On Tue, May 10, 2016 at 01:08:49PM +0200, Kevin Wolf wrote: > Are you saying that libguestfs only allows operations like df on live > images, but not e.g. copying files out of the VM? [...]
virt-copy-out will let you copy out files from a live VM. There's no difference between "safe" and "unsafe" operations, because (a) it depends on unknowable information about the guest -- it's safe to read (even write) a filesystem if it's not mounted by the guest, and (b) even reading a superblock field from an in-use mounted filesystem is subject to an unlikely but possible race. Users of libguestfs on live VMs just have to be aware of this, and we make them aware over and over again of the potential problems. Importantly, readonly access won't result in corrupt filesystems in the live VM. I'm much more interested in stopping people from writing to live VMs. That is a serious problem, results in unrecoverable filesystems and near-100% certain data loss [especially with journalled fses], and is something that has no (or very very few) valid use cases. It's also something which only qemu is in a position to properly protect against. Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones Read my programming and virtualization blog: http://rwmj.wordpress.com virt-top is 'top' for virtual machines. Tiny program with many powerful monitoring features, net stats, disk stats, logging, etc. http://people.redhat.com/~rjones/virt-top