SYSTEMD-VMSPAWN(1) | systemd-vmspawn | SYSTEMD-VMSPAWN(1) |
NAME
systemd-vmspawn - Spawn an OS in a virtual machine
SYNOPSIS
systemd-vmspawn [OPTIONS...] [ARGS...]
DESCRIPTION
systemd-vmspawn may be used to start a virtual machine from an OS image. In many ways it is similar to systemd-nspawn(1), but it launches a full virtual machine instead of using namespaces.
Note: on Ubuntu/Debian derivatives systemd-vmspawn requires the user to be in the "kvm" group to use the VSock options.
OPTIONS
The excess arguments are passed as extra kernel command line arguments using SMBIOS.
The following options are understood:
Image Options
-i, --image=
Added in version 255.
Host Configuration
--qemu-smp=SMP
Added in version 255.
--qemu-mem=MEM
Added in version 255.
--qemu-kvm=BOOL
Added in version 255.
--qemu-vsock=BOOL
If the option is not specified VSock support will be detected automatically. If yes is specified VSocks are always used, and vice versa if no is set VSocks are never used.
Added in version 255.
--vsock-cid=CID
If the option is not specified or an empty argument is supplied the guest will be assigned a random CID.
Valid CIDs are in the range 3 to 4294967294 (0xFFFF_FFFE). CIDs outside of this range are reserved.
Added in version 255.
--qemu-gui
Added in version 255.
--secure-boot=BOOL
If the option is not specified the first firmware which is detected will be used. If the option is set to yes then the first firmware with Secure Boot support will be selected. If no is specified then the first firmware without Secure Boot will be selected.
Added in version 255.
System Identity Options
-M, --machine=
Added in version 255.
Credentials
--load-credential=ID:PATH, --set-credential=ID:VALUE
In order to embed binary data into the credential data for --set-credential=, use C-style escaping (i.e. "\n" to embed a newline, or "\x00" to embed a NUL byte). Note that the invoking shell might already apply unescaping once, hence this might require double escaping!
Added in version 255.
Other
--no-pager
-h, --help
--version
ENVIRONMENT
$SYSTEMD_LOG_LEVEL
$SYSTEMD_LOG_COLOR
This setting is only useful when messages are written directly to the terminal, because journalctl(1) and other tools that display logs will color messages based on the log level on their own.
$SYSTEMD_LOG_TIME
This setting is only useful when messages are written directly to the terminal or a file, because journalctl(1) and other tools that display logs will attach timestamps based on the entry metadata on their own.
$SYSTEMD_LOG_LOCATION
Note that the log location is often attached as metadata to journal entries anyway. Including it directly in the message text can nevertheless be convenient when debugging programs.
$SYSTEMD_LOG_TID
Note that the this information is attached as metadata to journal entries anyway. Including it directly in the message text can nevertheless be convenient when debugging programs.
$SYSTEMD_LOG_TARGET
$SYSTEMD_LOG_RATELIMIT_KMSG
$SYSTEMD_PAGER
Note: if $SYSTEMD_PAGERSECURE is not set, $SYSTEMD_PAGER (as well as $PAGER) will be silently ignored.
$SYSTEMD_LESS
Users might want to change two options in particular:
K
If the value of $SYSTEMD_LESS does not include "K", and the pager that is invoked is less, Ctrl+C will be ignored by the executable, and needs to be handled by the pager.
X
Note that setting the regular $LESS environment variable has no effect for less invocations by systemd tools.
See less(1) for more discussion.
$SYSTEMD_LESSCHARSET
Note that setting the regular $LESSCHARSET environment variable has no effect for less invocations by systemd tools.
$SYSTEMD_PAGERSECURE
Note: when commands are invoked with elevated privileges, for example under sudo(8) or pkexec(1), care must be taken to ensure that unintended interactive features are not enabled. "Secure" mode for the pager may be enabled automatically as describe above. Setting SYSTEMD_PAGERSECURE=0 or not removing it from the inherited environment allows the user to invoke arbitrary commands. Note that if the $SYSTEMD_PAGER or $PAGER variables are to be honoured, $SYSTEMD_PAGERSECURE must be set too. It might be reasonable to completely disable the pager using --no-pager instead.
$SYSTEMD_COLORS
$SYSTEMD_URLIFY
EXAMPLES
Example 1. Run an Arch Linux VM image generated by mkosi
$ mkosi -d arch -p systemd -p linux --autologin -o image.raw -f build $ systemd-vmspawn --image=image.raw
EXIT STATUS
If an error occurred the value errno is propagated to the return code. If EXIT_STATUS is supplied by the running image that is returned. Otherwise EXIT_SUCCESS is returned.
SEE ALSO
systemd 255 |