mirrors/libguestfs
1
0
Fork 0
mirror of https://github.com/libguestfs/libguestfs.git synced 2026-03-21 22:53:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
fdfedcb4efec5ce67f973011c84e55c34b66a082
libguestfs/rescue/virt-rescue.pod
Richard W.M. Jones 446f7794e0 podwrapper: Add --warning flag for manual pages of CLI tools (RHBZ#1293527). 
This doesn't add --warning flags to the translated pages,
which is a bug to be fixed at some point.
2016-01-11 13:42:49 +00:00

419 lines
11 KiB
Plaintext
Raw Blame History

=head1 NAME
virt-rescue - Run a rescue shell on a virtual machine
=head1 SYNOPSIS
virt-rescue [--options] -d domname
virt-rescue [--options] -a disk.img [-a disk.img ...]
virt-rescue --suggest (-d domname | -a disk.img ...)
Old style:
virt-rescue [--options] domname
virt-rescue [--options] disk.img [disk.img ...]
=head1 DESCRIPTION
virt-rescue is like a Rescue CD, but for virtual machines, and without
the need for a CD. virt-rescue gives you a rescue shell and some
simple recovery tools which you can use to examine or rescue a virtual
machine or disk image.
You can run virt-rescue on any virtual machine known to libvirt, or
directly on disk image(s):
virt-rescue -d GuestName
virt-rescue --ro -a /path/to/disk.img
virt-rescue -a /dev/sdc
For live VMs you I<must> use the --ro option.
When you run virt-rescue on a virtual machine or disk image, you are
placed in an interactive bash shell where you can use many ordinary
Linux commands. What you see in F</> (F</bin>, F</lib> etc) is the
rescue appliance. You must mount the virtual machine's filesystems by
hand. There is an empty directory called F</sysroot> where you can
mount filesystems.
You can get virt-rescue to suggest mount commands for you by using the
I<--suggest> option (in another terminal):
$ virt-rescue --suggest -d Fedora15
Inspecting the virtual machine or disk image ...
This disk contains one or more operating systems. You can use these
mount commands in virt-rescue (at the ><rescue> prompt) to mount the
filesystems.
# /dev/vg_f15x32/lv_root is the root of a linux operating system
# type: linux, distro: fedora, version: 15.0
# Fedora release 15 (Lovelock)
mount /dev/vg_f15x32/lv_root /sysroot/
mount /dev/vda1 /sysroot/boot
mount --bind /dev /sysroot/dev
mount --bind /dev/pts /sysroot/dev/pts
mount --bind /proc /sysroot/proc
mount --bind /sys /sysroot/sys
Another way is to list the logical volumes (with L<lvs(8)>) and
partitions (with L<parted(8)>) and mount them by hand:
><rescue> lvs
LV VG Attr LSize Origin Snap% Move Log Copy% Convert
lv_root vg_f15x32 -wi-a- 8.83G
lv_swap vg_f15x32 -wi-a- 992.00M
><rescue> mount /dev/vg_f15x32/lv_root /sysroot
><rescue> mount /dev/vda1 /sysroot/boot
><rescue> ls /sysroot
Another command to list available filesystems is
L<virt-filesystems(1)>.
To run commands in a Linux guest (for example, grub), you should
chroot into the /sysroot directory first:
><rescue> chroot /sysroot
=head2 NOTES
Virt-rescue can be used on I<any> disk image file or device, not just
a virtual machine. For example you can use it on a blank file if you
want to partition that file (although we would recommend using
L<guestfish(1)> instead as it is more suitable for this purpose). You
can even use virt-rescue on things like SD cards.
You can get virt-rescue to give you scratch disk(s) to play with.
This is useful for testing out Linux utilities (see I<--scratch>).
Virt-rescue does not require root. You only need to run it as root if
you need root to open the disk image.
This tool is just designed for quick interactive hacking on a virtual
machine. For more structured access to a virtual machine disk image,
you should use L<guestfs(3)>. To get a structured shell that you can
use to make scripted changes to guests, use L<guestfish(1)>.
=head1 OPTIONS
=over 4
=item B<--help>
Display brief help.
=item B<-a> file
=item B<--add> file
Add I<file> which should be a disk image from a virtual machine. If
the virtual machine has multiple block devices, you must supply all of
them with separate I<-a> options.
The format of the disk image is auto-detected. To override this and
force a particular format use the I<--format=..> option.
=item B<-a URI>
=item B<--add URI>
Add a remote disk. See L<guestfish(1)/ADDING REMOTE STORAGE>.
=item B<--append kernelopts>
Pass additional options to the rescue kernel.
=item B<-c> URI
=item B<--connect> URI
If using libvirt, connect to the given I<URI>. If omitted, then we
connect to the default libvirt hypervisor.
If you specify guest block devices directly (I<-a>), then libvirt is
not used at all.
=item B<-d> guest
=item B<--domain> guest
Add all the disks from the named libvirt guest. Domain UUIDs can be
used instead of names.
=item B<--format=raw|qcow2|..>
=item B<--format>
The default for the I<-a> option is to auto-detect the format of the
disk image. Using this forces the disk format for I<-a> options which
follow on the command line. Using I<--format> with no argument
switches back to auto-detection for subsequent I<-a> options.
For example:
virt-rescue --format=raw -a disk.img
forces raw format (no auto-detection) for F<disk.img>.
virt-rescue --format=raw -a disk.img --format -a another.img
forces raw format (no auto-detection) for F<disk.img> and reverts to
auto-detection for F<another.img>.
If you have untrusted raw-format guest disk images, you should use
this option to specify the disk format. This avoids a possible
security problem with malicious guests (CVE-2010-3851).
=item B<-m MB>
=item B<--memsize MB>
Change the amount of memory allocated to the rescue system. The
default is set by libguestfs and is small but adequate for running
system tools. The occasional program might need more memory. The
parameter is specified in megabytes.
=item B<--network>
Enable QEMU user networking in the guest. See L</NETWORK>.
=item B<-r>
=item B<--ro>
Open the image read-only.
The option must always be used if the disk image or virtual machine
might be running, and is generally recommended in cases where you
don't need write access to the disk.
See also L<guestfish(1)/OPENING DISKS FOR READ AND WRITE>.
=item B<--scratch>
=item B<--scratch=N>
The I<--scratch> option adds a large scratch disk to the rescue
appliance. I<--scratch=N> adds C<N> scratch disks. The scratch
disk(s) are deleted automatically when virt-rescue exits.
You can also mix I<-a>, I<-d> and I<--scratch> options. The scratch
disk(s) are added to the appliance in the order they appear on the
command line.
=item B<--selinux>
Enable SELinux in the rescue appliance. You should read
L<guestfs(3)/SELINUX> before using this option.
=item B<--smp> N
Enable N E<ge> 2 virtual CPUs in the rescue appliance.
=item B<--suggest>
Inspect the disk image and suggest what mount commands should be used
to mount the disks. You should use the I<--suggest> option in a
second terminal, then paste the commands into another virt-rescue.
This option implies I<--ro> and is safe to use even if the guest is up
or if another virt-rescue is running.
=item B<-v>
=item B<--verbose>
Enable verbose messages for debugging.
=item B<-V>
=item B<--version>
Display version number and exit.
=item B<-w>
=item B<--rw>
This changes the I<-a> and I<-d> options so that disks are
added and mounts are done read-write.
See L<guestfish(1)/OPENING DISKS FOR READ AND WRITE>.
=item B<-x>
Enable tracing of libguestfs API calls.
=back
=head1 OLD-STYLE COMMAND LINE ARGUMENTS
Previous versions of virt-rescue allowed you to write either:
virt-rescue disk.img [disk.img ...]
or
virt-rescue guestname
whereas in this version you should use I<-a> or I<-d> respectively
to avoid the confusing case where a disk image might have the same
name as a guest.
For compatibility the old style is still supported.
=head1 NETWORK
Adding the I<--network> option enables QEMU user networking
in the rescue appliance. There are some differences between
user networking and ordinary networking:
=over 4
=item ping does not work
Because the ICMP ECHO_REQUEST protocol generally requires root in
order to send the ping packets, and because virt-rescue must be able
to run as non-root, QEMU user networking is not able to emulate the
L<ping(8)> command. The ping command will appear to resolve addresses
but will not be able to send or receive any packets. This does not
mean that the network is not working.
=item cannot receive connections
QEMU user networking cannot receive incoming connections.
=item making TCP connections
The virt-rescue appliance needs to be small and so does not include
many network tools. In particular there is no L<telnet(1)> command.
You can make TCP connections from the shell using the magical
F</dev/tcp/E<lt>hostnameE<gt>/E<lt>portE<gt>> syntax:
exec 3<>/dev/tcp/redhat.com/80
echo "GET /" >&3
cat <&3
See L<bash(1)> for more details.
=back
=head1 CAPTURING CORE DUMPS
If you are testing a tool inside virt-rescue and the tool (B<not>
virt-rescue) segfaults, it can be tricky to capture the core dump
outside virt-rescue for later analysis. This section describes one
way to do this.
=over 4
=item 1.
Create a scratch disk for core dumps:
truncate -s 4G /tmp/corefiles
virt-format --partition=mbr --filesystem=ext2 -a /tmp/corefiles
virt-filesystems -a /tmp/corefiles --all --long -h
=item 2.
When starting virt-rescue, attach the core files disk last:
virt-rescue --rw [-a ...] -a /tmp/corefiles
B<NB.> If you use the I<--ro> option, then virt-rescue will silently
not write any core files to F</tmp/corefiles>.
=item 3.
Inside virt-rescue, mount the core files disk. Note replace
F</dev/sdb1> with the last disk index. For example if the core files
disk is the last of four disks, you would use F</dev/sdd1>.
><rescue> mkdir /tmp/mnt
><rescue> mount /dev/sdb1 /tmp/mnt
=item 4.
Enable core dumps in the rescue kernel:
><rescue> echo '/tmp/mnt/core.%p' > /proc/sys/kernel/core_pattern
><rescue> ulimit -Hc unlimited
><rescue> ulimit -Sc unlimited
=item 5.
Run the tool that caused the core dump. The core dump will be written
to F</tmp/mnt/core.I<PID>>.
><rescue> ls -l /tmp/mnt
total 1628
-rw------- 1 root root 1941504 Dec 7 13:13 core.130
drwx------ 2 root root 16384 Dec 7 13:00 lost+found
=item 6.
Before exiting virt-rescue, unmount (or at least sync) the disks:
><rescue> umount /tmp/mnt
><rescue> exit
=item 7.
Outside virt-rescue, the core dump(s) can be removed from the disk
using L<guestfish(1)>. For example:
guestfish --ro -a /tmp/corefiles -m /dev/sda1
><fs> ll /
><fs> download /core.NNN /tmp/core.NNN
=back
=head1 ENVIRONMENT VARIABLES
Several environment variables affect virt-rescue. See
L<guestfs(3)/ENVIRONMENT VARIABLES> for the complete list.
=head1 FILES
=over 4
=item $XDG_CONFIG_HOME/libguestfs/libguestfs-tools.conf
=item $HOME/.libguestfs-tools.rc
=item $XDG_CONFIG_DIRS/libguestfs/libguestfs-tools.conf
=item /etc/libguestfs-tools.conf
This configuration file controls the default read-only or read-write
mode (I<--ro> or I<--rw>).
See L<libguestfs-tools.conf(5)>.
=back
=head1 SEE ALSO
L<guestfs(3)>,
L<guestfish(1)>,
L<virt-cat(1)>,
L<virt-edit(1)>,
L<virt-filesystems(1)>,
L<libguestfs-tools.conf(5)>,
L<http://libguestfs.org/>.
=head1 AUTHOR
Richard W.M. Jones L<http://people.redhat.com/~rjones/>
=head1 COPYRIGHT
Copyright (C) 2009-2016 Red Hat Inc.
Reference in New Issue View Git Blame Copy Permalink