1nbdkit(1) nbdkit nbdkit(1)
2
3
4
6 nbdkit - A toolkit for creating NBD servers
7
9 nbdkit [-e EXPORTNAME] [--exit-with-parent] [-f]
10 [--filter=FILTER ...] [-g GROUP] [-i IPADDR]
11 [--newstyle] [--oldstyle] [-P PIDFILE] [-p PORT] [-r]
12 [--run CMD] [-s] [--selinux-label LABEL] [-t THREADS]
13 [--tls=off|on|require] [--tls-certificates /path/to/certificates]
14 [--tls-verify-peer]
15 [-U SOCKET] [-u USER] [-v] [-V]
16 PLUGIN [key=value [key=value [...]]]
17
18 nbdkit --dump-config
19
20 nbdkit PLUGIN --dump-plugin
21
23 Network Block Device (NBD) is a network protocol for accessing block
24 devices over the network. Block devices are hard disks and things that
25 behave like hard disks such as disk images and virtual machines.
26
27 "nbdkit" is both a toolkit for creating NBD servers from
28 "unconventional" sources and the name of an NBD server.
29
30 To create a new Network Block Device source, all you need to do is
31 write a few glue functions, possibly in C, or perhaps in a high level
32 language like Perl or Python. The liberal licensing of nbdkit is meant
33 to allow you to link nbdkit with proprietary libraries or to include
34 nbdkit in proprietary code.
35
36 If you want to write an nbdkit plugin, you should read
37 nbdkit-plugin(3).
38
39 Several plugins may be found in "$libdir/nbdkit/plugins". You can give
40 the full path to the plugin, like this:
41
42 nbdkit $libdir/nbdkit/plugins/nbdkit-file-plugin.so [...]
43
44 but it is usually more convenient to use this equivalent syntax:
45
46 nbdkit file [...]
47
48 $libdir is set at compile time. To print it out, do:
49
50 nbdkit --dump-config
51
53 Basic file serving
54 Serve file disk.img on port 10809 using nbdkit-file-plugin(1):
55
56 nbdkit file file=disk.img
57
58 Run the nbdkit-example3-plugin(1) and connect to it using guestfish(1):
59
60 nbdkit example3 size=1G
61 guestfish --ro --format=raw -a nbd://localhost
62
63 Serve file disk.img on port 10809, requiring clients to use encrypted
64 (TLS) connections:
65
66 nbdkit --newstyle --tls=require file file=disk.img
67
68 Combining plugins and filters
69 Serve only the first partition from compressed disk image disk.img.xz,
70 combining nbdkit-xz-plugin(1) and nbdkit-partition-filter(1):
71
72 plugin name and plugin parameter
73 │
74 ┌─────┴────┐
75 │ │
76 nbdkit --filter=partition xz file=disk.img.xz partition=1
77 │ │
78 └───────────────┬───────────────────┘
79 │
80 filter name and filter parameter
81
82 Display information
83 Display information about nbdkit or a specific plugin:
84
85 nbdkit --help
86 nbdkit --version
87 nbdkit --dump-config
88 nbdkit example1 --help
89 nbdkit example1 --dump-plugin
90
92 --help
93 Display brief command line usage information and exit.
94
95 --dump-config
96 Dump out the compile-time configuration values and exit. See
97 "PROBING CONFIGURATION AND PLUGINS" below.
98
99 --dump-plugin
100 Dump out information about the plugin and exit. See "PROBING
101 CONFIGURATION AND PLUGINS" below.
102
103 --exit-with-parent
104 If the parent process exits, we exit. This can be used to avoid
105 complicated cleanup or orphaned nbdkit processes. There are some
106 important caveats with this, see "EXIT WITH PARENT" below. An
107 alternative to this is "CAPTIVE NBDKIT" described below.
108
109 This option implies --foreground.
110
111 -e EXPORTNAME
112 --export EXPORTNAME
113 --export-name EXPORTNAME
114 --exportname EXPORTNAME
115 Set the exportname and use the newstyle protocol (implies -n).
116
117 If not set, exportname "" (empty string) is used. Exportnames are
118 not allowed with the oldstyle protocol.
119
120 -f
121 --foreground
122 --no-fork
123 Don't fork into the background.
124
125 --filter FILTER
126 Add a filter before the plugin. This option may be given one or
127 more times to stack filters in front of the plugin. They are
128 processed in the order they appear on the command line. See
129 "FILTERS" and nbdkit-filter(3).
130
131 -g GROUP
132 --group GROUP
133 Change group to "GROUP" after starting up. A group name or numeric
134 group ID can be used.
135
136 The server needs sufficient permissions to be able to do this.
137 Normally this would mean starting the server up as root.
138
139 See also -u.
140
141 -i IPADDR
142 --ip-addr IPADDR
143 --ipaddr IPADDR
144 Listen on the specified interface. The default is to listen on all
145 interfaces. See also -p.
146
147 -n
148 --new-style
149 --newstyle
150 Use the newstyle NBD protocol instead of the default (oldstyle)
151 protocol. See "NEW STYLE VS OLD STYLE PROTOCOL" below.
152
153 -o
154 --old-style
155 --oldstyle
156 Use the oldstyle NBD protocol. This is currently the default
157 (unless you use -n or -e), so this flag does nothing, but it is
158 possible we might change the default protocol in future. See "NEW
159 STYLE VS OLD STYLE PROTOCOL" below.
160
161 -P PIDFILE
162 --pid-file PIDFILE
163 --pidfile PIDFILE
164 Write "PIDFILE" (containing the process ID of the server) after
165 nbdkit becomes ready to accept connections.
166
167 If the file already exists, it is overwritten. nbdkit does not
168 delete the file when it exits.
169
170 -p PORT
171 --port PORT
172 Change the TCP/IP port number on which nbdkit serves requests. The
173 default is 10809. See also -i.
174
175 -r
176 --read-only
177 --readonly
178 The export will be read-only. If a client writes, then it will get
179 an error.
180
181 Note that some plugins inherently don't support writes. With those
182 plugins the -r option is added implicitly.
183
184 nbdkit-cow-filter(1) can be placed over read-only plugins to
185 provide copy-on-write (or "snapshot") functionality. If you are
186 using qemu as a client then it also supports snapshots.
187
188 --run CMD
189 Run nbdkit as a captive subprocess of "CMD". When "CMD" exits,
190 nbdkit is killed. See "CAPTIVE NBDKIT" below.
191
192 This option implies --foreground.
193
194 -s
195 --single
196 --stdin
197 Don't fork. Handle a single NBD connection on stdin/stdout. After
198 stdin closes, the server exits.
199
200 You can use this option to run nbdkit from inetd or similar
201 superservers; or just for testing; or if you want to run nbdkit in
202 a non-conventional way. Note that if you want to run nbdkit from
203 systemd, then it may be better to use "SOCKET ACTIVATION" instead
204 of this option.
205
206 This option implies --foreground.
207
208 --selinux-label SOCKET-LABEL
209 Apply the SELinux label "SOCKET-LABEL" to the nbdkit listening
210 socket.
211
212 The common — perhaps only — use of this option is to allow libvirt
213 guests which are using SELinux and sVirt confinement to access
214 nbdkit Unix domain sockets:
215
216 nbdkit --selinux-label system_u:object_r:svirt_t:s0 ...
217
218 -t THREADS
219 --threads THREADS
220 Set the number of threads to be used per connection, which in turn
221 controls the number of outstanding requests that can be processed
222 at once. Only matters for plugins with thread_model=parallel
223 (where it defaults to 16). To force serialized behavior (useful if
224 the client is not prepared for out-of-order responses), set this to
225 1.
226
227 --tls=off
228 --tls=on
229 --tls=require
230 Disable, enable or require TLS (authentication and encryption
231 support). See "TLS" below.
232
233 --tls-certificates /path/to/certificates
234 Set the path to the TLS certificates directory. If not specified,
235 some built-in paths are checked. See "TLS" below for more details.
236
237 --tls-verify-peer
238 Enables TLS client certificate verification. The default is not to
239 check the client's certificate.
240
241 -U SOCKET
242 --unix SOCKET
243 -U -
244 --unix -
245 Accept connections on the Unix domain socket "SOCKET" (which is a
246 path).
247
248 nbdkit creates this socket, but it will probably have incorrect
249 permissions (too permissive). If it is a problem that some
250 unauthorized user could connect to this socket between the time
251 that nbdkit starts up and the authorized user connects, then put
252 the socket into a directory that has restrictive permissions.
253
254 nbdkit does not delete the socket file when it exits. The caller
255 should delete the socket file after use (else if you try to start
256 nbdkit up again you will get an "Address already in use" error).
257
258 If the socket name is - then nbdkit generates a randomly named
259 private socket. This is useful with "CAPTIVE NBDKIT".
260
261 -u USER
262 --user USER
263 Change user to "USER" after starting up. A user name or numeric
264 user ID can be used.
265
266 The server needs sufficient permissions to be able to do this.
267 Normally this would mean starting the server up as root.
268
269 See also -g.
270
271 -v
272 --verbose
273 Enable verbose messages.
274
275 It's a good idea to use -f as well so the process does not fork
276 into the background (but not required).
277
278 -V
279 --version
280 Print the version number of nbdkit and exit.
281
283 After specifying the plugin name you can (optionally, it depends on the
284 plugin) give plugin configuration on the command line in the form of
285 "key=value". For example:
286
287 nbdkit file file=disk.img
288
289 To list all the options supported by a plugin, do:
290
291 nbdkit --help file
292
293 To dump information about a plugin, do:
294
295 nbdkit file --dump-plugin
296
297 Magic script parameter
298 As a special case, if the first plugin argument does not contain an '='
299 character then it is assumed to be "script=value".
300
301 That allows scripting language plugins like nbdkit-perl-plugin(1) to
302 do:
303
304 nbdkit perl foo.pl [args...]
305
306 which has the same meaning as:
307
308 nbdkit perl script=foo.pl [args...]
309
310 Shebang scripts
311 You can use "#!" to run nbdkit plugins written in most scripting
312 languages. The file should be executable. For example:
313
314 #!/usr/sbin/nbdkit perl
315 sub open {
316 # etc
317 }
318
319 (see nbdkit-perl-plugin(3) for a full example).
320
322 One or more filters can be placed in front of an nbdkit plugin to
323 modify the behaviour of the plugin, using the --filter parameter.
324 Filters can be used for example to limit requests to an offset/limit,
325 add copy-on-write support, or inject delays or errors (for testing).
326
327 Several existing filters are available in the $filterdir. Use "nbdkit
328 --dump-config" to find the directory name.
329
330 How to write filters is described in nbdkit-filter(3).
331
333 nbdkit supports socket activation (sometimes called systemd socket
334 activation). This is a simple protocol where instead of nbdkit itself
335 opening the listening socket(s), the parent process (typically systemd)
336 passes in pre-opened file descriptors. Socket activation lets you
337 serve infrequent NBD requests using a superserver without needing
338 nbdkit to be running the whole time.
339
340 Socket activation is triggered when both the "LISTEN_FDS" and
341 "LISTEN_PID" environment variables are set. In this mode using -i, -p,
342 --run, -s or -U flags on the command line is illegal and will cause an
343 error. Also in this mode nbdkit does not fork into the background (ie.
344 -f is implied).
345
346 Using socket activation with systemd
347 To use nbdkit with socket activation from systemd, create a unit file
348 ending in ".socket" (eg. "/etc/systemd/system/nbdkit.socket")
349 containing:
350
351 [Unit]
352 Description=NBDKit Network Block Device server
353
354 [Socket]
355 ListenStream=10809
356
357 [Install]
358 WantedBy=sockets.target
359
360 There are various formats for the "ListenStream" key. See
361 systemd.socket(5) for more information.
362
363 Also create a service unit (eg. "/etc/systemd/system/nbdkit.service")
364 containing:
365
366 [Service]
367 ExecStart=/usr/sbin/nbdkit file file=/path/to/serve
368
369 For more information on systemd and socket activation, see
370 <http://0pointer.de/blog/projects/socket-activation.html>
371
373 You can run nbdkit as a "captive process", using the --run option.
374 This means that nbdkit runs as long as (for example) qemu(1) or
375 guestfish(1) is running. When those exit, nbdkit is killed.
376
377 Some examples should make this clear.
378
379 To run nbdkit captive under qemu:
380
381 nbdkit file file=disk.img --run 'qemu -drive file=$nbd,if=virtio'
382
383 On the qemu command line, $nbd is substituted automatically with the
384 right NBD path so it can connect to nbdkit. When qemu exits, nbdkit is
385 killed and cleaned up automatically.
386
387 Running nbdkit captive under guestfish:
388
389 nbdkit file file=disk.img --run 'guestfish --format=raw -a $nbd -i'
390
391 When guestfish exits, nbdkit is killed.
392
393 The following shell variables are available in the --run argument:
394
395 $nbd
396 A URL that refers to the nbdkit port or socket.
397
398 Note there is some magic here, since qemu and guestfish URLs have a
399 different format, so nbdkit tries to guess which you are running.
400 If the magic doesn't work, try using the variables below instead.
401
402 $port
403 If ≠ "", the port number that nbdkit is listening on.
404
405 $unixsocket
406 If ≠ "", the Unix domain socket that nbdkit is listening on.
407
408 --run implies --foreground. It is not possible, and probably not
409 desirable, to have nbdkit fork into the background when using --run.
410
411 Even when running captive, nbdkit still listens on the regular TCP/IP
412 port, unless you specify the -p/-U options. If you want a truly
413 private captive nbdkit, then you should create a private random Unix
414 socket, like this:
415
416 nbdkit -U - plugin [args] --run '...'
417
418 Copying data in and out of plugins with captive nbdkit
419 Captive nbdkit + qemu-img(1) can be used to copy data into and out of
420 nbdkit plugins. For example nbdkit-example1-plugin(1) contains an
421 embedded disk image. To copy it out:
422
423 nbdkit -U - example1 --run 'qemu-img convert $nbd disk.img'
424
425 To overwrite a file inside an uncompressed tar file (the file being
426 overwritten must be the same size), use nbdkit-tar-plugin(1) like this:
427
428 nbdkit -U - tar tar=data.tar file=disk.img \
429 --run 'qemu-img convert -n disk.img $nbd'
430
432 The --exit-with-parent option is almost the opposite of "CAPTIVE
433 NBDKIT" described in the previous section.
434
435 Running nbdkit with this option, for example from a script:
436
437 nbdkit --exit-with-parent plugin ... &
438
439 means that nbdkit will exit automatically if the parent program exits
440 for any reason. This can be used to avoid complicated cleanups or
441 orphaned nbdkit processes.
442
443 --exit-with-parent is incompatible with forking into the background
444 (because when we fork into the background we lose track of the parent
445 process). Therefore -f / --foreground is implied.
446
447 This is currently implemented using a feature of the Linux kernel, so
448 it requires a Linux build of nbdkit and won't work on other operating
449 systems (patches welcome to make it work).
450
451 If the parent application is multithreaded, then (in the Linux
452 implementation) if the parent thread exits, that will cause nbdkit to
453 exit. Thus in multithreaded applications you usually want to run
454 "nbdkit --exit-with-parent" only from the main thread (unless you
455 actually want nbdkit to exit with the thread, but that may not work
456 reliably if we extend the implementation to other operating systems).
457
459 The NBD protocol comes in two incompatible forms that we call
460 "oldstyle" and "newstyle". Unfortunately which protocol you should use
461 depends on the client and cannot be known in advance, nor can it be
462 negotiated from the server side.
463
464 nbdkit currently defaults to the oldstyle protocol for compatibility
465 with qemu and libguestfs. This is also the same behaviour as qemu-nbd
466 ≤ 2.5. Use the -n or --newstyle flag on the command line to use the
467 newstyle protocol. Use the -e or --exportname flag to set the
468 exportname for the newstyle protocol. Use the -o or --oldstyle flag to
469 force the oldstyle protocol.
470
471 Some common clients and the protocol they require:
472
473 Client Protocol
474 ------------------------------------------------------------
475 qemu <= 2.5 without exportname oldstyle
476 qemu <= 2.5 with exportname newstyle
477 qemu >= 2.6 client can talk either protocol
478 nbd-client < 3.10 client can talk either protocol
479 nbd-client >= 3.10 newstyle
480 any TLS (encrypted) client newstyle
481 nbdkit nbd plugin client can talk either protocol
482
483 If you use qemu ≤ 2.5 without the exportname field against a newstyle
484 server, it will give the error:
485
486 Server requires an export name
487
488 If you use qemu ≤ 2.5 with the exportname field against an oldstyle
489 server, it will give the error:
490
491 Server does not support export names
492
493 If you use the oldstyle protocol with nbd-client ≥ 3.10, it will give
494 the error:
495
496 Error: It looks like you're trying to connect to an oldstyle server.
497
498 If you want to claim compatibility with what the NBD proto.txt document
499 says should be the case (which isn't based in reality), then you should
500 always use newstyle when using port 10809, and use oldstyle on all
501 other ports.
502
504 TLS (authentication and encryption, sometimes incorrectly called "SSL")
505 is supported if nbdkit was compiled with GnuTLS. This allows the
506 server to verify that the client is allowed access, and to encrypt the
507 contents of the protocol in transit over the network.
508
509 TLS can be disabled or enabled by specifying either --tls=off or
510 --tls=on. With --tls=off, if a client tries to use TLS to connect, it
511 will be rejected by the server (in other words, as if the server
512 doesn't support TLS).
513
514 --tls=on means that the client may choose to connect either with or
515 without TLS.
516
517 Because --tls=on is subject to downgrade attacks where a malicious
518 proxy pretends not to support TLS in order to force either the client
519 or server to communicate in plaintext, you can also specify
520 --tls=require, where the server enables TLS and rejects all non-TLS
521 connection attempts.
522
523 TLS with X.509 certificates
524 When nbdkit starts up, it loads TLS certificates from some built-in
525 paths, or from the directory specified by the --tls-certificates
526 option.
527
528 Without --tls-certificates, if nbdkit is started as a non-root user
529 (note this does not include use of the -u or -g options), nbdkit looks
530 in each of these paths in turn:
531
532 $HOME/.pki/nbdkit/
533 $HOME/.config/pki/nbdkit/
534
535 Without --tls-certificates, if nbdkit is started as root, nbkit looks
536 in:
537
538 $sysconfdir/pki/nbdkit/
539
540 (Use "nbdkit --dump-config" and look at the "root_tls_certificates_dir"
541 setting to get the actual directory built into the binary.)
542
543 You can override both directories above by using --tls-certificates
544 /path/to/certificates.
545
546 In this directory, nbdkit expects to find several files:
547
548 ca-cert.pem
549 The Certificate Authority certificate.
550
551 server-cert.pem
552 The server certificate.
553
554 server-key.pem
555 The server private key.
556
557 ca-crl.pem
558 (Optional) The certificate revocation list.
559
560 Setting up the Certificate Authority
561
562 This step only needs to be done once per organization. It may be that
563 your organization already has a CA.
564
565 $ certtool --generate-privkey > ca-key.pem
566 $ chmod 0600 ca-key.pem
567
568 The ca-key.pem file is the CA private key and is extremely sensitive
569 data. With possession of this key, anyone can create certificates
570 pretending to be your organization!
571
572 To create the CA certificate file:
573
574 $ cat > ca.info <<EOF
575 cn = Name of your organization
576 ca
577 cert_signing_key
578 EOF
579 $ certtool --generate-self-signed \
580 --load-privkey ca-key.pem \
581 --template ca.info \
582 --outfile ca-cert.pem
583
584 Issuing a server certificate for the nbdkit server
585
586 Each nbdkit server (or host) needs a secret key and certificate.
587
588 $ certtool --generate-privkey > server-key.pem
589 $ chmod 0600 server-key.pem
590
591 The server key file is sensitive. Setting the mode to 0600 helps to
592 prevent other users on the same machine from reading it.
593
594 The server DNS name ("cn" below) must be the fully qualified hostname —
595 and the only hostname — that the client connects to.
596
597 $ cat > server.info <<EOF
598 organization = Name of your organization
599 cn = nbd-server.example.com
600 tls_www_server
601 encryption_key
602 signing_key
603 EOF
604 $ certtool --generate-certificate \
605 --load-ca-certificate ca-cert.pem \
606 --load-ca-privkey ca-key.pem \
607 --load-privkey server-key.pem \
608 --template server.info \
609 --outfile server-cert.pem
610
611 Issuing and checking client certificates
612
613 Note: You don't need to create client certificates unless you want to
614 check and limit which clients can connect to nbdkit. nbdkit does not
615 check client certificates unless you specify the --tls-verify-peer
616 option on the command line.
617
618 For each client you should generate a private key and a client
619 certificate:
620
621 $ certtool --generate-privkey > client-key.pem
622 $ chmod 0600 client-key.pem
623
624 The client key file is sensitive.
625
626 The client DNS name ("cn" below) is the client's name that nbdkit sees
627 and checks.
628
629 $ cat > client.info <<EOF
630 country = US
631 state = New York
632 locality = New York
633 organization = Name of your organization
634 cn = client.example.com
635 tls_www_client
636 encryption_key
637 signing_key
638 EOF
639 $ certtool --generate-certificate \
640 --load-ca-certificate ca-cert.pem \
641 --load-ca-privkey ca-key.pem \
642 --load-privkey client-key.pem \
643 --template client.info \
644 --outfile client-cert.pem
645
646 Client certificates do not need to be present anywhere on the nbdkit
647 host. You don't need to copy them into nbdkit's TLS certificates
648 directory. The security comes from the fact that the client must
649 present a client certificate signed by the Certificate Authority, and
650 nbdkit can check this because it has the ca-cert.pem file.
651
652 To enable checking of client certificates, specify the
653 --tls-verify-peer option on the command line. Clients which don't
654 present a valid certificate (eg. not signed, incorrect signature) are
655 denied. Also denied are clients which present a valid certificate
656 signed by another CA. Also denied are clients with certificates added
657 to the certificate revocation list (ca-crl.pem).
658
659 Default TLS behaviour
660 If nbdkit was compiled without GnuTLS support, then TLS is disabled and
661 TLS connections will be rejected (as if --tls=off was specified on the
662 command line). Also it is impossible to turn on TLS in this scenario.
663 You can tell if nbdkit was compiled without GnuTLS support because
664 "nbdkit --dump-config" will contain "tls=no".
665
666 If TLS certificates cannot be loaded either from the built-in path or
667 from the directory specified by --tls-certificates, then TLS defaults
668 to disabled. Turning TLS on will give a warning (--tls=on) or error
669 (--tls=require) about the missing certificates.
670
671 If TLS certificates can be loaded from the built-in path or from the
672 --tls-certificates directory, then TLS will by default be enabled (like
673 --tls=on), but it is not required. Clients can choose whether or not
674 to use TLS and whether or not to present certificates.
675
676 TLS client certificates are not checked by default unless you specify
677 --tls-verify-peer.
678
679 Each of these defaults is insecure to some extent (including --tls=on
680 which could be subject to a downgrade attack), so if you expect TLS
681 then it is best to specify the --tls option that you require, and if
682 you want to check client certificates, specify the --tls-verify-peer
683 option.
684
685 Choice of TLS algorithms
686 TLS has a bewildering choice of algorithms that can be used. To enable
687 you to choose a default set of algorithms, there is a configure setting
688 "--with-tls-priority". This defaults to "NORMAL" which, to quote the
689 GnuTLS documentation:
690
691 ""NORMAL" means all "secure" ciphersuites. The 256-bit ciphers are
692 included as a fallback only. The ciphers are sorted by security
693 margin."
694
695 You could also set the TLS priority so that it can be configured from a
696 file at runtime:
697
698 ./configure --with-tls-priority=@SYSTEM
699
700 means use the policy from /etc/crypto-policies/config.
701
702 ./configure --with-tls-priority=@NBDKIT,SYSTEM
703
704 means use the policy from /etc/crypto-policies/local.d/nbdkit.config
705 and fall back to /etc/crypto-policies/config if the first file does not
706 exist.
707
708 More information can be found in gnutls_priority_init(3).
709
711 You can query information about nbdkit and available plugins from the
712 nbdkit binary.
713
714 Query basic configuration
715 nbdkit --dump-config
716
717 lists information about how nbdkit was configured. The most important
718 fields in the output are the name of the directory where nbdkit looks
719 for plugins and the version of nbdkit, eg:
720
721 plugindir=/usr/lib64/nbdkit/plugins
722 version=1.2.3
723
724 Query information about a particular plugin
725 nbdkit pluginname --dump-plugin
726
727 (where pluginname is the name or full path of a plugin) will dump
728 information about that plugin, eg:
729
730 $ nbdkit file --dump-plugin
731 path=/usr/lib64/nbdkit/plugins/nbdkit-file-plugin.so
732 name=file
733 version=1.2.3
734 api_version=1
735 struct_size=176
736 thread_model=serialize_requests
737 [etc]
738
739 Plugins which ship with nbdkit usually have the same version as the
740 corresponding nbdkit binary.
741
742 Detect if a plugin is installed
743 To find out if a plugin is installed (and working) in the plugin
744 directory, use --dump-plugin as above:
745
746 $ nbdkit foo --dump-plugin
747 nbdkit: /usr/lib64/nbdkit/plugins/nbdkit-foo-plugin.so: /usr/lib64/nbdkit/plugins/nbdkit-foo-plugin.so: cannot open shared object file: No such file or directory
748
749 Note it is better to test for the existence of plugins this way rather
750 than just seeing if the .so file exists, because nbdkit will load the
751 plugin and check that all its dependencies can be satisfied, and also
752 that plugin registration works.
753
754 List all plugins in the plugin directory
755 You could simply get the plugin directory (from --dump-config) and list
756 all files in this directory called nbdkit-*-plugin.so.
757
758 However a better test is to run --dump-plugin (see above) on each one
759 to check that it is working and all of its dependencies are installed.
760 A complete shell script which does this is:
761
762 #!/bin/sh -
763 plugindir=`nbdkit --dump-config | grep ^plugindir= | sed 's/[^=]*=//'`
764 for f in $plugindir/nbdkit-*-plugin.so; do
765 if nbdkit "$f" --dump-plugin >/dev/null 2>&1; then
766 b=`echo "$f" | sed 's,.*/nbdkit-\(.*\)-plugin.so$,\1,'`
767 echo "$b ($f)"
768 fi
769 done
770
772 "nbdkit" responds to the following signals:
773
774 "SIGINT"
775 "SIGQUIT"
776 "SIGTERM"
777 The server exits cleanly.
778
779 "SIGPIPE"
780 This signal is ignored.
781
783 "LISTEN_FDS"
784 "LISTEN_PID"
785 If present in the environment when nbdkit starts up, these trigger
786 "SOCKET ACTIVATION".
787
789 Plugins:
790
791 nbdkit-curl-plugin(1), nbdkit-example1-plugin(1),
792 nbdkit-example2-plugin(1), nbdkit-example3-plugin(1),
793 nbdkit-example4-plugin(1), nbdkit-file-plugin(1),
794 nbdkit-guestfs-plugin(1), nbdkit-gzip-plugin(1),
795 nbdkit-libvirt-plugin(1), nbdkit-memory-plugin(1),
796 nbdkit-nbd-plugin(1), nbdkit-null-plugin(1), nbdkit-split-plugin(1),
797 nbdkit-streaming-plugin(1), nbdkit-tar-plugin(1),
798 nbdkit-vddk-plugin(1), nbdkit-xz-plugin(1).
799
800 Filters:
801
802 nbdkit-cache-filter(1), nbdkit-cow-filter(1), nbdkit-delay-filter(1),
803 nbdkit-offset-filter(1), nbdkit-partition-filter(1).
804
805 For developers:
806
807 nbdkit-plugin(3), nbdkit-filter(3).
808
809 Writing plugins in other programming languages:
810
811 nbdkit-ocaml-plugin(3), nbdkit-perl-plugin(3), nbdkit-python-plugin(3),
812 nbdkit-ruby-plugin(3).
813
814 Other manual pages of interest:
815
816 gnutls_priority_init(3), guestfish(1), qemu(1), qemu-img(1),
817 systemd.socket(5).
818
820 Eric Blake
821
822 Richard W.M. Jones
823
824 Pino Toscano
825
827 Copyright (C) 2013-2018 Red Hat Inc.
828
830 Redistribution and use in source and binary forms, with or without
831 modification, are permitted provided that the following conditions are
832 met:
833
834 · Redistributions of source code must retain the above copyright
835 notice, this list of conditions and the following disclaimer.
836
837 · Redistributions in binary form must reproduce the above copyright
838 notice, this list of conditions and the following disclaimer in the
839 documentation and/or other materials provided with the
840 distribution.
841
842 · Neither the name of Red Hat nor the names of its contributors may
843 be used to endorse or promote products derived from this software
844 without specific prior written permission.
845
846 THIS SOFTWARE IS PROVIDED BY RED HAT AND CONTRIBUTORS ''AS IS'' AND ANY
847 EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
848 IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
849 PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL RED HAT OR CONTRIBUTORS BE
850 LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
851 CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
852 SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
853 BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
854 WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
855 OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
856 ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
857
858
859
860nbdkit 2018-06-12 nbdkit(1)