qemu(-kvm) monitor and serial console over sockets with minicom // blackdot.be

It’s been a while again! Today I will briefly talk about qemu(-kvm) and connecting to it using unix sockets with minicom.

Why is this useful and cool? Well you can connect to a linux vm without running a shell and still get the full console experience! (BSD’s, Solaris,… all should work)

I won’t dig deep into qemu, I will assume you are at least somewhat familiar with it.
All you need to do is add the following flags to the command you use to start your VM.

qemu-kvm <other_parameters_here> \
 -chardev socket,id=monitor,path=/srv/kvm/${VMNAME}/run/monitor.sock,server,nowait \
 -monitor chardev:monitor \
 -chardev socket,id=serial0,path=/srv/kvm/${VMNAME}/run/console.sock,server,nowait \
 -serial chardev:serial0

Basically we define 2 character devices of the type socket with ID’s monitor and serial0, we also specify where we want qemu to create the actual unix socket. In my case monitor.sock and console.sock in /srv/kvm/test/run.

You can then connect to them using minicom.

cd /srv/kvm/test/run
minicom -D unix\#console.sock

Depending on the distribution you are using you need to enable the login prompt on serial0.

Arch Linux
Ubuntu (follow only the server section)
Fedora
OmniOS

You may also wish to add the following to your kernels boot options in grub.

console=tty0 console=ttyS0,115200n8

This will make the kernel print all it’s message to tty0 (screen) and to ttyS0 (serial0), the bit behind it is the baudrate, best to leave it at the default.

You should now be able to get a console using minicom. You can also connect to monitor.sock which will give you the qemu console, you can do all kind of cool stuff there.

You can take this a step further, you could use socat to expose the socket over tcp and then create a socket on another system that connects to that port! (Note this is NOT encrypted! So passwords are at risk)

qemu host machine:

cd /srv/kvm/test/run
socat tcp-listen:666,bind=10.123.0.5,su=nobody,fork,range=10.123.0.0/16,reuseadd unix-connect:console.sock

Note: for security we bind to our LAN address only and limit the range of allowed connections.

other machine:

cd /tmp
socat unix-listen:/tmp/console.sock tcp4:10.123.0.5:666 & minicom -D unix\#/tmp/console.sock

I hope this has been useful!