1guestmount(1)               Virtualization Support               guestmount(1)
2
3
4

NAME

6       guestmount - Mount a guest filesystem on the host using FUSE and
7       libguestfs
8

SYNOPSIS

10        guestmount [--options] -a disk.img -m device [--ro] mountpoint
11
12        guestmount [--options] -a disk.img -i [--ro] mountpoint
13
14        guestmount [--options] -d Guest -i [--ro] mountpoint
15

WARNING

17       Using "guestmount" in write mode on live virtual machines, or
18       concurrently with other disk editing tools, can be dangerous,
19       potentially causing disk corruption.  The virtual machine must be shut
20       down before you use this command, and disk images must not be edited
21       concurrently.
22
23       Use the --ro (read-only) option to use "guestmount" safely if the disk
24       image or virtual machine might be live.  You may see strange or
25       inconsistent results if running concurrently with other changes, but
26       with this option you won't risk disk corruption.
27

DESCRIPTION

29       The guestmount program can be used to mount virtual machine filesystems
30       and other disk images on the host.  It uses libguestfs for access to
31       the guest filesystem, and FUSE (the "filesystem in userspace") to make
32       it appear as a mountable device.
33
34       Along with other options, you have to give at least one device (-a
35       option) or libvirt domain (-d option), and at least one mountpoint (-m
36       option) or use the -i inspection option or the --live option.  How this
37       works is better explained in the guestfish(1) manual page, or by
38       looking at the examples below.
39
40       FUSE lets you mount filesystems as non-root.  The mountpoint must be
41       owned by you.  The filesystem will not be visible to any other users
42       unless you make configuration changes, see "NOTES" below.
43
44       To unmount the filesystem, use the guestunmount(1) command.
45

EXAMPLES

47       For a typical Windows guest which has its main filesystem on the first
48       partition:
49
50        guestmount -a windows.img -m /dev/sda1 --ro /mnt
51
52       For a typical Linux guest which has a /boot filesystem on the first
53       partition, and the root filesystem on a logical volume:
54
55        guestmount -a linux.img -m /dev/VG/LV -m /dev/sda1:/boot --ro /mnt
56
57       To get libguestfs to detect guest mountpoints for you:
58
59        guestmount -a guest.img -i --ro /mnt
60
61       For a libvirt guest called "Guest" you could do:
62
63        guestmount -d Guest -i --ro /mnt
64
65       If you don’t know what filesystems are contained in a guest or disk
66       image, use virt-filesystems(1) first:
67
68        virt-filesystems -d MyGuest
69
70       If you want to trace the libguestfs calls but without excessive
71       debugging information, we recommend:
72
73        guestmount [...] --trace /mnt
74
75       If you want to debug the program, we recommend:
76
77        guestmount [...] --trace --verbose /mnt
78
79       To unmount the filesystem after using it:
80
81        guestunmount /mnt
82

NOTES

84   Other users cannot see the filesystem by default
85       If you mount a filesystem as one user (eg. root), then other users will
86       not be able to see it by default.  The fix is to add the FUSE
87       "allow_other" option when mounting:
88
89        sudo guestmount [...] -o allow_other /mnt
90
91       and to enable this option in /etc/fuse.conf.
92
93   Enabling FUSE
94       On some distros, you may need to add yourself to a special group (eg.
95       "fuse") before you can use any FUSE filesystem.  This is necessary on
96       Debian and derivatives.
97
98       On other distros, no special group is required.  It is not necessary on
99       Fedora or Red Hat Enterprise Linux.
100
101   fusermount error: "Device or resource busy"
102       You can see this error when another process on the system jumps into
103       the mountpoint you have just created, holding it open and preventing
104       you from unmounting it.  The usual culprits are various GUI "indexing"
105       programs.
106
107       The popular workaround for this problem is to retry the "fusermount -u"
108       command a few times until it works (guestunmount(1) does this for you).
109       Unfortunately this isn't a reliable fix if (for example) the mounted
110       filesystem is particularly large and the intruding program particularly
111       persistent.
112
113       A proper fix is to use a private mountpoint by creating a new mount
114       namespace using the Linux-specific clone(2)/unshare(2) flag
115       "CLONE_NEWNS".  Unfortunately at the moment this requires root and we
116       would also probably need to add it as a feature to guestmount.
117
118   Race conditions possible when shutting down the connection
119       When guestunmount(1)/fusermount(1) exits, guestmount may still be
120       running and cleaning up the mountpoint.  The disk image will not be
121       fully finalized.
122
123       This means that scripts like the following have a nasty race condition:
124
125        guestmount -a disk.img -i /mnt
126        # copy things into /mnt
127        guestunmount /mnt
128        # immediately try to use 'disk.img' ** UNSAFE **
129
130       The solution is to use the --pid-file option to write the guestmount
131       PID to a file, then after guestunmount spin waiting for this PID to
132       exit.
133
134        guestmount -a disk.img -i --pid-file guestmount.pid /mnt
135
136        # ...
137        # ...
138
139        # Save the PID of guestmount *before* calling guestunmount.
140        pid="$(cat guestmount.pid)"
141
142        # Unmount the filesystem.
143        guestunmount /mnt
144
145        timeout=10
146
147        count=$timeout
148        while kill -0 "$pid" 2>/dev/null && [ $count -gt 0 ]; do
149            sleep 1
150            ((count--))
151        done
152        if [ $count -eq 0 ]; then
153            echo "$0: wait for guestmount to exit failed after $timeout seconds"
154            exit 1
155        fi
156
157        # Now it is safe to use the disk image.
158
159       Note that if you use the "guestfs_mount_local" API directly (see "MOUNT
160       LOCAL" in guestfs(3)) then it is much easier to write a safe, race-free
161       program.
162

OPTIONS

164       -a IMAGE
165       --add IMAGE
166           Add a block device or virtual machine image.
167
168           The format of the disk image is auto-detected.  To override this
169           and force a particular format use the --format=.. option.
170
171       -a URI
172       --add URI
173           Add a remote disk.  See "ADDING REMOTE STORAGE" in guestfish(1).
174
175       --blocksize=512
176       --blocksize=4096
177       --blocksize
178           This parameter sets the sector size of the disk image.  It affects
179           all explicitly added subsequent disks after this parameter.  Using
180           --blocksize with no argument switches the disk sector size to the
181           default value which is usually 512 bytes.  See also
182           "guestfs_add_drive_opts" in guestfs(3).
183
184       -c URI
185       --connect URI
186           When used in conjunction with the -d option, this specifies the
187           libvirt URI to use.  The default is to use the default libvirt
188           connection.
189
190       -d LIBVIRT-DOMAIN
191       --domain LIBVIRT-DOMAIN
192           Add disks from the named libvirt domain.  If the --ro option is
193           also used, then any libvirt domain can be used.  However in write
194           mode, only libvirt domains which are shut down can be named here.
195
196           Domain UUIDs can be used instead of names.
197
198       --dir-cache-timeout N
199           Set the readdir cache timeout to N seconds, the default being 60
200           seconds.  The readdir cache [actually, there are several semi-
201           independent caches] is populated after a readdir(2) call with the
202           stat and extended attributes of the files in the directory, in
203           anticipation that they will be requested soon after.
204
205           There is also a different attribute cache implemented by FUSE (see
206           the FUSE option -o attr_timeout), but the FUSE cache does not
207           anticipate future requests, only cache existing ones.
208
209       --echo-keys
210           When prompting for keys and passphrases, guestfish normally turns
211           echoing off so you cannot see what you are typing.  If you are not
212           worried about Tempest attacks and there is no one else in the room
213           you can specify this flag to see what you are typing.
214
215       --fd=FD
216           Specify a pipe or eventfd file descriptor.  When the mountpoint is
217           ready to be used, guestmount writes a single byte to this file
218           descriptor.  This can be used in conjunction with --no-fork in
219           order to run guestmount captive under another process.
220
221       --format=raw|qcow2|..
222       --format
223           The default for the -a option is to auto-detect the format of the
224           disk image.  Using this forces the disk format for -a options which
225           follow on the command line.  Using --format with no argument
226           switches back to auto-detection for subsequent -a options.
227
228           If you have untrusted raw-format guest disk images, you should use
229           this option to specify the disk format.  This avoids a possible
230           security problem with malicious guests (CVE-2010-3851).  See also
231           "guestfs_add_drive_opts" in guestfs(3).
232
233       --fuse-help
234           Display help on special FUSE options (see -o below).
235
236       --help
237           Display brief help and exit.
238
239       -i
240       --inspector
241           Using virt-inspector(1) code, inspect the disks looking for an
242           operating system and mount filesystems as they would be mounted on
243           the real virtual machine.
244
245       --key SELECTOR
246           Specify a key for LUKS, to automatically open a LUKS device when
247           using the inspection.  "ID" can be either the libguestfs device
248           name, or the UUID of the LUKS device.
249
250           --key "ID":key:KEY_STRING
251               Use the specified "KEY_STRING" as passphrase.
252
253           --key "ID":file:FILENAME
254               Read the passphrase from FILENAME.
255
256       --keys-from-stdin
257           Read key or passphrase parameters from stdin.  The default is to
258           try to read passphrases from the user by opening /dev/tty.
259
260           If there are multiple encrypted devices then you may need to supply
261           multiple keys on stdin, one per line.
262
263       --live
264           Connect to a live virtual machine.  (Experimental, see "ATTACHING
265           TO RUNNING DAEMONS" in guestfs(3)).
266
267       -m dev[:mountpoint[:options[:fstype]]
268       --mount dev[:mountpoint[:options[:fstype]]]
269           Mount the named partition or logical volume on the given mountpoint
270           in the guest (this has nothing to do with mountpoints in the host).
271
272           If the mountpoint is omitted, it defaults to /.  You have to mount
273           something on /.
274
275           The third (and rarely used) part of the mount parameter is the list
276           of mount options used to mount the underlying filesystem.  If this
277           is not given, then the mount options are either the empty string or
278           "ro" (the latter if the --ro flag is used).  By specifying the
279           mount options, you override this default choice.  Probably the only
280           time you would use this is to enable ACLs and/or extended
281           attributes if the filesystem can support them:
282
283            -m /dev/sda1:/:acl,user_xattr
284
285           The fourth part of the parameter is the filesystem driver to use,
286           such as "ext3" or "ntfs". This is rarely needed, but can be useful
287           if multiple drivers are valid for a filesystem (eg: "ext2" and
288           "ext3"), or if libguestfs misidentifies a filesystem.
289
290       --no-fork
291           Don’t daemonize (or fork into the background).
292
293       -n
294       --no-sync
295           By default, we attempt to sync the guest disk when the FUSE
296           mountpoint is unmounted.  If you specify this option, then we don't
297           attempt to sync the disk.  See the discussion of autosync in the
298           guestfs(3) manpage.
299
300       -o OPTION
301       --option OPTION
302           Pass extra options to FUSE.
303
304           To get a list of all the extra options supported by FUSE, use the
305           command below.  Note that only the FUSE -o options can be passed,
306           and only some of them are a good idea.
307
308            guestmount --fuse-help
309
310           Some potentially useful FUSE options:
311
312           -o allow_other
313               Allow other users to see the filesystem.  This option has no
314               effect unless you enable it globally in /etc/fuse.conf.
315
316           -o attr_timeout=N
317               Enable attribute caching by FUSE, and set the timeout to N
318               seconds.
319
320           -o kernel_cache
321               Allow the kernel to cache files (reduces the number of reads
322               that have to go through the guestfs(3) API).  This is generally
323               a good idea if you can afford the extra memory usage.
324
325           -o uid=N -o gid=N
326               Use these options to map all UIDs and GIDs inside the guest
327               filesystem to the chosen values.
328
329           -o use_ino
330               Preserve inode numbers from the underlying filesystem.
331
332               Without this option, FUSE makes up its own inode numbers.  The
333               inode numbers you see in stat(2), "ls -i" etc aren't the inode
334               numbers of the underlying filesystem.
335
336               Note this option is potentially dangerous if the underlying
337               filesystem consists of multiple mountpoints, as you may see
338               duplicate inode numbers appearing through FUSE.  Use of this
339               option can confuse some software.
340
341       --pid-file FILENAME
342           Write the PID of the guestmount worker process to "filename".
343
344       -r
345       --ro
346           Add devices and mount everything read-only.  Also disallow writes
347           and make the disk appear read-only to FUSE.
348
349           This is highly recommended if you are not going to edit the guest
350           disk.  If the guest is running and this option is not supplied,
351           then there is a strong risk of disk corruption in the guest.  We
352           try to prevent this from happening, but it is not always possible.
353
354           See also "OPENING DISKS FOR READ AND WRITE" in guestfish(1).
355
356       --selinux
357           This option is provided for backwards compatibility and does
358           nothing.
359
360       -v
361       --verbose
362           Enable verbose messages from underlying libguestfs.
363
364       -V
365       --version
366           Display the program version and exit.
367
368       -w
369       --rw
370           This changes the -a, -d and -m options so that disks are added and
371           mounts are done read-write.
372
373           See "OPENING DISKS FOR READ AND WRITE" in guestfish(1).
374
375       -x
376       --trace
377           Trace libguestfs calls and entry into each FUSE function.
378
379           This also stops the daemon from forking into the background (see
380           --no-fork).
381

FILES

383       $XDG_CONFIG_HOME/libguestfs/libguestfs-tools.conf
384       $HOME/.libguestfs-tools.rc
385       $XDG_CONFIG_DIRS/libguestfs/libguestfs-tools.conf
386       /etc/libguestfs-tools.conf
387           This configuration file controls the default read-only or read-
388           write mode (--ro or --rw).
389
390           See libguestfs-tools.conf(5).
391

EXIT STATUS

393       This program returns 0 if successful, or non-zero if there was an
394       error.
395

SEE ALSO

397       guestunmount(1), fusermount(1), guestfish(1), virt-inspector(1),
398       virt-cat(1), virt-edit(1), virt-tar(1), libguestfs-tools.conf(5),
399       "MOUNT LOCAL" in guestfs(3), http://libguestfs.org/,
400       http://fuse.sf.net/.
401

AUTHORS

403       Richard W.M. Jones ("rjones at redhat dot com")
404
406       Copyright (C) 2009-2020 Red Hat Inc.
407

LICENSE

409       This program is free software; you can redistribute it and/or modify it
410       under the terms of the GNU General Public License as published by the
411       Free Software Foundation; either version 2 of the License, or (at your
412       option) any later version.
413
414       This program is distributed in the hope that it will be useful, but
415       WITHOUT ANY WARRANTY; without even the implied warranty of
416       MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
417       General Public License for more details.
418
419       You should have received a copy of the GNU General Public License along
420       with this program; if not, write to the Free Software Foundation, Inc.,
421       51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
422

BUGS

424       To get a list of bugs against libguestfs, use this link:
425       https://bugzilla.redhat.com/buglist.cgi?component=libguestfs&product=Virtualization+Tools
426
427       To report a new bug against libguestfs, use this link:
428       https://bugzilla.redhat.com/enter_bug.cgi?component=libguestfs&product=Virtualization+Tools
429
430       When reporting a bug, please supply:
431
432       •   The version of libguestfs.
433
434       •   Where you got libguestfs (eg. which Linux distro, compiled from
435           source, etc)
436
437       •   Describe the bug accurately and give a way to reproduce it.
438
439       •   Run libguestfs-test-tool(1) and paste the complete, unedited output
440           into the bug report.
441
442
443
444libguestfs-1.45.4                 2021-04-03                     guestmount(1)
Impressum