1guestmount(1) Virtualization Support guestmount(1)
2
6 guestmount - Mount a guest filesystem on the host using FUSE and
7 libguestfs
8
10 guestmount [--options] -a disk.img -m device [--ro] mountpoint
11 guestmount [--options] -a disk.img -i [--ro] mountpoint
13 guestmount [--options] -d Guest -i [--ro] mountpoint
15
17 You must not use "guestmount" in read-write mode on live virtual
18 machines. If you do this, you risk disk corruption in the VM.
19
21 The guestmount program can be used to mount virtual machine filesystems
22 and other disk images on the host. It uses libguestfs for access to
23 the guest filesystem, and FUSE (the "filesystem in userspace") to make
24 it appear as a mountable device.
25 Along with other options, you have to give at least one device (-a
27 option) or libvirt domain (-d option), and at least one mountpoint (-m
28 option) or use the -i inspection option or the --live option. How this
29 works is better explained in the guestfish(1) manual page, or by
30 looking at the examples below.
31 FUSE lets you mount filesystems as non-root. The mountpoint must be
33 owned by you, and the filesystem will not be visible to any other users
34 unless you make certain global configuration changes to
35 "/etc/fuse.conf". To unmount the filesystem, use the "fusermount -u"
36 command.
37
39 For a typical Windows guest which has its main filesystem on the first
40 partition:
41 guestmount -a windows.img -m /dev/sda1 --ro /mnt
43 For a typical Linux guest which has a /boot filesystem on the first
45 partition, and the root filesystem on a logical volume:
46 guestmount -a linux.img -m /dev/VG/LV -m /dev/sda1:/boot --ro /mnt
48 To get libguestfs to detect guest mountpoints for you:
50 guestmount -a guest.img -i --ro /mnt
52 For a libvirt guest called "Guest" you could do:
54 guestmount -d Guest -i --ro /mnt
56 If you don't know what filesystems are contained in a guest or disk
58 image, use virt-filesystems(1) first:
59 virt-filesystems -d MyGuest
61 If you want to trace the libguestfs calls but without excessive
63 debugging information, we recommend:
64 guestmount [...] --trace /mnt
66 If you want to debug the program, we recommend:
68 guestmount [...] --trace --verbose /mnt
70
72 Other users cannot see the filesystem by default
73 If you mount a filesystem as one user (eg. root), then other users will
74 not be able to see it by default. The fix is to add the FUSE
75 "allow_other" option when mounting:
76 sudo guestmount [...] -o allow_other /mnt
78 Enabling FUSE
80 On some distros, you may need to add yourself to a special group (eg.
81 "fuse") before you can use any FUSE filesystem. This is necessary on
82 Debian and derivatives.
83 On other distros, no special group is required. It is not necessary on
85 Fedora or Red Hat Enterprise Linux.
86 fusermount error: "Device or resource busy"
88 You can see this error when another process on the system jumps into
89 the mountpoint you have just created, holding it open and preventing
90 you from unmounting it. The usual culprits are various GUI "indexing"
91 programs.
92 The popular workaround for this problem is to retry the "fusermount -u"
94 command a few times until it works. Unfortunately this isn't a
95 reliable fix if (for example) the mounted filesystem is particularly
96 large and the intruding program particularly persistent.
97 timeout=10
99 count=$timeout
101 while ! fusermount -u $mountpoint && [ $count -gt 0 ]; do
102 sleep 1
103 ((count--))
104 done
105 if [ $count -eq 0 ]; then
106 echo "$0: fusermount failed after $timeout seconds"
107 exit 1
108 fi
109 A proper fix is to use a private mountpoint by creating a new mount
111 namespace using the Linux-specific clone(2)/unshare(2) flag
112 "CLONE_NEWNS". Unfortunately at the moment this requires root and we
113 would also probably need to add it as a feature to guestmount.
114 Race conditions possible when shutting down the connection
116 When "fusermount -u" exits, guestmount may still be running and
117 cleaning up the mountpoint. The disk image will not be fully
118 finalized.
119 This means that scripts like the following have a nasty race condition:
121 guestmount -a disk.img -i /mnt
123 # copy things into /mnt
124 fusermount -u /mnt
125 # immediately try to use 'disk.img' ** UNSAFE **
126 The solution is to use the --pid-file option to write the guestmount
128 PID to a file, then after fusermount spin waiting for this PID to exit.
129 guestmount -a disk.img -i --pid-file guestmount.pid /mnt
131 # ...
133 # ...
134 # Save the PID of guestmount *before* calling fusermount.
136 pid="$(cat guestmount.pid)"
137 timeout=10
139 # fusermount retry code, see above
141 # ...
142 # ...
143 count=$timeout
145 while kill -0 "$pid" 2>/dev/null && [ $count -gt 0 ]; do
146 sleep 1
147 ((count--))
148 done
149 if [ $count -eq 0 ]; then
150 echo "$0: wait for guestmount to exit failed after $timeout seconds"
151 exit 1
152 fi
153 # Now it is safe to use the disk image.
155 Note that if you use the "guestfs_mount_local" API directly (see "MOUNT
157 LOCAL" in guestfs(3)) then it is much easier to write a safe, race-free
158 program.
159
161 -a image
162 --add image
163 Add a block device or virtual machine image.
164 The format of the disk image is auto-detected. To override this
166 and force a particular format use the --format=.. option.
167 -c URI
169 --connect URI
170 When used in conjunction with the -d option, this specifies the
171 libvirt URI to use. The default is to use the default libvirt
172 connection.
173 -d libvirt-domain
175 --domain libvirt-domain
176 Add disks from the named libvirt domain. If the --ro option is
177 also used, then any libvirt domain can be used. However in write
178 mode, only libvirt domains which are shut down can be named here.
179 Domain UUIDs can be used instead of names.
181 --dir-cache-timeout N
183 Set the readdir cache timeout to N seconds, the default being 60
184 seconds. The readdir cache [actually, there are several semi-
185 independent caches] is populated after a readdir(2) call with the
186 stat and extended attributes of the files in the directory, in
187 anticipation that they will be requested soon after.
188 There is also a different attribute cache implemented by FUSE (see
190 the FUSE option -o attr_timeout), but the FUSE cache does not
191 anticipate future requests, only cache existing ones.
192 --echo-keys
194 When prompting for keys and passphrases, guestfish normally turns
195 echoing off so you cannot see what you are typing. If you are not
196 worried about Tempest attacks and there is no one else in the room
197 you can specify this flag to see what you are typing.
198 --format=raw|qcow2|..
200 --format
201 The default for the -a option is to auto-detect the format of the
202 disk image. Using this forces the disk format for -a options which
203 follow on the command line. Using --format with no argument
204 switches back to auto-detection for subsequent -a options.
205 If you have untrusted raw-format guest disk images, you should use
207 this option to specify the disk format. This avoids a possible
208 security problem with malicious guests (CVE-2010-3851). See also
209 "guestfs_add_drive_opts" in guestfs(3).
210 --fuse-help
212 Display help on special FUSE options (see -o below).
213 --help
215 Display brief help and exit.
216 -i
218 --inspector
219 Using virt-inspector(1) code, inspect the disks looking for an
220 operating system and mount filesystems as they would be mounted on
221 the real virtual machine.
222 --keys-from-stdin
224 Read key or passphrase parameters from stdin. The default is to
225 try to read passphrases from the user by opening "/dev/tty".
226 --live
228 Connect to a live virtual machine. (Experimental, see "ATTACHING
229 TO RUNNING DAEMONS" in guestfs(3)).
230 -m dev[:mountpoint[:options[:fstype]]
232 --mount dev[:mountpoint[:options[:fstype]]]
233 Mount the named partition or logical volume on the given mountpoint
234 in the guest (this has nothing to do with mountpoints in the host).
235 If the mountpoint is omitted, it defaults to "/". You have to
237 mount something on "/".
238 The third (and rarely used) part of the mount parameter is the list
240 of mount options used to mount the underlying filesystem. If this
241 is not given, then the mount options are either the empty string or
242 "ro" (the latter if the --ro flag is used). By specifying the
243 mount options, you override this default choice. Probably the only
244 time you would use this is to enable ACLs and/or extended
245 attributes if the filesystem can support them:
246 -m /dev/sda1:/:acl,user_xattr
248 The fourth part of the parameter is the filesystem driver to use,
250 such as "ext3" or "ntfs". This is rarely needed, but can be useful
251 if multiple drivers are valid for a filesystem (eg: "ext2" and
252 "ext3"), or if libguestfs misidentifies a filesystem.
253 -n
255 --no-sync
256 By default, we attempt to sync the guest disk when the FUSE
257 mountpoint is unmounted. If you specify this option, then we don't
258 attempt to sync the disk. See the discussion of autosync in the
259 guestfs(3) manpage.
260 -o option
262 --option option
263 Pass extra options to FUSE.
264 To get a list of all the extra options supported by FUSE, use the
266 command below. Note that only the FUSE -o options can be passed,
267 and only some of them are a good idea.
268 guestmount --fuse-help
270 Some potentially useful FUSE options:
272 -o allow_other
274 Allow other users to see the filesystem.
275 -o attr_timeout=N
277 Enable attribute caching by FUSE, and set the timeout to N
278 seconds.
279 -o kernel_cache
281 Allow the kernel to cache files (reduces the number of reads
282 that have to go through the guestfs(3) API). This is generally
283 a good idea if you can afford the extra memory usage.
284 -o uid=N -o gid=N
286 Use these options to map all UIDs and GIDs inside the guest
287 filesystem to the chosen values.
288 --pid-file filename
290 Write the PID of the guestmount worker process to "filename".
291 -r
293 --ro
294 Add devices and mount everything read-only. Also disallow writes
295 and make the disk appear read-only to FUSE.
296 This is highly recommended if you are not going to edit the guest
298 disk. If the guest is running and this option is not supplied,
299 then there is a strong risk of disk corruption in the guest. We
300 try to prevent this from happening, but it is not always possible.
301 See also "OPENING DISKS FOR READ AND WRITE" in guestfish(1).
303 --selinux
305 Enable SELinux support for the guest.
306 -v
308 --verbose
309 Enable verbose messages from underlying libguestfs.
310 -V
312 --version
313 Display the program version and exit.
314 -w
316 --rw
317 This changes the -a, -d and -m options so that disks are added and
318 mounts are done read-write.
319 See "OPENING DISKS FOR READ AND WRITE" in guestfish(1).
321 -x
323 --trace
324 Trace libguestfs calls and entry into each FUSE function.
325 This also stops the daemon from forking into the background.
327
329 $HOME/.libguestfs-tools.rc
330 /etc/libguestfs-tools.conf
331 This configuration file controls the default read-only or read-
332 write mode (--ro or --rw).
333 See "OPENING DISKS FOR READ AND WRITE" in guestfish(1).
335
337 This program returns 0 if successful, or non-zero if there was an
338 error.
339
341 guestfish(1), virt-inspector(1), virt-cat(1), virt-edit(1),
342 virt-tar(1), "MOUNT LOCAL" in guestfs(3), http://libguestfs.org/,
343 http://fuse.sf.net/.
344
346 Richard W.M. Jones ("rjones at redhat dot com")
347
349 Copyright (C) 2009-2013 Red Hat Inc.
350
352 This program is free software; you can redistribute it and/or modify it
353 under the terms of the GNU General Public License as published by the
354 Free Software Foundation; either version 2 of the License, or (at your
355 option) any later version.
356 This program is distributed in the hope that it will be useful, but
358 WITHOUT ANY WARRANTY; without even the implied warranty of
359 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
360 General Public License for more details.
361 You should have received a copy of the GNU General Public License along
363 with this program; if not, write to the Free Software Foundation, Inc.,
364 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
365
367 To get a list of bugs against libguestfs, use this link:
368 https://bugzilla.redhat.com/buglist.cgi?component=libguestfs&product=Virtualization+Tools
369 To report a new bug against libguestfs, use this link:
371 https://bugzilla.redhat.com/enter_bug.cgi?component=libguestfs&product=Virtualization+Tools
372 When reporting a bug, please supply:
374 · The version of libguestfs.
376 · Where you got libguestfs (eg. which Linux distro, compiled from
378 source, etc)
379 · Describe the bug accurately and give a way to reproduce it.
381 · Run libguestfs-test-tool(1) and paste the complete, unedited output
383 into the bug report.
384libguestfs-1.20.11 2013-08-27 guestmount(1)