default is "$libdir/guestfs" unless overridden by setting "LIBGUESTFS_PATH" environment variable.

Setting "path" to "NULL" restores the default path.

set-qemu

qemu

  set-qemu qemu
 
 

Set the qemu binary that we will use.

The default is chosen when the library was compiled by the configure script.

You can also override this by setting the "LIBGUESTFS_QEMU" environment variable.

Setting "qemu" to "NULL" restores the default qemu binary.

Note that you should call this function as early as possible after creating the handle. This is because some pre-launch operations depend on testing qemu features (by running "qemu -help"). If the qemu binary changes, we don't retest features, and so you might see inconsistent results. Using the environment variable "LIBGUESTFS_QEMU" is safest of all since that picks the qemu binary at the same time as the handle is created.

set-recovery-proc

recovery-proc

  set-recovery-proc true|false
 
 

If this is called with the parameter "false" then ``launch'' does not create a recovery process. The purpose of the recovery process is to stop runaway qemu processes in the case where the main program aborts abruptly.

This only has any effect if called before ``launch'', and the default is true.

About the only time when you would want to disable this is if the main process will fork itself into the background (``daemonize'' itself). In this case the recovery process thinks that the main program has disappeared and so kills qemu, which is not very helpful.

set-selinux

selinux

  set-selinux true|false
 
 

This sets the selinux flag that is passed to the appliance at boot time. The default is "selinux=0" (disabled).

Note that if SELinux is enabled, it is always in Permissive mode ("enforcing=0").

For more information on the architecture of libguestfs, see guestfs(3).

set-trace

trace

  set-trace true|false
 
 

If the command trace flag is set to 1, then commands are printed on stderr before they are executed in a format which is very similar to the one used by guestfish. In other words, you can run a program with this enabled, and you will get out a script which you can feed to guestfish to perform the same set of actions.

If you want to trace C API calls into libguestfs (and other libraries) then possibly a better way is to use the external ltrace(1) command.

Command traces are disabled unless the environment variable "LIBGUESTFS_TRACE" is defined and set to 1.

set-verbose

verbose

  set-verbose true|false
 
 

If "verbose" is true, this turns on verbose messages (to "stderr").

Verbose messages are disabled unless the environment variable "LIBGUESTFS_DEBUG" is defined and set to 1.

setcon

  setcon context
 
 

This sets the SELinux security context of the daemon to the string "context".

See the documentation about SELINUX in guestfs(3).

setxattr

  setxattr xattr val vallen path
 
 

This call sets the extended attribute named "xattr" of the file "path" to the value "val" (of length "vallen"). The value is arbitrary 8 bit data.

See also: ``lsetxattr'', attr(5).

sfdisk

  sfdisk device cyls heads sectors 'lines ...'
 
 

This is a direct interface to the sfdisk(8) program for creating partitions on block devices.

"device" should be a block device, for example "/dev/sda".

"cyls", "heads" and "sectors" are the number of cylinders, heads and sectors on the device, which are passed directly to sfdisk as the -C, -H and -S parameters. If you pass 0 for any of these, then the corresponding parameter is omitted. Usually for 'large' disks, you can just pass 0 for these, but for small (floppy-sized) disks, sfdisk (or rather, the kernel) cannot work out the right geometry and you will need to tell it.

"lines" is a list of lines that we feed to "sfdisk". For more information refer to the sfdisk(8) manpage.

To create a single partition occupying the whole disk, you would pass "lines" as a single element list, when the single element being the string "," (comma).

See also: ``sfdisk-l'', ``sfdisk-N'', ``part-init''

This command is dangerous. Without careful use you can easily destroy all your data.

sfdiskM

  sfdiskM device 'lines ...'
 
 

This is a simplified interface to the ``sfdisk'' command, where partition sizes are specified in megabytes only (rounded to the nearest cylinder) and you don't need to specify the cyls, heads and sectors parameters which were rarely if ever used anyway.

See also: ``sfdisk'', the sfdisk(8) manpage and ``part-disk''

This command is dangerous. Without careful use you can easily destroy all your data.

sfdisk-N

  sfdisk-N device partnum cyls heads sectors line
 
 

This runs sfdisk(8) option to modify just the single partition "n" (note: "n" counts from 1).

For other parameters, see ``sfdisk''. You should usually pass 0 for the cyls/heads/sectors parameters.

See also: ``part-add''

This command is dangerous. Without careful use you can easily destroy all your data.

sfdisk-disk-geometry

  sfdisk-disk-geometry device
 
 

This displays the disk geometry of "device" read from the partition table. Especially in the case where the underlying block device has been resized, this can be different from the kernel's idea of the geometry (see ``sfdisk-kernel-geometry'').

The result is in human-readable format, and not designed to be parsed.

sfdisk-kernel-geometry

  sfdisk-kernel-geometry device
 
 

This displays the kernel's idea of the geometry of "device".

The result is in human-readable format, and not designed to be parsed.

sfdisk-l

  sfdisk-l device
 
 

This displays the partition table on "device", in the human-readable output of the sfdisk(8) command. It is not intended to be parsed.

See also: ``part-list''

sh

  sh command
 
 

This call runs a command from the guest filesystem via the guest's "/bin/sh".

This is like ``command'', but passes the command to:

  /bin/sh -c "command"
 
 

Depending on the guest's shell, this usually results in wildcards being expanded, shell expressions being interpolated and so on.

All the provisos about ``command'' apply to this call.

sh-lines

  sh-lines command
 
 

This is the same as ``sh'', but splits the result into a list of lines.

See also: ``command-lines''

sleep

  sleep secs
 
 

Sleep for "secs" seconds.

stat

  stat path
 
 

Returns file information for the given "path".

This is the same as the stat(2) system call.

statvfs

  statvfs path
 
 

Returns file system statistics for any mounted file system. "path" should be a file or directory in the mounted file system (typically it is the mount point itself, but it doesn't need to be).

This is the same as the statvfs(2) system call.

strings

  strings path
 
 

This runs the strings(1) command on a file and returns the list of printable strings found.

Because of the message protocol, there is a transfer limit of somewhere between 2MB and 4MB. See ``PROTOCOL LIMITS'' in guestfs(3).

strings-e

  strings-e encoding path
 
 

This is like the ``strings'' command, but allows you to specify the encoding of strings that are looked for in the source file "path".

Allowed encodings are:

s
Single 7-bit-byte characters like ASCII and the ASCII-compatible parts of ISO-8859-X (this is what ``strings'' uses).
S
Single 8-bit-byte characters.
b
16-bit big endian strings such as those encoded in UTF-16BE or UCS-2BE.
l (lower case letter L)
16-bit little endian such as UTF-16LE and UCS-2LE. This is useful for examining binaries in Windows guests.
B
32-bit big endian such as UCS-4BE.
L
32-bit little endian such as UCS-4LE.

The returned strings are transcoded to UTF-8.

Because of the message protocol, there is a transfer limit of somewhere between 2MB and 4MB. See ``PROTOCOL LIMITS'' in guestfs(3).

swapoff-device

  swapoff-device device
 
 

This command disables the libguestfs appliance swap device or partition named "device". See ``swapon-device''.

swapoff-file

  swapoff-file file
 
 

This command disables the libguestfs appliance swap on file.

swapoff-label

  swapoff-label label
 
 

This command disables the libguestfs appliance swap on labeled swap partition.

swapoff-uuid

  swapoff-uuid uuid
 
 

This command disables the libguestfs appliance swap partition with the given UUID.

swapon-device

  swapon-device device
 
 

This command enables the libguestfs appliance to use the swap device or partition named "device". The increased memory is made available for all commands, for example those run using ``command'' or ``sh''.

Note that you should not swap to existing guest swap partitions unless you know what you are doing. They may contain hibernation information, or other information that the guest doesn't want you to trash. You also risk leaking information about the host to the guest this way. Instead, attach a new host device to the guest and swap on that.

swapon-file

  swapon-file file
 
 

This command enables swap to a file. See ``swapon-device'' for other notes.

swapon-label

  swapon-label label
 
 

This command enables swap to a labeled swap partition. See ``swapon-device'' for other notes.

swapon-uuid

  swapon-uuid uuid
 
 

This command enables swap to a swap partition with the given UUID. See ``swapon-device'' for other notes.

sync

  sync
 
 

This syncs the disk, so that any writes are flushed through to the underlying disk image.

You should always call this if you have modified a disk image, before closing the handle.

tail

  tail path
 
 

This command returns up to the last 10 lines of a file as a list of strings.

Because of the message protocol, there is a transfer limit of somewhere between 2MB and 4MB. See ``PROTOCOL LIMITS'' in guestfs(3).

tail-n

  tail-n nrlines path
 
 

If the parameter "nrlines" is a positive number, this returns the last "nrlines" lines of the file "path".

If the parameter "nrlines" is a negative number, this returns lines from the file "path", starting with the "-nrlines"th line.

If the parameter "nrlines" is zero, this returns an empty list.

Because of the message protocol, there is a transfer limit of somewhere between 2MB and 4MB. See ``PROTOCOL LIMITS'' in guestfs(3).

tar-in

  tar-in (tarfile|-) directory
 
 

This command uploads and unpacks local file "tarfile" (an uncompressed tar file) into "directory".

To upload a compressed tarball, use ``tgz-in'' or ``txz-in''.

Use "-" instead of a filename to read/write from stdin/stdout.

tar-out

  tar-out directory (tarfile|-)
 
 

This command packs the contents of "directory" and downloads it to local file "tarfile".

To download a compressed tarball, use ``tgz-out'' or ``txz-out''.

Use "-" instead of a filename to read/write from stdin/stdout.

tgz-in

  tgz-in (tarball|-) directory
 
 

This command uploads and unpacks local file "tarball" (a gzip compressed tar file) into "directory".

To upload an uncompressed tarball, use ``tar-in''.

Use "-" instead of a filename to read/write from stdin/stdout.

tgz-out

  tgz-out directory (tarball|-)
 
 

This command packs the contents of "directory" and downloads it to local file "tarball".

To download an uncompressed tarball, use ``tar-out''.

Use "-" instead of a filename to read/write from stdin/stdout.

touch

  touch path
 
 

Touch acts like the touch(1) command. It can be used to update the timestamps on a file, or, if the file does not exist, to create a new zero-length file.

This command only works on regular files, and will fail on other file types such as directories, symbolic links, block special etc.

truncate

  truncate path
 
 

This command truncates "path" to a zero-length file. The file must exist already.

truncate-size

  truncate-size path size
 
 

This command truncates "path" to size "size" bytes. The file must exist already.

If the current file size is less than "size" then the file is extended to the required size with zero bytes. This creates a sparse file (ie. disk blocks are not allocated for the file until you write to it). To create a non-sparse file of zeroes, use ``fallocate64'' instead.

tune2fs-l

  tune2fs-l device
 
 

This returns the contents of the ext2, ext3 or ext4 filesystem superblock on "device".

It is the same as running "tune2fs -l device". See tune2fs(8) manpage for more details. The list of fields returned isn't clearly defined, and depends on both the version of "tune2fs" that libguestfs was built against, and the filesystem itself.

txz-in

  txz-in (tarball|-) directory
 
 

This command uploads and unpacks local file "tarball" (an xz compressed tar file) into "directory".

Use "-" instead of a filename to read/write from stdin/stdout.

txz-out

  txz-out directory (tarball|-)
 
 

This command packs the contents of "directory" and downloads it to local file "tarball" (as an xz compressed tar archive).

Use "-" instead of a filename to read/write from stdin/stdout.

umask

  umask mask
 
 

This function sets the mask used for creating new files and device nodes to "mask & 0777".

Typical umask values would be 022 which creates new files with permissions like ``-rw-r---r--'' or ``-rwxr-xr-x'', and 002 which creates new files with permissions like ``-rw-rw-r--'' or ``-rwxrwxr-x''.

The default umask is 022. This is important because it means that directories and device nodes will be created with 0644 or 0755 mode even if you specify 0777.

See also ``get-umask'', umask(2), ``mknod'', ``mkdir''.

This call returns the previous umask.

umount

unmount

  umount pathordevice
 
 

This unmounts the given filesystem. The filesystem may be specified either by its mountpoint (path) or the device which contains the filesystem.

umount-all

unmount-all

  umount-all
 
 

This unmounts all mounted filesystems.

Some internal mounts are not unmounted by this call.

upload

  upload (filename|-) remotefilename
 
 

Upload local file "filename" to "remotefilename" on the filesystem.

"filename" can also be a named pipe.

See also ``download''.

Use "-" instead of a filename to read/write from stdin/stdout.

upload-offset

  upload-offset (filename|-) remotefilename offset
 
 

Upload local file "filename" to "remotefilename" on the filesystem.

"remotefilename" is overwritten starting at the byte "offset" specified. The intention is to overwrite parts of existing files or devices, although if a non-existant file is specified then it is created with a ``hole'' before "offset". The size of the data written is implicit in the size of the source "filename".

Note that there is no limit on the amount of data that can be uploaded with this call, unlike with ``pwrite'', and this call always writes the full amount unless an error occurs.

See also ``upload'', ``pwrite''.

Use "-" instead of a filename to read/write from stdin/stdout.

utimens

  utimens path atsecs atnsecs mtsecs mtnsecs
 
 

This command sets the timestamps of a file with nanosecond precision.

"atsecs, atnsecs" are the last access time (atime) in secs and nanoseconds from the epoch.

"mtsecs, mtnsecs" are the last modification time (mtime) in secs and nanoseconds from the epoch.

If the *nsecs field contains the special value "-1" then the corresponding timestamp is set to the current time. (The *secs field is ignored in this case).

If the *nsecs field contains the special value "-2" then the corresponding timestamp is left unchanged. (The *secs field is ignored in this case).

version

  version
 
 

Return the libguestfs version number that the program is linked against.

Note that because of dynamic linking this is not necessarily the version of libguestfs that you compiled against. You can compile the program, and then at runtime dynamically link against a completely different "libguestfs.so" library.

This call was added in version 1.0.58. In previous versions of libguestfs there was no way to get the version number. From C code you can use dynamic linker functions to find out if this symbol exists (if it doesn't, then it's an earlier version).

The call returns a structure with four elements. The first three ("major", "minor" and "release") are numbers and correspond to the usual version triplet. The fourth element ("extra") is a string and is normally empty, but may be used for distro-specific information.

To construct the original version string: "$major.$minor.$release$extra"

See also: ``LIBGUESTFS VERSION NUMBERS'' in guestfs(3).

Note: Don't use this call to test for availability of features. In enterprise distributions we backport features from later versions into earlier versions, making this an unreliable way to test for features. Use ``available'' instead.

vfs-label

  vfs-label device
 
 

This returns the filesystem label of the filesystem on "device".

If the filesystem is unlabeled, this returns the empty string.

To find a filesystem from the label, use ``findfs-label''.

vfs-type

  vfs-type device
 
 

This command gets the filesystem type corresponding to the filesystem on "device".

For most filesystems, the result is the name of the Linux VFS module which would be used to mount this filesystem if you mounted it without specifying the filesystem type. For example a string such as "ext3" or "ntfs".

vfs-uuid

  vfs-uuid device
 
 

This returns the filesystem UUID of the filesystem on "device".

If the filesystem does not have a UUID, this returns the empty string.

To find a filesystem from the UUID, use ``findfs-uuid''.

vg-activate

  vg-activate true|false 'volgroups ...'
 
 

This command activates or (if "activate" is false) deactivates all logical volumes in the listed volume groups "volgroups". If activated, then they are made known to the kernel, ie. they appear as "/dev/mapper" devices. If deactivated, then those devices disappear.

This command is the same as running "vgchange -a y|n volgroups..."

Note that if "volgroups" is an empty list then all volume groups are activated or deactivated.

vg-activate-all

  vg-activate-all true|false
 
 

This command activates or (if "activate" is false) deactivates all logical volumes in all volume groups. If activated, then they are made known to the kernel, ie. they appear as "/dev/mapper" devices. If deactivated, then those devices disappear.

This command is the same as running "vgchange -a y|n"

vgcreate

  vgcreate volgroup 'physvols ...'
 
 

This creates an LVM volume group called "volgroup" from the non-empty list of physical volumes "physvols".

vglvuuids

  vglvuuids vgname
 
 

Given a VG called "vgname", this returns the UUIDs of all the logical volumes created in this volume group.

You can use this along with ``lvs'' and ``lvuuid'' calls to associate logical volumes and volume groups.

See also ``vgpvuuids''.

vgpvuuids

  vgpvuuids vgname
 
 

Given a VG called "vgname", this returns the UUIDs of all the physical volumes that this volume group resides on.

You can use this along with ``pvs'' and ``pvuuid'' calls to associate physical volumes and volume groups.

See also ``vglvuuids''.

vgremove

  vgremove vgname
 
 

Remove an LVM volume group "vgname", (for example "VG").

This also forcibly removes all logical volumes in the volume group (if any).

vgrename

  vgrename volgroup newvolgroup
 
 

Rename a volume group "volgroup" with the new name "newvolgroup".

vgs

  vgs
 
 

List all the volumes groups detected. This is the equivalent of the vgs(8) command.

This returns a list of just the volume group names that were detected (eg. "VolGroup00").

See also ``vgs-full''.

vgs-full

  vgs-full
 
 

List all the volumes groups detected. This is the equivalent of the vgs(8) command. The ``full'' version includes all fields.

vgscan

  vgscan
 
 

This rescans all block devices and rebuilds the list of LVM physical volumes, volume groups and logical volumes.

vguuid

  vguuid vgname
 
 

This command returns the UUID of the LVM VG named "vgname".

wc-c

  wc-c path
 
 

This command counts the characters in a file, using the "wc -c" external command.

wc-l

  wc-l path
 
 

This command counts the lines in a file, using the "wc -l" external command.

wc-w

  wc-w path
 
 

This command counts the words in a file, using the "wc -w" external command.

write

  write path content
 
 

This call creates a file called "path". The content of the file is the string "content" (which can contain any 8 bit data).

Because of the message protocol, there is a transfer limit of somewhere between 2MB and 4MB. See ``PROTOCOL LIMITS'' in guestfs(3).

write-file

  write-file path content size
 
 

This call creates a file called "path". The contents of the file is the string "content" (which can contain any 8 bit data), with length "size".

As a special case, if "size" is 0 then the length is calculated using "strlen" (so in this case the content cannot contain embedded ASCII NULs).

NB. Owing to a bug, writing content containing ASCII NUL characters does not work, even if the length is specified.

Because of the message protocol, there is a transfer limit of somewhere between 2MB and 4MB. See ``PROTOCOL LIMITS'' in guestfs(3).

This function is deprecated. In new code, use the "write" call instead.

Deprecated functions will not be removed from the API, but the fact that they are deprecated indicates that there are problems with correct use of these functions.

zegrep

  zegrep regex path
 
 

This calls the external "zegrep" program and returns the matching lines.

Because of the message protocol, there is a transfer limit of somewhere between 2MB and 4MB. See ``PROTOCOL LIMITS'' in guestfs(3).

zegrepi

  zegrepi regex path
 
 

This calls the external "zegrep -i" program and returns the matching lines.

Because of the message protocol, there is a transfer limit of somewhere between 2MB and 4MB. See ``PROTOCOL LIMITS'' in guestfs(3).

zero

  zero device
 
 

This command writes zeroes over the first few blocks of "device".

How many blocks are zeroed isn't specified (but it's not enough to securely wipe the device). It should be sufficient to remove any partition tables, filesystem superblocks and so on.

See also: ``zero-device'', ``scrub-device''.

zero-device

  zero-device device
 
 

This command writes zeroes over the entire "device". Compare with ``zero'' which just zeroes the first few blocks of a device.

This command is dangerous. Without careful use you can easily destroy all your data.

zerofree

  zerofree device
 
 

This runs the zerofree program on "device". This program claims to zero unused inodes and disk blocks on an ext2/3 filesystem, thus making it possible to compress the filesystem more effectively.

You should not run this program if the filesystem is mounted.

It is possible that using this program can damage the filesystem or data on the filesystem.

zfgrep

  zfgrep pattern path
 
 

This calls the external "zfgrep" program and returns the matching lines.

Because of the message protocol, there is a transfer limit of somewhere between 2MB and 4MB. See ``PROTOCOL LIMITS'' in guestfs(3).

zfgrepi

  zfgrepi pattern path
 
 

This calls the external "zfgrep -i" program and returns the matching lines.

Because of the message protocol, there is a transfer limit of somewhere between 2MB and 4MB. See ``PROTOCOL LIMITS'' in guestfs(3).

zfile

  zfile meth path
 
 

This command runs "file" after first decompressing "path" using "method".

"method" must be one of "gzip", "compress" or "bzip2".

Since 1.0.63, use ``file'' instead which can now process compressed files.

This function is deprecated. In new code, use the "file" call instead.

Deprecated functions will not be removed from the API, but the fact that they are deprecated indicates that there are problems with correct use of these functions.

zgrep

  zgrep regex path
 
 

This calls the external "zgrep" program and returns the matching lines.

Because of the message protocol, there is a transfer limit of somewhere between 2MB and 4MB. See ``PROTOCOL LIMITS'' in guestfs(3).

zgrepi

  zgrepi regex path
 
 

This calls the external "zgrep -i" program and returns the matching lines.

Because of the message protocol, there is a transfer limit of somewhere between 2MB and 4MB. See ``PROTOCOL LIMITS'' in guestfs(3).

EXIT CODE

guestfish returns 0 if the commands completed without error, or 1 if there was an error.

ENVIRONMENT VARIABLES

EDITOR
The "edit" command uses $EDITOR as the editor. If not set, it uses "vi".
GUESTFISH_PID
Used with the --remote option to specify the remote guestfish process to control. See section ``REMOTE CONTROL GUESTFISH OVER A SOCKET''.
HEXEDITOR
The ``hexedit'' command uses $HEXEDITOR as the external hex editor. If not specified, the external hexedit(1) program is used.
HOME
If compiled with GNU readline support, various files in the home directory can be used. See ``FILES''.
LIBGUESTFS_APPEND
Pass additional options to the guest kernel.
LIBGUESTFS_DEBUG
Set "LIBGUESTFS_DEBUG=1" to enable verbose messages. This has the same effect as using the -v option.
LIBGUESTFS_MEMSIZE
Set the memory allocated to the qemu process, in megabytes. For example:
  LIBGUESTFS_MEMSIZE=700
 
 
LIBGUESTFS_PATH
Set the path that guestfish uses to search for kernel and initrd.img. See the discussion of paths in guestfs(3).
LIBGUESTFS_QEMU
Set the default qemu binary that libguestfs uses. If not set, then the qemu which was found at compile time by the configure script is used.
LIBGUESTFS_TRACE
Set "LIBGUESTFS_TRACE=1" to enable command traces.
PAGER
The "more" command uses $PAGER as the pager. If not set, it uses "more".
TMPDIR
Location of temporary directory, defaults to "/tmp".

If libguestfs was compiled to use the supermin appliance then the real appliance is cached in this directory, shared between all handles belonging to the same EUID. You can use $TMPDIR to configure another directory to use in case "/tmp" is not large enough.

FILES

$HOME/.guestfish
If compiled with GNU readline support, then the command history is saved in this file.
$HOME/.inputrc
/etc/inputrc
If compiled with GNU readline support, then these files can be used to configure readline. For further information, please see ``INITIALIZATION FILE'' in readline(3).

To write rules which only apply to guestfish, use:

  $if guestfish
  ...
  $endif
 
 

Variables that you can set in inputrc that change the behaviour of guestfish in useful ways include:

completion-ignore-case (default: on)
By default, guestfish will ignore case when tab-completing paths on the disk. Use:
  set completion-ignore-case off
 
 

to make guestfish case sensitive.

test1.img
test2.img (etc)
When using the "-N" or "--new" option, the prepared disk or filesystem will be created in the file "test1.img" in the current directory. The second use of "-N" will use "test2.img" and so on. Any existing file with the same name will be overwritten.

SEE ALSO

guestfs(3), <http://libguestfs.org/>, virt-cat(1), virt-df(1), virt-edit(1), virt-list-filesystems(1), virt-list-partitions(1), virt-ls(1), virt-make-fs(1), virt-rescue(1), virt-resize(1), virt-tar(1), virt-win-reg(1), hexedit(1).

AUTHORS

Richard W.M. Jones ("rjones at redhat dot com") Copyright (C) 2009-2010 Red Hat Inc. <http://libguestfs.org/>

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.