]>
Commit | Line | Data |
---|---|---|
6a7e2bbe SH |
1 | QEMU virtio-fs shared file system daemon |
2 | ======================================== | |
3 | ||
4 | Synopsis | |
5 | -------- | |
6 | ||
7 | **virtiofsd** [*OPTIONS*] | |
8 | ||
9 | Description | |
10 | ----------- | |
11 | ||
12 | Share a host directory tree with a guest through a virtio-fs device. This | |
13 | program is a vhost-user backend that implements the virtio-fs device. Each | |
14 | virtio-fs device instance requires its own virtiofsd process. | |
15 | ||
16 | This program is designed to work with QEMU's ``--device vhost-user-fs-pci`` | |
17 | but should work with any virtual machine monitor (VMM) that supports | |
18 | vhost-user. See the Examples section below. | |
19 | ||
20 | This program must be run as the root user. Upon startup the program will | |
21 | switch into a new file system namespace with the shared directory tree as its | |
22 | root. This prevents "file system escapes" due to symlinks and other file | |
23 | system objects that might lead to files outside the shared directory. The | |
24 | program also sandboxes itself using seccomp(2) to prevent ptrace(2) and other | |
25 | vectors that could allow an attacker to compromise the system after gaining | |
26 | control of the virtiofsd process. | |
27 | ||
28 | Options | |
29 | ------- | |
30 | ||
31 | .. program:: virtiofsd | |
32 | ||
33 | .. option:: -h, --help | |
34 | ||
35 | Print help. | |
36 | ||
37 | .. option:: -V, --version | |
38 | ||
39 | Print version. | |
40 | ||
41 | .. option:: -d | |
42 | ||
43 | Enable debug output. | |
44 | ||
45 | .. option:: --syslog | |
46 | ||
47 | Print log messages to syslog instead of stderr. | |
48 | ||
49 | .. option:: -o OPTION | |
50 | ||
51 | * debug - | |
52 | Enable debug output. | |
53 | ||
54 | * flock|no_flock - | |
55 | Enable/disable flock. The default is ``no_flock``. | |
56 | ||
3005c099 DDAG |
57 | * modcaps=CAPLIST |
58 | Modify the list of capabilities allowed; CAPLIST is a colon separated | |
59 | list of capabilities, each preceded by either + or -, e.g. | |
60 | ''+sys_admin:-chown''. | |
61 | ||
6a7e2bbe SH |
62 | * log_level=LEVEL - |
63 | Print only log messages matching LEVEL or more severe. LEVEL is one of | |
64 | ``err``, ``warn``, ``info``, or ``debug``. The default is ``info``. | |
65 | ||
66 | * norace - | |
67 | Disable racy fallback. The default is false. | |
68 | ||
69 | * posix_lock|no_posix_lock - | |
70 | Enable/disable remote POSIX locks. The default is ``posix_lock``. | |
71 | ||
72 | * readdirplus|no_readdirplus - | |
73 | Enable/disable readdirplus. The default is ``readdirplus``. | |
74 | ||
75 | * source=PATH - | |
76 | Share host directory tree located at PATH. This option is required. | |
77 | ||
78 | * timeout=TIMEOUT - | |
79 | I/O timeout in seconds. The default depends on cache= option. | |
80 | ||
81 | * writeback|no_writeback - | |
82 | Enable/disable writeback cache. The cache alows the FUSE client to buffer | |
83 | and merge write requests. The default is ``no_writeback``. | |
84 | ||
85 | * xattr|no_xattr - | |
86 | Enable/disable extended attributes (xattr) on files and directories. The | |
87 | default is ``no_xattr``. | |
88 | ||
89 | .. option:: --socket-path=PATH | |
90 | ||
91 | Listen on vhost-user UNIX domain socket at PATH. | |
92 | ||
93 | .. option:: --fd=FDNUM | |
94 | ||
95 | Accept connections from vhost-user UNIX domain socket file descriptor FDNUM. | |
96 | The file descriptor must already be listening for connections. | |
97 | ||
98 | .. option:: --thread-pool-size=NUM | |
99 | ||
100 | Restrict the number of worker threads per request queue to NUM. The default | |
101 | is 64. | |
102 | ||
103 | .. option:: --cache=none|auto|always | |
104 | ||
105 | Select the desired trade-off between coherency and performance. ``none`` | |
106 | forbids the FUSE client from caching to achieve best coherency at the cost of | |
107 | performance. ``auto`` acts similar to NFS with a 1 second metadata cache | |
108 | timeout. ``always`` sets a long cache lifetime at the expense of coherency. | |
109 | ||
110 | Examples | |
111 | -------- | |
112 | ||
113 | Export ``/var/lib/fs/vm001/`` on vhost-user UNIX domain socket | |
114 | ``/var/run/vm001-vhost-fs.sock``: | |
115 | ||
116 | :: | |
117 | ||
118 | host# virtiofsd --socket-path=/var/run/vm001-vhost-fs.sock -o source=/var/lib/fs/vm001 | |
119 | host# qemu-system-x86_64 \ | |
120 | -chardev socket,id=char0,path=/var/run/vm001-vhost-fs.sock \ | |
121 | -device vhost-user-fs-pci,chardev=char0,tag=myfs \ | |
122 | -object memory-backend-memfd,id=mem,size=4G,share=on \ | |
123 | -numa node,memdev=mem \ | |
124 | ... | |
125 | guest# mount -t virtiofs myfs /mnt |