I’ve been managing a number of Virtual Machines on Vanilla KVM hypervisor for a while now. Suppose you have a VM that you want to mount its virtual disk on the hypervisor, how do you go about it? – E.g to reset the root password, check some files, or maybe the VM has been compromised and you want to perform more analysis on the source of attack without putting the VM into running mode.
How to mount VM virtual disk on KVM hypervisor
On my setup, I have a CentOS 7 server with KVM installed and running a number of VMs. To be able to mount a VM virtual disk, you need to install Libguestfs.
libguestfs is a set of tools used to access and modify virtual machine (VM) disk images. You can use this for:
- viewing and editing files inside guests
- scripting changes to VMs
- monitoring disk used/free statistics
- creating guests
- performing backup e.t.c
Install libguestfs on CentOS:
To install libguestfs on CentOS server, run:
sudo yum -y install libguestfs-tools
Install libguestfs on Ubuntu / Debian
sudo apt-get -y install libguestfs-tools
Install libguestfs on Arch Linux
For Arch Linux, install libguestfs from AUR using:
yaourt -S libguestfs
Mounting Virtual Disk on KVM with libguestfs
Now that you have libguestfs tools installed, you mount a Virtual Disk of a VM with it. It is recommended to shut the VM down before mounting it. Writing to the disks of a running virtual machine can cause disk corruption. You are advised to either use read-only access, or if the guest is running the guestfsd daemon specify live access. In most libguestfs tools these options are –ro or –live respectively.
If you’re new to virsh commands, check out the article:
Check your active VMs first:
sudo virsh list
Shutdown a VM in question:
sudo virsh shutdown <domain-name or ID>
Then mount the disk,
sudo guestmount -d <domain> -i /mnt/
sudo guestmount -d centos7 -i /mnt/
Confirm that the mount was successful:
# df -hT | egrep "/mnt" /dev/fuse fuse 20G 3.9G 16G 20% /mnt
Explanation of used options
-d |–domain : Add disks from libvirt guest
-i |–inspector : Automatically mount filesystems
Below is a full list of options you can use with guestmount command. This is available from:
$ guestmount --help
All guestmount Options:
-a |--add image --> Add image -c|--connect uri --> Specify libvirt URI for -d option --dir-cache-timeout --> Set readdir cache timeout (default 5 sec) -d |--domain --> Add disks from libvirt guest --echo-keys --> Don't turn off echo for passphrases --fd=FD --> Write to pipe FD when mountpoint is ready --format[=raw|..] --> Force disk format for -a option --fuse-help --> Display extra FUSE options -i |--inspector --> Automatically mount filesystems --help --> Display help message and exit --keys-from-stdin --> Read passphrases from stdin --live --> Connect to a live virtual machine -m |--mount dev[:mnt[:opts[:fstype]] --> Mount dev on mnt (if omitted, /) --no-fork --> Don't daemonize -n |--no-sync --> Don't autosync -o |--option --> opt Pass extra option to FUSE --pid-file --> filename Write PID to filename -r |--ro --> Mount read-only --selinux --> For backwards compat only does nothing -v |--verbose --> Verbose messages -V |--version --> Display version and exit -w |--rw --> Mount read-write -x |--trace --> Trace guestfs API calls
Mount Running VM Virtual Disk
For a running VM, I stated earlier that you have to mount it as —ro or using –live flag.
sudo guestmount --ro -d <domain> -i /mnt/
Resetting root password example:
I’ll show you how you can reset root password using a mounted virtual disk. We’ll use chroot command which is a tool used to run a command or interactive shell with the special root directory.
sudo chroot /mnt passwd
Set password and unmount the disk once done
sudo guestunmount /mnt
Start the VM and test if you can authenticate with the set password.
sudo virsh start <domain>
Unmount Virtual Disk
If you are done working on the mounted disk, unmount it by running the commands:
$ sudo guestunmount mountpoint E.g $ sudo guestunmount /mnt
We also have other articles related to KVM which you may find helpful.