1virt-ls(1)                  Virtualization Support                  virt-ls(1)
2
3
4

NAME

6       virt-ls - List files in a virtual machine
7

SYNOPSIS

9        virt-ls [--options] -d domname directory [directory ...]
10
11        virt-ls [--options] -a disk.img [-a disk.img ...] directory [directory ...]
12
13       Old style:
14
15        virt-ls [--options] domname directory
16
17        virt-ls [--options] disk.img [disk.img ...] directory
18

DESCRIPTION

20       "virt-ls" lists filenames, file sizes, checksums, extended attributes
21       and more from a virtual machine or disk image.
22
23       Multiple directory names can be given, in which case the output from
24       each is concatenated.
25
26       To list directories from a libvirt guest use the -d option to specify
27       the name of the guest.  For a disk image, use the -a option.
28
29       "virt-ls" can do many simple file listings.  For more complicated cases
30       you may need to use guestfish(1), or write a program directly to the
31       guestfs(3) API.
32

EXAMPLES

34       Get a list of all files and directories in a virtual machine:
35
36        virt-ls -R -d guest /
37
38       List all setuid or setgid programs in a Linux virtual machine:
39
40        virt-ls -lR -d guest / | grep '^- [42]'
41
42       List all public-writable directories in a Linux virtual machine:
43
44        virt-ls -lR -d guest / | grep '^d ...7'
45
46       List all Unix domain sockets in a Linux virtual machine:
47
48        virt-ls -lR -d guest / | grep '^s'
49
50       List all regular files with filenames ending in ‘.png’:
51
52        virt-ls -lR -d guest / | grep -i '^-.*\.png$'
53
54       To display files larger than 10MB in home directories:
55
56        virt-ls -lR -d guest /home | awk '$3 > 10*1024*1024'
57
58       Find everything modified in the last 7 days:
59
60        virt-ls -lR -d guest --time-days / | awk '$6 <= 7'
61
62       Find regular files modified in the last 24 hours:
63
64        virt-ls -lR -d guest --time-days / | grep '^-' | awk '$6 < 1'
65
66   DIFFERENCES IN SNAPSHOTS AND BACKING FILES
67       Although it is possible to use virt-ls to look for differences, since
68       libguestfs ≥ 1.26 a new tool is available called virt-diff(1).
69

OUTPUT MODES

71       "virt-ls" has four output modes, controlled by different combinations
72       of the -l and -R options.
73
74   SIMPLE LISTING
75       A simple listing is like the ordinary ls(1) command:
76
77        $ virt-ls -d guest /
78        bin
79        boot
80        [etc.]
81
82   LONG LISTING
83       With the -l (--long) option, the output is like the "ls -l" command
84       (more specifically, like the "guestfs_ll" function).
85
86        $ virt-ls -l -d guest /
87        total 204
88        dr-xr-xr-x.   2 root root   4096 2009-08-25 19:06 bin
89        dr-xr-xr-x.   5 root root   3072 2009-08-25 19:06 boot
90        [etc.]
91
92       Note that while this is useful for displaying a directory, do not try
93       parsing this output in another program.  Use "RECURSIVE LONG LISTING"
94       instead.
95
96   RECURSIVE LISTING
97       With the -R (--recursive) option, "virt-ls" lists the names of files
98       and directories recursively:
99
100        $ virt-ls -R -d guest /tmp
101        foo
102        foo/bar
103        [etc.]
104
105       To generate this output, "virt-ls" runs the "guestfs_find0" function
106       and converts "\0" characters to "\n".
107
108   RECURSIVE LONG LISTING
109       Using -lR options together changes the output to display directories
110       recursively, with file stats, and optionally other features such as
111       checksums and extended attributes.
112
113       Most of the interesting features of "virt-ls" are only available when
114       using -lR mode.
115
116       The fields are normally space-separated.  Filenames are not quoted, so
117       you cannot use the output in another program (because filenames can
118       contain spaces and other unsafe characters).  If the guest was
119       untrusted and someone knew you were using "virt-ls" to analyze the
120       guest, they could play tricks on you by creating filenames with
121       embedded newline characters.  To safely parse the output in another
122       program, use the --csv (Comma-Separated Values) option.
123
124       Note that this output format is completely unrelated to the "ls -lR"
125       command.
126
127        $ virt-ls -lR -d guest /bin
128        d 0555       4096 /bin
129        - 0755        123 /bin/alsaunmute
130        - 0755      28328 /bin/arch
131        l 0777          4 /bin/awk -> gawk
132        - 0755      27216 /bin/basename
133        - 0755     943360 /bin/bash
134        [etc.]
135
136       These basic fields are always shown:
137
138       type
139           The file type, one of: "-" (regular file), "d" (directory), "c"
140           (character device), "b" (block device), "p" (named pipe), "l"
141           (symbolic link), "s" (socket) or "u" (unknown).
142
143       permissions
144           The Unix permissions, displayed as a 4 digit octal number.
145
146       size
147           The size of the file.  This is shown in bytes unless -h or
148           --human-readable option is given, in which case this is shown as a
149           human-readable number.
150
151       path
152           The full path of the file or directory.
153
154       link
155           For symbolic links only, the link target.
156
157       In -lR mode, additional command line options enable the display of more
158       fields.
159
160       With the --uids flag, these additional fields are displayed before the
161       path:
162
163       uid
164       gid The UID and GID of the owner of the file (displayed numerically).
165           Note these only make sense in the context of a Unix-like guest.
166
167       With the --times flag, these additional fields are displayed:
168
169       atime
170           The time of last access.
171
172       mtime
173           The time of last modification.
174
175       ctime
176           The time of last status change.
177
178       The time fields are displayed as string dates and times, unless one of
179       the --time-t, --time-relative or --time-days flags is given.
180
181       With the --extra-stats flag, these additional fields are displayed:
182
183       device
184           The device containing the file (displayed as major:minor).  This
185           may not match devices as known to the guest.
186
187       inode
188           The inode number.
189
190       nlink
191           The number of hard links.
192
193       rdev
194           For block and char special files, the device (displayed as
195           major:minor).
196
197       blocks
198           The number of 512 byte blocks allocated to the file.
199
200       With the --checksum flag, the checksum of the file contents is shown
201       (only for regular files).  Computing file checksums can take a
202       considerable amount of time.
203

OPTIONS

205       --help
206           Display brief help.
207
208       -a file
209       --add file
210           Add file which should be a disk image from a virtual machine.  If
211           the virtual machine has multiple block devices, you must supply all
212           of them with separate -a options.
213
214           The format of the disk image is auto-detected.  To override this
215           and force a particular format use the --format=.. option.
216
217       -a URI
218       --add URI
219           Add a remote disk.  See "ADDING REMOTE STORAGE" in guestfish(1).
220
221       --blocksize=512
222       --blocksize=4096
223       --blocksize
224           This parameter sets the sector size of the disk image.  It affects
225           all explicitly added subsequent disks after this parameter.  Using
226           --blocksize with no argument switches the disk sector size to the
227           default value which is usually 512 bytes.  See also
228           "guestfs_add_drive_opts" in guestfs(3).
229
230       --checksum
231       --checksum=crc|md5|sha1|sha224|sha256|sha384|sha512
232           Display checksum over file contents for regular files.  With no
233           argument, this defaults to using md5.  Using an argument, you can
234           select the checksum type to use.
235
236           This option only has effect in -lR output mode.  See "RECURSIVE
237           LONG LISTING" above.
238
239       -c URI
240       --connect URI
241           If using libvirt, connect to the given URI.  If omitted, then we
242           connect to the default libvirt hypervisor.
243
244           If you specify guest block devices directly (-a), then libvirt is
245           not used at all.
246
247       --csv
248           Write out the results in CSV format (comma-separated values).  This
249           format can be imported easily into databases and spreadsheets, but
250           read "NOTE ABOUT CSV FORMAT" below.
251
252       -d guest
253       --domain guest
254           Add all the disks from the named libvirt guest.  Domain UUIDs can
255           be used instead of names.
256
257       --echo-keys
258           When prompting for keys and passphrases, virt-ls normally turns
259           echoing off so you cannot see what you are typing.  If you are not
260           worried about Tempest attacks and there is no one else in the room
261           you can specify this flag to see what you are typing.
262
263       --extra-stats
264           Display extra stats.
265
266           This option only has effect in -lR output mode.  See "RECURSIVE
267           LONG LISTING" above.
268
269       --format=raw|qcow2|..
270       --format
271           The default for the -a option is to auto-detect the format of the
272           disk image.  Using this forces the disk format for -a options which
273           follow on the command line.  Using --format with no argument
274           switches back to auto-detection for subsequent -a options.
275
276           For example:
277
278            virt-ls --format=raw -a disk.img /dir
279
280           forces raw format (no auto-detection) for disk.img.
281
282            virt-ls --format=raw -a disk.img --format -a another.img /dir
283
284           forces raw format (no auto-detection) for disk.img and reverts to
285           auto-detection for another.img.
286
287           If you have untrusted raw-format guest disk images, you should use
288           this option to specify the disk format.  This avoids a possible
289           security problem with malicious guests (CVE-2010-3851).
290
291       -h
292       --human-readable
293           Display file sizes in human-readable format.
294
295           This option only has effect in -lR output mode.  See "RECURSIVE
296           LONG LISTING" above.
297
298       --key SELECTOR
299           Specify a key for LUKS, to automatically open a LUKS device when
300           using the inspection.  "ID" can be either the libguestfs device
301           name, or the UUID of the LUKS device.
302
303           --key "ID":key:KEY_STRING
304               Use the specified "KEY_STRING" as passphrase.
305
306           --key "ID":file:FILENAME
307               Read the passphrase from FILENAME.
308
309       --keys-from-stdin
310           Read key or passphrase parameters from stdin.  The default is to
311           try to read passphrases from the user by opening /dev/tty.
312
313           If there are multiple encrypted devices then you may need to supply
314           multiple keys on stdin, one per line.
315
316       -m dev[:mountpoint[:options[:fstype]]]
317       --mount dev[:mountpoint[:options[:fstype]]]
318           Mount the named partition or logical volume on the given
319           mountpoint.
320
321           If the mountpoint is omitted, it defaults to /.
322
323           Specifying any mountpoint disables the inspection of the guest and
324           the mount of its root and all of its mountpoints, so make sure to
325           mount all the mountpoints needed to work with the filenames given
326           as arguments.
327
328           If you don’t know what filesystems a disk image contains, you can
329           either run guestfish without this option, then list the partitions,
330           filesystems and LVs available (see "list-partitions", "list-
331           filesystems" and "lvs" commands), or you can use the
332           virt-filesystems(1) program.
333
334           The third (and rarely used) part of the mount parameter is the list
335           of mount options used to mount the underlying filesystem.  If this
336           is not given, then the mount options are either the empty string or
337           "ro" (the latter if the --ro flag is used).  By specifying the
338           mount options, you override this default choice.  Probably the only
339           time you would use this is to enable ACLs and/or extended
340           attributes if the filesystem can support them:
341
342            -m /dev/sda1:/:acl,user_xattr
343
344           Using this flag is equivalent to using the "mount-options" command.
345
346           The fourth part of the parameter is the filesystem driver to use,
347           such as "ext3" or "ntfs". This is rarely needed, but can be useful
348           if multiple drivers are valid for a filesystem (eg: "ext2" and
349           "ext3"), or if libguestfs misidentifies a filesystem.
350
351       -l
352       --long
353       -R
354       --recursive
355           Select the mode.  With neither of these options, "virt-ls" produces
356           a simple, flat list of the files in the named directory.  See
357           "SIMPLE LISTING".
358
359           "virt-ls -l" produces a "long listing", which shows more detail.
360           See "LONG LISTING".
361
362           "virt-ls -R" produces a recursive list of files starting at the
363           named directory.  See "RECURSIVE LISTING".
364
365           "virt-ls -lR" produces a recursive long listing which can be more
366           easily parsed.  See "RECURSIVE LONG LISTING".
367
368       --times
369           Display time fields.
370
371           This option only has effect in -lR output mode.  See "RECURSIVE
372           LONG LISTING" above.
373
374       --time-days
375           Display time fields as days before now (negative if in the future).
376
377           Note that 0 in output means "up to 1 day before now", or that the
378           age of the file is between 0 and 86399 seconds.
379
380           This option only has effect in -lR output mode.  See "RECURSIVE
381           LONG LISTING" above.
382
383       --time-relative
384           Display time fields as seconds before now (negative if in the
385           future).
386
387           This option only has effect in -lR output mode.  See "RECURSIVE
388           LONG LISTING" above.
389
390       --time-t
391           Display time fields as seconds since the Unix epoch.
392
393           This option only has effect in -lR output mode.  See "RECURSIVE
394           LONG LISTING" above.
395
396       --uids
397           Display UID and GID fields.
398
399           This option only has effect in -lR output mode.  See "RECURSIVE
400           LONG LISTING" above.
401
402       -v
403       --verbose
404           Enable verbose messages for debugging.
405
406       -V
407       --version
408           Display version number and exit.
409
410       -x  Enable tracing of libguestfs API calls.
411

OLD-STYLE COMMAND LINE ARGUMENTS

413       Previous versions of virt-ls allowed you to write either:
414
415        virt-ls disk.img [disk.img ...] /dir
416
417       or
418
419        virt-ls guestname /dir
420
421       whereas in this version you should use -a or -d respectively to avoid
422       the confusing case where a disk image might have the same name as a
423       guest.
424
425       For compatibility the old style is still supported.
426

NOTE ABOUT CSV FORMAT

428       Comma-separated values (CSV) is a deceptive format.  It seems like it
429       should be easy to parse, but it is definitely not easy to parse.
430
431       Myth: Just split fields at commas.  Reality: This does not work
432       reliably.  This example has two columns:
433
434        "foo,bar",baz
435
436       Myth: Read the file one line at a time.  Reality: This does not work
437       reliably.  This example has one row:
438
439        "foo
440        bar",baz
441
442       For shell scripts, use "csvtool" (https://github.com/Chris00/ocaml-csv
443       also packaged in major Linux distributions).
444
445       For other languages, use a CSV processing library (eg. "Text::CSV" for
446       Perl or Python’s built-in csv library).
447
448       Most spreadsheets and databases can import CSV directly.
449

EXIT STATUS

451       This program returns 0 if successful, or non-zero if there was an
452       error.
453

SEE ALSO

455       guestfs(3), guestfish(1), virt-cat(1), virt-copy-out(1), virt-diff(1),
456       virt-tar-out(1), http://libguestfs.org/.
457

AUTHOR

459       Richard W.M. Jones http://people.redhat.com/~rjones/
460
462       Copyright (C) 2009-2020 Red Hat Inc.
463

LICENSE

465       This program is free software; you can redistribute it and/or modify it
466       under the terms of the GNU General Public License as published by the
467       Free Software Foundation; either version 2 of the License, or (at your
468       option) any later version.
469
470       This program is distributed in the hope that it will be useful, but
471       WITHOUT ANY WARRANTY; without even the implied warranty of
472       MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
473       General Public License for more details.
474
475       You should have received a copy of the GNU General Public License along
476       with this program; if not, write to the Free Software Foundation, Inc.,
477       51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
478

BUGS

480       To get a list of bugs against libguestfs, use this link:
481       https://bugzilla.redhat.com/buglist.cgi?component=libguestfs&product=Virtualization+Tools
482
483       To report a new bug against libguestfs, use this link:
484       https://bugzilla.redhat.com/enter_bug.cgi?component=libguestfs&product=Virtualization+Tools
485
486       When reporting a bug, please supply:
487
488       •   The version of libguestfs.
489
490       •   Where you got libguestfs (eg. which Linux distro, compiled from
491           source, etc)
492
493       •   Describe the bug accurately and give a way to reproduce it.
494
495       •   Run libguestfs-test-tool(1) and paste the complete, unedited output
496           into the bug report.
497
498
499
500guestfs-tools-1.47.2              2021-07-22                        virt-ls(1)
Impressum