virt-* commands in Fedora, or (in italics) coming up:
| virt-cat | Download a file from inside a VM. |
| virt-clone | Clone a VM. |
| virt-convert | Convert a VM disk image. |
| virt-df | Show real disk space used. |
| virt-dmesg | Show kernel messages from VM. |
| virt-edit | Edit a file in a VM. |
| virt-ifconfig | Show IP address. |
| virt-image | Portable XML description of VMs. |
| virt-inspector | Describe what’s in a VM. |
| virt-install | Install a new VM. |
| virt-ls | List files in a VM. |
| virt-manager | Brilliant graphical manager. |
| virt-p2v | [not an actual command] Take physical machine, turn into VM. |
| virt-ping | Is VM up? |
| virt-pki-validate | Validate libvirt remote PKI. |
| virt-ps | List processes in VM. |
| virt-rescue | Get a rescue shell for unbootable VM. |
| virt-tar | Archive files from or upload to VM. |
| virt-top | “top” for VMs. |
| virt-uname | OS version in a VM. |
| virt-uptime | Uptime of a VM. |
| virt-v2v | Convert between virt types. |
| virt-viewer | Graphical console. |
| virt-what | In a VM? |
| virt-xml-validate | Validate libvirt XML. |
| virsh | Libvirt shell. |
| guestfish | Libguestfs shell. |
Richard WM Jones 
Hi Rich, firstly great list of tools.
I’m just curious,
for the virt-pki-validate(and other PKI related stuff)
are you aware of the reasons of choosing GNUTLS library over NSS. (I’m not trying to suggest one thing is better over the other.)
And I’m sure there must’ve been some discussion and rationale behind choosing crypto library.
I noticed, there is an ongoing effort to consolidate cryptography in fedora.(and I understand libvirt is a distro agnostic project)
http://fedoraproject.org/wiki/FedoraCryptoConsolidation
just would like to know your thoughts.
[A]re you aware of the reasons of choosing GNUTLS library over NSS.
Yes — the reason behind this was because GnuTLS is well-documented, whereas NSS is impenetrable.
We considered both libraries in depth for libvirt. No one could explain to us how to use NSS, whereas GnuTLS comes with excellent, simple examples, which were easy for us to copy and modify for our needs:
http://www.gnu.org/software/gnutls/manual/html_node/Client-examples.html
(not intending to pick on what you’ve said)
In an enterprise deployment, if a (security concerned ) customer asks, is your crypto library FIPS validated?
I suspect the answer is just “it’s not FIPS validated”.
The real problem is complete lack of documentation for NSS. If developers don’t understand how to use it, then it won’t matter how much FIPS validation is going on because no one will be using it.
GNUTLS uses libgcrypt. Various crypto alogrithms in libgcrypt:
AES, 3DES, SHA1, SHA2, RSA, DSA, RNG
are FIPS certified:
http://csrc.nist.gov/groups/STM/cavp/validation.html
Sure … I think the problem is that the library itself (ie. the code) must also be certified.
Pingback: Fedora 12 released | Thushan Fernando Uncut
Pingback: FOSS for Life » Blog Archive » Announcing Fedora 12
Pingback: Fedora 12 Released
Pingback: libguestfs talk in London, Thu 18th March 2010 « Richard WM Jones
Pingback: Fedora virt test day « Richard WM Jones
Is virt-tools available in F16? I did a quick search, looks like it is not there. The command I am interested is virt-uptime
Sorry, virt-uptime never made it into production and is not available in Fedora. It would be possible to add this feature into virt-dmesg given time and effort.
how about virt-ifconfig, it wasn`t made into production too?
No. Please ask questions on the relevant mailing lists.