In this series of posts I’ll be looking at what’s new in the forthcoming release of libguestfs 1.12.
With the forthcoming virt-ls -lR option you will be able to extract the file metadata from a virtual machine easily. The output format is designed so that simple grep patterns can be used to detect interesting things in the output.
For example to display the names of all setuid and setgid files in the VM:
# virt-ls -lR -d guest / | grep '^- [42]' - 4755 12544 /bin/cgexec - - 4755 32448 /bin/fusermount - - 4755 78648 /bin/mount - - 4755 43160 /bin/ping - - 4755 47888 /bin/ping6 - - 4755 34904 /bin/su - - 4755 50432 /bin/umount - [...]
To display all public writable directories:
# virt-ls -lR -d guest / | grep '^d ...7' d 1777 12288 /tmp - d 1777 4096 /tmp/.ICE-unix - d 1777 4096 /tmp/.X11-unix - d 1777 4096 /var/tmp -
To display files larger than 10MB in home directories:
# virt-ls -lR -d guest /home | awk '$3 >= 10*1024*1024'
Find regular files modified in the last 24 hours:
# virt-ls -lR -d guest --time-days / |
grep '^-' |
awk '$6 < 1'
[...]
- 0600 138 0 0 0 /home/rjones/.Xauthority
- 0600 69 0 0 0 /root/.xauthsdYvWC
- 0444 11 0 0 0 /tmp/.X0-lock
[...]
Also filesystem comparisons are made much simpler. So to display changes in files between a snapshot and the latest version of a VM you would simply do:
# virt-ls -lR -a snapshot.img / --uids --time-t --checksum > old # virt-ls -lR -a current.img / --uids --time-t --checksum > new # diff -u old new | less
Richard WM Jones 