I have a problem.
Someone not me installed a bunch of Linux KVM Servers and didn't bother to name the VMs something sane. That someone also didn't bother to keep note of VM to canonical DNS name or even IP.
What a drag.
virsh isn't much use.
I need to access the raw disks and grep around.
Did I mention these were Linux and Windows KVM VMs? Yeah. My KVM server farm is all CentOS 6 x86_64.
Install guestfish
[root@kvmserver ~]# yum install guestfish
[root@kvmserver ~]# yum install libguestfs-winsupport
Yay.
Let's find the vms on the system.
[root@kvmserver ~]# virsh list --all
Id Name State
----------------------------------------------------
1 poc19 running <--- windows
- poc20 shut off <--- linux
Let's find the VMs disk.
[root@kvmserver ~]# virsh dumpxml poc20 | grep 'source file'
<source file='/home/vm-disk/poc20.img'/>
Let's create a place to mount the disk and where we're going to do our work:
[root@kvmserver ~]# mkdir /mnt/poc20
[root@kvmserver ~]# guestmount -a /home/vm-disk/poc20.img -i --ro /mnt/poc20/
[root@kvmserver ~]# ls /mnt/poc20/
bin boot dev etc home lib lib64 lost+found media mnt opt proc root sbin selinux srv sys tmp usr var
cat /mnt/poc20/etc/sysconfig/network
poc20
Now, let's umount the work directory. to unmount you'd figure you'd use guestumount /mountpoint
[root@kvmserver ~]# guestunmount
-bash: guestunmount: command not found
nope. bad man bad bad.
try:
[root@kvmserver ~]# fusermount -u /tmp/mount
[root@kvmserver ~]# cd /mnt/poc20/
[root@kvmserver poc20]# ls
<tumbleweeds>
Super.
For the Windows system (poc19) you may do the same disk mount procedure. And you can walk around the filesystem no problem.
And yes, you may do this on a live, running VM.
I want that hostname. And you know and I know that Windows 7 has its hostname here:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ComputerName\ComputerName
We already yum install libguestfs-winsupport
Now, get chntpw (a Linux-based Windows registry editor)
per: http://pkgs.org/download/chntpw do stuff for your distro.
[root@kvmserver ~]# cd /usr/local/src
[root@kvmserver src]# wget http://li.nux.ro/download/nux/dextop/el6/x86_64/nux-dextop-release-0-2.el6.nux.noarch.rpm
[root@kvmserver src]# rpm -Uvh nux-dextop-release*rpm
[root@kvmserver src]# yum install chntpw
Do the whole mount thing. Then run chntpw.
[root@kvmserver ~]# cd /mnt/poc19/Windows/System32/config
[root@kvmserver config]# chntpw SYSTEM
chntpw version 0.99.6 110511 , (c) Petter N Hagen
openHive(SYSTEM) failed: Read-only file system, trying read-only
Hive <SYSTEM> name (from header): <SYSTEM>
ROOT KEY at offset: 0x001020 * Subkey indexing type is: 686c <lh>
File size 10223616 [9c0000] bytes, containing 2166 pages (+ 1 headerpage)
Used for data: 150888/9612696 blocks/bytes, unused: 4820/177064 blocks/bytes.
Simple registry editor. ? for help.
> ls
Node has 8 subkeys and 0 values
key name
<ControlSet001>
<ControlSet002>
<MountedDevices>
<RNG>
<Select>
<Setup>
<Software>
<WPA>
> cd ControlSet001\Control\ComputerName\ComputerName
(...)\Control\ComputerName\ComputerName> cat ComputerName
Value <ComputerName> of type REG_SZ, data length 20 [0x14]
POC19
(...)\Control\ComputerName\ComputerName> q
Yay. We have a name.
Monday, July 6, 2015
find kvm vm system name on their raw disks
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment