Tag Archives: virt-copy-out

Ruby bindings for Hivex

Hivex is a library for reading and writing Windows Registry “hive” files. New in version 1.3.0 and Fedora 16 is the ability to access the library from Ruby.

As an example, first grab some hive files from a Windows virtual machine. The simplest way is using virt-copy-out:

# virt-copy-out -a win.img \
    'win:c:\windows\system32\config' .
# ls config/

Using the following Ruby script you can extract and display registry keys from the hive files:


require 'hivex'

h = Hivex::open("config/SOFTWARE", {})

# Use this instead if you want to make changes:
# h = Hivex::open("config/SOFTWARE", { :write => 1 })

root = h.root()
node = h.node_get_child(root, "Microsoft")
if node.nil? then
  puts "no HKLM\\SOFTWARE\\Microsoft node: Probably not the correct hive"

node = h.node_get_child(node, "Windows NT")
node = h.node_get_child(node, "CurrentVersion")
val = h.node_get_value(node, "ProductName")

hash = h.value_value(val)
puts "Windows product name:", hash[:value]

Leave a comment

Filed under Uncategorized

New (Year’s) libguestfs tools: virt-copy-in, virt-copy-out, virt-tar-in, virt-tar-out

One aim with libguestfs development is to make easy and common file operations easy. Although you can already upload and download files into virtual machines using guestfish commands, is there a way to make this common operation easier to discover?

One way is to add more virt commands, which I’ve found that users have least difficulty discovering because they are on the website, autocompleted when you hit virt-[tab], and listed as separated manual pages.

So today I added four more commands for uploading and downloading: virt-copy-in, virt-copy-out, virt-tar-in, virt-tar-out.

The way you use them is very simple:

$ mkdir homes
$ virt-copy-out -d Fedora14 /home homes/
$ virt-tar-out -d Fedora14 /home - | \
    gzip --best > homes.tar.gz

These commands are just small shell script wrappers around guestfish, but I hope they make common things a little bit easier.

You can get these new commands from Fedora Rawhide, or as binaries for Debian or Ubuntu.

Leave a comment

Filed under Uncategorized