1nbdkit(1)                           nbdkit                           nbdkit(1)
2
3
4

NAME

6       nbdkit - A toolkit for creating NBD servers
7

SYNOPSIS

9        nbdkit [-e EXPORTNAME] [--exit-with-parent] [-f]
10               [--filter=FILTER ...] [-g GROUP] [-i IPADDR]
11               [--newstyle] [--oldstyle] [-P PIDFILE] [-p PORT] [-r]
12               [--run CMD] [-s] [--selinux-label LABEL] [-t THREADS]
13               [--tls=off|on|require] [--tls-certificates /path/to/certificates]
14               [--tls-verify-peer]
15               [-U SOCKET] [-u USER] [-v] [-V]
16               PLUGIN [key=value [key=value [...]]]
17
18        nbdkit --dump-config
19
20        nbdkit PLUGIN --dump-plugin
21

DESCRIPTION

23       Network Block Device (NBD) is a network protocol for accessing block
24       devices over the network.  Block devices are hard disks and things that
25       behave like hard disks such as disk images and virtual machines.
26
27       "nbdkit" is both a toolkit for creating NBD servers from
28       "unconventional" sources and the name of an NBD server.
29
30       To create a new Network Block Device source, all you need to do is
31       write a few glue functions, possibly in C, or perhaps in a high level
32       language like Perl or Python.  The liberal licensing of nbdkit is meant
33       to allow you to link nbdkit with proprietary libraries or to include
34       nbdkit in proprietary code.
35
36       If you want to write an nbdkit plugin, you should read
37       nbdkit-plugin(3).
38
39       Several plugins may be found in "$libdir/nbdkit/plugins".  You can give
40       the full path to the plugin, like this:
41
42        nbdkit $libdir/nbdkit/plugins/nbdkit-file-plugin.so [...]
43
44       but it is usually more convenient to use this equivalent syntax:
45
46        nbdkit file [...]
47
48       $libdir is set at compile time.  To print it out, do:
49
50        nbdkit --dump-config
51

EXAMPLES

53   Basic file serving
54       Serve file disk.img on port 10809 using nbdkit-file-plugin(1):
55
56        nbdkit file file=disk.img
57
58       Run the nbdkit-example3-plugin(1) and connect to it using guestfish(1):
59
60        nbdkit example3 size=1G
61        guestfish --ro --format=raw -a nbd://localhost
62
63       Serve file disk.img on port 10809, requiring clients to use encrypted
64       (TLS) connections:
65
66        nbdkit --newstyle --tls=require file file=disk.img
67
68   Combining plugins and filters
69       Serve only the first partition from compressed disk image disk.img.xz,
70       combining nbdkit-xz-plugin(1) and nbdkit-partition-filter(1):
71
72                            plugin name and plugin parameter
73
74                                   ┌─────┴────┐
75                                   │          │
76        nbdkit --filter=partition  xz file=disk.img.xz  partition=1
77                       │                                   │
78                       └───────────────┬───────────────────┘
79
80                       filter name and filter parameter
81
82   Display information
83       Display information about nbdkit or a specific plugin:
84
85        nbdkit --help
86        nbdkit --version
87        nbdkit --dump-config
88        nbdkit example1 --help
89        nbdkit example1 --dump-plugin
90

GLOBAL OPTIONS

92       --help
93           Display brief command line usage information and exit.
94
95       --dump-config
96           Dump out the compile-time configuration values and exit.  See
97           "PROBING CONFIGURATION AND PLUGINS" below.
98
99       --dump-plugin
100           Dump out information about the plugin and exit.  See "PROBING
101           CONFIGURATION AND PLUGINS" below.
102
103       --exit-with-parent
104           If the parent process exits, we exit.  This can be used to avoid
105           complicated cleanup or orphaned nbdkit processes.  There are some
106           important caveats with this, see "EXIT WITH PARENT" below.  An
107           alternative to this is "CAPTIVE NBDKIT" described below.
108
109           This option implies --foreground.
110
111       -e EXPORTNAME
112       --export EXPORTNAME
113       --export-name EXPORTNAME
114       --exportname EXPORTNAME
115           Set the exportname and use the newstyle protocol (implies -n).
116
117           If not set, exportname "" (empty string) is used.  Exportnames are
118           not allowed with the oldstyle protocol.
119
120       -f
121       --foreground
122       --no-fork
123           Don't fork into the background.
124
125       --filter FILTER
126           Add a filter before the plugin.  This option may be given one or
127           more times to stack filters in front of the plugin.  They are
128           processed in the order they appear on the command line.  See
129           "FILTERS" and nbdkit-filter(3).
130
131       -g GROUP
132       --group GROUP
133           Change group to "GROUP" after starting up.  A group name or numeric
134           group ID can be used.
135
136           The server needs sufficient permissions to be able to do this.
137           Normally this would mean starting the server up as root.
138
139           See also -u.
140
141       -i IPADDR
142       --ip-addr IPADDR
143       --ipaddr IPADDR
144           Listen on the specified interface.  The default is to listen on all
145           interfaces.  See also -p.
146
147       -n
148       --new-style
149       --newstyle
150           Use the newstyle NBD protocol instead of the default (oldstyle)
151           protocol.  See "NEW STYLE VS OLD STYLE PROTOCOL" below.
152
153       -o
154       --old-style
155       --oldstyle
156           Use the oldstyle NBD protocol.  This is currently the default
157           (unless you use -n or -e), so this flag does nothing, but it is
158           possible we might change the default protocol in future.  See "NEW
159           STYLE VS OLD STYLE PROTOCOL" below.
160
161       -P PIDFILE
162       --pid-file PIDFILE
163       --pidfile PIDFILE
164           Write "PIDFILE" (containing the process ID of the server) after
165           nbdkit becomes ready to accept connections.
166
167           If the file already exists, it is overwritten.  nbdkit does not
168           delete the file when it exits.
169
170       -p PORT
171       --port PORT
172           Change the TCP/IP port number on which nbdkit serves requests.  The
173           default is 10809.  See also -i.
174
175       -r
176       --read-only
177       --readonly
178           The export will be read-only.  If a client writes, then it will get
179           an error.
180
181           Note that some plugins inherently don't support writes.  With those
182           plugins the -r option is added implicitly.
183
184           nbdkit-cow-filter(1) can be placed over read-only plugins to
185           provide copy-on-write (or "snapshot") functionality.  If you are
186           using qemu as a client then it also supports snapshots.
187
188       --run CMD
189           Run nbdkit as a captive subprocess of "CMD".  When "CMD" exits,
190           nbdkit is killed.  See "CAPTIVE NBDKIT" below.
191
192           This option implies --foreground.
193
194       -s
195       --single
196       --stdin
197           Don't fork.  Handle a single NBD connection on stdin/stdout.  After
198           stdin closes, the server exits.
199
200           You can use this option to run nbdkit from inetd or similar
201           superservers; or just for testing; or if you want to run nbdkit in
202           a non-conventional way.  Note that if you want to run nbdkit from
203           systemd, then it may be better to use "SOCKET ACTIVATION" instead
204           of this option.
205
206           This option implies --foreground.
207
208       --selinux-label SOCKET-LABEL
209           Apply the SELinux label "SOCKET-LABEL" to the nbdkit listening
210           socket.
211
212           The common — perhaps only — use of this option is to allow libvirt
213           guests which are using SELinux and sVirt confinement to access
214           nbdkit Unix domain sockets:
215
216            nbdkit --selinux-label system_u:object_r:svirt_t:s0 ...
217
218       -t THREADS
219       --threads THREADS
220           Set the number of threads to be used per connection, which in turn
221           controls the number of outstanding requests that can be processed
222           at once.  Only matters for plugins with thread_model=parallel
223           (where it defaults to 16).  To force serialized behavior (useful if
224           the client is not prepared for out-of-order responses), set this to
225           1.
226
227       --tls=off
228       --tls=on
229       --tls=require
230           Disable, enable or require TLS (authentication and encryption
231           support).  See "TLS" below.
232
233       --tls-certificates /path/to/certificates
234           Set the path to the TLS certificates directory.  If not specified,
235           some built-in paths are checked.  See "TLS" below for more details.
236
237       --tls-verify-peer
238           Enables TLS client certificate verification.  The default is not to
239           check the client's certificate.
240
241       -U SOCKET
242       --unix SOCKET
243       -U -
244       --unix -
245           Accept connections on the Unix domain socket "SOCKET" (which is a
246           path).
247
248           nbdkit creates this socket, but it will probably have incorrect
249           permissions (too permissive).  If it is a problem that some
250           unauthorized user could connect to this socket between the time
251           that nbdkit starts up and the authorized user connects, then put
252           the socket into a directory that has restrictive permissions.
253
254           nbdkit does not delete the socket file when it exits.  The caller
255           should delete the socket file after use (else if you try to start
256           nbdkit up again you will get an "Address already in use" error).
257
258           If the socket name is - then nbdkit generates a randomly named
259           private socket.  This is useful with "CAPTIVE NBDKIT".
260
261       -u USER
262       --user USER
263           Change user to "USER" after starting up.  A user name or numeric
264           user ID can be used.
265
266           The server needs sufficient permissions to be able to do this.
267           Normally this would mean starting the server up as root.
268
269           See also -g.
270
271       -v
272       --verbose
273           Enable verbose messages.
274
275           It's a good idea to use -f as well so the process does not fork
276           into the background (but not required).
277
278       -V
279       --version
280           Print the version number of nbdkit and exit.
281

PLUGIN CONFIGURATION

283       After specifying the plugin name you can (optionally, it depends on the
284       plugin) give plugin configuration on the command line in the form of
285       "key=value".  For example:
286
287        nbdkit file file=disk.img
288
289       To list all the options supported by a plugin, do:
290
291        nbdkit --help file
292
293       To dump information about a plugin, do:
294
295        nbdkit file --dump-plugin
296
297   Magic script parameter
298       As a special case, if the first plugin argument does not contain an '='
299       character then it is assumed to be "script=value".
300
301       That allows scripting language plugins like nbdkit-perl-plugin(1) to
302       do:
303
304        nbdkit perl foo.pl [args...]
305
306       which has the same meaning as:
307
308        nbdkit perl script=foo.pl [args...]
309
310   Shebang scripts
311       You can use "#!" to run nbdkit plugins written in most scripting
312       languages.  The file should be executable.  For example:
313
314        #!/usr/sbin/nbdkit perl
315        sub open {
316          # etc
317        }
318
319       (see nbdkit-perl-plugin(3) for a full example).
320

FILTERS

322       One or more filters can be placed in front of an nbdkit plugin to
323       modify the behaviour of the plugin, using the --filter parameter.
324       Filters can be used for example to limit requests to an offset/limit,
325       add copy-on-write support, or inject delays or errors (for testing).
326
327       Several existing filters are available in the $filterdir.  Use "nbdkit
328       --dump-config" to find the directory name.
329
330       How to write filters is described in nbdkit-filter(3).
331

SOCKET ACTIVATION

333       nbdkit supports socket activation (sometimes called systemd socket
334       activation).  This is a simple protocol where instead of nbdkit itself
335       opening the listening socket(s), the parent process (typically systemd)
336       passes in pre-opened file descriptors.  Socket activation lets you
337       serve infrequent NBD requests using a superserver without needing
338       nbdkit to be running the whole time.
339
340       Socket activation is triggered when both the "LISTEN_FDS" and
341       "LISTEN_PID" environment variables are set.  In this mode using -i, -p,
342       --run, -s or -U flags on the command line is illegal and will cause an
343       error.  Also in this mode nbdkit does not fork into the background (ie.
344       -f is implied).
345
346   Using socket activation with systemd
347       To use nbdkit with socket activation from systemd, create a unit file
348       ending in ".socket" (eg. "/etc/systemd/system/nbdkit.socket")
349       containing:
350
351        [Unit]
352        Description=NBDKit Network Block Device server
353
354        [Socket]
355        ListenStream=10809
356
357        [Install]
358        WantedBy=sockets.target
359
360       There are various formats for the "ListenStream" key.  See
361       systemd.socket(5) for more information.
362
363       Also create a service unit (eg. "/etc/systemd/system/nbdkit.service")
364       containing:
365
366        [Service]
367        ExecStart=/usr/sbin/nbdkit file file=/path/to/serve
368
369       For more information on systemd and socket activation, see
370       <http://0pointer.de/blog/projects/socket-activation.html>
371

CAPTIVE NBDKIT

373       You can run nbdkit as a "captive process", using the --run option.
374       This means that nbdkit runs as long as (for example) qemu(1) or
375       guestfish(1) is running.  When those exit, nbdkit is killed.
376
377       Some examples should make this clear.
378
379       To run nbdkit captive under qemu:
380
381        nbdkit file file=disk.img --run 'qemu -drive file=$nbd,if=virtio'
382
383       On the qemu command line, $nbd is substituted automatically with the
384       right NBD path so it can connect to nbdkit.  When qemu exits, nbdkit is
385       killed and cleaned up automatically.
386
387       Running nbdkit captive under guestfish:
388
389        nbdkit file file=disk.img --run 'guestfish --format=raw -a $nbd -i'
390
391       When guestfish exits, nbdkit is killed.
392
393       The following shell variables are available in the --run argument:
394
395       $nbd
396           A URL that refers to the nbdkit port or socket.
397
398           Note there is some magic here, since qemu and guestfish URLs have a
399           different format, so nbdkit tries to guess which you are running.
400           If the magic doesn't work, try using the variables below instead.
401
402       $port
403           If ≠ "", the port number that nbdkit is listening on.
404
405       $unixsocket
406           If ≠ "", the Unix domain socket that nbdkit is listening on.
407
408       --run implies --foreground.  It is not possible, and probably not
409       desirable, to have nbdkit fork into the background when using --run.
410
411       Even when running captive, nbdkit still listens on the regular TCP/IP
412       port, unless you specify the -p/-U options.  If you want a truly
413       private captive nbdkit, then you should create a private random Unix
414       socket, like this:
415
416        nbdkit -U - plugin [args] --run '...'
417
418   Copying data in and out of plugins with captive nbdkit
419       Captive nbdkit + qemu-img(1) can be used to copy data into and out of
420       nbdkit plugins.  For example nbdkit-example1-plugin(1) contains an
421       embedded disk image.  To copy it out:
422
423        nbdkit -U - example1 --run 'qemu-img convert $nbd disk.img'
424
425       To overwrite a file inside an uncompressed tar file (the file being
426       overwritten must be the same size), use nbdkit-tar-plugin(1) like this:
427
428        nbdkit -U - tar tar=data.tar file=disk.img \
429          --run 'qemu-img convert -n disk.img $nbd'
430

EXIT WITH PARENT

432       The --exit-with-parent option is almost the opposite of "CAPTIVE
433       NBDKIT" described in the previous section.
434
435       Running nbdkit with this option, for example from a script:
436
437        nbdkit --exit-with-parent plugin ... &
438
439       means that nbdkit will exit automatically if the parent program exits
440       for any reason.  This can be used to avoid complicated cleanups or
441       orphaned nbdkit processes.
442
443       --exit-with-parent is incompatible with forking into the background
444       (because when we fork into the background we lose track of the parent
445       process).  Therefore -f / --foreground is implied.
446
447       This is currently implemented using a feature of the Linux kernel, so
448       it requires a Linux build of nbdkit and won't work on other operating
449       systems (patches welcome to make it work).
450
451       If the parent application is multithreaded, then (in the Linux
452       implementation) if the parent thread exits, that will cause nbdkit to
453       exit.  Thus in multithreaded applications you usually want to run
454       "nbdkit --exit-with-parent" only from the main thread (unless you
455       actually want nbdkit to exit with the thread, but that may not work
456       reliably if we extend the implementation to other operating systems).
457

NEW STYLE VS OLD STYLE PROTOCOL

459       The NBD protocol comes in two incompatible forms that we call
460       "oldstyle" and "newstyle".  Unfortunately which protocol you should use
461       depends on the client and cannot be known in advance, nor can it be
462       negotiated from the server side.
463
464       nbdkit currently defaults to the oldstyle protocol for compatibility
465       with qemu and libguestfs.  This is also the same behaviour as qemu-nbd
466       ≤ 2.5.  Use the -n or --newstyle flag on the command line to use the
467       newstyle protocol.  Use the -e or --exportname flag to set the
468       exportname for the newstyle protocol.  Use the -o or --oldstyle flag to
469       force the oldstyle protocol.
470
471       Some common clients and the protocol they require:
472
473        Client                          Protocol
474        ------------------------------------------------------------
475        qemu <= 2.5 without exportname  oldstyle
476        qemu <= 2.5 with exportname     newstyle
477        qemu >= 2.6                     client can talk either protocol
478        nbd-client < 3.10               client can talk either protocol
479        nbd-client >= 3.10              newstyle
480        any TLS (encrypted) client      newstyle
481        nbdkit nbd plugin               client can talk either protocol
482
483       If you use qemu ≤ 2.5 without the exportname field against a newstyle
484       server, it will give the error:
485
486        Server requires an export name
487
488       If you use qemu ≤ 2.5 with the exportname field against an oldstyle
489       server, it will give the error:
490
491        Server does not support export names
492
493       If you use the oldstyle protocol with nbd-client ≥ 3.10, it will give
494       the error:
495
496        Error: It looks like you're trying to connect to an oldstyle server.
497
498       If you want to claim compatibility with what the NBD proto.txt document
499       says should be the case (which isn't based in reality), then you should
500       always use newstyle when using port 10809, and use oldstyle on all
501       other ports.
502

TLS

504       TLS (authentication and encryption, sometimes incorrectly called "SSL")
505       is supported if nbdkit was compiled with GnuTLS.  This allows the
506       server to verify that the client is allowed access, and to encrypt the
507       contents of the protocol in transit over the network.
508
509       TLS can be disabled or enabled by specifying either --tls=off or
510       --tls=on.  With --tls=off, if a client tries to use TLS to connect, it
511       will be rejected by the server (in other words, as if the server
512       doesn't support TLS).
513
514       --tls=on means that the client may choose to connect either with or
515       without TLS.
516
517       Because --tls=on is subject to downgrade attacks where a malicious
518       proxy pretends not to support TLS in order to force either the client
519       or server to communicate in plaintext, you can also specify
520       --tls=require, where the server enables TLS and rejects all non-TLS
521       connection attempts.
522
523   TLS with X.509 certificates
524       When nbdkit starts up, it loads TLS certificates from some built-in
525       paths, or from the directory specified by the --tls-certificates
526       option.
527
528       Without --tls-certificates, if nbdkit is started as a non-root user
529       (note this does not include use of the -u or -g options), nbdkit looks
530       in each of these paths in turn:
531
532        $HOME/.pki/nbdkit/
533        $HOME/.config/pki/nbdkit/
534
535       Without --tls-certificates, if nbdkit is started as root, nbkit looks
536       in:
537
538        $sysconfdir/pki/nbdkit/
539
540       (Use "nbdkit --dump-config" and look at the "root_tls_certificates_dir"
541       setting to get the actual directory built into the binary.)
542
543       You can override both directories above by using --tls-certificates
544       /path/to/certificates.
545
546       In this directory, nbdkit expects to find several files:
547
548       ca-cert.pem
549           The Certificate Authority certificate.
550
551       server-cert.pem
552           The server certificate.
553
554       server-key.pem
555           The server private key.
556
557       ca-crl.pem
558           (Optional) The certificate revocation list.
559
560       Setting up the Certificate Authority
561
562       This step only needs to be done once per organization.  It may be that
563       your organization already has a CA.
564
565        $ certtool --generate-privkey > ca-key.pem
566        $ chmod 0600 ca-key.pem
567
568       The ca-key.pem file is the CA private key and is extremely sensitive
569       data.  With possession of this key, anyone can create certificates
570       pretending to be your organization!
571
572       To create the CA certificate file:
573
574        $ cat > ca.info <<EOF
575        cn = Name of your organization
576        ca
577        cert_signing_key
578        EOF
579        $ certtool --generate-self-signed \
580                   --load-privkey ca-key.pem \
581                   --template ca.info \
582                   --outfile ca-cert.pem
583
584       Issuing a server certificate for the nbdkit server
585
586       Each nbdkit server (or host) needs a secret key and certificate.
587
588        $ certtool --generate-privkey > server-key.pem
589        $ chmod 0600 server-key.pem
590
591       The server key file is sensitive.  Setting the mode to 0600 helps to
592       prevent other users on the same machine from reading it.
593
594       The server DNS name ("cn" below) must be the fully qualified hostname —
595       and the only hostname — that the client connects to.
596
597        $ cat > server.info <<EOF
598        organization = Name of your organization
599        cn = nbd-server.example.com
600        tls_www_server
601        encryption_key
602        signing_key
603        EOF
604        $ certtool --generate-certificate \
605                   --load-ca-certificate ca-cert.pem \
606                   --load-ca-privkey ca-key.pem \
607                   --load-privkey server-key.pem \
608                   --template server.info \
609                   --outfile server-cert.pem
610
611       Issuing and checking client certificates
612
613       Note: You don't need to create client certificates unless you want to
614       check and limit which clients can connect to nbdkit.  nbdkit does not
615       check client certificates unless you specify the --tls-verify-peer
616       option on the command line.
617
618       For each client you should generate a private key and a client
619       certificate:
620
621        $ certtool --generate-privkey > client-key.pem
622        $ chmod 0600 client-key.pem
623
624       The client key file is sensitive.
625
626       The client DNS name ("cn" below) is the client's name that nbdkit sees
627       and checks.
628
629        $ cat > client.info <<EOF
630        country = US
631        state = New York
632        locality = New York
633        organization = Name of your organization
634        cn = client.example.com
635        tls_www_client
636        encryption_key
637        signing_key
638        EOF
639        $ certtool --generate-certificate \
640                   --load-ca-certificate ca-cert.pem \
641                   --load-ca-privkey ca-key.pem \
642                   --load-privkey client-key.pem \
643                   --template client.info \
644                   --outfile client-cert.pem
645
646       Client certificates do not need to be present anywhere on the nbdkit
647       host.  You don't need to copy them into nbdkit's TLS certificates
648       directory.  The security comes from the fact that the client must
649       present a client certificate signed by the Certificate Authority, and
650       nbdkit can check this because it has the ca-cert.pem file.
651
652       To enable checking of client certificates, specify the
653       --tls-verify-peer option on the command line.  Clients which don't
654       present a valid certificate (eg. not signed, incorrect signature) are
655       denied.  Also denied are clients which present a valid certificate
656       signed by another CA.  Also denied are clients with certificates added
657       to the certificate revocation list (ca-crl.pem).
658
659   Default TLS behaviour
660       If nbdkit was compiled without GnuTLS support, then TLS is disabled and
661       TLS connections will be rejected (as if --tls=off was specified on the
662       command line).  Also it is impossible to turn on TLS in this scenario.
663       You can tell if nbdkit was compiled without GnuTLS support because
664       "nbdkit --dump-config" will contain "tls=no".
665
666       If TLS certificates cannot be loaded either from the built-in path or
667       from the directory specified by --tls-certificates, then TLS defaults
668       to disabled.  Turning TLS on will give a warning (--tls=on) or error
669       (--tls=require) about the missing certificates.
670
671       If TLS certificates can be loaded from the built-in path or from the
672       --tls-certificates directory, then TLS will by default be enabled (like
673       --tls=on), but it is not required.  Clients can choose whether or not
674       to use TLS and whether or not to present certificates.
675
676       TLS client certificates are not checked by default unless you specify
677       --tls-verify-peer.
678
679       Each of these defaults is insecure to some extent (including --tls=on
680       which could be subject to a downgrade attack), so if you expect TLS
681       then it is best to specify the --tls option that you require, and if
682       you want to check client certificates, specify the --tls-verify-peer
683       option.
684
685   Choice of TLS algorithms
686       TLS has a bewildering choice of algorithms that can be used.  To enable
687       you to choose a default set of algorithms, there is a configure setting
688       "--with-tls-priority".  This defaults to "NORMAL" which, to quote the
689       GnuTLS documentation:
690
691           ""NORMAL" means all "secure" ciphersuites.  The 256-bit ciphers are
692           included as a fallback only.  The ciphers are sorted by security
693           margin."
694
695       You could also set the TLS priority so that it can be configured from a
696       file at runtime:
697
698        ./configure --with-tls-priority=@SYSTEM
699
700       means use the policy from /etc/crypto-policies/config.
701
702        ./configure --with-tls-priority=@NBDKIT,SYSTEM
703
704       means use the policy from /etc/crypto-policies/local.d/nbdkit.config
705       and fall back to /etc/crypto-policies/config if the first file does not
706       exist.
707
708       More information can be found in gnutls_priority_init(3).
709

PROBING CONFIGURATION AND PLUGINS

711       You can query information about nbdkit and available plugins from the
712       nbdkit binary.
713
714   Query basic configuration
715        nbdkit --dump-config
716
717       lists information about how nbdkit was configured.  The most important
718       fields in the output are the name of the directory where nbdkit looks
719       for plugins and the version of nbdkit, eg:
720
721        plugindir=/usr/lib64/nbdkit/plugins
722        version=1.2.3
723
724   Query information about a particular plugin
725        nbdkit pluginname --dump-plugin
726
727       (where pluginname is the name or full path of a plugin) will dump
728       information about that plugin, eg:
729
730        $ nbdkit file --dump-plugin
731        path=/usr/lib64/nbdkit/plugins/nbdkit-file-plugin.so
732        name=file
733        version=1.2.3
734        api_version=1
735        struct_size=176
736        thread_model=serialize_requests
737        [etc]
738
739       Plugins which ship with nbdkit usually have the same version as the
740       corresponding nbdkit binary.
741
742   Detect if a plugin is installed
743       To find out if a plugin is installed (and working) in the plugin
744       directory, use --dump-plugin as above:
745
746        $ nbdkit foo --dump-plugin
747        nbdkit: /usr/lib64/nbdkit/plugins/nbdkit-foo-plugin.so: /usr/lib64/nbdkit/plugins/nbdkit-foo-plugin.so: cannot open shared object file: No such file or directory
748
749       Note it is better to test for the existence of plugins this way rather
750       than just seeing if the .so file exists, because nbdkit will load the
751       plugin and check that all its dependencies can be satisfied, and also
752       that plugin registration works.
753
754   List all plugins in the plugin directory
755       You could simply get the plugin directory (from --dump-config) and list
756       all files in this directory called nbdkit-*-plugin.so.
757
758       However a better test is to run --dump-plugin (see above) on each one
759       to check that it is working and all of its dependencies are installed.
760       A complete shell script which does this is:
761
762        #!/bin/sh -
763        plugindir=`nbdkit --dump-config | grep ^plugindir= | sed 's/[^=]*=//'`
764        for f in $plugindir/nbdkit-*-plugin.so; do
765            if nbdkit "$f" --dump-plugin >/dev/null 2>&1; then
766                b=`echo "$f" | sed 's,.*/nbdkit-\(.*\)-plugin.so$,\1,'`
767                echo "$b ($f)"
768            fi
769        done
770

SIGNALS

772       "nbdkit" responds to the following signals:
773
774       "SIGINT"
775       "SIGQUIT"
776       "SIGTERM"
777           The server exits cleanly.
778
779       "SIGPIPE"
780           This signal is ignored.
781

ENVIRONMENT VARIABLES

783       "LISTEN_FDS"
784       "LISTEN_PID"
785           If present in the environment when nbdkit starts up, these trigger
786           "SOCKET ACTIVATION".
787

SEE ALSO

789       Plugins:
790
791       nbdkit-curl-plugin(1), nbdkit-example1-plugin(1),
792       nbdkit-example2-plugin(1), nbdkit-example3-plugin(1),
793       nbdkit-example4-plugin(1), nbdkit-file-plugin(1),
794       nbdkit-guestfs-plugin(1), nbdkit-gzip-plugin(1),
795       nbdkit-libvirt-plugin(1), nbdkit-memory-plugin(1),
796       nbdkit-nbd-plugin(1), nbdkit-null-plugin(1), nbdkit-split-plugin(1),
797       nbdkit-streaming-plugin(1), nbdkit-tar-plugin(1),
798       nbdkit-vddk-plugin(1), nbdkit-xz-plugin(1).
799
800       Filters:
801
802       nbdkit-cache-filter(1), nbdkit-cow-filter(1), nbdkit-delay-filter(1),
803       nbdkit-offset-filter(1), nbdkit-partition-filter(1).
804
805       For developers:
806
807       nbdkit-plugin(3), nbdkit-filter(3).
808
809       Writing plugins in other programming languages:
810
811       nbdkit-ocaml-plugin(3), nbdkit-perl-plugin(3), nbdkit-python-plugin(3),
812       nbdkit-ruby-plugin(3).
813
814       Other manual pages of interest:
815
816       gnutls_priority_init(3), guestfish(1), qemu(1), qemu-img(1),
817       systemd.socket(5).
818

AUTHORS

820       Eric Blake
821
822       Richard W.M. Jones
823
824       Pino Toscano
825
827       Copyright (C) 2013-2018 Red Hat Inc.
828

LICENSE

830       Redistribution and use in source and binary forms, with or without
831       modification, are permitted provided that the following conditions are
832       met:
833
834       ·   Redistributions of source code must retain the above copyright
835           notice, this list of conditions and the following disclaimer.
836
837       ·   Redistributions in binary form must reproduce the above copyright
838           notice, this list of conditions and the following disclaimer in the
839           documentation and/or other materials provided with the
840           distribution.
841
842       ·   Neither the name of Red Hat nor the names of its contributors may
843           be used to endorse or promote products derived from this software
844           without specific prior written permission.
845
846       THIS SOFTWARE IS PROVIDED BY RED HAT AND CONTRIBUTORS ''AS IS'' AND ANY
847       EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
848       IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
849       PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL RED HAT OR CONTRIBUTORS BE
850       LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
851       CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
852       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
853       BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
854       WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
855       OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
856       ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
857
858
859
860nbdkit                            2018-06-12                         nbdkit(1)
Impressum