systemd-vmspawn — Spawn an OS in a virtual machine.
systemd-vmspawn [OPTIONS...] [ARGS...]
systemd-vmspawn may be used to start a virtual machine from an OS image. In many ways it is similar to systemd-nspawn(1), but it launches a full virtual machine instead of using namespaces.
Note: on Ubuntu/Debian derivatives systemd-vmspawn requires the user to be in the "kvm" group to use the VSock options.
The excess arguments are passed as extra kernel command line arguments using SMBIOS.
The following options are understood:
--qemu-smp=SMP¶Configures the number of CPUs to start the virtual machine with. Defaults to 1.
--qemu-mem=MEM¶Configures the amount of memory to start the virtual machine with. Defaults to 2G.
--qemu-kvm=BOOL¶Configures whether to use KVM. If the option is not specified KVM support will be detected automatically. If true, KVM is always used, and if false, KVM is never used.
--qemu-vsock=BOOL¶Configure whether to use VSock networking.
If the option is not specified VSock support will be detected automatically. If yes is specified VSocks are always used, and vice versa if no is set VSocks are never used.
--vsock-cid=CID¶Configure vmspawn to use a specific CID for the guest.
If the option is not specified or an empty argument is supplied the guest will be assigned a random CID.
Valid CIDs are in the range 3 to 4294967294 (0xFFFF_FFFE).
CIDs outside of this range are reserved.
--qemu-gui¶Start QEMU in graphical mode.
--secure-boot=BOOL¶Configure whether to search for firmware which supports Secure Boot.
If the option is not specified the first firmware which is detected will be used. If the option is set to yes then the first firmware with Secure Boot support will be selected. If no is specified then the first firmware without Secure Boot will be selected.
-M, --machine=¶Sets the machine name for this container. This name may be used to identify this container during its runtime (for example in tools like machinectl(1) and similar).
--load-credential=ID:PATH, --set-credential=ID:VALUE¶Pass a credential to the container. These two options correspond to the
LoadCredential= and SetCredential= settings in unit files. See
systemd.exec(5) for
details about these concepts, as well as the syntax of the option's arguments.
In order to embed binary data into the credential data for --set-credential=,
use C-style escaping (i.e. "\n" to embed a newline, or "\x00" to
embed a NUL byte). Note that the invoking shell might already apply unescaping
once, hence this might require double escaping!.
$SYSTEMD_LOG_LEVEL¶The maximum log level of emitted messages (messages with a higher
log level, i.e. less important ones, will be suppressed). Either one of (in order of decreasing
importance) emerg, alert, crit,
err, warning, notice,
info, debug, or an integer in the range 0…7. See
syslog(3)
for more information.
$SYSTEMD_LOG_COLOR¶A boolean. If true, messages written to the tty will be colored according to priority.
This setting is only useful when messages are written directly to the terminal, because journalctl(1) and other tools that display logs will color messages based on the log level on their own.
$SYSTEMD_LOG_TIME¶A boolean. If true, console log messages will be prefixed with a timestamp.
This setting is only useful when messages are written directly to the terminal or a file, because journalctl(1) and other tools that display logs will attach timestamps based on the entry metadata on their own.
$SYSTEMD_LOG_LOCATION¶A boolean. If true, messages will be prefixed with a filename and line number in the source code where the message originates.
Note that the log location is often attached as metadata to journal entries anyway. Including it directly in the message text can nevertheless be convenient when debugging programs.
$SYSTEMD_LOG_TID¶A boolean. If true, messages will be prefixed with the current numerical thread ID (TID).
Note that the this information is attached as metadata to journal entries anyway. Including it directly in the message text can nevertheless be convenient when debugging programs.
$SYSTEMD_LOG_TARGET¶The destination for log messages. One of
console (log to the attached tty), console-prefixed (log to
the attached tty but with prefixes encoding the log level and "facility", see syslog(3),
kmsg (log to the kernel circular log buffer), journal (log to
the journal), journal-or-kmsg (log to the journal if available, and to kmsg
otherwise), auto (determine the appropriate log target automatically, the default),
null (disable log output).
$SYSTEMD_LOG_RATELIMIT_KMSG¶ Whether to ratelimit kmsg or not. Takes a boolean.
Defaults to "true". If disabled, systemd will not ratelimit messages written to kmsg.
$SYSTEMD_PAGER¶Pager to use when --no-pager is not given; overrides
$PAGER. If neither $SYSTEMD_PAGER nor $PAGER are set, a
set of well-known pager implementations are tried in turn, including
less(1) and
more(1), until one is found. If
no pager implementation is discovered no pager is invoked. Setting this environment variable to an empty string
or the value "cat" is equivalent to passing --no-pager.
Note: if $SYSTEMD_PAGERSECURE is not set, $SYSTEMD_PAGER
(as well as $PAGER) will be silently ignored.
$SYSTEMD_LESS¶Override the options passed to less (by default
"FRSXMK").
Users might want to change two options in particular:
See less(1) for more discussion.
$SYSTEMD_LESSCHARSET¶Override the charset passed to less (by default "utf-8", if
the invoking terminal is determined to be UTF-8 compatible).
$SYSTEMD_PAGERSECURE¶Takes a boolean argument. When true, the "secure" mode of the pager is enabled; if
false, disabled. If $SYSTEMD_PAGERSECURE is not set at all, secure mode is enabled
if the effective UID is not the same as the owner of the login session, see
geteuid(2)
and sd_pid_get_owner_uid(3).
In secure mode, LESSSECURE=1 will be set when invoking the pager, and the pager shall
disable commands that open or create new files or start new subprocesses. When
$SYSTEMD_PAGERSECURE is not set at all, pagers which are not known to implement
secure mode will not be used. (Currently only
less(1)
implements secure mode.)
Note: when commands are invoked with elevated privileges, for example under sudo(8) or
pkexec(1), care
must be taken to ensure that unintended interactive features are not enabled. "Secure" mode for the
pager may be enabled automatically as describe above. Setting SYSTEMD_PAGERSECURE=0
or not removing it from the inherited environment allows the user to invoke arbitrary commands. Note
that if the $SYSTEMD_PAGER or $PAGER variables are to be
honoured, $SYSTEMD_PAGERSECURE must be set too. It might be reasonable to completely
disable the pager using --no-pager instead.
$SYSTEMD_COLORS¶Takes a boolean argument. When true, systemd and related utilities
will use colors in their output, otherwise the output will be monochrome. Additionally, the variable can
take one of the following special values: "16", "256" to restrict the use
of colors to the base 16 or 256 ANSI colors, respectively. This can be specified to override the automatic
decision based on $TERM and what the console is connected to.
$SYSTEMD_URLIFY¶The value must be a boolean. Controls whether clickable links should be generated in
the output for terminal emulators supporting this. This can be specified to override the decision that
systemd makes based on $TERM and other conditions.
Example 1. Run an Arch Linux VM image generated by mkosi
$ mkosi -d arch -p systemd -p linux --autologin -o image.raw -f build
$ systemd-vmspawn --image=image.raw
If an error occurred the value errno is propagated to the return code. If EXIT_STATUS is supplied by the running image that is returned. Otherwise EXIT_SUCCESS is returned.