|
|
Debian: 2190-1: wordpress: Multiple vulnerabilities
|
|
guestfs-recipes(1) Virtualization Support guestfs-recipes(1) NAME
guestfs-recipes - libguestfs, guestfish and virt tools recipes DESCRIPTION
This page contains recipes for and links to things you can do using libguestfs, guestfish(1) and the virt tools. Access a remote disk image using guestfish If the disk image is on a remote server which is accessible using SSH, HTTP, FTP, NBD, iSCSI, or similar, then you can open it directly. See "ADDING REMOTE STORAGE" in guestfish(1) for several examples. This requires libguestfs >= 1.22 and qemu >= 1.5. Audit a virtual machine for setuid files See: "EXAMPLES" in virt-ls(1). Audit a virtual machine for vulnerabilities and security problems See: https://rwmj.wordpress.com/2013/05/16/scanning-offline-guests-using-openscap-and-guestmount/#content Change the background image in a Windows XP VM The links below explain how to use guestfish(1) to change the background image for a user of a Windows XP VM. Unfortunately the technique appears to be substantially different for each version of Windows. https://lists.fedoraproject.org/pipermail/virt/2011-May/002655.html https://lists.fedoraproject.org/pipermail/virt/2011-May/002658.html Checksum a file or device within a disk image To checksum a whole device, or a partition, LV etc within a disk image: guestfish --ro -a disk.img run : checksum-device md5 /dev/sda1 Replace "md5" with the type of checksum you want. See "guestfs_checksum_device" in guestfs(3) for a list of supported types. "/dev/sda1" means "the first partition". You could use "/dev/sda" to checksum the whole disk image, or the name of a logical volume or RAID device. To checksum a single file: guestfish --ro -a disk.img -i checksum sha256 /etc/passwd or for a Windows guest: guestfish --ro -a disk.img -i checksum sha256 'win:windowssystem32configSOFTWARE' Cloning a virtual machine Use a combination of tools like cp(1), dd(1), and virt tools like virt-sysprep(1), virt-sparsify(1) and virt-resize(1). For more details, see: "COPYING AND CLONING" in virt-sysprep(1). Convert a CD-ROM / DVD / ISO to a tarball This converts input "cd.iso" to output "cd.tar.gz": guestfish --ro -a cd.iso -m /dev/sda tgz-out / cd.tar.gz To export just a subdirectory, eg. "/files", do: guestfish --ro -a cd.iso -m /dev/sda tgz-out /files cd.tar.gz Convert from one format/filesystem to another If you have a data disk in one format / filesystem / partition / volume manager, you can convert it another using this technique. In this example, we start with a data disk that has a single partition containing a filesystem, and we want to create another disk that contains the same files but on an ext3 filesystem embedded in a logical volume on a sparse raw-format disk. First create the formatted-but-empty target disk: truncate -s 10G target.img virt-format -a target.img --partition=mbr --lvm --filesystem=ext3 Now, pipe two guestfish instances together to transfer the old data to the new disk: guestfish --ro -a source.img -m /dev/sda1 -- tar-out / - | guestfish --rw -a target.img -m /dev/VG/LV -- tar-in - / To browse the final disk image, do: guestfish --ro -a target.img -m /dev/VG/LV ><fs> ll / This technique is quite powerful, allowing you for example to split up source directories over the target filesystems. Note this won't work (at least, not directly) for bootable virtual machine disks because it doesn't copy over the boot loader. Convert Windows DVD to bootable USB key http://rwmj.wordpress.com/2013/05/09/tip-convert-a-windows-dvd-iso-to-a-bootable-usb-key-using-guestfish/#content Create empty disk images The virt-format(1) tool can do this directly. Use virt-make-fs(1) to create a disk image with content. This can also create some standard disk images such as virtual floppy devices (VFDs). You can also use the guestfish(1) -N option to create empty disk images. The useful guide below explains the options available. https://rwmj.wordpress.com/2010/09/08/new-guestfish-n-options-in-1-5-9/#content Delete a file (or other simple file operations) Use guestfish. To delete a file: guestfish -a disk.img -i rm /file/to/delete To touch a file (bring it up to date or create it): guestfish -a disk.img -i touch /file/to/touch To stat a file. Since this is a read-only operation, we can make it safer by adding the --ro flag. guestfish --ro -a disk.img -i stat /file/to/stat There are dozens of these commands. See guestfish(1) or the output of "guestfish -h" Diff two guests; compare a snapshot to the current version virt-ls(1) provides a simple way to find the differences between two guests (for example if they were originally cloned from the same source), or between two snapshots from the same guest. See "DIFFERENCES IN SNAPSHOTS AND BACKING FILES" in virt-ls(1). There are also experimental patches on the mailing list for a "virt-diff" tool. Dump raw filesystem content from inside a disk image or VM You can use the guestfish(1) "download" command to extract the raw filesystem content from any filesystem in a disk image or a VM (even one which is encrypted or buried inside an LV or RAID device): guestfish --ro -a disk.img run : download /dev/sda1 sda1.img guestfish --ro -d Guest run : download /dev/vg_guest/lv_root lv.img To download to stdout, replace the filename with a "-" character: guestfish --ro -a disk.img run : download /dev/sda1 - | gzip > sda1.gz To list the filesystems in a disk image, use virt-filesystems(1). See also "Uploading raw filesystem content". Edit grub configuration in a VM You can use this to: o Fix a virtual machine that does not boot. o Change which kernel is used to boot the VM. o Change kernel command line options. Use virt-edit(1) to edit the grub configuration: virt-edit -d BrokenGuest /boot/grub2/grub.cfg or for general tinkering inside an unbootable VM use virt-rescue(1) like this: virt-rescue -d BrokenGuest Export any directory from a VM To export "/home" from a VM into a local directory use virt-copy-out(1): virt-copy-out -d Guest /home . Notes: o The final dot of the command is not a printing error. It means we want to copy out to the current directory. o This creates a directory called "home" under the current directory. If the guest is a Windows guest then you can use drive letters and backslashes, but you must prefix the path with "win:" and quote it to protect it from the shell, like this: virt-copy-out -d WinGuest 'win:c:windowssystem32config' . To get the output as a compressed tarball, do: virt-tar-out -d Guest /home - | gzip --best > home.tar.gz Although it sounds tempting, this is usually not a reliable way to get a backup from a running guest. See the entry in the FAQ: http://libguestfs.org/FAQ.html#backup Find out which user is using the most space This simple script examines a Linux guest to find out which user is using the most space in their home directory: #!/bin/sh - set -e vm="$1" dir=/home eval $(guestfish --ro -d "$vm" -i --listen) for d in $(guestfish --remote ls "$dir"); do echo -n "$dir/$d" echo -ne ' ' guestfish --remote du "$dir/$d"; done | sort -nr -k 2 guestfish --remote exit Get DHCP address from a VM The link below explains the many different possible techniques for getting the last assigned DHCP address of a virtual machine. https://rwmj.wordpress.com/2011/03/31/tip-code-for-getting-dhcp-address-from-a-virtual-machine-disk-image/#content In the libguestfs source examples directory you will find the latest version of the "virt-dhcp-address.c" program. Get the operating system product name string Save the following script into a file called "product-name.sh": #!/bin/sh - set -e eval "$(guestfish --ro -d "$1" --i --listen)" root="$(guestfish --remote inspect-get-roots)" guestfish --remote inspect-get-product-name "$root" guestfish --remote exit Make the script executable and run it on a named guest: # product-name.sh RHEL60x64 Red Hat Enterprise Linux Server release 6.0 (Santiago) You can also use an XPath query on the virt-inspector(1) XML using the "xpath" command line tool or from your favourite programming language: # virt-inspector RHEL60x64 > xml # xpath '//product_name' < xml Found 1 nodes: -- NODE -- <product_name>Red Hat Enterprise Linux Server release 6.0 (Santiago)</product_name> Get the default boot kernel for a Linux VM The link below contains a program to print the default boot kernel for a Linux VM. https://rwmj.wordpress.com/2010/10/30/tip-use-augeas-to-get-the-default-boot-kernel-for-a-vm/#content It uses Augeas, and the technique is generally applicable for many different tasks, such as: o listing the user accounts in the guest o what repositories is it configured to use o what NTP servers does it connect to o what were the boot messages last time it booted o listing who was logged in recently http://augeas.net/ Hanging guests There are various ways to use libguestfs to find out why a guest is hanging or unresponsive: 1. Read the log files using virt-cat: virt-cat Guest /var/log/messages | less 2. Read the Windows Event Log (Windows Vista or later only): https://rwmj.wordpress.com/2011/04/17/decoding-the-windows-event-log-using-guestfish/#content 3. Find out which files were last updated in a guest: https://rwmj.wordpress.com/2012/02/27/using-libguestfs-to-find-out-why-a-windows-guest-was-hanging/#content This might give you a clue as to what program is running. Hex-dumping sectors from the guest Hex-dump the boot partition: guestfish --ro -a disk.img run : pread-device /dev/sda 0x200 0 | hexdump -C Hex-editing sectors in the guest Hex-edit the first sector (boot partition): guestfish --rw -a disk.img run : hexedit /dev/sda 0x200 Install RPMs in a guest The link below contains a method to install RPMs in a guest. In fact the RPMs are just uploaded to the guest along with a "firstboot" script that installs them next time the guest is booted. You could use this technique to install vital security updates in an offline guest. https://rwmj.wordpress.com/2010/12/01/tip-install-rpms-in-a-guest/#content Since libguestfs 1.20, virt-sysprep(1) has an option for installing firstboot scripts in Linux guests. List applications installed in a VM Save the following to a file "list-apps.sh": #!/bin/sh - set -e eval "$(guestfish --ro -d "$1" --i --listen)" root="$(guestfish --remote inspect-get-roots)" guestfish --remote inspect-list-applications "$root" guestfish --remote exit Make the file executable and then you can run it on any named virtual machine: # list-apps.sh WinGuest [0] = { app_name: Mozilla Firefox (3.6.12) app_display_name: Mozilla Firefox (3.6.12) app_epoch: 0 app_version: 3.6.12 (en-GB) app_release: app_install_path: C:Program FilesMozilla Firefox app_trans_path: app_publisher: Mozilla app_url: http://www.mozilla.com/en-GB/ app_source_package: app_summary: app_description: Mozilla Firefox } [1] = { app_name: VLC media player app_display_name: VLC media player 1.1.5 app_epoch: 0 app_version: 1.1.5 app_release: app_install_path: C:Program FilesVideoLANVLC app_trans_path: app_publisher: VideoLAN app_url: http://www.videolan.org/ app_source_package: app_summary: app_description: } If you want to run the script on disk images (instead of libvirt virtual machines), change "-d "$1"" to "-a "$1"". See also virt-inspector(1). List files and directories in a VM Use virt-ls(1). List services in a Windows VM The link below contains a script that can be used to list out the services from a Windows VM, and whether those services run at boot time or are loaded on demand. https://rwmj.wordpress.com/2010/12/10/tip-list-services-in-a-windows-guest/#content Make a disk image sparse Use virt-sparsify(1). Monitor disk usage over time You can use virt-df(1) to monitor disk usage of your guests over time. The link below contains a guide. http://virt-tools.org/learning/advanced-virt-df/ Reading the Windows Event Log from Windows Vista (or later) guestfish(1) plus the tools described in the link below can be used to read out the Windows Event Log from any virtual machine running Windows Vista or a later version. https://rwmj.wordpress.com/2011/04/17/decoding-the-windows-event-log-using-guestfish/#content Remove root password (Linux) Using the virt-edit(1) -e option you can do simple replacements on files. One use is to remove the root password from a Linux guest: virt-edit domname /etc/passwd -e 's/^root:.*?:/root::/' Remove Administrator password (Windows) The link below contains one technique for removing the Administrator password from a Windows VM, or to be more precise, it gives you a command prompt the next time you log in which you can use to bypass any security: https://mdbooth.wordpress.com/2010/10/18/resetting-a-windows-guests-administrator-password-with-guestfish/ Sysprepping a virtual machine (Windows) It is possible to do a "sysprep" using libguestfs alone, although not straightforward. Currently there is code in the Aeolus Oz project which does this (using libguestfs). It is likely we will add this to virt-sysprep(1) in future. https://github.com/clalancette/oz https://www.redhat.com/archives/virt-tools-list/2011-May/msg00019.html Unpack a live CD Linux live CDs often contain multiple layers of disk images wrapped like a Russian doll. You can use guestfish(1) to look inside these multiple layers, as outlined in the guide below. https://rwmj.wordpress.com/2009/07/15/unpack-the-russian-doll-of-a-f11-live-cd/#content Uploading and downloading files The link below contains general tips on uploading (copying in) and downloading (copying out) files from VMs. https://rwmj.wordpress.com/2010/12/02/tip-uploading-and-downloading/#content Uploading raw filesystem content You can use guestfish(1) to upload whole filesystems into a VM, even into a filesystem which is encrypted or buried inside an LV or RAID device: guestfish --rw -a disk.img run : upload sda1.img /dev/sda1 guestfish --rw -d Guest run : upload lv.img /dev/vg_guest/lv_root One common problem is that the filesystem isn't the right size for the target. If it is too large, there's not much you can do with libguestfs - you have to prepare the filesystem differently. But if the filesystem needs to expand into the target, you can use guestfish to resize it to the right size: guestfish --rw -d Guest run : upload lv.img /dev/vg_guest/lv_root : resize2fs /dev/vg_guest/lv_root (or use "ntfsresize" if the filesystem is NTFS). Use libguestfs tools on VMware ESX guests The link below explains how to use libguestfs, guestfish(1) and the virt tools on any VMware ESX guests, by first sharing the VMware VMFS over sshfs. https://rwmj.wordpress.com/2011/05/10/tip-use-libguestfs-on-vmware-esx-guests/#content SEE ALSO
guestfs(3), guestfish(1), guestfs-examples(3), guestfs-erlang(3), guestfs-java(3), guestfs-lua(3), guestfs-ocaml(3), guestfs-perl(3), guestfs-python(3), guestfs-ruby(3), http://libguestfs.org/. AUTHORS
Richard W.M. Jones ("rjones at redhat dot com") COPYRIGHT
Copyright (C) 2009-2013 Red Hat Inc. LICENSE
This manual page contains examples which we hope you will use in your programs. The examples may be freely copied, modified and distributed for any purpose without any restrictions. BUGS
To get a list of bugs against libguestfs, use this link: https://bugzilla.redhat.com/buglist.cgi?component=libguestfs&product=Virtualization+Tools To report a new bug against libguestfs, use this link: https://bugzilla.redhat.com/enter_bug.cgi?component=libguestfs&product=Virtualization+Tools When reporting a bug, please supply: o The version of libguestfs. o Where you got libguestfs (eg. which Linux distro, compiled from source, etc) o Describe the bug accurately and give a way to reproduce it. o Run libguestfs-test-tool(1) and paste the complete, unedited output into the bug report. libguestfs-1.22.6 2013-08-24 guestfs-recipes(1)
