1virt-ls(1) Virtualization Support virt-ls(1)
2
6 virt-ls - List files in a virtual machine
7
9 virt-ls [--options] -d domname directory [directory ...]
10 virt-ls [--options] -a disk.img [-a disk.img ...] directory [directory ...]
12 Old style:
14 virt-ls [--options] domname directory
16 virt-ls [--options] disk.img [disk.img ...] directory
18
20 "virt-ls" lists filenames, file sizes, checksums, extended attributes
21 and more from a virtual machine or disk image.
22 Multiple directory names can be given, in which case the output from
24 each is concatenated.
25 To list directories from a libvirt guest use the -d option to specify
27 the name of the guest. For a disk image, use the -a option.
28 "virt-ls" can do many simple file listings. For more complicated cases
30 you may need to use guestfish(1), or write a program directly to the
31 guestfs(3) API.
32
34 Get a list of all files and directories in a virtual machine:
35 virt-ls -R -d guest /
37 List all setuid or setgid programs in a Linux virtual machine:
39 virt-ls -lR -d guest / | grep '^- [42]'
41 List all public-writable directories in a Linux virtual machine:
43 virt-ls -lR -d guest / | grep '^d ...7'
45 List all Unix domain sockets in a Linux virtual machine:
47 virt-ls -lR -d guest / | grep '^s'
49 List all regular files with filenames ending in ‘.png’:
51 virt-ls -lR -d guest / | grep -i '^-.*\.png$'
53 To display files larger than 10MB in home directories:
55 virt-ls -lR -d guest /home | awk '$3 > 10*1024*1024'
57 Find everything modified in the last 7 days:
59 virt-ls -lR -d guest --time-days / | awk '$6 <= 7'
61 Find regular files modified in the last 24 hours:
63 virt-ls -lR -d guest --time-days / | grep '^-' | awk '$6 < 1'
65 DIFFERENCES IN SNAPSHOTS AND BACKING FILES
67 Although it is possible to use virt-ls to look for differences, since
68 libguestfs ≥ 1.26 a new tool is available called virt-diff(1).
69
71 "virt-ls" has four output modes, controlled by different combinations
72 of the -l and -R options.
73 SIMPLE LISTING
75 A simple listing is like the ordinary ls(1) command:
76 $ virt-ls -d guest /
78 bin
79 boot
80 [etc.]
81 LONG LISTING
83 With the -l (--long) option, the output is like the "ls -l" command
84 (more specifically, like the "guestfs_ll" function).
85 $ virt-ls -l -d guest /
87 total 204
88 dr-xr-xr-x. 2 root root 4096 2009-08-25 19:06 bin
89 dr-xr-xr-x. 5 root root 3072 2009-08-25 19:06 boot
90 [etc.]
91 Note that while this is useful for displaying a directory, do not try
93 parsing this output in another program. Use "RECURSIVE LONG LISTING"
94 instead.
95 RECURSIVE LISTING
97 With the -R (--recursive) option, "virt-ls" lists the names of files
98 and directories recursively:
99 $ virt-ls -R -d guest /tmp
101 foo
102 foo/bar
103 [etc.]
104 To generate this output, "virt-ls" runs the "guestfs_find0" function
106 and converts "\0" characters to "\n".
107 RECURSIVE LONG LISTING
109 Using -lR options together changes the output to display directories
110 recursively, with file stats, and optionally other features such as
111 checksums and extended attributes.
112 Most of the interesting features of "virt-ls" are only available when
114 using -lR mode.
115 The fields are normally space-separated. Filenames are not quoted, so
117 you cannot use the output in another program (because filenames can
118 contain spaces and other unsafe characters). If the guest was
119 untrusted and someone knew you were using "virt-ls" to analyze the
120 guest, they could play tricks on you by creating filenames with
121 embedded newline characters. To safely parse the output in another
122 program, use the --csv (Comma-Separated Values) option.
123 Note that this output format is completely unrelated to the "ls -lR"
125 command.
126 $ virt-ls -lR -d guest /bin
128 d 0555 4096 /bin
129 - 0755 123 /bin/alsaunmute
130 - 0755 28328 /bin/arch
131 l 0777 4 /bin/awk -> gawk
132 - 0755 27216 /bin/basename
133 - 0755 943360 /bin/bash
134 [etc.]
135 These basic fields are always shown:
137 type
139 The file type, one of: "-" (regular file), "d" (directory), "c"
140 (character device), "b" (block device), "p" (named pipe), "l"
141 (symbolic link), "s" (socket) or "u" (unknown).
142 permissions
144 The Unix permissions, displayed as a 4 digit octal number.
145 size
147 The size of the file. This is shown in bytes unless -h or
148 --human-readable option is given, in which case this is shown as a
149 human-readable number.
150 path
152 The full path of the file or directory.
153 link
155 For symbolic links only, the link target.
156 In -lR mode, additional command line options enable the display of more
158 fields.
159 With the --uids flag, these additional fields are displayed before the
161 path:
162 uid
164 gid The UID and GID of the owner of the file (displayed numerically).
165 Note these only make sense in the context of a Unix-like guest.
166 With the --times flag, these additional fields are displayed:
168 atime
170 The time of last access.
171 mtime
173 The time of last modification.
174 ctime
176 The time of last status change.
177 The time fields are displayed as string dates and times, unless one of
179 the --time-t, --time-relative or --time-days flags is given.
180 With the --extra-stats flag, these additional fields are displayed:
182 device
184 The device containing the file (displayed as major:minor). This
185 may not match devices as known to the guest.
186 inode
188 The inode number.
189 nlink
191 The number of hard links.
192 rdev
194 For block and char special files, the device (displayed as
195 major:minor).
196 blocks
198 The number of 512 byte blocks allocated to the file.
199 With the --checksum flag, the checksum of the file contents is shown
201 (only for regular files). Computing file checksums can take a
202 considerable amount of time.
203
205 --help
206 Display brief help.
207 -a file
209 --add file
210 Add file which should be a disk image from a virtual machine. If
211 the virtual machine has multiple block devices, you must supply all
212 of them with separate -a options.
213 The format of the disk image is auto-detected. To override this
215 and force a particular format use the --format=.. option.
216 -a URI
218 --add URI
219 Add a remote disk. See "ADDING REMOTE STORAGE" in guestfish(1).
220 --checksum
222 --checksum=crc|md5|sha1|sha224|sha256|sha384|sha512
223 Display checksum over file contents for regular files. With no
224 argument, this defaults to using md5. Using an argument, you can
225 select the checksum type to use.
226 This option only has effect in -lR output mode. See "RECURSIVE
228 LONG LISTING" above.
229 -c URI
231 --connect URI
232 If using libvirt, connect to the given URI. If omitted, then we
233 connect to the default libvirt hypervisor.
234 If you specify guest block devices directly (-a), then libvirt is
236 not used at all.
237 --csv
239 Write out the results in CSV format (comma-separated values). This
240 format can be imported easily into databases and spreadsheets, but
241 read "NOTE ABOUT CSV FORMAT" below.
242 -d guest
244 --domain guest
245 Add all the disks from the named libvirt guest. Domain UUIDs can
246 be used instead of names.
247 --echo-keys
249 When prompting for keys and passphrases, virt-ls normally turns
250 echoing off so you cannot see what you are typing. If you are not
251 worried about Tempest attacks and there is no one else in the room
252 you can specify this flag to see what you are typing.
253 --extra-stats
255 Display extra stats.
256 This option only has effect in -lR output mode. See "RECURSIVE
258 LONG LISTING" above.
259 --format=raw|qcow2|..
261 --format
262 The default for the -a option is to auto-detect the format of the
263 disk image. Using this forces the disk format for -a options which
264 follow on the command line. Using --format with no argument
265 switches back to auto-detection for subsequent -a options.
266 For example:
268 virt-ls --format=raw -a disk.img /dir
270 forces raw format (no auto-detection) for disk.img.
272 virt-ls --format=raw -a disk.img --format -a another.img /dir
274 forces raw format (no auto-detection) for disk.img and reverts to
276 auto-detection for another.img.
277 If you have untrusted raw-format guest disk images, you should use
279 this option to specify the disk format. This avoids a possible
280 security problem with malicious guests (CVE-2010-3851).
281 -h
283 --human-readable
284 Display file sizes in human-readable format.
285 This option only has effect in -lR output mode. See "RECURSIVE
287 LONG LISTING" above.
288 --key SELECTOR
290 Specify a key for LUKS, to automatically open a LUKS device when
291 using the inspection. "SELECTOR" can be in one of the following
292 formats:
293 --key "DEVICE":key:KEY_STRING
295 Use the specified "KEY_STRING" as passphrase.
296 --key "DEVICE":file:FILENAME
298 Read the passphrase from FILENAME.
299 --keys-from-stdin
301 Read key or passphrase parameters from stdin. The default is to
302 try to read passphrases from the user by opening /dev/tty.
303 -m dev[:mountpoint[:options[:fstype]]]
305 --mount dev[:mountpoint[:options[:fstype]]]
306 Mount the named partition or logical volume on the given
307 mountpoint.
308 If the mountpoint is omitted, it defaults to /.
310 Specifying any mountpoint disables the inspection of the guest and
312 the mount of its root and all of its mountpoints, so make sure to
313 mount all the mountpoints needed to work with the filenames given
314 as arguments.
315 If you don’t know what filesystems a disk image contains, you can
317 either run guestfish without this option, then list the partitions,
318 filesystems and LVs available (see "list-partitions", "list-
319 filesystems" and "lvs" commands), or you can use the
320 virt-filesystems(1) program.
321 The third (and rarely used) part of the mount parameter is the list
323 of mount options used to mount the underlying filesystem. If this
324 is not given, then the mount options are either the empty string or
325 "ro" (the latter if the --ro flag is used). By specifying the
326 mount options, you override this default choice. Probably the only
327 time you would use this is to enable ACLs and/or extended
328 attributes if the filesystem can support them:
329 -m /dev/sda1:/:acl,user_xattr
331 Using this flag is equivalent to using the "mount-options" command.
333 The fourth part of the parameter is the filesystem driver to use,
335 such as "ext3" or "ntfs". This is rarely needed, but can be useful
336 if multiple drivers are valid for a filesystem (eg: "ext2" and
337 "ext3"), or if libguestfs misidentifies a filesystem.
338 -l
340 --long
341 -R
342 --recursive
343 Select the mode. With neither of these options, "virt-ls" produces
344 a simple, flat list of the files in the named directory. See
345 "SIMPLE LISTING".
346 "virt-ls -l" produces a "long listing", which shows more detail.
348 See "LONG LISTING".
349 "virt-ls -R" produces a recursive list of files starting at the
351 named directory. See "RECURSIVE LISTING".
352 "virt-ls -lR" produces a recursive long listing which can be more
354 easily parsed. See "RECURSIVE LONG LISTING".
355 --times
357 Display time fields.
358 This option only has effect in -lR output mode. See "RECURSIVE
360 LONG LISTING" above.
361 --time-days
363 Display time fields as days before now (negative if in the future).
364 Note that 0 in output means "up to 1 day before now", or that the
366 age of the file is between 0 and 86399 seconds.
367 This option only has effect in -lR output mode. See "RECURSIVE
369 LONG LISTING" above.
370 --time-relative
372 Display time fields as seconds before now (negative if in the
373 future).
374 This option only has effect in -lR output mode. See "RECURSIVE
376 LONG LISTING" above.
377 --time-t
379 Display time fields as seconds since the Unix epoch.
380 This option only has effect in -lR output mode. See "RECURSIVE
382 LONG LISTING" above.
383 --uids
385 Display UID and GID fields.
386 This option only has effect in -lR output mode. See "RECURSIVE
388 LONG LISTING" above.
389 -v
391 --verbose
392 Enable verbose messages for debugging.
393 -V
395 --version
396 Display version number and exit.
397 -x Enable tracing of libguestfs API calls.
399
401 Previous versions of virt-ls allowed you to write either:
402 virt-ls disk.img [disk.img ...] /dir
404 or
406 virt-ls guestname /dir
408 whereas in this version you should use -a or -d respectively to avoid
410 the confusing case where a disk image might have the same name as a
411 guest.
412 For compatibility the old style is still supported.
414
416 Comma-separated values (CSV) is a deceptive format. It seems like it
417 should be easy to parse, but it is definitely not easy to parse.
418 Myth: Just split fields at commas. Reality: This does not work
420 reliably. This example has two columns:
421 "foo,bar",baz
423 Myth: Read the file one line at a time. Reality: This does not work
425 reliably. This example has one row:
426 "foo
428 bar",baz
429 For shell scripts, use "csvtool" (https://github.com/Chris00/ocaml-csv
431 also packaged in major Linux distributions).
432 For other languages, use a CSV processing library (eg. "Text::CSV" for
434 Perl or Python’s built-in csv library).
435 Most spreadsheets and databases can import CSV directly.
437
439 This program returns 0 if successful, or non-zero if there was an
440 error.
441
443 guestfs(3), guestfish(1), virt-cat(1), virt-copy-out(1), virt-diff(1),
444 virt-tar-out(1), http://libguestfs.org/.
445
447 Richard W.M. Jones http://people.redhat.com/~rjones/
448
450 Copyright (C) 2009-2019 Red Hat Inc.
451
453 This program is free software; you can redistribute it and/or modify it
454 under the terms of the GNU General Public License as published by the
455 Free Software Foundation; either version 2 of the License, or (at your
456 option) any later version.
457 This program is distributed in the hope that it will be useful, but
459 WITHOUT ANY WARRANTY; without even the implied warranty of
460 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
461 General Public License for more details.
462 You should have received a copy of the GNU General Public License along
464 with this program; if not, write to the Free Software Foundation, Inc.,
465 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
466
468 To get a list of bugs against libguestfs, use this link:
469 https://bugzilla.redhat.com/buglist.cgi?component=libguestfs&product=Virtualization+Tools
470 To report a new bug against libguestfs, use this link:
472 https://bugzilla.redhat.com/enter_bug.cgi?component=libguestfs&product=Virtualization+Tools
473 When reporting a bug, please supply:
475 · The version of libguestfs.
477 · Where you got libguestfs (eg. which Linux distro, compiled from
479 source, etc)
480 · Describe the bug accurately and give a way to reproduce it.
482 · Run libguestfs-test-tool(1) and paste the complete, unedited output
484 into the bug report.
485libguestfs-1.40.2 2019-02-07 virt-ls(1)