Git-Mirrors/qubes-doc
1
0
Fork 0
mirror of https://github.com/QubesOS/qubes-doc.git synced 2025-01-15 09:17:11 -05:00
Code Issues Packages Projects Releases Wiki Activity

Update Qubes 3.2 man pages

Browse Source 
Requested by : QubesOS/qubes-issues#3538
Related to   : QubesOS/qubes-issues#3495
This commit is contained in:
Andrew David Wong 2018-02-11 19:15:10 -06:00
parent 723671501a
commit 7a1ef06898
No known key found for this signature in database
GPG Key ID: 8CE137352A019A17
33 changed files with 1103 additions and 853 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
reference/tools/3.2/dom0.md
View File

@ -13,17 +13,20 @@ Dom0 Command-Line Tools for Qubes 3.2
=====================================
* [qubes-dom0-update](/doc/tools/3.2/dom0/qubes-dom0-update/)
* [qubes-guid](/doc/tools/3.2/dom0/qubes_guid/)
* [qubes-prefs](/doc/tools/3.2/dom0/qubes-prefs/)
* [qvm-add-appvm](/doc/tools/3.2/dom0/qvm-add-appvm/)
* [qvm-add-template](/doc/tools/3.2/dom0/qvm-add-template/)
* [qvm-backup-restore](/doc/tools/3.2/dom0/qvm-backup-restore/)
* [qvm-backup](/doc/tools/3.2/dom0/qvm-backup/)
* [qvm-block](/doc/tools/3.2/dom0/qvm-block/)
* [qvm-check](/doc/tools/3.2/dom0/qvm-check/)
* [qvm-clone](/doc/tools/3.2/dom0/qvm-clone/)
* [qvm-create-default-dvm](/doc/tools/3.2/dom0/qvm-create-default-dvm/)
* [qvm-create](/doc/tools/3.2/dom0/qvm-create/)
* [qvm-firewall](/doc/tools/3.2/dom0/qvm-firewall/)
* [qvm-grow-private](/doc/tools/3.2/dom0/qvm-grow-private/)
* [qvm-grow-root](/doc/tools/3.2/dom0/qvm-grow-root/)
* [qvm-ls](/doc/tools/3.2/dom0/qvm-ls/)
* [qvm-kill](/doc/tools/3.2/dom0/qvm-kill/)
* [qvm-pci](/doc/tools/3.2/dom0/qvm-pci/)
@ -36,4 +39,5 @@ Dom0 Command-Line Tools for Qubes 3.2
* [qvm-start](/doc/tools/3.2/dom0/qvm-start/)
* [qvm-sync-appmenus](/doc/tools/3.2/dom0/qvm-sync-appmenus/)
* [qvm-template-commit](/doc/tools/3.2/dom0/qvm-template-commit/)
* [qvm-usb](/doc/tools/3.2/dom0/qvm-usb/)

35
reference/tools/3.2/dom0/qubes-prefs.md
View File

@ -9,32 +9,29 @@ redirect_from:
- /wiki/Dom0Tools/QubesPrefs/
---
```
===========
qubes-prefs
===========
NAME
----
====
qubes-prefs - display system-wide Qubes settings, such as:
- clock VM
- update VM
- default template
- default firewallVM
- default kernel
- default netVM
Date
2012-04-13
- clock VM
- update VM
- default template
- default firewallVM
- default kernel
- default netVM
SYNOPSIS
--------
qubes-prefs
========
| qubes-prefs
AUTHORS
-------
Joanna Rutkowska \<joanna at invisiblethingslab dot com\>
Rafal Wojtczuk \<rafal at invisiblethingslab dot com\>
Marek Marczykowski \<marmarek at invisiblethingslab dot com\>
=======
| Joanna Rutkowska <joanna at invisiblethingslab dot com>
| Rafal Wojtczuk <rafal at invisiblethingslab dot com>
| Marek Marczykowski <marmarek at invisiblethingslab dot com>
```

41
reference/tools/3.2/dom0/qubes_guid.md Normal file
View File

@ -0,0 +1,41 @@
---
layout: doc
title: qubes_guid
permalink: /doc/tools/3.2/dom0/qubes_guid/
redirect_from:
- /doc/dom0-tools/qubes_guid/
- /en/doc/dom0-tools/qubes_guid/
---
```
==========
qubes_guid
==========
NAME
====
qubes_guid
SYNOPSIS
========
| qubes_guid -d domain_id [-c color] [-l label_index] [-i icon name, no suffix] [-v] [-q]
OPTIONS
=======
-v
Increase log verbosity
-q
Decrease log verbosity
Log levels:
0. only errors
1. some basic messages (default)
2. debug
AUTHORS
=======
| Joanna Rutkowska <joanna at invisiblethingslab dot com>
| Rafal Wojtczuk <rafal at invisiblethingslab dot com>
| Marek Marczykowski <marmarek at invisiblethingslab dot com>
```

42
reference/tools/3.2/dom0/qvm-add-appvm.md
View File

@ -9,39 +9,35 @@ redirect_from:
- /wiki/Dom0Tools/QvmAddAppvm/
---
```
=============
qvm-add-appvm
=============
NAME
----
====
qvm-add-appvm - add an already installed appvm to the Qubes DB
WARNING: Normally you should not need this command, and you should use qvm-create instead!
Date
2012-04-10
SYNOPSIS
--------
qvm-add-appvm [options] \<appvm-name\> \<vm-template-name\>
========
| qvm-add-appvm [options] <appvm-name> <vm-template-name>
OPTIONS
-------
-h, --help
Show this help message and exit
-p DIR\_PATH, --path=DIR\_PATH
Specify path to the template directory
-c CONF\_FILE, --conf=CONF\_FILE
Specify the Xen VM .conf file to use(relative to the template dir path)
=======
-h, --help
Show this help message and exit
-p DIR_PATH, --path=DIR_PATH
Specify path to the template directory
-c CONF_FILE, --conf=CONF_FILE
Specify the Xen VM .conf file to use(relative to the template dir path)
--force-root
Force to run, even with root privileges
AUTHORS
-------
Joanna Rutkowska \<joanna at invisiblethingslab dot com\>
Rafal Wojtczuk \<rafal at invisiblethingslab dot com\>
Marek Marczykowski \<marmarek at invisiblethingslab dot com\>
=======
| Joanna Rutkowska <joanna at invisiblethingslab dot com>
| Rafal Wojtczuk <rafal at invisiblethingslab dot com>
| Marek Marczykowski <marmarek at invisiblethingslab dot com>
```

45
reference/tools/3.2/dom0/qvm-add-template.md
View File

@ -9,40 +9,33 @@ redirect_from:
- /wiki/Dom0Tools/QvmAddTemplate/
---
```
================
qvm-add-template
================
NAME
----
====
qvm-add-template - adds an already installed template to the Qubes DB
Date
2012-04-10
SYNOPSIS
--------
qvm-add-template [options] \<vm-template-name\>
========
| qvm-add-template [options] <vm-template-name>
OPTIONS
-------
-h, --help
Show this help message and exit
-p DIR\_PATH, --path=DIR\_PATH
Specify path to the template directory
-c CONF\_FILE, --conf=CONF\_FILE
Specify the Xen VM .conf file to use(relative to the template dir path)
--rpm
Template files have been installed by RPM
=======
-h, --help
Show this help message and exit
-p DIR_PATH, --path=DIR_PATH
Specify path to the template directory
-c CONF_FILE, --conf=CONF_FILE
Specify the Xen VM .conf file to use(relative to the template dir path)
--rpm
Template files have been installed by RPM
AUTHORS
-------
Joanna Rutkowska \<joanna at invisiblethingslab dot com\>
Rafal Wojtczuk \<rafal at invisiblethingslab dot com\>
Marek Marczykowski \<marmarek at invisiblethingslab dot com\>
=======
| Joanna Rutkowska <joanna at invisiblethingslab dot com>
| Rafal Wojtczuk <rafal at invisiblethingslab dot com>
| Marek Marczykowski <marmarek at invisiblethingslab dot com>
```

108
reference/tools/3.2/dom0/qvm-backup-restore.md
View File

@ -9,70 +9,66 @@ redirect_from:
- /wiki/Dom0Tools/QvmBackupRestore/
---
```
==================
qvm-backup-restore
==================
NAME
----
====
qvm-backup-restore - restores Qubes VMs from backup
Date
2012-04-10
SYNOPSIS
--------
qvm-backup-restore [options] \<backup-dir\>
========
| qvm-backup-restore [options] <backup-dir>
OPTIONS
-------
-h, --help
Show this help message and exit
--verify-only
Do not restore the data, only verify backup integrity
--skip-broken
Do not restore VMs that have missing templates or netvms
--ignore-missing
Ignore missing templates and netvms, and restore the VMs anyway
--skip-conflicting
Do not restore VMs that are already present on the host
--force-root
Force to run with root privileges
--replace-template=REPLACE\_TEMPLATE
Restore VMs using another template, syntax: old-template-name:new-template-name (can be repeated)
-x EXCLUDE, --exclude=EXCLUDE
Skip restore of specified VM (can be repeated)
--skip-dom0-home
Do not restore dom0's user home directory
--ignore-username-mismatch
Ignore dom0 username mismatch when restoring dom0's user home directory
-d APPVM, --dest-vm=APPVM
Restore from a backup located in a specific AppVM
-e, --encrypted
The backup is encrypted
-z, --compressed
The backup is compressed
--debug
Enable (a lot of) debug output
=======
-h, --help
Show this help message and exit
--verify-only
Do not restore the data, only verify backup integrity
--skip-broken
Do not restore VMs that have missing templates or netvms
--ignore-missing
Ignore missing templates and netvms, and restore the VMs anyway
--skip-conflicting
Do not restore VMs that are already present on the host
--force-root
Force to run with root privileges
--replace-template=REPLACE_TEMPLATE
Restore VMs using another template, syntax: old-template-name:new-template-name (can be repeated)
-x EXCLUDE, --exclude=EXCLUDE
Skip restore of specified VM (can be repeated)
--skip-dom0-home
Do not restore dom0's user home directory
--ignore-username-mismatch
Ignore dom0 username mismatch when restoring dom0's user home directory
-d APPVM, --dest-vm=APPVM
Restore from a backup located in a specific AppVM
-e, --encrypted
The backup is encrypted
-p, --passphrase-file
Read passphrase from file, or use '-' to read from stdin
-z, --compressed
The backup is compressed
--paranoid-mode, --plan-b
Treat the backup as untrusted, disable restoring things potentially
compromising security of dom0/other VMs, even when such data is properly
authenticated. This may be used to restore a backup made on compromissed
system. Things currently affected by this option:
- disable dom0 home restore
- reject compressed backups
- reject old backup formats (Qubes R2 and older)
- more strict validation of VM names (for example don't allow '..' in it)
- do not restore firewall rules, attached PCI devices, attached block
devices, menu entries
--debug
Enable (a lot of) debug output
AUTHORS
-------
Joanna Rutkowska \<joanna at invisiblethingslab dot com\>
Rafal Wojtczuk \<rafal at invisiblethingslab dot com\>
Marek Marczykowski \<marmarek at invisiblethingslab dot com\>
=======
| Joanna Rutkowska <joanna at invisiblethingslab dot com>
| Rafal Wojtczuk <rafal at invisiblethingslab dot com>
| Marek Marczykowski <marmarek at invisiblethingslab dot com>
```

57
reference/tools/3.2/dom0/qvm-backup.md
View File

@ -9,34 +9,51 @@ redirect_from:
- /wiki/Dom0Tools/QvmBackup/
---
```
==========
qvm-backup
==========
NAME
----
====
qvm-backup
Date
2012-04-10
SYNOPSIS
--------
qvm-backup [options] \<backup-dir-path\>
========
| qvm-backup [options] <backup-dir-path> [vms-to-be-included ...]
OPTIONS
-------
-h, --help
Show this help message and exit
-x EXCLUDE\_LIST, --exclude=EXCLUDE\_LIST
Exclude the specified VM from backup (might be repeated)
=======
-h, --help
Show this help message and exit
-x EXCLUDE_LIST, --exclude=EXCLUDE_LIST
Exclude the specified VM from backup (might be repeated)
--force-root
Force to run with root privileges
-d, --dest-vm
Specify the destination VM to which the backup will be set (implies -e)
-e, --encrypt
Encrypt the backup
--no-encrypt
Skip encryption even if sending the backup to a VM
-p, --passphrase-file
Read passphrase from a file, or use '-' to read from stdin
-E, --enc-algo
Specify a non-default encryption algorithm. For a list of supported algorithms, execute 'openssl list-cipher-algorithms' (implies -e)
-H, --hmac-algo
Specify a non-default HMAC algorithm. For a list of supported algorithms, execute 'openssl list-message-digest-algorithms'
-z, --compress
Compress the backup
-Z, --compress-filter
Specify a non-default compression filter program (default: gzip)
--tmpdir
Specify a temporary directory (if you have at least 1GB free RAM in dom0, use of /tmp is advised) (default: /var/tmp)
--debug
Enable (a lot of) debug output
AUTHORS
-------
Joanna Rutkowska \<joanna at invisiblethingslab dot com\>
Rafal Wojtczuk \<rafal at invisiblethingslab dot com\>
Marek Marczykowski \<marmarek at invisiblethingslab dot com\>
=======
| Joanna Rutkowska <joanna at invisiblethingslab dot com>
| Rafal Wojtczuk <rafal at invisiblethingslab dot com>
| Marek Marczykowski <marmarek at invisiblethingslab dot com>
```

73
reference/tools/3.2/dom0/qvm-block.md
View File

@ -10,52 +10,49 @@ redirect_from:
- /wiki/Dom0Tools/QvmBlock/
---
```
=========
qvm-block
=========
NAME
----
====
qvm-block - list/set VM PCI devices.
Date
2012-04-10
SYNOPSIS
--------
qvm-block -l [options]
qvm-block -a [options] \<device\> \<vm-name\>
qvm-block -d [options] \<device\>
qvm-block -d [options] \<vm-name\>
========
| qvm-block -l [options]
| qvm-block -a [options] <vm-name> <device-vm-name>:<device>
| qvm-block -A [options] <vm-name> <file-vm-name>:<file>
| qvm-block -d [options] <device-vm-name>:<device>
| qvm-block -d [options] <vm-name>
OPTIONS
-------
-h, --help
Show this help message and exit
-l, --list
List block devices
-a, --attach
Attach block device to specified VM
-d, --detach
Detach block device
-f FRONTEND, --frontend=FRONTEND
Specify device name at destination VM [default: xvdi]
--ro
Force read-only mode
--no-auto-detach
Fail when device already connected to other VM
=======
-h, --help
Show this help message and exit
-l, --list
List block devices
-A, --attach-file
Attach specified file instead of physical device
-a, --attach
Attach block device to specified VM
-d, --detach
Detach block device
-f FRONTEND, --frontend=FRONTEND
Specify device name at destination VM [default: xvdi]
--ro
Force read-only mode
--no-auto-detach
Fail when device already connected to other VM
--show-system-disks
List also system disks
--force-root
Force to run, even with root privileges
AUTHORS
-------
Joanna Rutkowska \<joanna at invisiblethingslab dot com\>
Rafal Wojtczuk \<rafal at invisiblethingslab dot com\>
Marek Marczykowski \<marmarek at invisiblethingslab dot com\>
=======
| Joanna Rutkowska <joanna at invisiblethingslab dot com>
| Rafal Wojtczuk <rafal at invisiblethingslab dot com>
| Marek Marczykowski <marmarek at invisiblethingslab dot com>
```

41
reference/tools/3.2/dom0/qvm-check.md Normal file
View File

@ -0,0 +1,41 @@
---
layout: doc
title: qvm-check
permalink: /doc/tools/3.2/dom0/qvm-check/
redirect_from:
- /doc/dom0-tools/qvm-check/
- /en/doc/dom0-tools/qvm-check/
---
```
=========
qvm-check
=========
NAME
====
qvm-check - Specify no state options to check if VM exists
SYNOPSIS
========
| qvm-check [options] <vm-name>
OPTIONS
=======
-h, --help
Show this help message and exit
-q, --quiet
Be quiet
--running
Determine if VM is running
--paused
Determine if VM is paused
--template
Determine if VM is a template
AUTHORS
=======
| Joanna Rutkowska <joanna at invisiblethingslab dot com>
| Rafal Wojtczuk <rafal at invisiblethingslab dot com>
| Marek Marczykowski <marmarek at invisiblethingslab dot com>
```

43
reference/tools/3.2/dom0/qvm-clone.md
View File

@ -9,37 +9,36 @@ redirect_from:
- /wiki/Dom0Tools/QvmClone/
---
```
=========
qvm-clone
=========
NAME
----
====
qvm-clone - clones an existing VM by copying all its disk files
Date
2012-04-10
SYNOPSIS
--------
qvm-clone [options] \<src-name\> \<new-name\>
========
| qvm-clone [options] <src-name> <new-name>
OPTIONS
-------
-h, --help
Show this help message and exit
-q, --quiet
Be quiet
-p DIR\_PATH, --path=DIR\_PATH
Specify path to the template directory
=======
-h, --help
Show this help message and exit
-q, --quiet
Be quiet
-p DIR_PATH, --path=DIR_PATH
Specify path to the template directory
--force-root
Force to run, even with root privileges
-P, --pool
Specify in to which storage pool to clone
AUTHORS
-------
=======
| Joanna Rutkowska <joanna at invisiblethingslab dot com>
| Rafal Wojtczuk <rafal at invisiblethingslab dot com>
| Marek Marczykowski <marmarek at invisiblethingslab dot com>
Joanna Rutkowska \<joanna at invisiblethingslab dot com\>
Rafal Wojtczuk \<rafal at invisiblethingslab dot com\>
Marek Marczykowski \<marmarek at invisiblethingslab dot com\>
```

44
reference/tools/3.2/dom0/qvm-create-default-dvm.md
View File

@ -9,40 +9,40 @@ redirect_from:
- /wiki/Dom0Tools/QvmCreateDefaultDvm/
---
```
======================
qvm-create-default-dvm
======================
NAME
----
====
qvm-create-default-dvm - creates a default disposable VM
Date
2012-04-10
SYNOPSIS
--------
qvm-create-default-dvm templatename|--default-template|--used-template [script-name|--default-script]
========
| qvm-create-default-dvm templatename|--default-template|--used-template [script-name|--default-script]
OPTIONS
-------
=======
templatename
Base DispVM on given template. The command will create AppVM named after
template with "-dvm" suffix. This VM will be used to create DispVM
savefile. If you want to customize DispVM, use this VM - take a look at
https://wiki.qubes-os.org/wiki/UserDoc/DispVMCustomization
templatename
Base DispVM on given template. The command will create AppVM named after template with "-dvm" suffix. This VM will be used to create DispVM savefile. If you want to customize DispVM, use this VM - take a look at <https://wiki.qubes-os.org/wiki/UserDoc/DispVMCustomization>
--default-template
Use default template for the DispVM
--default-template
Use default template for the DispVM
--used-template
Use the same template as earlier
--used-template
Use the same template as earlier
--default-script
Use default script for seeding DispVM home.
--default-script
Use default script for seeding DispVM home.
AUTHORS
-------
Joanna Rutkowska \<joanna at invisiblethingslab dot com\>
Rafal Wojtczuk \<rafal at invisiblethingslab dot com\>
Marek Marczykowski \<marmarek at invisiblethingslab dot com\>
=======
| Joanna Rutkowska <joanna at invisiblethingslab dot com>
| Rafal Wojtczuk <rafal at invisiblethingslab dot com>
| Marek Marczykowski <marmarek at invisiblethingslab dot com>
```

103
reference/tools/3.2/dom0/qvm-create.md
View File

@ -9,73 +9,58 @@ redirect_from:
- /wiki/Dom0Tools/QvmCreate/
---
```
==========
qvm-create
==========
NAME
----
====
qvm-create - creates a new VM
Date
2012-04-10
SYNOPSIS
--------
qvm-create [options] \<vm-name\>
========
| qvm-create [options] <vm-name>
OPTIONS
-------
-h, --help
Show this help message and exit
-t TEMPLATE, --template=TEMPLATE
Specify the TemplateVM to use
-l LABEL, --label=LABEL
Specify the label to use for the new VM (e.g. red, yellow, green, ...)
-p, --proxy
Create ProxyVM
-n, --net
Create NetVM
-H, --hvm
Create HVM (standalone, unless --template option used)
--hvm-template
Create HVM template
-R ROOT\_MOVE, --root-move-from=ROOT\_MOVE
Use provided root.img instead of default/empty one (file will be MOVED)
-r ROOT\_COPY, --root-copy-from=ROOT\_COPY
Use provided root.img instead of default/empty one (file will be COPIED)
-s, --standalone
Create standalone VM - independent of template
-m MEM, --mem=MEM
Initial memory size (in MB)
-c VCPUS, --vcpus=VCPUS
VCPUs count
-i, --internal
Create VM for internal use only (hidden in qubes-manager, no appmenus)
--force-root
Force to run, even with root privileges
-q, --quiet
Be quiet
=======
-h, --help
Show this help message and exit
-t TEMPLATE, --template=TEMPLATE
Specify the TemplateVM to use
-l LABEL, --label=LABEL
Specify the label to use for the new VM (e.g. red, yellow, green, ...)
-p, --proxy
Create ProxyVM
-n, --net
Create NetVM
-H, --hvm
Create HVM (standalone, unless --template option used)
--hvm-template
Create HVM template
-R ROOT_MOVE, --root-move-from=ROOT_MOVE
Use provided root.img instead of default/empty one
(file will be MOVED)
-r ROOT_COPY, --root-copy-from=ROOT_COPY
Use provided root.img instead of default/empty one
(file will be COPIED)
-s, --standalone
Create standalone VM - independent of template
-m MEM, --mem=MEM
Initial memory size (in MB)
-c VCPUS, --vcpus=VCPUS
VCPUs count
-i, --internal
Create VM for internal use only (hidden in qubes-manager, no appmenus)
--force-root
Force to run, even with root privileges
-q, --quiet
Be quiet
AUTHORS
-------
=======
| Joanna Rutkowska <joanna at invisiblethingslab dot com>
| Rafal Wojtczuk <rafal at invisiblethingslab dot com>
| Marek Marczykowski <marmarek at invisiblethingslab dot com>
Joanna Rutkowska \<joanna at invisiblethingslab dot com\>
Rafal Wojtczuk \<rafal at invisiblethingslab dot com\>
Marek Marczykowski \<marmarek at invisiblethingslab dot com\>
```

85
reference/tools/3.2/dom0/qvm-firewall.md
View File

@ -9,60 +9,53 @@ redirect_from:
- /wiki/Dom0Tools/QvmFirewall/
---
```
============
qvm-firewall
============
NAME
----
qvm-firewall
Date
2012-04-10
====
qvm-firewall - manage VM's firewall rules
SYNOPSIS
--------
========
| qvm-firewall [-n] <vm-name> [action] [rule spec]
qvm-firewall [-n] \<vm-name\> [action] [rule spec]
Rule specification can be one of:
1. address|hostname[/netmask] tcp|udp port[-port]
2. address|hostname[/netmask] tcp|udp service\_name
3. address|hostname[/netmask] any
Rule specification can be one of:
1. address|hostname[/netmask] tcp|udp port[-port]
2. address|hostname[/netmask] tcp|udp service_name
3. address|hostname[/netmask] any
OPTIONS
-------
-h, --help
Show this help message and exit
-l, --list
List firewall settings (default action)
-a, --add
Add rule
-d, --del
Remove rule (given by number or by rule spec)
-P SET\_POLICY, --policy=SET\_POLICY
Set firewall policy (allow/deny)
-i SET\_ICMP, --icmp=SET\_ICMP
Set ICMP access (allow/deny)
-D SET\_DNS, --dns=SET\_DNS
Set DNS access (allow/deny)
-Y SET\_YUM\_PROXY, --yum-proxy=SET\_YUM\_PROXY
Set access to Qubes yum proxy (allow/deny). *Note:* if set to "deny", access will be rejected even if policy set to "allow"
-n, --numeric
Display port numbers instead of services (makes sense only with --list)
=======
-h, --help
Show this help message and exit
-l, --list
List firewall settings (default action)
-a, --add
Add rule
-d, --del
Remove rule (given by number or by rule spec)
-P SET_POLICY, --policy=SET_POLICY
Set firewall policy (allow/deny)
-i SET_ICMP, --icmp=SET_ICMP
Set ICMP access (allow/deny)
-D SET_DNS, --dns=SET_DNS
Set DNS access (allow/deny)
-Y SET_YUM_PROXY, --yum-proxy=SET_YUM_PROXY
Set access to Qubes yum proxy (allow/deny).
*Note:* if set to "deny", access will be rejected even if policy set to "allow"
-r, --reload
Reload firewall (implied by any change action)
-n, --numeric
Display port numbers instead of services (makes sense only with --list)
--force-root
Force to run, even with root privileges
AUTHORS
-------
Joanna Rutkowska \<joanna at invisiblethingslab dot com\>
Rafal Wojtczuk \<rafal at invisiblethingslab dot com\>
Marek Marczykowski \<marmarek at invisiblethingslab dot com\>
=======
| Joanna Rutkowska <joanna at invisiblethingslab dot com>
| Rafal Wojtczuk <rafal at invisiblethingslab dot com>
| Marek Marczykowski <marmarek at invisiblethingslab dot com>
```

30
reference/tools/3.2/dom0/qvm-grow-private.md
View File

@ -9,31 +9,27 @@ redirect_from:
- /wiki/Dom0Tools/QvmGrowPrivate/
---
```
================
qvm-grow-private
================
NAME
----
====
qvm-grow-private - increase private storage capacity of a specified VM
Date
2012-04-10
SYNOPSIS
--------
qvm-grow-private \<vm-name\> \<size\>
========
| qvm-grow-private <vm-name> <size>
OPTIONS
-------
-h, --help
Show this help message and exit
=======
-h, --help
Show this help message and exit
AUTHORS
-------
Joanna Rutkowska \<joanna at invisiblethingslab dot com\>
Rafal Wojtczuk \<rafal at invisiblethingslab dot com\>
Marek Marczykowski \<marmarek at invisiblethingslab dot com\>
=======
| Joanna Rutkowska <joanna at invisiblethingslab dot com>
| Rafal Wojtczuk <rafal at invisiblethingslab dot com>
| Marek Marczykowski <marmarek at invisiblethingslab dot com>
```

35
reference/tools/3.2/dom0/qvm-grow-root.md Normal file
View File

@ -0,0 +1,35 @@
---
layout: doc
title: qvm-grow-root
permalink: /doc/tools/3.2/dom0/qvm-grow-root/
redirect_from:
- /doc/dom0-tools/qvm-grow-root/
- /en/doc/dom0-tools/qvm-grow-root/
---
```
=============
qvm-grow-root
=============
NAME
====
qvm-grow-root - increase root storage capacity of a specified VM
SYNOPSIS
========
| qvm-grow-root <vm-name> <size>
OPTIONS
=======
-h, --help
Show this help message and exit
--allow-start
Allow VM to be started to complete the operation
AUTHORS
=======
| Joanna Rutkowska <joanna at invisiblethingslab dot com>
| Rafal Wojtczuk <rafal at invisiblethingslab dot com>
| Marek Marczykowski <marmarek at invisiblethingslab dot com>
```

29
reference/tools/3.2/dom0/qvm-kill.md
View File

@ -9,31 +9,28 @@ redirect_from:
- /wiki/Dom0Tools/QvmKill/
---
```
========
qvm-kill
========
NAME
----
====
qvm-kill - kills the specified VM
Date
2012-04-10
SYNOPSIS
--------
========
| qvm-kill [options] <vm-name>
qvm-kill [options] \<vm-name\>
OPTIONS
-------
-h, --help
Show this help message and exit
=======
-h, --help
Show this help message and exit
AUTHORS
-------
Joanna Rutkowska \<joanna at invisiblethingslab dot com\>
Rafal Wojtczuk \<rafal at invisiblethingslab dot com\>
Marek Marczykowski \<marmarek at invisiblethingslab dot com\>
=======
| Joanna Rutkowska <joanna at invisiblethingslab dot com>
| Rafal Wojtczuk <rafal at invisiblethingslab dot com>
| Marek Marczykowski <marmarek at invisiblethingslab dot com>
```

74
reference/tools/3.2/dom0/qvm-ls.md
View File

@ -9,55 +9,47 @@ redirect_from:
- /wiki/Dom0Tools/QvmLs/
---
```
======
qvm-ls
======
NAME
----
====
qvm-ls - list VMs and various information about their state
Date
2012-04-03
SYNOPSIS
--------
qvm-ls [options] \<vm-name\>
========
| qvm-ls [options] <vm-name>
OPTIONS
-------
-h, --help
Show help message and exit
-n, --network
Show network addresses assigned to VMs
-c, --cpu
Show CPU load
-m, --mem
Show memory usage
-d, --disk
Show VM disk utilization statistics
-i, --ids
Show Qubes and Xen id
-k, --kernel
Show VM kernel options
-b, --last-backup
Show date of last VM backup
--raw-list
List only VM names one per line
=======
-h, --help
Show help message and exit
-n, --network
Show network addresses assigned to VMs
-c, --cpu
Show CPU load
-m, --mem
Show memory usage
-d, --disk
Show VM disk utilization statistics
-i, --ids
Show Qubes and Xen id
-k, --kernel
Show VM kernel options
-b, --last-backup
Show date of last VM backup
--raw-list
List only VM names one per line
--raw-data
Display specify data of specified VMs. Intended for bash-parsing.
--list-fields
List field names valid for --raw-data
AUTHORS
-------
Joanna Rutkowska \<joanna at invisiblethingslab dot com\>
Rafal Wojtczuk \<rafal at invisiblethingslab dot com\>
Marek Marczykowski \<marmarek at invisiblethingslab dot com\>
=======
| Joanna Rutkowska <joanna at invisiblethingslab dot com>
| Rafal Wojtczuk <rafal at invisiblethingslab dot com>
| Marek Marczykowski <marmarek at invisiblethingslab dot com>
```

61
reference/tools/3.2/dom0/qvm-pci.md
View File

@ -9,46 +9,41 @@ redirect_from:
- /wiki/Dom0Tools/QvmPci/
---
```
=======
qvm-pci
=======
NAME
----
====
qvm-pci - list/set VM PCI devices
Date
2012-04-11
SYNOPSIS
--------
qvm-pci -l [options] \<vm-name\>
qvm-pci -a [options] \<vm-name\> \<device\>
qvm-pci -d [options] \<vm-name\> \<device\>
========
| qvm-pci -l [options] <vm-name>
| qvm-pci -a [options] <vm-name> <device>
| qvm-pci -d [options] <vm-name> <device>
OPTIONS
-------
-h, --help
Show this help message and exit
-l, --list
List VM PCI devices
-a, --add
Add a PCI device to specified VM
-C, --add-class
Add all devices of given class:
net - network interfaces, usb - USB controllers
-d, --delete
Remove a PCI device from specified VM
=======
-h, --help
Show this help message and exit
-l, --list
List VM PCI devices
-a, --add
Add a PCI device to specified VM
-C, --add-class
Add all devices of given class:
net - network interfaces,
usb - USB controllers
-d, --delete
Remove a PCI device from specified VM
--offline-mode
Offline mode
AUTHORS
-------
Joanna Rutkowska \<joanna at invisiblethingslab dot com\>
Rafal Wojtczuk \<rafal at invisiblethingslab dot com\>
Marek Marczykowski \<marmarek at invisiblethingslab dot com\>
=======
| Joanna Rutkowska <joanna at invisiblethingslab dot com>
| Rafal Wojtczuk <rafal at invisiblethingslab dot com>
| Marek Marczykowski <marmarek at invisiblethingslab dot com>
```

252
reference/tools/3.2/dom0/qvm-prefs.md
View File

@ -9,150 +9,220 @@ redirect_from:
- /wiki/Dom0Tools/QvmPrefs/
---
```
=========
qvm-prefs
=========
NAME
----
====
qvm-prefs - list/set various per-VM properties
Date
2012-04-11
SYNOPSIS
--------
========
| qvm-prefs -l [options] <vm-name>
| qvm-prefs -g [options] <vm-name> <property>
| qvm-prefs -s [options] <vm-name> <property> [...]
qvm-prefs -l [options] \<vm-name\>
qvm-prefs -g [options] \<vm-name\> \<property\>
qvm-prefs -s [options] \<vm-name\> \<property\> [...]
OPTIONS
-------
-h, --help
Show this help message and exit
-l, --list
List properties of a specified VM
-g, --get
Get a single property of a specified VM
-s, --set
Set properties of a specified VM
=======
-h, --help
Show this help message and exit
-l, --list
List properties of a specified VM
-g, --get
Get a single property of a specified VM
-s, --set
Set properties of a specified VM
--force-root
Force to run, even with root privileges
--offline-mode
Offline mode
PROPERTIES
----------
==========
include\_in\_backups
Accepted values: `True`, `False`
include_in_backups
Accepted values: ``True``, ``False``
Control whenever this VM will be included in backups by default (for now works only in qubes-manager). You can always manually select or deselect any VM for backup.
Control whenever this VM will be included in backups by default (for now
works only in qubes-manager). You can always manually select or
deselect any VM for backup.
pcidevs
PCI devices assigned to the VM. Should be edited using qvm-pci tool.
pcidevs
PCI devices assigned to the VM. Should be edited using qvm-pci tool.
pci\_strictreset
Accepted values: `True`, `False`
pci_strictreset
Accepted values: ``True``, ``False``
Control whether prevent assigning to VM a device which does not support any reset method. Generally such devices should not be assigned to any VM, because there will be no way to reset device state after VM shutdown, so the device could attack next VM to which it will be assigned. But in some cases it could make sense - for example when the VM to which it is assigned is trusted one, or is running all the time.
Control whether prevent assigning to VM a device which does not support any
reset method. Generally such devices should not be assigned to any VM,
because there will be no way to reset device state after VM shutdown, so
the device could attack next VM to which it will be assigned. But in some
cases it could make sense - for example when the VM to which it is assigned
is trusted one, or is running all the time.
label
Accepted values: `red`, `orange`, `yellow`, `green`, `gray`, `blue`, `purple`, `black`
pci_e820_host
Accepted values: ``True``, ``False``
Color of VM label (icon, appmenus, windows border). If VM is running, change will be applied at first VM restart.
Give VM with PCI devices a memory map (e820) of the host. This is
required for some devices to properly resolve conflicts in address space.
This option is enabled by default for VMs with PCI devices and have no
effect for VMs without devices.
netvm
Accepted values: netvm name, `default`, `none`
label
Accepted values: ``red``, ``orange``, ``yellow``, ``green``, ``gray``,
``blue``, ``purple``, ``black``
To which NetVM connect. Setting to `default` will follow system-global default NetVM (managed by qubes-prefs). Setting to `none` will disable networking in this VM.
Color of VM label (icon, appmenus, windows border). If VM is running,
change will be applied at first VM restart.
dispvm\_netvm
Accepted values: netvm name, `default`, `none`
netvm
Accepted values: netvm name, ``default``, ``none``
Which NetVM should be used for Disposable VMs started by this one. `default` is to use the same NetVM as the VM itself.
To which NetVM connect. Setting to ``default`` will follow system-global
default NetVM (managed by qubes-prefs). Setting to ``none`` will disable
networking in this VM.
maxmem
Accepted values: memory size in MB
dispvm_netvm
Accepted values: netvm name, ``default``, ``none``
Maximum memory size available for this VM. Dynamic memory management (aka qmemman) will not be able to balloon over this limit. For VMs with qmemman disabled, this will be overridden by *memory* property (at VM startup).
Which NetVM should be used for Disposable VMs started by this one.
``default`` is to use the same NetVM as the VM itself.
memory
Accepted values: memory size in MB
maxmem
Accepted values: memory size in MB
Initial memory size for VM. This should be large enough to allow VM startup - before qmemman starts managing memory for this VM. For VM with qmemman disabled, this is static memory size.
Maximum memory size available for this VM. Dynamic memory management (aka
qmemman) will not be able to balloon over this limit. For VMs with
qmemman disabled, this will be overridden by *memory* property (at VM
startup).
kernel
Accepted values: kernel version, `default`, `none`
memory
Accepted values: memory size in MB
Kernel version to use (only for PV VMs). Available kernel versions will be listed when no value given (there are in /var/lib/qubes/vm-kernels). Setting to `default` will follow system-global default kernel (managed via qubes-prefs). Setting to `none` will use "kernels" subdir in VM directory - this allows having VM-specific kernel; also this the only case when /lib/modules is writable from within VM.
Initial memory size for VM. This should be large enough to allow VM startup
- before qmemman starts managing memory for this VM. For VM with qmemman
disabled, this is static memory size.
template
Accepted values: TemplateVM name
kernel
Accepted values: kernel version, ``default``, ``none``
TemplateVM on which VM base. It can be changed only when VM isn't running.
Kernel version to use (only for PV VMs). Available kernel versions will be
listed when no value given (there are in /var/lib/qubes/vm-kernels).
Setting to ``default`` will follow system-global default kernel (managed
via qubes-prefs). Setting to ``none`` will use "kernels" subdir in
VM directory - this allows having VM-specific kernel; also this the only
case when /lib/modules is writable from within VM.
vcpus
Accepted values: no of CPUs
template
Accepted values: TemplateVM name
Number of CPU (cores) available to VM. Some VM types (eg DispVM) will not work properly with more than one CPU.
TemplateVM on which VM base. It can be changed only when VM isn't running.
kernelopts
Accepted values: string, `default`
vcpus
Accepted values: no of CPUs
VM kernel parameters (available only for PV VMs). This can be used to workaround some hardware specific problems (eg for NetVM). Setting to `default` will use some reasonable defaults (currently different for VMs with PCI devices and without). For VM without PCI devices `default` option means inherit this value from the VM template (if any). Some helpful options (for debugging purposes): `earlyprintk=xen`, `init=/bin/bash`
Number of CPU (cores) available to VM. Some VM types (eg DispVM) will not
work properly with more than one CPU.
name
Accepted values: alphanumerical name
kernelopts
Accepted values: string, ``default``
Name of the VM. Can be only changed when VM isn't running.
VM kernel parameters (available only for PV VMs). This can be used to
workaround some hardware specific problems (eg for NetVM). Setting to
``default`` will use some reasonable defaults (currently different for VMs
with PCI devices and without). For VM without PCI devices
``default`` option means inherit this value from the VM template (if any).
Some helpful options (for debugging purposes): ``earlyprintk=xen``,
``init=/bin/bash``
drive
Accepted values: [hd:|cdrom:][backend-vm:]path
name
Accepted values: alphanumerical name
Additional drive for the VM (available only for HVMs). This can be used to attach installation image. `path` can be file or physical device (eg. /dev/sr0). The same syntax can be used in qvm-start --drive - to attach drive only temporarily.
Name of the VM. Can be only changed when VM isn't running.
mac
Accepted values: MAC address, `auto`
drive
Accepted values: [hd:\|cdrom:][backend-vm:]path
Can be used to force specific of virtual ethernet card in the VM. Setting to `auto` will use automatic-generated MAC - based on VM id. Especially useful when licensing requires a static MAC address. For template-based HVM `auto` mode means to clone template MAC.
Additional drive for the VM (available only for HVMs). This can be used to
attach installation image. ``path`` can be file or physical device (eg.
/dev/sr0). The same syntax can be used in qvm-start --drive - to
attach drive only temporarily.
default\_user
Accepted values: username
mac
Accepted values: MAC address, ``auto``
Default user used by qvm-run. Note that it make sense only on non-standard template, as the standard one always have "user" account.
Can be used to force specific of virtual ethernet card in the VM. Setting
to ``auto`` will use automatic-generated MAC - based on VM id. Especially
useful when licensing requires a static MAC address.
For template-based HVM ``auto`` mode means to clone template MAC.
debug
Accepted values: `on`, `off`
default_user
Accepted values: username
Enables debug mode for VM. This can be used to turn on/off verbose logging in many Qubes components at once (gui virtualization, VM kernel, some other services). For template-based HVM, enabling debug mode also disables automatic reset root.img (actually volatile.img) before each VM startup, so changes made to root filesystem stays intact. To force reset root.img when debug mode enabled, either change something in the template (simple start+stop will do, even touch its root.img is enough), or remove VM's volatile.img (check the path with qvm-prefs).
Default user used by qvm-run. Note that it make sense only on non-standard
template, as the standard one always have "user" account.
qrexec\_installed
Accepted values: `True`, `False`
debug
Accepted values: ``on``, ``off``
This HVM have qrexec agent installed. When VM have qrexec agent installed, one can use qvm-run to start VM process, VM will benefit from Qubes RPC services (like file copy, or inter-vm clipboard). This option will be automatically turned on during Qubes Windows Tools installation, but if you install qrexec agent in some other OS, you need to turn this option on manually.
Enables debug mode for VM. This can be used to turn on/off verbose logging
in many Qubes components at once (gui virtualization, VM kernel, some other
services).
For template-based HVM, enabling debug mode also disables automatic reset
root.img (actually volatile.img) before each VM startup, so changes made to
root filesystem stays intact. To force reset root.img when debug mode
enabled, either change something in the template (simple start+stop will
do, even touch its root.img is enough), or remove VM's volatile.img
(check the path with qvm-prefs).
guiagent\_installed
Accepted values: `True`, `False`
qrexec_installed
Accepted values: ``True``, ``False``
This HVM have gui agent installed. This option disables full screen GUI virtualization and enables per-window seemless GUI mode. This option will be automatically turned on during Qubes Windows Tools installation, but if you install Qubes gui agent in some other OS, you need to turn this option on manually. You can turn this option off to troubleshoot some early HVM OS boot problems (enter safe mode etc), but the option will be automatically enabled at first VM normal startup (and will take effect from the next startup).
This HVM have qrexec agent installed. When VM have qrexec agent installed,
one can use qvm-run to start VM process, VM will benefit from Qubes RPC
services (like file copy, or inter-vm clipboard). This option will be
automatically turned on during Qubes Windows Tools installation, but if you
install qrexec agent in some other OS, you need to turn this option on
manually.
*Notice:* when Windows GUI agent is installed in the VM, SVGA device (used to full screen video) is disabled, so even if you disable this option, you will not get functional full desktop access (on normal VM startup). Use some other means for that (VNC, RDP or so).
guiagent_installed
Accepted values: ``True``, ``False``
autostart
Accepted values: `True`, `False`
This HVM have gui agent installed. This option disables full screen GUI
virtualization and enables per-window seemless GUI mode. This option will
be automatically turned on during Qubes Windows Tools installation, but if
you install Qubes gui agent in some other OS, you need to turn this option
on manually. You can turn this option off to troubleshoot some early HVM OS
boot problems (enter safe mode etc), but the option will be automatically
enabled at first VM normal startup (and will take effect from the next
startup).
Start the VM during system startup. The default netvm is autostarted regardless of this setting.
*Notice:* when Windows GUI agent is installed in the VM, SVGA device (used
to full screen video) is disabled, so even if you disable this
option, you will not get functional full desktop access (on normal VM
startup). Use some other means for that (VNC, RDP or so).
timezone
Accepted values: `localtime`, time offset in seconds
autostart
Accepted values: ``True``, ``False``
Set emulated HVM clock timezone. Use `localtime` (the default) to use the same time as dom0 have. Note that HVM will get only clock value, not the timezone itself, so if you use `localtime` setting, OS inside of HVM should also be configured to treat hardware clock as local time (and have proper timezone set).
Start the VM during system startup. The default netvm is autostarted
regardless of this setting.
timezone
Accepted values: ``localtime``, time offset in seconds
Set emulated HVM clock timezone. Use ``localtime`` (the default) to use the
same time as dom0 have. Note that HVM will get only clock value, not the
timezone itself, so if you use ``localtime`` setting, OS inside of HVM
should also be configured to treat hardware clock as local time (and have
proper timezone set).
AUTHORS
-------
Joanna Rutkowska \<joanna at invisiblethingslab dot com\>
Rafal Wojtczuk \<rafal at invisiblethingslab dot com\>
Marek Marczykowski \<marmarek at invisiblethingslab dot com\>
=======
| Joanna Rutkowska <joanna at invisiblethingslab dot com>
| Rafal Wojtczuk <rafal at invisiblethingslab dot com>
| Marek Marczykowski <marmarek at invisiblethingslab dot com>
```

45
reference/tools/3.2/dom0/qvm-remove.md
View File

@ -9,40 +9,33 @@ redirect_from:
- /wiki/Dom0Tools/QvmRemove/
---
```
==========
qvm-remove
==========
NAME
----
====
qvm-remove - remove a VM
Date
2012-04-11
SYNOPSIS
--------
qvm-remove [options] \<vm-name\>
========
| qvm-remove [options] <vm-name>
OPTIONS
-------
-h, --help
Show this help message and exit
-q, --quiet
Be quiet
--just-db
Remove only from the Qubes Xen DB, do not remove any files
--force-root
Force to run, even with root privileges
=======
-h, --help
Show this help message and exit
-q, --quiet
Be quiet
--just-db
Remove only from qubes.xml; do not remove any files
--force-root
Force to run, even with root privileges
AUTHORS
-------
Joanna Rutkowska \<joanna at invisiblethingslab dot com\>
Rafal Wojtczuk \<rafal at invisiblethingslab dot com\>
Marek Marczykowski \<marmarek at invisiblethingslab dot com\>
=======
| Joanna Rutkowska <joanna at invisiblethingslab dot com>
| Rafal Wojtczuk <rafal at invisiblethingslab dot com>
| Marek Marczykowski <marmarek at invisiblethingslab dot com>
```

35
reference/tools/3.2/dom0/qvm-revert-template-changes.md
View File

@ -9,34 +9,29 @@ redirect_from:
- /wiki/Dom0Tools/QvmRevertTemplateChanges/
---
```
===========================
qvm-revert-template-changes
===========================
NAME
----
====
qvm-revert-template-changes
Date
2012-04-11
SYNOPSIS
--------
qvm-revert-template-changes [options] \<template-name\>
========
| qvm-revert-template-changes [options] <template-name>
OPTIONS
-------
-h, --help
Show this help message and exit
--force
Do not prompt for confirmation
=======
-h, --help
Show this help message and exit
--force
Do not prompt for confirmation
AUTHORS
-------
Joanna Rutkowska \<joanna at invisiblethingslab dot com\>
Rafal Wojtczuk \<rafal at invisiblethingslab dot com\>
Marek Marczykowski \<marmarek at invisiblethingslab dot com\>
=======
| Joanna Rutkowska <joanna at invisiblethingslab dot com>
| Rafal Wojtczuk <rafal at invisiblethingslab dot com>
| Marek Marczykowski <marmarek at invisiblethingslab dot com>
```

109
reference/tools/3.2/dom0/qvm-run.md
View File

@ -9,70 +9,67 @@ redirect_from:
- /wiki/Dom0Tools/QvmRun/
---
```
=======
qvm-run
=======
NAME
----
====
qvm-run - run a command on a specified VM
Date
2012-04-11
SYNOPSIS
--------
qvm-run [options] [\<vm-name\>] [\<cmd\>]
========
| qvm-run [options] [<vm-name>] [<cmd>]
OPTIONS
-------
-h, --help
Show this help message and exit
-q, --quiet
Be quiet
-a, --auto
Auto start the VM if not running
-u USER, --user=USER
Run command in a VM as a specified user
--tray
Use tray notifications instead of stdout
--all
Run command on all currently running VMs (or all paused, in the case of --unpause)
--exclude=EXCLUDE\_LIST
When --all is used: exclude this VM name (might be repeated)
--wait
Wait for the VM(s) to shutdown
--shutdown
(deprecated) Do 'xl shutdown' for the VM(s) (can be combined this with --all and --wait)
--pause
Do 'xl pause' for the VM(s) (can be combined this with --all and --wait)
--unpause
Do 'xl unpause' for the VM(s) (can be combined this with --all and --wait)
-p, --pass-io
Pass stdin/stdout/stderr from remote program
--localcmd=LOCALCMD
With --pass-io, pass stdin/stdout/stderr to the given program
--force
Force operation, even if may damage other VMs (eg. shutdown of NetVM)
=======
-h, --help
Show this help message and exit
-q, --quiet
Be quiet
-a, --auto
Auto start the VM if not running
-u USER, --user=USER
Run command in a VM as a specified user
--tray
Use tray notifications instead of stdout
--all
Run command on all currently running VMs (or all paused, in case of --unpause)
--exclude=EXCLUDE_LIST
When --all is used: exclude this VM name (might be repeated)
--wait
Wait for the VM(s) to shutdown
--shutdown
(deprecated) Do 'xl shutdown' for the VM(s) (can be combined this with --all and --wait)
--pause
Do 'xl pause' for the VM(s) (can be combined this with --all and --wait)
--unpause
Do 'xl unpause' for the VM(s) (can be combined this with --all and --wait)
-p, --pass-io
Pass stdin/stdout/stderr from remote program
--localcmd=LOCALCMD
With --pass-io, pass stdin/stdout/stderr to the given program
--nogui
Run command without gui
--filter-escape-chars
Filter terminal escape sequences (default if output is terminal)
--no-filter-escape-chars
Do not filter terminal escape sequences - overrides --filter-escape-chars, DANGEROUS when output is terminal
--no-color-output
Disable marking VM output with red color
--no-color-stderr
Disable marking VM stderr with red color
--color-output
Force marking VM output with given ANSI style (use 31 for red)
--color-stderr
Force marking VM stderr with given ANSI style (use 31 for red)
--force
Force operation, even if may damage other VMs (eg. shutdown of NetVM)
AUTHORS
-------
Joanna Rutkowska \<joanna at invisiblethingslab dot com\>
Rafal Wojtczuk \<rafal at invisiblethingslab dot com\>
Marek Marczykowski \<marmarek at invisiblethingslab dot com\>
=======
| Joanna Rutkowska <joanna at invisiblethingslab dot com>
| Rafal Wojtczuk <rafal at invisiblethingslab dot com>
| Marek Marczykowski <marmarek at invisiblethingslab dot com>
```

167
reference/tools/3.2/dom0/qvm-service.md
View File

@ -9,129 +9,138 @@ redirect_from:
- /wiki/Dom0Tools/QvmService/
---
```
===========
qvm-service
===========
NAME
----
====
qvm-service - manage (Qubes-specific) services started in VM
Date
2012-05-30
SYNOPSIS
--------
qvm-service [-l] \<vmname\>
qvm-service [-e|-d|-D] \<vmname\> \<service\>
========
| qvm-service [-l] <vmname>
| qvm-service [-e|-d|-D] <vmname> <service>
OPTIONS
-------
-h, --help
Show this help message and exit
-l, --list
List services (default action)
-e, --enable
Enable service
-d, --disable
Disable service
-D, --default
Reset service to its default state (remove from the list). Default state means "lets VM choose" and can depend on VM type (NetVM, AppVM etc).
=======
-h, --help
Show this help message and exit
-l, --list
List services (default action)
-e, --enable
Enable service
-d, --disable
Disable service
-D, --default
Reset service to its default state (remove from the list). Default state
means "lets VM choose" and can depend on VM type (NetVM, AppVM etc).
SUPPORTED SERVICES
------------------
==================
This list can be incomplete as VM can implement any additional service without knowledge of qubes-core code.
meminfo-writer
Default: enabled everywhere excluding NetVM
meminfo-writer
Default: enabled everywhere excluding NetVM
This service reports VM memory usage to dom0, which effectively enables dynamic memory management for the VM.
This service reports VM memory usage to dom0, which effectively enables dynamic memory management for the VM.
*Note:* this service is enforced to be set by dom0 code. If you try to remove it (reset to default state), will be recreated with the rule: enabled if VM have no PCI devices assigned, otherwise disabled.
*Note:* this service is enforced to be set by dom0 code. If you try to
remove it (reset to default state), will be recreated with the rule: enabled
if VM have no PCI devices assigned, otherwise disabled.
qubes-dvm
Default: disabled
qubes-dvm
Default: disabled
Used internally when creating DispVM savefile.
Used internally when creating DispVM savefile.
qubes-firewall
Default: enabled only in ProxyVM
qubes-firewall
Default: enabled only in ProxyVM
Dynamic firewall manager, based on settings in dom0 (qvm-firewall, firewall tab in qubes-manager). This service is not supported in netvms.
Dynamic firewall manager, based on settings in dom0 (qvm-firewall, firewall tab in qubes-manager).
This service is not supported in netvms.
qubes-network
Default: enabled only in NetVM and ProxyVM
qubes-network
Default: enabled only in NetVM and ProxyVM
Expose network for other VMs. This includes enabling network forwarding, MASQUERADE, DNS redirection and basic firewall.
Expose network for other VMs. This includes enabling network forwarding, MASQUERADE, DNS redirection and basic firewall.
qubes-netwatcher
Default: enabled only in ProxyVM
qubes-netwatcher
Default: enabled only in ProxyVM
Monitor IP change notification from NetVM. When received, reload qubes-firewall service (to force DNS resolution).
This service makes sense only with qubes-firewall enabled.
Monitor IP change notification from NetVM. When received, reload qubes-firewall service (to force DNS resolution). This service makes sense only with qubes-firewall enabled.
qubes-update-check
Default: enabled
qubes-update-check
Default: enabled
Notify dom0 about updates available for this VM. This is shown in qubes-manager as 'update-pending' flag.
Notify dom0 about updates available for this VM. This is shown in qubes-manager as 'update-pending' flag.
cups
Default: enabled only in AppVM
cups
Default: enabled only in AppVM
Enable CUPS service. The user can disable cups in VM which do not need printing to speed up booting.
Enable CUPS service. The user can disable cups in VM which do not need printing to speed up booting.
crond
Default: disabled
crond
Default: disabled
Enable CRON service.
Enable CRON service. To have cron jobs persist across reboots, /var/spool/cron is bind-mounted from /rw/bind-dirs. To override this see [Bind-Dir Instructions](/doc/bind-dirs/) )
network-manager
Default: enabled in NetVM
network-manager
Default: enabled in NetVM
Enable NetworkManager. Only VM with direct access to network device needs
this service, but can be useful in ProxyVM to ease VPN setup.
Enable NetworkManager. Only VM with direct access to network device needs this service, but can be useful in ProxyVM to ease VPN setup.
ntpd
Default: disabled
ntpd
Default: disabled
Enable NTPD service. By default Qubes calls ntpdate every 6 minutes in
selected VM (aka ClockVM), then propagate the result using qrexec calls.
Enabling ntpd *do not* disable this behaviour.
Enable NTPD service. By default Qubes calls ntpdate every 6 minutes in selected VM (aka ClockVM), then propagate the result using qrexec calls. Enabling ntpd *do not* disable this behaviour.
qubes-yum-proxy
Deprecated name for qubes-updates-proxy.
qubes-yum-proxy
Deprecated name for qubes-updates-proxy.
qubes-updates-proxy
Default: enabled in NetVM
qubes-updates-proxy
Default: enabled in NetVM
Provide proxy service, which allow access only to yum repos. Filtering is
done based on URLs, so it shouldn't be used as leak control (pretty easy to
bypass), but is enough to prevent some erroneous user actions.
Provide proxy service, which allow access only to yum repos. Filtering is done based on URLs, so it shouldn't be used as leak control (pretty easy to bypass), but is enough to prevent some erroneous user actions.
yum-proxy-setup
Deprecated name for updates-proxy-setup.
yum-proxy-setup
Deprecated name for updates-proxy-setup.
updates-proxy-setup
Default: enabled in AppVM (also in templates)
updates-proxy-setup
Default: enabled in AppVM (also in templates)
Setup yum at startup to use qubes-yum-proxy service.
Setup yum at startup to use qubes-yum-proxy service.
*Note:* this service is automatically enabled when you allow VM to access
yum proxy (in firewall settings) and disabled when you deny access to yum
proxy.
*Note:* this service is automatically enabled when you allow VM to access yum proxy (in firewall settings) and disabled when you deny access to yum proxy.
disable-default-route
Default: disabled
disable-default-route
Default: disabled
Disables the default route for networking. Enabling this service
will prevent the creation of the default route, but the VM will
still be able to reach it's direct neighbors. The functionality
is implemented in /usr/lib/qubes/setup-ip.
Disables the default route for networking. Enabling this service will prevent the creation of the default route, but the VM will still be able to reach it's direct neighbors. The functionality is implemented in /usr/lib/qubes/setup-ip.
disable-dns-server
Default: disabled
disable-dns-server
Default: disabled
Enabling this service will result in an empty /etc/resolv.conf.
The functionality is implemented in /usr/lib/qubes/setup-ip.
Enabling this service will result in an empty /etc/resolv.conf. The functionality is implemented in /usr/lib/qubes/setup-ip.
AUTHORS
-------
Joanna Rutkowska \<joanna at invisiblethingslab dot com\>
Rafal Wojtczuk \<rafal at invisiblethingslab dot com\>
Marek Marczykowski \<marmarek at invisiblethingslab dot com\>
=======
| Joanna Rutkowska <joanna at invisiblethingslab dot com>
| Rafal Wojtczuk <rafal at invisiblethingslab dot com>
| Marek Marczykowski <marmarek at invisiblethingslab dot com>
```

57
reference/tools/3.2/dom0/qvm-shutdown.md
View File

@ -9,46 +9,39 @@ redirect_from:
- /wiki/Dom0Tools/QvmShutdown/
---
```
============
qvm-shutdown
============
NAME
----
====
qvm-shutdown
Date
2012-04-11
SYNOPSIS
--------
qvm-shutdown [options] \<vm-name\>
========
| qvm-shutdown [options] <vm-name> [vm-name ...]
OPTIONS
-------
-h, --help
Show this help message and exit
-q, --quiet
Be quiet
--force
Force operation, even if may damage other VMs (eg. shutdown of NetVM)
--wait
Wait for the VM(s) to shutdown
--all
Shutdown all running VMs
--exclude=EXCLUDE\_LIST
When --all is used: exclude this VM name (might be repeated)
=======
-h, --help
Show this help message and exit
-q, --quiet
Be quiet
--force
Force operation, even if may damage other VMs (eg. shutdown of NetVM)
--wait
Wait for the VM(s) to shutdown
--wait-time
Timeout after which VM will be killed when --wait is used
--all
Shutdown all running VMs
--exclude=EXCLUDE_LIST
When --all is used: exclude this VM name (might be repeated)
AUTHORS
-------
Joanna Rutkowska \<joanna at invisiblethingslab dot com\>
Rafal Wojtczuk \<rafal at invisiblethingslab dot com\>
Marek Marczykowski \<marmarek at invisiblethingslab dot com\>
=======
| Joanna Rutkowska <joanna at invisiblethingslab dot com>
| Rafal Wojtczuk <rafal at invisiblethingslab dot com>
| Marek Marczykowski <marmarek at invisiblethingslab dot com>
```

67
reference/tools/3.2/dom0/qvm-start.md
View File

@ -9,46 +9,49 @@ redirect_from:
- /wiki/Dom0Tools/QvmStart/
---
```
=========
qvm-start
=========
NAME
----
====
qvm-start - start a specified VM
Date
2012-04-11
SYNOPSIS
--------
qvm-start [options] \<vm-name\>
========
| qvm-start [options] <vm-name>
OPTIONS
-------
-h, --help
Show this help message and exit
-q, --quiet
Be quiet
--no-guid
Do not start the GUId (ignored)
--console
Attach debugging console to the newly started VM
--dvm
Do actions necessary when preparing DVM image
--custom-config=CUSTOM\_CONFIG
Use custom Xen config instead of Qubes-generated one
=======
-h, --help
Show this help message and exit
-q, --quiet
Be quiet
--tray
Use tray notifications instead of stdout
--no-guid
Do not start the GUId (ignored)
--drive
Temporarily attach specified drive as CD/DVD or hard disk (can be specified with prefix 'hd' or 'cdrom:', default is cdrom)
--hddisk
Temporarily attach specified drive as hard disk
--cdrom
Temporarily attach specified drive as CD/DVD
--install-windows-tools
Attach Windows tools CDROM to the VM
--dvm
Do actions necessary when preparing DVM image
--custom-config=CUSTOM_CONFIG
Use custom Xen config instead of Qubes-generated one
--skip-if-running
Do no fail if the VM is already running
--debug
Enable debug mode for this VM (until its shutdown)
AUTHORS
-------
Joanna Rutkowska \<joanna at invisiblethingslab dot com\>
Rafal Wojtczuk \<rafal at invisiblethingslab dot com\>
Marek Marczykowski \<marmarek at invisiblethingslab dot com\>
=======
| Joanna Rutkowska <joanna at invisiblethingslab dot com>
| Rafal Wojtczuk <rafal at invisiblethingslab dot com>
| Marek Marczykowski <marmarek at invisiblethingslab dot com>
```

32
reference/tools/3.2/dom0/qvm-template-commit.md
View File

@ -9,31 +9,29 @@ redirect_from:
- /wiki/Dom0Tools/QvmTemplateCommit/
---
```
===================
qvm-template-commit
===================
NAME
----
====
qvm-template-commit
Date
2012-04-11
SYNOPSIS
--------
qvm-template-commit [options] \<vm-name\>
========
| qvm-template-commit [options] <vm-name>
OPTIONS
-------
-h, --help
Show this help message and exit
=======
-h, --help
Show this help message and exit
--offline-mode
Offline mode
AUTHORS
-------
Joanna Rutkowska \<joanna at invisiblethingslab dot com\>
Rafal Wojtczuk \<rafal at invisiblethingslab dot com\>
Marek Marczykowski \<marmarek at invisiblethingslab dot com\>
=======
| Joanna Rutkowska <joanna at invisiblethingslab dot com>
| Rafal Wojtczuk <rafal at invisiblethingslab dot com>
| Marek Marczykowski <marmarek at invisiblethingslab dot com>
```

45
reference/tools/3.2/dom0/qvm-usb.md Normal file
View File

@ -0,0 +1,45 @@
---
layout: doc
title: qvm-usb
permalink: /doc/tools/3.2/dom0/qvm-usb/
redirect_from:
- /doc/dom0-tools/qvm-usb/
- /en/doc/dom0-tools/qvm-usb/
---
```
=======
qvm-usb
=======
NAME
====
qvm-usb - List/set VM USB devices
SYNOPSIS
========
| qvm-usb -l [options]
| qvm-usb -a [options] <vm-name> <device-vm-name>:<device>
| qvm-usb -d [options] <device-vm-name>:<device>
OPTIONS
=======
-h, --help
Show this help message and exit
-l, -list
List devices
-a, --attach
Attach specified device to specified VM
-d, --detach
Detach specified device
--no-auto-detach
Fail when device already connected to other VM
--force-root
Force to run, even with root privileges
AUTHORS
=======
| Joanna Rutkowska <joanna at invisiblethingslab dot com>
| Rafal Wojtczuk <rafal at invisiblethingslab dot com>
| Marek Marczykowski <marmarek at invisiblethingslab dot com>
```

1
reference/tools/3.2/domU.md
View File

@ -12,6 +12,7 @@ redirect_from:
DomU Command-Line Tools for Qubes 3.2
=====================================
* [qrexec-client-vm](/doc/tools/3.2/domU/qrexec-client-vm/)
* [qvm-copy-to-vm](/doc/tools/3.2/domU/qvm-copy-to-vm/)
* [qvm-open-in-dvm](/doc/tools/3.2/domU/qvm-open-in-dvm/)
* [qvm-open-in-vm](/doc/tools/3.2/domU/qvm-open-in-vm/)

86
reference/tools/3.2/domU/qrexec-client-vm.md Normal file
View File

@ -0,0 +1,86 @@
---
layout: doc
title: qrexec-client-vm
permalink: /doc/tools/3.2/domU/qrexec-client-vm/
redirect_from:
- /doc/domU-tools/qrexec-client-vm/
- /en/doc/domU-tools/qrexec-client-vm/
---
```
================
qrexec-client-vm
================
NAME
====
qrexec-client-vm - call Qubes RPC service
SYNOPSIS
========
| qrexec-client-vm *target_vmname* *service* [*local_program* [*local program arguments*]]
DESCRIPTION
===========
Call Qubes RPC (aka qrexec) service to a different VM. The service call request
is sent to dom0, where Qubes RPC policy is evaluated and when it allows the
call, it is forwarded to appropriate target VM (which may be different than
requested, if policy says so). Local program (if given) is started only
when service call is allowed by the policy.
Remote service can communicate with the caller (``qrexec-client-vm``) using
stdin/stdout. When *local_program* is given, its stdin/stdout is connected to
service stdin/stdout (stderr is not redirected), otherwise - service
stdin/stdout is connected to those of ``qrexec-client-vm``.
OPTIONS
=======
*target_vmname*
Name of target VM to which service is requested. Qubes RPC policy may
ignore this value and redirect call somewhere else.
This argument, can contain VM name, or one of special values:
* ``$dispvm`` - new Disposable VM
This field is limited to 31 characters (alphanumeric, plus ``-_.$``).
*service*
Requested service. Besides service name, it can contain a service argument
after ``+`` character. For example ``some.service+argument``.
This field is limited to 63 characters (alphanumeric, plus ``-_.$+``).
*local_program*
Full path to local program to be connected with remote service. Optional.
*local program arguments*
Arguments to *local_program*. Optional.
EXIT STATUS
===========
If service call is allowed by dom0 and ``qrexec-client-vm`` is started without
*local_program* argument, it reports remote service exit code.
If service call is allowed by dom0 and ``qrexec-client-vm`` is started with
*local_program* argument, it reports the local program exit code. There is no
way to learn exit code of remote service in this case.
In both cases, if process (local or remote) was terminated by a signal, exit
status is 128+signal number.
If service call is denied by dom0, ``qrexec-client-vm`` exit with status 126.
AUTHORS
=======
| Joanna Rutkowska <joanna at invisiblethingslab dot com>
| Rafal Wojtczuk <rafal at invisiblethingslab dot com>
| Marek Marczykowski-Górecki <marmarek at invisiblethingslab dot com>
```

30
reference/tools/3.2/domU/qvm-copy-to-vm.md
View File

@ -9,31 +9,27 @@ redirect_from:
- /wiki/VmTools/QvmCopyToVm/
---
```
==============
qvm-copy-to-vm
==============
NAME
----
====
qvm-copy-to-vm - copy specified files to specified destination VM
Date
2012-05-30
SYNOPSIS
--------
qvm-copy-to-vm [--without-progress] dest\_vmname file [file]+
========
| qvm-copy-to-vm [--without-progress] dest_vmname file [file]+
OPTIONS
-------
--without-progress
Don't display progress info
=======
--without-progress
Don't display progress info
AUTHORS
-------
Joanna Rutkowska \<joanna at invisiblethingslab dot com\>
Rafal Wojtczuk \<rafal at invisiblethingslab dot com\>
Marek Marczykowski \<marmarek at invisiblethingslab dot com\>
=======
| Joanna Rutkowska <joanna at invisiblethingslab dot com>
| Rafal Wojtczuk <rafal at invisiblethingslab dot com>
| Marek Marczykowski <marmarek at invisiblethingslab dot com>
```

25
reference/tools/3.2/domU/qvm-open-in-dvm.md
View File

@ -9,28 +9,25 @@ redirect_from:
- /wiki/VmTools/QvmOpenInDvm/
---
```
===============
qvm-open-in-dvm
===============
NAME
----
====
qvm-open-in-dvm - open a specified file in disposable VM
Date
2012-05-30
SYNOPSIS
--------
qvm-open-in-dvm filename
========
| qvm-open-in-dvm filename
OPTIONS
-------
=======
AUTHORS
-------
Joanna Rutkowska \<joanna at invisiblethingslab dot com\>
Rafal Wojtczuk \<rafal at invisiblethingslab dot com\>
Marek Marczykowski \<marmarek at invisiblethingslab dot com\>
=======
| Joanna Rutkowska <joanna at invisiblethingslab dot com>
| Rafal Wojtczuk <rafal at invisiblethingslab dot com>
| Marek Marczykowski <marmarek at invisiblethingslab dot com>
```

25
reference/tools/3.2/domU/qvm-open-in-vm.md
View File

@ -9,28 +9,25 @@ redirect_from:
- /wiki/VmTools/QvmOpenInVm/
---
```
==============
qvm-open-in-vm
==============
NAME
----
====
qvm-open-in-vm - open a specified file in other VM
Date
2012-05-30
SYNOPSIS
--------
qvm-open-in-vm vmname filename
========
| qvm-open-in-vm vmname filename
OPTIONS
-------
=======
AUTHORS
-------
Joanna Rutkowska \<joanna at invisiblethingslab dot com\>
Rafal Wojtczuk \<rafal at invisiblethingslab dot com\>
Marek Marczykowski \<marmarek at invisiblethingslab dot com\>
=======
| Joanna Rutkowska <joanna at invisiblethingslab dot com>
| Rafal Wojtczuk <rafal at invisiblethingslab dot com>
| Marek Marczykowski <marmarek at invisiblethingslab dot com>
```

30
reference/tools/3.2/domU/qvm-run.md
View File

@ -9,31 +9,27 @@ redirect_from:
- /wiki/VmTools/QvmRun/
---
```
=======
qvm-run
=======
NAME
----
====
qvm-run - run a specified command in a specified VM
Date
2012-05-30
SYNOPSIS
--------
qvm-run vmname command [arguments]
========
| qvm-run vmname command [aguments]
OPTIONS
-------
--dispvm
Pass this option instead of vmname to start new DisposableVM
=======
--dispvm
Pass this option instead of vmname to start new DisposableVM
AUTHORS
-------
Joanna Rutkowska \<joanna at invisiblethingslab dot com\>
Rafal Wojtczuk \<rafal at invisiblethingslab dot com\>
Marek Marczykowski \<marmarek at invisiblethingslab dot com\>
=======
| Joanna Rutkowska <joanna at invisiblethingslab dot com>
| Rafal Wojtczuk <rafal at invisiblethingslab dot com>
| Marek Marczykowski <marmarek at invisiblethingslab dot com>
```