1virt-customize(1)           Virtualization Support           virt-customize(1)
2
3
4

NAME

6       virt-customize - Customize a virtual machine
7

SYNOPSIS

9        virt-customize
10           [ -a disk.img [ -a disk.img ... ] | -d domname ]
11           [--attach ISOFILE] [--attach-format FORMAT]
12           [ -c URI | --connect URI ] [ -n | --dry-run ]
13           [ --format FORMAT] [ -m MB | --memsize MB ]
14           [ --network | --no-network ]
15           [ -q | --quiet ] [--smp N] [ -v | --verbose ] [-x]
16           [--append-line FILE:LINE] [--chmod PERMISSIONS:FILE]
17           [--commands-from-file FILENAME] [--copy SOURCE:DEST]
18           [--copy-in LOCALPATH:REMOTEDIR] [--delete PATH] [--edit FILE:EXPR]
19           [--firstboot SCRIPT] [--firstboot-command 'CMD+ARGS']
20           [--firstboot-install PKG,PKG..] [--hostname HOSTNAME]
21           [--install PKG,PKG..] [--link TARGET:LINK[:LINK..]] [--mkdir DIR]
22           [--move SOURCE:DEST] [--password USER:SELECTOR]
23           [--root-password SELECTOR] [--run SCRIPT]
24           [--run-command 'CMD+ARGS'] [--scrub FILE] [--sm-attach SELECTOR]
25           [--sm-register] [--sm-remove] [--sm-unregister]
26           [--ssh-inject USER[:SELECTOR]] [--truncate FILE]
27           [--truncate-recursive PATH] [--timezone TIMEZONE] [--touch FILE]
28           [--uninstall PKG,PKG..] [--update] [--upload FILE:DEST]
29           [--write FILE:CONTENT] [--no-logfile]
30           [--password-crypto md5|sha256|sha512] [--selinux-relabel]
31           [--sm-credentials SELECTOR]
32
33
34        virt-customize [ -V | --version ]
35

WARNING

37       Using "virt-customize" on live virtual machines, or concurrently with
38       other disk editing tools, can be dangerous, potentially causing disk
39       corruption.  The virtual machine must be shut down before you use this
40       command, and disk images must not be edited concurrently.
41

DESCRIPTION

43       Virt-customize can customize a virtual machine (disk image) by
44       installing packages, editing configuration files, and so on.
45
46       Virt-customize modifies the guest or disk image in place.  The guest
47       must be shut down.  If you want to preserve the existing contents of
48       the guest, you must snapshot, copy or clone the disk first.
49
50       You do not need to run virt-customize as root.  In fact we'd generally
51       recommend that you don't.
52
53       Related tools include: virt-sysprep(1) and virt-builder(1).
54

OPTIONS

56       --help
57           Display brief help.
58
59       -a file
60       --add file
61           Add file which should be a disk image from a virtual machine.
62
63           The format of the disk image is auto-detected.  To override this
64           and force a particular format use the --format option.
65
66       -a URI
67       --add URI
68           Add a remote disk.  The URI format is compatible with guestfish.
69           See "ADDING REMOTE STORAGE" in guestfish(1).
70
71       --attach ISOFILE
72           The given disk is attached to the libguestfs appliance.  This is
73           used to provide extra software repositories or other data for
74           customization.
75
76           You probably want to ensure the volume(s) or filesystems in the
77           attached disks are labelled (or use an ISO volume name) so that you
78           can mount them by label in your run-scripts:
79
80            mkdir /tmp/mount
81            mount LABEL=EXTRA /tmp/mount
82
83           You can have multiple --attach options, and the format can be any
84           disk format (not just an ISO).
85
86       --attach-format FORMAT
87           Specify the disk format for the next --attach option.  The "FORMAT"
88           is usually "raw" or "qcow2".  Use "raw" for ISOs.
89
90       --colors
91       --colours
92           Use ANSI colour sequences to colourize messages.  This is the
93           default when the output is a tty.  If the output of the program is
94           redirected to a file, ANSI colour sequences are disabled unless you
95           use this option.
96
97       -c URI
98       --connect URI
99           If using libvirt, connect to the given URI.  If omitted, then we
100           connect to the default libvirt hypervisor.
101
102           If you specify guest block devices directly (-a), then libvirt is
103           not used at all.
104
105       -d guest
106       --domain guest
107           Add all the disks from the named libvirt guest.  Domain UUIDs can
108           be used instead of names.
109
110       -n
111       --dry-run
112           Perform a read-only "dry run" on the guest.  This runs the sysprep
113           operation, but throws away any changes to the disk at the end.
114
115       --echo-keys
116           When prompting for keys and passphrases, virt-customize normally
117           turns echoing off so you cannot see what you are typing.  If you
118           are not worried about Tempest attacks and there is no one else in
119           the room you can specify this flag to see what you are typing.
120
121       --format raw|qcow2|..
122       --format auto
123           The default for the -a option is to auto-detect the format of the
124           disk image.  Using this forces the disk format for -a options which
125           follow on the command line.  Using --format auto switches back to
126           auto-detection for subsequent -a options.
127
128           For example:
129
130            virt-customize --format raw -a disk.img
131
132           forces raw format (no auto-detection) for disk.img.
133
134            virt-customize --format raw -a disk.img --format auto -a another.img
135
136           forces raw format (no auto-detection) for disk.img and reverts to
137           auto-detection for another.img.
138
139           If you have untrusted raw-format guest disk images, you should use
140           this option to specify the disk format.  This avoids a possible
141           security problem with malicious guests (CVE-2010-3851).
142
143       --key SELECTOR
144           Specify a key for LUKS, to automatically open a LUKS device when
145           using the inspection.  "ID" can be either the libguestfs device
146           name, or the UUID of the LUKS device.
147
148           --key "ID":key:KEY_STRING
149               Use the specified "KEY_STRING" as passphrase.
150
151           --key "ID":file:FILENAME
152               Read the passphrase from FILENAME.
153
154       --keys-from-stdin
155           Read key or passphrase parameters from stdin.  The default is to
156           try to read passphrases from the user by opening /dev/tty.
157
158       -m MB
159       --memsize MB
160           Change the amount of memory allocated to --run scripts.  Increase
161           this if you find that --run scripts or the --install option are
162           running out of memory.
163
164           The default can be found with this command:
165
166            guestfish get-memsize
167
168       --network
169       --no-network
170           Enable or disable network access from the guest during the
171           installation.
172
173           Enabled is the default.  Use --no-network to disable access.
174
175           The network only allows outgoing connections and has other minor
176           limitations.  See "NETWORK" in virt-rescue(1).
177
178           If you use --no-network then certain other options such as
179           --install will not work.
180
181           This does not affect whether the guest can access the network once
182           it has been booted, because that is controlled by your hypervisor
183           or cloud environment and has nothing to do with virt-customize.
184
185           Generally speaking you should not use --no-network.  But here are
186           some reasons why you might want to:
187
188           1.  Because the libguestfs backend that you are using doesn't
189               support the network.  (See: "BACKEND" in guestfs(3)).
190
191           2.  Any software you need to install comes from an attached ISO, so
192               you don't need the network.
193
194           3.  You don’t want untrusted guest code trying to access your host
195               network when running virt-customize.  This is particularly an
196               issue when you don't trust the source of the operating system
197               templates.  (See "SECURITY" below).
198
199           4.  You don’t have a host network (eg. in secure/restricted
200               environments).
201
202       -q
203       --quiet
204           Don’t print log messages.
205
206           To enable detailed logging of individual file operations, use -x.
207
208       --smp N
209           Enable N ≥ 2 virtual CPUs for --run scripts to use.
210
211       -v
212       --verbose
213           Enable verbose messages for debugging.
214
215       -V
216       --version
217           Display version number and exit.
218
219       -x  Enable tracing of libguestfs API calls.
220
221   Customization options
222       --append-line FILE:LINE
223           Append a single line of text to the "FILE".  If the file does not
224           already end with a newline, then one is added before the appended
225           line.  Also a newline is added to the end of the "LINE" string
226           automatically.
227
228           For example (assuming ordinary shell quoting) this command:
229
230            --append-line '/etc/hosts:10.0.0.1 foo'
231
232           will add either "10.0.0.1 foo⏎" or "⏎10.0.0.1 foo⏎" to the file,
233           the latter only if the existing file does not already end with a
234           newline.
235
236           "⏎" represents a newline character, which is guessed by looking at
237           the existing content of the file, so this command does the right
238           thing for files using Unix or Windows line endings.  It also works
239           for empty or non-existent files.
240
241           To insert several lines, use the same option several times:
242
243            --append-line '/etc/hosts:10.0.0.1 foo'
244            --append-line '/etc/hosts:10.0.0.2 bar'
245
246           To insert a blank line before the appended line, do:
247
248            --append-line '/etc/hosts:'
249            --append-line '/etc/hosts:10.0.0.1 foo'
250
251       --chmod PERMISSIONS:FILE
252           Change the permissions of "FILE" to "PERMISSIONS".
253
254           Note: "PERMISSIONS" by default would be decimal, unless you prefix
255           it with 0 to get octal, ie. use 0700 not 700.
256
257       --commands-from-file FILENAME
258           Read the customize commands from a file, one (and its arguments)
259           each line.
260
261           Each line contains a single customization command and its
262           arguments, for example:
263
264            delete /some/file
265            install some-package
266            password some-user:password:its-new-password
267
268           Empty lines are ignored, and lines starting with "#" are comments
269           and are ignored as well.  Furthermore, arguments can be spread
270           across multiple lines, by adding a "\" (continuation character) at
271           the of a line, for example
272
273            edit /some/file:\
274              s/^OPT=.*/OPT=ok/
275
276           The commands are handled in the same order as they are in the file,
277           as if they were specified as --delete /some/file on the command
278           line.
279
280       --copy SOURCE:DEST
281           Copy files or directories recursively inside the guest.
282
283           Wildcards cannot be used.
284
285       --copy-in LOCALPATH:REMOTEDIR
286           Copy local files or directories recursively into the disk image,
287           placing them in the directory "REMOTEDIR" (which must exist).
288
289           Wildcards cannot be used.
290
291       --delete PATH
292           Delete a file from the guest.  Or delete a directory (and all its
293           contents, recursively).
294
295           You can use shell glob characters in the specified path.  Be
296           careful to escape glob characters from the host shell, if that is
297           required.  For example:
298
299            virt-customize --delete '/var/log/*.log'.
300
301           See also: --upload, --scrub.
302
303       --edit FILE:EXPR
304           Edit "FILE" using the Perl expression "EXPR".
305
306           Be careful to properly quote the expression to prevent it from
307           being altered by the shell.
308
309           Note that this option is only available when Perl 5 is installed.
310
311           See "NON-INTERACTIVE EDITING" in virt-edit(1).
312
313       --firstboot SCRIPT
314           Install "SCRIPT" inside the guest, so that when the guest first
315           boots up, the script runs (as root, late in the boot process).
316
317           The script is automatically chmod +x after installation in the
318           guest.
319
320           The alternative version --firstboot-command is the same, but it
321           conveniently wraps the command up in a single line script for you.
322
323           You can have multiple --firstboot options.  They run in the same
324           order that they appear on the command line.
325
326           Please take a look at "FIRST BOOT SCRIPTS" in virt-builder(1) for
327           more information and caveats about the first boot scripts.
328
329           See also --run.
330
331       --firstboot-command 'CMD+ARGS'
332           Run command (and arguments) inside the guest when the guest first
333           boots up (as root, late in the boot process).
334
335           You can have multiple --firstboot options.  They run in the same
336           order that they appear on the command line.
337
338           Please take a look at "FIRST BOOT SCRIPTS" in virt-builder(1) for
339           more information and caveats about the first boot scripts.
340
341           See also --run.
342
343       --firstboot-install PKG,PKG..
344           Install the named packages (a comma-separated list).  These are
345           installed when the guest first boots using the guest’s package
346           manager (eg. apt, yum, etc.) and the guest’s network connection.
347
348           For an overview on the different ways to install packages, see
349           "INSTALLING PACKAGES" in virt-builder(1).
350
351       --hostname HOSTNAME
352           Set the hostname of the guest to "HOSTNAME".  You can use a dotted
353           hostname.domainname (FQDN) if you want.
354
355       --install PKG,PKG..
356           Install the named packages (a comma-separated list).  These are
357           installed during the image build using the guest’s package manager
358           (eg. apt, yum, etc.) and the host’s network connection.
359
360           For an overview on the different ways to install packages, see
361           "INSTALLING PACKAGES" in virt-builder(1).
362
363           See also --update, --uninstall.
364
365       --link TARGET:LINK[:LINK..]
366           Create symbolic link(s) in the guest, starting at "LINK" and
367           pointing at "TARGET".
368
369       --mkdir DIR
370           Create a directory in the guest.
371
372           This uses "mkdir -p" so any intermediate directories are created,
373           and it also works if the directory already exists.
374
375       --move SOURCE:DEST
376           Move files or directories inside the guest.
377
378           Wildcards cannot be used.
379
380       --no-logfile
381           Scrub "builder.log" (log file from build commands) from the image
382           after building is complete.  If you don't want to reveal precisely
383           how the image was built, use this option.
384
385           See also: "LOG FILE".
386
387       --password USER:SELECTOR
388           Set the password for "USER".  (Note this option does not create the
389           user account).
390
391           See "USERS AND PASSWORDS" in virt-builder(1) for the format of the
392           "SELECTOR" field, and also how to set up user accounts.
393
394       --password-crypto md5|sha256|sha512
395           When the virt tools change or set a password in the guest, this
396           option sets the password encryption of that password to "md5",
397           "sha256" or "sha512".
398
399           "sha256" and "sha512" require glibc ≥ 2.7 (check crypt(3) inside
400           the guest).
401
402           "md5" will work with relatively old Linux guests (eg. RHEL 3), but
403           is not secure against modern attacks.
404
405           The default is "sha512" unless libguestfs detects an old guest that
406           didn't have support for SHA-512, in which case it will use "md5".
407           You can override libguestfs by specifying this option.
408
409           Note this does not change the default password encryption used by
410           the guest when you create new user accounts inside the guest.  If
411           you want to do that, then you should use the --edit option to
412           modify "/etc/sysconfig/authconfig" (Fedora, RHEL) or
413           "/etc/pam.d/common-password" (Debian, Ubuntu).
414
415       --root-password SELECTOR
416           Set the root password.
417
418           See "USERS AND PASSWORDS" in virt-builder(1) for the format of the
419           "SELECTOR" field, and also how to set up user accounts.
420
421           Note: In virt-builder, if you don't set --root-password then the
422           guest is given a random root password.
423
424       --run SCRIPT
425           Run the shell script (or any program) called "SCRIPT" on the disk
426           image.  The script runs virtualized inside a small appliance,
427           chrooted into the guest filesystem.
428
429           The script is automatically chmod +x.
430
431           If libguestfs supports it then a limited network connection is
432           available but it only allows outgoing network connections.  You can
433           also attach data disks (eg. ISO files) as another way to provide
434           data (eg. software packages) to the script without needing a
435           network connection (--attach).  You can also upload data files
436           (--upload).
437
438           You can have multiple --run options.  They run in the same order
439           that they appear on the command line.
440
441           See also: --firstboot, --attach, --upload.
442
443       --run-command 'CMD+ARGS'
444           Run the command and arguments on the disk image.  The command runs
445           virtualized inside a small appliance, chrooted into the guest
446           filesystem.
447
448           If libguestfs supports it then a limited network connection is
449           available but it only allows outgoing network connections.  You can
450           also attach data disks (eg. ISO files) as another way to provide
451           data (eg. software packages) to the script without needing a
452           network connection (--attach).  You can also upload data files
453           (--upload).
454
455           You can have multiple --run-command options.  They run in the same
456           order that they appear on the command line.
457
458           See also: --firstboot, --attach, --upload.
459
460       --scrub FILE
461           Scrub a file from the guest.  This is like --delete except that:
462
463           ·   It scrubs the data so a guest could not recover it.
464
465           ·   It cannot delete directories, only regular files.
466
467       --selinux-relabel
468           Relabel files in the guest so that they have the correct SELinux
469           label.
470
471           This will attempt to relabel files immediately, but if the
472           operation fails this will instead touch /.autorelabel on the image
473           to schedule a relabel operation for the next time the image boots.
474
475           You should only use this option for guests which support SELinux.
476
477       --sm-attach SELECTOR
478           Attach to a pool using "subscription-manager".
479
480           See "SUBSCRIPTION-MANAGER" in virt-builder(1) for the format of the
481           "SELECTOR" field.
482
483       --sm-credentials SELECTOR
484           Set the credentials for "subscription-manager".
485
486           See "SUBSCRIPTION-MANAGER" in virt-builder(1) for the format of the
487           "SELECTOR" field.
488
489       --sm-register
490           Register the guest using "subscription-manager".
491
492           This requires credentials being set using --sm-credentials.
493
494       --sm-remove
495           Remove all the subscriptions from the guest using
496           "subscription-manager".
497
498       --sm-unregister
499           Unregister the guest using "subscription-manager".
500
501       --ssh-inject USER[:SELECTOR]
502           Inject an ssh key so the given "USER" will be able to log in over
503           ssh without supplying a password.  The "USER" must exist already in
504           the guest.
505
506           See "SSH KEYS" in virt-builder(1) for the format of the "SELECTOR"
507           field.
508
509           You can have multiple --ssh-inject options, for different users and
510           also for more keys for each user.
511
512       --timezone TIMEZONE
513           Set the default timezone of the guest to "TIMEZONE".  Use a
514           location string like "Europe/London"
515
516       --touch FILE
517           This command performs a touch(1)-like operation on "FILE".
518
519       --truncate FILE
520           This command truncates "FILE" to a zero-length file. The file must
521           exist already.
522
523       --truncate-recursive PATH
524           This command recursively truncates all files under "PATH" to zero-
525           length.
526
527       --uninstall PKG,PKG..
528           Uninstall the named packages (a comma-separated list).  These are
529           removed during the image build using the guest’s package manager
530           (eg. apt, yum, etc.).  Dependent packages may also need to be
531           uninstalled to satisfy the request.
532
533           See also --install, --update.
534
535       --update
536           Do the equivalent of "yum update", "apt-get upgrade", or whatever
537           command is required to update the packages already installed in the
538           template to their latest versions.
539
540           See also --install, --uninstall.
541
542       --upload FILE:DEST
543           Upload local file "FILE" to destination "DEST" in the disk image.
544           File owner and permissions from the original are preserved, so you
545           should set them to what you want them to be in the disk image.
546
547           "DEST" could be the final filename.  This can be used to rename the
548           file on upload.
549
550           If "DEST" is a directory name (which must already exist in the
551           guest) then the file is uploaded into that directory, and it keeps
552           the same name as on the local filesystem.
553
554           See also: --mkdir, --delete, --scrub.
555
556       --write FILE:CONTENT
557           Write "CONTENT" to "FILE".
558

SELINUX

560       For guests which make use of SELinux, special handling for them might
561       be needed when using operations which create new files or alter
562       existing ones.
563
564       For further details, see "SELINUX" in virt-builder(1).
565

EXIT STATUS

567       This program returns 0 on success, or 1 if there was an error.
568

ENVIRONMENT VARIABLES

570       "VIRT_TOOLS_DATA_DIR"
571           This can point to the directory containing data files used for
572           Windows firstboot installation.
573
574           Normally you do not need to set this.  If not set, a compiled-in
575           default will be used (something like /usr/share/virt-tools).
576
577           This directory may contain the following files:
578
579           rhsrvany.exe
580               This is the RHSrvAny Windows binary, used to install a
581               "firstboot" script in Windows guests.  It is required if you
582               intend to use the --firstboot or --firstboot-command options
583               with Windows guests.
584
585               See also: "https://github.com/rwmjones/rhsrvany"
586
587           pvvxsvc.exe
588               This is a Windows binary shipped with SUSE VMDP, used to
589               install a "firstboot" script in Windows guests.  It is required
590               if you intend to use the --firstboot or --firstboot-command
591               options with Windows guests.
592
593       For other environment variables, see "ENVIRONMENT VARIABLES" in
594       guestfs(3).
595

SEE ALSO

597       guestfs(3), guestfish(1), virt-builder(1), virt-clone(1),
598       virt-rescue(1), virt-resize(1), virt-sparsify(1), virt-sysprep(1),
599       virsh(1), lvcreate(8), qemu-img(1), scrub(1), http://libguestfs.org/,
600       http://libvirt.org/.
601

AUTHORS

603       Richard W.M. Jones http://people.redhat.com/~rjones/
604
606       Copyright (C) 2011-2020 Red Hat Inc.
607

LICENSE

609       This program is free software; you can redistribute it and/or modify it
610       under the terms of the GNU General Public License as published by the
611       Free Software Foundation; either version 2 of the License, or (at your
612       option) any later version.
613
614       This program is distributed in the hope that it will be useful, but
615       WITHOUT ANY WARRANTY; without even the implied warranty of
616       MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
617       General Public License for more details.
618
619       You should have received a copy of the GNU General Public License along
620       with this program; if not, write to the Free Software Foundation, Inc.,
621       51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
622

BUGS

624       To get a list of bugs against libguestfs, use this link:
625       https://bugzilla.redhat.com/buglist.cgi?component=libguestfs&product=Virtualization+Tools
626
627       To report a new bug against libguestfs, use this link:
628       https://bugzilla.redhat.com/enter_bug.cgi?component=libguestfs&product=Virtualization+Tools
629
630       When reporting a bug, please supply:
631
632       ·   The version of libguestfs.
633
634       ·   Where you got libguestfs (eg. which Linux distro, compiled from
635           source, etc)
636
637       ·   Describe the bug accurately and give a way to reproduce it.
638
639       ·   Run libguestfs-test-tool(1) and paste the complete, unedited output
640           into the bug report.
641
642
643
644libguestfs-1.42.0                 2020-03-09                 virt-customize(1)
Impressum