qvm

#!/bin/bash

# Filename: qvm
# Autor: Michael Mair-Keimberger (m DOT mairkeimberger AT gmail DOT com)
# Date: 31.05.2020

# Copyright (C) 2020  Michael Mair-Keimberger
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

# Discription:
# qvm: script for working with kvm guests

MAX_QTAP=30
DRYRUN=false
TAP_DELETE=true
AUTOSTART_SPICY=false

[ -e ~/.config/qvm/qvm.conf ] && source ~/.config/qvm/qvm.conf

# programs / dependencies
BRIDGE="/sbin/bridge"					# sys-apps/iproute2
IP="/bin/ip"									# sys-apps/iproute2
NC="/usr/bin/nc"							# net-analyzer/openbsd-netcat
QGA="/usr/bin/qemu-ga-client"	# app-emulation/qemu[pyhton]
LSOF="/usr/bin/lsof"					# sys-process/lsof
VFSD="/usr/libexec/virtiofsd"	# app-emulation/virtiofsd
SPICY="/usr/bin/spicy"				# net-misc/spice-gtk

# log settings
NOCOLOR='\e[0m'			# no color
YELLOW='\e[1;33m'		# yellow color
LIGHTRED='\e[1;31m' # lightred color
GREEN='\e[1;32m'		# green color
loginfo() { while IFS='' read -r line; do >&2 echo -e "${GREEN} * ${NOCOLOR}${line}"; done }
loginfon() { while IFS='' read -r line; do >&2 echo -en "${GREEN} * ${NOCOLOR}${line}"; done }
logwarn() { while IFS='' read -r line; do >&2 echo -e "${YELLOW} * ${NOCOLOR} Warning: ${line}"; done }
logerr() { while IFS='' read -r line; do >&2 echo -e "${LIGHTRED} * ${NOCOLOR}${line}"; done }

# check PID_DIR and TMP_DIR
PID_DIR="/run/kvm"
if [ $(id -u) = 0 ]; then
	[ -d ${PID_DIR} ] || mkdir ${PID_DIR}
	TMP_DIR="/tmp"
else
	PID_DIR="/run/user/$(id -u)"
	if [ -n "${TMP_DIR}" ]; then
		[ -w ${TMP_DIR} ] || TMP_DIR="/run/user/$(id -u)"
	else
		TMP_DIR="/run/user/$(id -u)"
	fi
fi

# check if the qemu guest agent is available
QGA_AVAILABLE=false
if $(command -v ${QGA} > /dev/null) ; then
	QGA_AVAILABLE=true
fi
# check if spicy is available
SPICY_AVAILABLE=false
if $(command -v ${SPICY} > /dev/null) ; then
	SPICY_AVAILABLE=true
fi


_dry_run_check(){
	if ${DRYRUN}; then
		return 0
	else
		return 1
	fi
}

_vm_edit(){
	local _cmd="${1}"
	local _value="${2}"
	local _output

	_output="$(echo "${_cmd} ${_value}" | ${NC} -U -q1 ${VMSOCK})"
	# catch some errors and print them
	if $(echo ${_output}|grep -q "Migration is disabled") || $(echo ${_output}|grep -q "Error:"); then
		echo "${_output}" | head -n+3 | tail -n1 | (logerr)
	fi
}

_vm_edit_snapshot_output(){
	local _cmd="${1}"
	local _output

	_output="$(echo "${_cmd}" | ${NC} -U -q1 ${VMSOCK})"
	echo "${_output}"|tail -n+4|head -n-1
}

_check_remote_access_port(){
	# remote access checks
	local range=${1}
	local ip=${2}
	local port=${3}

	# check with netstat if a port is used
	if [ -z "${port}" ]; then
		local port_nr=0
		while $(netstat -nat | grep -E "${ip}:${range}${port_nr}[^0-9]" >/dev/null); do
			port_nr=$(expr ${port_nr} + 1)
		done
		local access_port="${range}${port_nr}"
	else
		local access_port="${port}"
	fi

	echo ${access_port}
}

_cfg_network_check(){
	# network checks/default settings
	declare -a _tmp_vm_interfaces=("${VM_NETWORK}" "${VM_NETWORK0}" "${VM_NETWORK1}" "${VM_NETWORK2}" "${VM_NETWORK3}" \
		"${VM_NETWORK4}" "${VM_NETWORK5}" "${VM_NETWORK6}" "${VM_NETWORK7}" "${VM_NETWORK8}" "${VM_NETWORK9}")
	declare -a _vm_interfaces
	local i
	for i in "${_tmp_vm_interfaces[@]}"; do
		if [ -z "${i}" ]; then
			continue
		fi
		_vm_interfaces+=("${i}")
	done

	local _net_user_set=false
	local _net_tap_set=false
	local _net_id=0
	local _random_mac=false
	local _vhost_set=""
	if ${VM_ENABLE_VHOST:-false}; then
		_vhost_set=",vhost=on"
	fi

	if [ -n "${_vm_interfaces}" ]; then
		for single_net in "${_vm_interfaces[@]}"; do
			local net_typ="$(echo ${single_net}|cut -d';' -f1)"
			local net_mac="$(echo ${single_net}|cut -sd';' -f2)"
			local net_drv="$(echo ${single_net}|cut -sd';' -f3)"
			local net_brd="$(echo ${single_net}|cut -sd';' -f4)"
			local net_qtp="$(echo ${single_net}|cut -sd';' -f5)"

			# set default network driver
			net_drv=${net_drv:-rtl8139}
			# check for mac address
			if [ -z "${net_mac}" ]; then
				local _random_mac=true
				# set random mac address
				net_mac="$(printf '56:6E:17:00:%02X:%02X\n' \
					$(($(dd if=/dev/urandom count=1 2> /dev/null | cksum | cut -d' ' -f1) % 256)) \
					$(($(dd if=/dev/urandom count=1 2> /dev/null | cksum | cut -d' ' -f1) % 256)))"
			fi

			case ${net_typ} in
				tap)
					# if a tap device is set, set BRDEV to the first bridge device to get
					# a ip for spice/vnc remote access
					if ! ${_net_tap_set}; then
						_net_tap_set=true
						BRDEV=${net_brd}
					fi
					# check bridge device
					if [ -n "${net_brd}" ]; then
						if ! [ -d /sys/class/net/${net_brd}/bridge/ ]; then
							echo "${net_brd} is not a bridge device. ${DEFAULT_MSG}" | (logerr)
							_dry_run_check || return 1
						fi
					else
						echo "No bridge device setup! ${DEFAULT_MSG}" | (logerr)
						_dry_run_check || return 1
					fi
					# check for max_vms
						if [ ${_net_id} -ge ${MAX_QTAP} ]; then
						echo "Maximum number of network connections reached. Please increase the MAX_QTAP variable." | (logerr)
						_dry_run_check || return 1
					fi
					# user defined interfaces
					if [ -n "${net_qtp}" ]; then
						# check if interface exists, other create it (NET_INT)
						if ! [ -f /sys/class/net/${net_qtp}/tun_flags ]; then
							NET_INT+=( ${net_brd},${net_qtp} )
						else
							# add the Interface net list
							if [ "$(cat /sys/class/net/${net_qtp}/operstate)" = "up" ]; then
								echo "\"${net_qtp}\" already used. ${DEFAULT_MSG}" | (logerr)
								_dry_run_check || return 1
							else
								echo "${net_qtp} " >> ${VMNET}
							fi
						fi
						if ${_random_mac}; then
							echo "MAC address \"${net_mac}\" for ${net_qtp} is random and will be lost after shutdown" | (logwarn)
						fi
						VM_NET="${VM_NET} \
							-netdev tap,id="${VMNAME}_${_net_id}",ifname=${net_qtp},script=no,downscript=no${_vhost_set} \
							-device ${net_drv},netdev="${VMNAME}_${_net_id}",mac=${net_mac}"
					# random interfaces
					else
						# get the id nummber for qtap...
						while (${BRIDGE} link | grep -Eoq qtap${_net_id}); do
							_net_id=$(expr ${_net_id} + 1)
						done
						if ${_random_mac}; then
							echo "MAC address \"${net_mac}\" for qtap${_net_id} is random and will be lost after shutdown" | (logwarn)
						fi
						VM_NET="${VM_NET} \
							-netdev tap,id="${VMNAME}_${_net_id}",ifname=qtap${_net_id},script=no,downscript=no${_vhost_set} \
							-device ${net_drv},netdev="${VMNAME}_${_net_id}",mac=${net_mac}"
						# save interfaces to create later
						NET_INT+=( ${net_brd},qtap${_net_id} )
					fi
					;;

				user)
					if (${_net_user_set}); then
						echo "Network typ user can only be used once. ${DEFAULT_MSG}" | (logerr)
						_dry_run_check || return 1
					fi
					_net_user_set=true
					if ${_random_mac}; then
						echo "MAC address \"${net_mac}\" for usernet is random and will be lost after shutdown" | (logwarn)
					fi
					VM_NET="${VM_NET} \
							-netdev user,id=${VMNAME}_${_net_id} \
							-device ${net_drv},netdev="${VMNAME}_${_net_id}",mac=${net_mac}"
					;;

				bridge)
					# if a tap device is set, set BRDEV to the first bridge device to get
					# a ip for spice/vnc remote access
					if ! ${_net_tap_set}; then
						_net_tap_set=true
						BRDEV=${net_brd}
					fi
					# check the mac address
					if ${_random_mac}; then
						echo "MAC address \"${net_mac}\" for qtap${_net_id} is random and will be lost after shutdown" | (logwarn)
					fi
					# check bridge device
					if [ -n "${net_brd}" ]; then
						if ! [ -d /sys/class/net/${net_brd}/bridge/ ]; then
							echo "${net_brd} is not a bridge device. ${DEFAULT_MSG}" | (logerr)
							_dry_run_check || return 1
						fi
					else
						echo "No bridge device setup! ${DEFAULT_MSG}" | (logerr)
						_dry_run_check || return 1
					fi
					VM_NET="${VM_NET} \
						-netdev bridge,br=${net_brd},id=${VMNAME}_${_net_id} \
						-device ${net_drv},netdev=${VMNAME}_${_net_id},mac=${net_mac}"
					;;

				*)
					echo "Unknow Network Typ. Network will be disabled" | (logwarn)
					VM_NET="${VM_NET} -net none"
					continue
					;;
			esac
			_net_id=$(expr ${_net_id} + 1)
		done
	else
		VM_NET="-net none"
	fi
}

_cfg_9p_check() {
	# 9P directory checks
	declare -a _tmp_vm_9pshare=("${VM_9P_SHARE}" "${VM_9P_SHARE0}" "${VM_9P_SHARE1}" "${VM_9P_SHARE2}" "${VM_9P_SHARE3}" \
		"${VM_9P_SHARE4}" "${VM_9P_SHARE5}" "${VM_9P_SHARE6}" "${VM_9P_SHARE7}" "${VM_9P_SHARE8}" "${VM_9P_SHARE9}")
	declare -a _vm_9pshare
	local i
	for i in "${_tmp_vm_9pshare[@]}"; do
		if [ -z "${i}" ]; then
			continue
		fi
		_vm_9pshare+=("${i}")
	done
	local _9p_id=0

	if [ -n "${_vm_9pshare}" ]; then
		for single_9p in "${_vm_9pshare[@]}"; do
			local share_name="$(echo ${single_9p}|cut -d';' -f1)"
			local share_path="$(echo ${single_9p}|cut -sd';' -f2)"
			local share_secm="$(echo ${single_9p}|cut -sd';' -f3)"
			local share_read="$(echo ${single_9p}|cut -sd';' -f4)"

			if [ -z ${share_name} ] || ! [ -e ${share_path} ]; then
				echo "No name given or Path does not exist. ${DEFAULT_MSG}" | (logerr)
				_dry_run_check || return 1
			fi
			# default security model none
			share_secm=${share_secm:-none}
			share_read=${share_read:-off}

			VM_9P="${VM_9P} \
				-fsdev local,id="${VMNAME}_9p_${_9p_id}",path="${share_path}",security_model="${share_secm}",readonly="${share_read}" \
				-device virtio-9p-pci,fsdev="${VMNAME}_9p_${_9p_id}",mount_tag="${share_name}""
			# print out 9p settings
			echo "Adding 9P mount-tag: \"${share_name}\" sharing \"${share_path}\" with security \"${share_secm}\"" | (loginfo)

			_9p_id=$(expr ${_9p_id} + 1)
		done
	fi
}

_cfg_vfsd_check() {
	# virtiofsd directory checks
	declare -a _tmp_vm_vfsdshare=("${VM_VFSD_SHARE}" "${VM_VFSD_SHARE0}" "${VM_VFSD_SHARE1}" "${VM_VFSD_SHARE2}" "${VM_VFSD_SHARE3}" \
		"${VM_VFSD_SHARE4}" "${VM_VFSD_SHARE5}" "${VM_VFSD_SHARE6}" "${VM_VFSD_SHARE7}" "${VM_VFSD_SHARE8}" "${VM_VFSD_SHARE9}")
	declare -a _vm_vfsdshare
	local i
	for i in "${_tmp_vm_vfsdshare[@]}"; do
		if [ -z "${i}" ]; then
			continue
		fi
		_vm_vfsdshare+=("${i}")
	done
	local _vfsd_id=0


	if [ -n "${_vm_vfsdshare}" ]; then
		for single_vfsd in "${_vm_vfsdshare[@]}"; do
			local share_name="$(echo ${single_vfsd}|cut -d';' -f1)"
			local share_path="$(echo ${single_vfsd}|cut -sd';' -f2)"
			local share_cache="$(echo ${single_vfsd}|cut -sd';' -f3)"

			if [ -z ${share_name} ] || ! [ -e ${share_path} ]; then
				echo "No name given or Path does not exist. ${DEFAULT_MSG}" | (logerr)
				_dry_run_check || return 1
			fi

			# default settings
			share_cache=${share_cache:-auto}

			VM_VFSD="${VM_VFSD} \
				-chardev socket,id="${VMNAME}_vfsd_${_vfsd_id}",path=${VMVFSDPID}${share_name} \
				-device vhost-user-fs-pci,queue-size=1024,chardev="${VMNAME}_vfsd_${_vfsd_id}",tag=${share_name}"

			VM_VFSD_START+=( "--socket-path=${VMVFSDPID}${share_name} --shared-dir ${share_path} --cache ${share_cache} --syslog" )

			# print out virtiofsd settings
			echo "Adding virtiofsd mount-tag: \"${share_name}\" sharing \"${share_path}\"" | (loginfo)

			_vfsd_id=$(expr ${_vfsd_id} + 1)
		done
	fi
}

_cfg_harddisk_check() {
	# image checks/default settings
	declare -a _tmp_vm_harddisk=("${VM_HARDDISK}" "${VM_HARDDISK0}" "${VM_HARDDISK1}" "${VM_HARDDISK2}" "${VM_HARDDISK3}" \
		"${VM_HARDDISK4}" "${VM_HARDDISK5}" "${VM_HARDDISK6}" "${VM_HARDDISK7}" "${VM_HARDDISK8}" "${VM_HARDDISK9}")
	declare -a _vm_harddisk
	local i
	for i in "${_tmp_vm_harddisk[@]}"; do
		if [ -z "${i}" ]; then
			continue
		fi
		_vm_harddisk+=("${i}")
	done

	if [ -n "${_vm_harddisk}" ]; then
		for single_hd in "${_vm_harddisk[@]}"; do
			local hd_path="$(echo ${single_hd}|cut -d';' -f1)"
			local hd_if="$(echo ${single_hd}|cut -sd';' -f2)"
			local hd_cache="$(echo ${single_hd}|cut -sd';' -f3)"
			local hd_aio="$(echo ${single_hd}|cut -sd';' -f4)"

			if [ -z "${hd_path}" ] || ! [ -e "${hd_path}" ]; then
				echo "${hd_path} not found. ${DEFAULT_MSG}" | (logerr)
				_dry_run_check || return 1
			fi
			# check if image is already running
			if $(${LSOF} -c qemu 2>/dev/null | grep -q ${hd_path} >/dev/null); then
				echo "\"${VMNAME}\" is already running!" | (logerr)
				_dry_run_check || return 1
			fi
			# set default settings for hd if nothing is set
			hd_cache=${hd_cache:-writethrough}
			hd_if=${hd_if:-ide}
			hd_aio=${hd_aio:-threads}
			# set image format to raw if lvm partition is used or file extensions end with "raw"
			[ -b "${hd_path}" ] && hd_path="${hd_path},format=raw"
			[ "${hd_path##*.}" = "raw" ] && hd_path="${hd_path},format=raw"

			VM_HD="${VM_HD} \
				-drive file=${hd_path},if=${hd_if},cache=${hd_cache},aio=${hd_aio}"
		done
	fi
}

_cfg_remote_access_check() {
	# get interface ip
	if ${_net_tap_set}; then
		local local_ip="$(${IP} address show ${BRDEV} \
			| grep -Eo '[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}' \
			| head -n1)"
	else
		local local_ip="0.0.0.0"
	fi

	# remote access spice
	VM_ENABLE_SPICE="$(echo ${VM_REMOTE_ACCESS_SPICE:-false}|cut -d';' -f1)"
	VM_ENABLE_VNC="$(echo ${VM_REMOTE_ACCESS_VNC:-false}|cut -d';' -f1)"

	if ${VM_ENABLE_SPICE}; then
		spice_password="$(echo ${VM_REMOTE_ACCESS_SPICE}|cut -sd';' -f2)"
		spice_ip="$(echo ${VM_REMOTE_ACCESS_SPICE}|cut -sd';' -f3)"
		[ -z "${spice_ip}" ] && spice_ip="${local_ip}"
		spice_port="$(echo ${VM_REMOTE_ACCESS_SPICE}|cut -sd';' -f4)"
		spice_port="$(_check_remote_access_port 580 "${spice_ip}" "${spice_port}")"

		echo "Spice access on ${spice_ip}:${spice_port} (Password: \"${spice_password}\")" | (loginfo)
	fi
	if ${VM_ENABLE_VNC}; then
		vnc_password="$(echo ${VM_REMOTE_ACCESS_VNC}|cut -sd';' -f2)"
		vnc_ip="$(echo ${VM_REMOTE_ACCESS_VNC}|cut -sd';' -f3)"
		[ -z "${vnc_ip}" ] && vnc_ip="${local_ip}"
		vnc_port="$(echo ${VM_REMOTE_ACCESS_VNC}|cut -sd';' -f4)"
		vnc_port="$(expr $(_check_remote_access_port 590 "${vnc_ip}" "${vnc_port}") - 5900)"

		echo " VNC access on ${vnc_ip}:$(expr ${vnc_port} + 5900) (Password: \"${vnc_password}\")" | (loginfo)
	fi

	if ! ${VM_ENABLE_SPICE} && ! ${VM_ENABLE_VNC} && [ "${VM_DISPLAY_MODE}" = "none" ] && ${VM_ENABLE_DAEMONIZE}; then
		echo "No remote access or sdl enabled. At least one of them needs to be enabled!" | (logerr)
		_dry_run_check || return 1
	fi
}

_cfg_audio_check() {
	declare -a _tmp_vm_audio=("${VM_AUDIO}" "${VM_AUDIO0}" "${VM_AUDIO1}" "${VM_AUDIO2}" "${VM_AUDIO3}" \
		"${VM_AUDIO4}" "${VM_AUDIO5}" "${VM_AUDIO6}" "${VM_AUDIO7}" "${VM_AUDIO8}" "${VM_AUDIO9}")
	declare -a _vm_audio
	local i
	for i in "${_tmp_vm_audio[@]}"; do
		if [ -z "${i}" ]; then
			continue
		fi
		_vm_audio+=("${i}")
	done

	local _audio_id=0
	if [ -n "${_vm_audio}" ]; then
		for single_audio in "${_vm_audio[@]}"; do
			local audio_dev="$(echo ${single_audio}|cut -d';' -f1)"
			local audio_hw="$(echo ${single_audio}|cut -sd';' -f2)"

			if [ -z "${audio_dev}" ]; then
				audio_dev="-audiodev sdl,id=${VMNAME}_s_${_audio_id},driver=sdl"
			else
				case ${audio_dev} in
					sdl|alsa|oss|none)
						audio_dev="-audiodev ${audio_dev},id=${VMNAME}_s_${_audio_id},driver=${audio_dev}"
						;;
					*)
						# not supported
						echo "Audiodev \"${audio_dev}\" is not supported. ${DEFAULT_MSG}" | (logerr)
						_dry_run_check || return 1
						;;
				esac
			fi
			if [ -z "${audio_hw}" ]; then
				audio_hw="-device ich9-intel-hda -device hda-output,audiodev=${VMNAME}_s_${_audio_id}"
			else
				case "${audio_hw}" in
					ich9-intel-hda)
						audio_hw="-device ${audio_hw} -device hda-output,audiodev=${VMNAME}_s_${_audio_id}"
						;;
					usb-audio)
						audio_hw="-device ${audio_hw},audiodev=${VMNAME}_s_${_audio_id},multi=on"
						;;
					*)
						audio_hw="-device ${audio_hw},audiodev=${VMNAME}_s_${_audio_id}"
						;;
				esac
			fi

			VM_SOUND="${VM_SOUND} ${audio_dev} ${audio_hw}"

			_audio_id=$(expr ${_audio_id} + 1)
		done
	fi
}

_cfgcheck(){
	# default settings
	VM_ENABLE_GL=$(echo ${VM_ENABLE_GL:-false})
	VM_DISPLAY_MODE=$(echo ${VM_DISPLAY_MODE:-none})

	declare -a _tmp_vm_dev=("${VM_DEVICES}" "${VM_DEVICES0}" "${VM_DEVICES1}" "${VM_DEVICES2}" "${VM_DEVICES3}" \
		"${VM_DEVICES4}" "${VM_DEVICES5}" "${VM_DEVICES6}" "${VM_DEVICES7}" "${VM_DEVICES8}" "${VM_DEVICES9}")
	declare -a _vm_dev
	local i
	for i in "${_tmp_vm_dev[@]}"; do
		if [ -z "${i}" ]; then
			continue
		fi
		_vm_dev+=("${i}")
	done

	# directly add all vm_devices additions to the config. Nothing to check since simply anything can be added.
	for single_dev in "${_vm_dev[@]}"; do
		VM_DEV="${VM_DEV} ${single_dev}"
	done

	if (${VM_ENABLE_SNAPSHOTMODE:-false}); then
		echo "SNAPSHOT MODE! Changes to the guest system won't be saved!" | (logwarn)
	fi

	# enable OpenGL only for the virtio display driver
	if ${VM_ENABLE_GL}; then
		if ! [ "${VM_VGA}" = "virtio" ] && ! [ "${VM_DISPLAY_MODE}" = "none" ]; then
			echo "Virtio GPU-Driver and SDL/GTK must be enabled for OpenGL" | (logwarn)
			VM_ENABLE_GL=false
		fi
	fi

	# basic tests/settings
	#
	# if script runs as root respect VM_USER setting from config file
	# otherwise use current running user
	SET_USER="true"
	if [ $(id -u) = 0 ]; then
		if [ -n "${VM_USER}" ]; then
			if ! $(getent passwd ${VM_USER} >/dev/null 2>&1); then
				echo "User \"${VM_USER}\" not found. User set to nobody" | (logwarn)
				VM_USER="nobody"
				VM_ENABLE_GL=false
				VM_DISPLAY_MODE="none"
			fi
		else
			echo "No user set. User nobody will be used" | (logwarn)
			VM_USER="nobody"
			VM_ENABLE_GL=false
			VM_DISPLAY_MODE="none"
		fi
	else
		# if run as non root, set SET_USER to false to avoid using -runas
		SET_USER="false"
	fi

	# check if SDL can be enabled (needs .Xauthority file)
	_check_xauth() {
		if [ "${VM_DISPLAY_MODE}" == "sdl" ]; then
			if ! [ -e /home/${1}/.Xauthority ]; then
				echo "No Xauthority file for user \"${1}\". Disabling SDL output. You might want to use GTK instead" | (logwarn)
				VM_ENABLE_GL=false
				VM_DISPLAY_MODE="none"
			fi
		fi
	}
	if [ $(id -u) = 0 ]; then
		_check_xauth "${VM_USER}"
	else
		_check_xauth "$(id -un)"
	fi

	# guests can't boot from other devices if vm_kernel/vm_initrd is used
	if [ -n "${VM_KERNEL}" ] && [ -n "${VM_INITRD}" ]; then
		VM_BOOT_DEV=""
	else
		VM_KERNEL=""
	fi

	# guest wont start with "host" cpu if kvm is disabled
	if [ "${VM_CPU}" = "host" ] && [ -z "${VM_ACCEL}" ]; then
		VM_ACCEL="kvm"
	fi

	# cdrom checks
	if [ -n "${VM_CDROM}" ]; then
		if ! [ -e "${VM_CDROM}" ]; then
			echo "Image dosn't exist. ${DEFAULT_MSG}" | (logerr)
			_dry_run_check || return 1
		fi
	fi

	_cfg_harddisk_check || return 1
	_cfg_network_check || return 1
	_cfg_9p_check || return 1
	_cfg_vfsd_check || return 1
	_cfg_remote_access_check || return 1
	_cfg_audio_check || return 1
}


_myconfig(){
	# basic config
	myconfig=(
		-name ${VMNAME}
		-monitor unix:${VMSOCK},server=on,wait=off
		-pidfile ${VMPID}
		-device virtio-balloon
		-m ${VM_MEMORY:-1G}
		-smp ${VM_SMP:-2}
		-machine ${VM_MACHINE:-pc}
		-k ${VM_LC:-de}
		-cpu ${VM_CPU:-host}
		-accel ${VM_ACCEL:-kvm}
	)

	# set runas user
	${SET_USER} && myconfig+=(-runas ${VM_USER})

	if [ -n "${VM_KERNEL}" ]; then
		myconfig+=(
			-kernel ${VM_KERNEL}
			-initrd ${VM_INITRD}
		)
		[ -n "${VM_APPEND}" ] && myconfig+=(-append "${VM_APPEND}")
	fi

	# enable/disable usb support
	(${VM_ENABLE_USB:-true}) && myconfig+=(-usb)
	# daemonize true/false
	(${VM_ENABLE_DAEMONIZE:-true}) && myconfig+=(-daemonize)
	# snapshotmode on/off
	(${VM_ENABLE_SNAPSHOTMODE:-false}) && myconfig+=(-snapshot)

	# spice virtual serial port (copy/paste)
	# there are two possiblities for clipboard sharing
	# qemu-vdagent and spicevmc
	# if display mode is set to gtk we choose to use qemu-vdagent for clipboard
	# sharing. this however disables it for spice connections
	if $(echo ${VM_DISPLAY_MODE}| grep -q ^gtk); then
		(${VM_ENABLE_VIRTSERIAL:-true}) && myconfig+=(
			-chardev qemu-vdagent,id=vdagent,name=vdagent,clipboard=on,mouse=off \
			-device virtio-serial,max_ports=2 \
			-device virtserialport,chardev=vdagent,name=com.redhat.spice.0
		)
	else
		(${VM_ENABLE_VIRTSERIAL:-true}) && myconfig+=(
			-chardev spicevmc,id=vdagent,name=vdagent
			-device virtio-serial
			-device virtserialport,chardev=vdagent,name=com.redhat.spice.0
		)
	fi
	# qemu guest agent (qga)
	(${VM_ENABLE_QGA:-false}) && myconfig+=(
		-device virtio-serial
		-chardev socket,id=${VMNAME}-qga,path=${VMQGASOCK},server=on,wait=off
		-device virtserialport,chardev=${VMNAME}-qga,name=org.qemu.guest_agent.0
	)
	# qemu machine protocol (qmp)
	(${VM_ENABLE_QMP:-false}) && myconfig+=(
		-chardev socket,id=${VMNAME}-qmp,path=${VMQMPSOCK},server=on,wait=off
		-mon chardev=${VMNAME}-qmp,mode=control,pretty=on
	)
	[ -n "${VM_VFSD}" ] && VM_ENABLE_VPMEM=true
	# virtio pmem device
	(${VM_ENABLE_VPMEM:-false}) && myconfig+=(
		-object memory-backend-file,id=mem1,size=${VM_MEMORY:-1G},mem-path=/dev/shm/,share=on
		-numa node,memdev=mem1
	)

	# enable pcie port
	local _pcie_ports="${VM_PCIE_PORTS:-0}"
	while [ ${_pcie_ports} -gt 0 ]; do
		myconfig+=(
			-device pcie-root-port,id=pcie-${_pcie_ports},slot=${_pcie_ports}
		)
		_pcie_ports=$(expr ${_pcie_ports} - 1)
	done

	# sdl/gtk output
	if ! [ ${VM_DISPLAY_MODE} = "none" ]; then
		case ${VM_DISPLAY_MODE} in
			gtk*|sdl*)
				if (${VM_ENABLE_GL}); then
					myconfig+=(-display ${VM_DISPLAY_MODE},gl=on)
				else
					myconfig+=(-display ${VM_DISPLAY_MODE})
				fi
				;;
			*)
				echo "Error: ${VM_DISPLAY_MODE} not supported" | (logerr)
				exit 1
				;;
		esac
	fi

	# enable (multiple) usb redir devices
	local _usb_redir="${VM_USB_REDIR:-0}"
	while [ ${_usb_redir} -gt 0 ]; do
		myconfig+=(
			-chardev spicevmc,name=usbredir,id=usbredirchardev_${_usb_redir}
			-device usb-redir,chardev=usbredirchardev_${_usb_redir},id=usbredirdev_${_usb_redir},debug=3
		)
		_usb_redir=$(expr ${_usb_redir} - 1)
	done

	# remote access settings
	# passwords are set after a vm started
	if ${VM_ENABLE_SPICE}; then
		if [ -z "${spice_password}" ]; then
			myconfig+=(-spice port=${spice_port},addr=${spice_ip},disable-ticketing=on)
		else
			myconfig+=(-spice port=${spice_port},addr=${spice_ip})
		fi
	fi
	if ${VM_ENABLE_VNC}; then
		if [ -n "${vnc_password}" ]; then
			myconfig+=(-vnc ${vnc_ip}:${vnc_port},password)
		else
			myconfig+=(-vnc ${vnc_ip}:${vnc_port})
		fi
	fi

	if ! ${VM_ENABLE_SPICE} && ! ${VM_ENABLE_VNC} && ! ${VM_ENABLE_DAEMONIZE}; then
		! [ ${VM_DISPLAY_MODE} = "none" ] || myconfig+=(-nographic)
	fi

	# enable/disable harddisks
	[ -z "${VM_HD}" ] || myconfig+=(${VM_HD})
	# network settings
	[ -z "${VM_NET}" ] || myconfig+=(${VM_NET})
	# 9p shares
	[ -z "${VM_9P}" ] || myconfig+=(${VM_9P})
	# virtiofsd shares
	[ -z "${VM_VFSD}" ] || myconfig+=(${VM_VFSD})
	# display settings
	[ -z "${VM_VGA}" ] || myconfig+=(-vga ${VM_VGA})
	# audio settings
	[ -z "${VM_SOUND}" ] || myconfig+=(${VM_SOUND})
	# other devices
	[ -z "${VM_DEV}" ] || myconfig+=(${VM_DEV})
	# cdrom settings
	[ -z "${VM_CDROM}" ] || myconfig+=(-cdrom ${VM_CDROM})

	if [ -n "${VM_BOOT_DEV}" ]; then
		case ${VM_BOOT_DEV} in
			floppy|a) myconfig+=(-boot a) ;;
			harddisk|c) myconfig+=(-boot c) ;;
			cdrom|d) myconfig+=(-boot d) ;;
			network|n) myconfig+=(-boot n) ;;
		esac
	fi

	# add qvm parameters (not in configfiles)
	# used to override default values whten starting vms
	[ -z "${VM_PARAMETER}" ] ||	myconfig+=(${VM_PARAMETER})
}

# check if a given vm is running and exit if not
_check_running_vm() {
	# if the executing user is not root we only see vm's of the user since the PID
	# files for system vm's are at different place and usually not readable for
	# users
	if ! [ -f "${VMPID}" ]; then
		echo "\"${VMNAME}\" not running!" | (loginfo)
		exit 1
	fi
}

# check if qemu guest agent where enabled for vm
_check_qga(){
	if $(${QGA_AVAILABLE}); then
		if [ -e "${VMQGASOCK}" ]; then
			return 0
		else
			echo "QEMU guest agent not active for ${VMNAME}" | (logwarn)
			return 1
		fi
	else
		echo "QEMU guest agent not available. Install app-emulation/qemu[python]" | (logwarn)
		return 1
	fi
}

vm_list() {
	if [ -n "${1}" ]; then
		_check_running_vm
	fi

	if [ -z "${VMNAME}" ]; then
		echo "System VMs:"
		[ -f /etc/conf.d/kvm ] && source /etc/conf.d/kvm
		[ -z "${CONF_PATH}" ] && CONF_PATH="/etc/qvm/"
		if [ -d ${CONF_PATH} ]; then
			for i in $(find ${CONF_PATH} -type f); do
				if [ -e /etc/init.d/kvm.${i##*/} ]; then
					if [ -r "/run/kvm/${i##*/}.pid" ]; then
						echo "${i##*/} (PID: $(cat /run/kvm/${i##*/}.pid))" | (loginfo)
					else
						if [ -e "/run/kvm/${i##*/}.pid" ]; then
							echo "${i##*/} (PID: -)" | (loginfo)
						else
							echo "${i##*/}" | (logerr)
						fi
					fi
				fi
			done
		fi
		if [ -n "${CFG_DIR}" ]; then
			echo "User VMs:"
			for i in $(find ${CFG_DIR} -type f); do
				if [ -e ${PID_DIR}/${i##*/}.qvm.pid ]; then
					echo "${i##*/} (PID: $(cat ${PID_DIR}/${i##*/}.qvm.pid))" | (loginfo)
				else
					echo "${i##*/}" | (logerr)
				fi
			done
		fi
	else
		if [ -e "${VMPID}" ]; then
			local _vm_pid="$(cat /${VMPID})"
			local _vm_starttime="$(ps -o "lstart=" -p ${_vm_pid})"
			local _vm_uptime="$(ps -o "etime=" -p ${_vm_pid}|tr -d '[:space:]')"
			local _vm_spice_settings="$(echo "info spice" \
				| ${NC} -U -q1 ${VMSOCK} 2>&1 \
				| grep --only-matching --perl-regex "(?<=address\:).*[0-9]" \
				| head -n1|tr -d '[:space:]')"
			# don't include the 4 in the regex so the result won't include: (ipv4)
			local	_vm_vnc_settings="$(echo "info vnc" \
				| ${NC} -U -q1 ${VMSOCK} 2>&1 \
				| grep --only-matching --perl-regex "(?<=Server\:).*[1,2,3,5,6,7,8,9,0]" \
				| head -n1|tr -d '[:space:]')"
			echo "Details of ${VMNAME}:"
			echo -e " VM started at:\t\t${_vm_starttime}"
			echo -e " Uptime:\t\t${_vm_uptime}"
			echo -e " PID:\t\t\t${_vm_pid}"
			echo -e " Spice:\t\t\t${_vm_spice_settings}"
			echo -e " VNC:\t\t\t${_vm_vnc_settings}"
			# TODO: info about networks -> echo "info network" | nc -U -q1 *.sock
		fi
	fi
}

vm_update() {
	local _setting="${1}"
	local _value="${2}"

	if [ -z "${VMNAME}" ] || [ -z "${_setting}" ] || [ -z "${_value}" ]; then
		echo "missing var: please make sure you passed [vmname] [setting] [value]. see: qvm help" | (logerr)
		exit 1
	fi

	_check_running_vm

	case ${_setting} in
		mem|memory)
			echo "Changing Memory to ${_value}MB for ${VMNAME}" | (loginfo)
			_vm_edit balloon ${_value}
			;;
		key|sendkey)
			echo "Sending key combination: ${_value}" | (loginfo)
			_vm_edit sendkey ${_value}
			;;
		vnc)
			echo "Changing VNC password to ${_value}" | (loginfo)
			_vm_edit "set_password vnc" ${_value}
			;;
		spice)
			echo "Changing SPICE password to ${_value}" | (loginfo)
			_vm_edit "set_password spice" ${_value}
			;;
	esac
}

vm_snapshot() {
	local _setting="${1}" # create | delete | list | load
	local _value="${2}" # optional

	if [ -z "${VMNAME}" ] || [ -z "${_setting}" ]; then
		echo "missing var: please make sure you passed at least [vmname] and [setting]. see: qvm help" | (logerr)
		exit 1
	fi

	_check_running_vm

	case ${_setting} in
		create)
			if [ -n "${_value}" ]; then
				echo "Creating snapshot ${_value} for ${VMNAME}" | (loginfo)
			else
				echo "Creating snapshot with default tag for ${VMNAME}" | (loginfo)
			fi
			_vm_edit savevm ${_value}
			;;
		delete)
			if [ -z "${_value}" ]; then
				echo "missing snapshot tag. see: qvm help" | (logerr)
				exit 1
			else
				echo "Deleting snapshot: ${_value}" | (loginfo)
				_vm_edit delvm ${_value}
			fi
			;;
		list)
			echo "Listing available snapshots of ${VMNAME}" | (loginfo)
			_vm_edit_snapshot_output "info snapshots"
			;;
		load)
			if [ -z "${_value}" ]; then
				echo "missing snapshot tag. see: qvm help" | (logerr)
				exit 1
			else
				echo "loading snapshot: ${_value}" | (loginfo)
				_vm_edit loadvm ${_value}
			fi
			;;
	esac
}

vm_hw(){
	local _setting="${1}" # add | remove | list
	local _type="${2}" # type network|harddisk
	local _value1="${3}" # value 1

	if [ -z "${VMNAME}" ] || [ -z "${_setting}" ]; then
		echo "missing var: please make sure you passed [vmname], [setting]. see: qvm help" | (logerr)
		exit 1
	fi

	_check_running_vm

	if ! [ -e "${VMPCIM}" ]; then
		echo "You need to enable PCIE root bus. Check config" | (logerr)
		exit 1
	else
		local _pcie_ports_count="$(tr -d -c '|\n' < "${VMPCIM}" | awk '{ print length; }')"
	fi

	case ${_setting} in
		list)
			local _id="${_pcie_ports_count}"
			while [ ${_id} -gt 0 ]; do
				if [ -n "$(cut -d'|' -f${_id} "${VMPCIM}")" ]; then
					echo "PCIE ID ${_id}: $(cut -d'|' -f${_id} "${VMPCIM}")" | (loginfo)
				fi
				_id=$(expr ${_id} - 1)
			done
			;;
		add)
			local _id="${_pcie_ports_count}"
			while [ ${_id} -gt 0 ]; do
				if [ -z "$(cut -d'|' -f${_id} "${VMPCIM}")" ]; then
					local _free_port="${_id}"
					break
				fi
				_id=$(expr ${_id} - 1)
			done
			if [ "${_id}" = "0" ]; then
				echo "Error: No free PCI ports available. Add more or remove others" | (logerr)
				exit 1
			fi
			case ${_type} in
				network)
					echo "adding additional pci network device"
					if [ -z "${_value1}" ]; then
						echo "Error: Need bridge interface" | (logerr)
						exit 1
					fi
					#value1=bridge interface
					_vm_edit netdev_add "bridge,br=${_value1},id=net${_id}"
					_vm_edit device_add "virtio-net-pci,netdev=net${_id},bus=pcie-${_id},id=net-${_id}"
					awk -v "id=${_id}" -v "var=virtio-net-pci,${_value1}" -i inplace 'BEGIN{FS=OFS="|"} {if (NR==1) {$id = var }; print}' ${VMPCIM}
					;;
				harddisk)
					echo "Adding additonal PCI harddisk (${_value1})" | (loginfo)
					local _format="${_value1##*.}"
					if [ -z ${_value1} ]; then
						echo "Error: You need to provide a harddisk file."
						exit 1
					fi
					if ! [ -f ${_value1} ]; then
						if ! [ -f ${IMG_DIR}/${_value1} ]; then
							echo "Error: ${_value1} is not a regular file" | (logerr)
							exit 1
						else
							_value1="${IMG_DIR}/${_value1}"
						fi
					fi
					#value1=file
					_vm_edit "drive_add 0" "if=none,file=${_value1},format=${_format},id=disk${_id}"
					_vm_edit device_add "virtio-blk-pci,drive=disk${_id},bus=pcie-${_id},id=disk-${_id}"
					awk -v "id=${_id}" -v "var=virtio-blk-pci,${_value1}" -i inplace 'BEGIN{FS=OFS="|"} {if (NR==1) {$id = var }; print}' ${VMPCIM}
					;;
			esac
			;;
		remove)
			local _dev="$(cut -d'|' -f${_type:0:1} ${VMPCIM} | cut -d ',' -f1)"
			if [ -z "${_dev}" ]; then
				echo "${_type}: doesn't exist: Nothing was removed" | (logwarn)
			else
				echo "Removing device ${_type}" | (loginfo)
				case ${_dev} in
					virtio-net-pci)
						_vm_edit device_del net-${_type:0:1}
						_vm_edit netdev_del net${_type:0:1}
						;;
					virtio-blk-pci)
						_vm_edit device_del disk-${_type:0:1}
						;;
				esac
			fi
			# _type is her the ID
			awk -v "id=${_type:0:1}" -i inplace 'BEGIN{FS=OFS="|"} {if (NR==1) {$id = "" }; print}' ${VMPCIM}
			;;
	esac
}

host_network(){
	local _function="${1}"
	local _name="${2}"
	local _bridge="${3}"

	case ${_function} in
		add)
			if [ -z "${_name}" ] || [ -z "${_bridge}" ]; then
				echo "missing var: please make sure you passed name and bridge. see: qvm help" | (logerr)
				exit 1
			fi
			create_network "${3},${2}"
			;;
		del)
			if [ -z "${_name}" ]; then
				echo "missing var: please make sure you passed name. see: qvm help" | (logerr)
				exit 1
			fi
			delete_network "${2}"
			;;
	esac
}

create_network() {
	local allint="${1}"
	local singleint

	if [ -z "${allint}" ]; then
		echo "Missing argument. Please make sure you passed the tap name. see: qvm help" | (logerr)
		exit 1
	fi

	read -r -d '' CREATE_TAP <<- EOM
	EOM

	for singleint in ${allint}; do
		local _type="${singleint%%,*}"
		local _name="${singleint##*,}"

		if [ -z "${_type}" ] || [ -z "${_name}" ]; then
			echo "Missing variable: please make sure you passed type,name. see: qvm help" | (logerr)
			exit 1
		fi

		echo "Creating interface \"${_name}\" on bridge \"${_type}\" ..." | (loginfo)
		read -r -d '' TAP <<- EOM
			${IP} tuntap add dev ${_name} mode tap user $(id -un)
			${IP} link set ${_name} master ${_type}
			${IP} link set dev ${_name} up promisc on
		EOM

		read -r -d '' CREATE_TAP <<- EOM
			${CREATE_TAP}
			${TAP}
		EOM

		if [ -n "${VMNAME}" ]; then
			echo "${_name} " >> ${VMNET}
		fi
	done

	# to create tap we need to run the commands as root
	if [ $(id -u) = 0 ]; then
		/bin/sh -c "${CREATE_TAP}"
	else
		if ! $(su -l root -c "${CREATE_TAP}"); then
			echo "Error creating network interfaces" | (logerr)
			exit 1
		fi
	fi
}

delete_network() {
	local allint="${1}"
	local singleint

	if [ -z "${allint}" ]; then
		echo "Missing argument. Please make sure you passed the tap name. see: qvm help" | (logerr)
		exit 1
	fi

	read -r -d '' DELETE_TAP <<- EOM
	EOM

	for singleint in ${allint}; do
		if [ -e /sys/class/net/${singleint}/tun_flags ]; then
			# remove tap interfaces
			echo "Removing \"${singleint}\" interface ..." | (loginfo)
			if [ "$(cat /sys/class/net/${singleint}/owner)" = "$(id -u)" ]; then
				${IP} tuntap del ${singleint} mode tap
			else
				# print a warning if tap devices doesn't belong to user (only for non-root
				# users)
				if ! [ $(id -u) = 0 ]; then
					echo "\"${singleint}\" belongs to user: $(cat /sys/class/net/${singleint}/owner)" | (logwarn)
				fi
				read -r -d '' TAP <<- EOM
					${IP} link set dev ${singleint} down
					${IP} link set ${singleint} nomaster
					${IP} tuntap del ${singleint} mode tap
				EOM

				read -r -d '' DELETE_TAP <<- EOM
					${DELETE_TAP}
					${TAP}
				EOM
			fi
		else
			echo "Couldn't remove \"${singleint}\". Unknown device" | (logwarn)
		fi
	done

	# to delete tap we need to run the commands as root
	if [ $(id -u) = 0 ]; then
		/bin/sh -c "${DELETE_TAP}"
	else
		if ! $(su -l root -c "${DELETE_TAP}"); then
			echo "Error deleting network interfaces" | (logerr)
			exit 1
		fi
	fi
}

vm_reboot(){
	_check_running_vm

	echo "Rebooting ${VMNAME}"
	_check_qga && ${QGA} --address=${VMQGASOCK} reboot
}

vm_reset(){
	_check_running_vm

	echo "Reseting ${VMNAME}"
	echo "system_reset" | ${NC} -U -q1 ${VMSOCK} > /dev/null 2>&1
}

vm_connect(){
	_check_running_vm

	echo "Connecting to socket ${VMSOCK}"
	echo "Use CTRL+D to detach from the socket"
	echo
	${NC} -U -q1 ${VMSOCK}
}

vm_freeze_thaw(){
	_check_running_vm

	if _check_qga; then
		local freeze_status="$(${QGA} --address=${VMQGASOCK} fsfreeze status)"
		if [ "${freeze_status}" = "thawed" ]; then
			echo "Freezing the filesystem"
			${QGA} --address=${VMQGASOCK} fsfreeze freeze
		elif [ "${freeze_status}" = "frozen" ]; then
			echo "Thawing the filesystem"
			${QGA} --address=${VMQGASOCK} fsfreeze thaw
		else
			echo "Error thawing/freezeing filesystem"
		fi
	fi
}

vm_pause(){
	_check_running_vm

	local vm_status="$(echo "info status" | ${NC} -U -q1 ${VMSOCK})"
	vm_status="$(echo "${vm_status}"|tail -n+3|head -n-1|cut -d' ' -f3)"

	if $(echo "${vm_status}"|grep -q "running"); then
		echo "stopping emulation"
		echo "s" | ${NC} -U -q1 ${VMSOCK} > /dev/null 2>&1
	elif $(echo "${vm_status}"|grep -q "paused"); then
		echo "resume emulation"
		echo "c" | ${NC} -U -q1 ${VMSOCK} > /dev/null 2>&1
	else
		echo "Unknow system status: ${vm_status}" | (logwarn)
	fi
}

vm_start(){
	local start_parameter="${1}"

	# find out which file to source
	local vm_config_file="${VMNAME}"
	if ! [ -f "${vm_config_file}" ]; then
		[ -z "${CONF_PATH}" ] && CONF_PATH="/etc/qvm/"
		[ -z "${CFG_DIR}" ] && CFG_DIR="${CONF_PATH}"
		if [ -f "${CFG_DIR}${vm_config_file}" ]; then
			vm_config_file="${CFG_DIR}${vm_config_file}"
		else
			echo "Config file \"${CFG_DIR}${vm_config_file}\" not found." | (logerr)
			exit 1
		fi
	fi

	# Start the Virtual Machine
	echo "Starting ${VMNAME} ..." | (loginfo)

	# source the config file of the given vm
	source ${vm_config_file}
	# default message
	DEFAULT_MSG="Please check your config (${vm_config_file})"

	# override some vm start parameters
	if [ -n "${start_parameter}" ]; then
		case "${start_parameter}" in
			readonly)
				echo "starting in snapshot mode" | (logwarn)
				VM_ENABLE_SNAPSHOTMODE=true
				;;
			pxeboot)
				echo "enabling pxeboot" | (logwarn)
				VM_KERNEL=""
				VM_INITRD=""
				VM_BOOT_DEV="network"
				;;
			fullscreen)
				echo "starting vm in fullscreen" | (logwarn)
				VM_PARAMETER="-full-screen"
				;;
			nodisplay)
				echo "disable display output" | (logwarn)
				VM_DISPLAY_MODE=""
				;;
			dryrun)
				DRYRUN=true
				echo "dryrun - only printing boot parameters:" | (logwarn)
				;;
			spicy)
				AUTOSTART_SPICY=true
				echo "auto connect to vm via spicy" | (logwarn)
				;;
			*)
				echo "Parameter: ${start_parameter} not known" | (logerr)
				;;
		esac
	fi

	# Test if requested arch is available in qemu
	# defaulting to system arch
	[ -z "${VM_ARCH}" ] && VM_ARCH="$(uname -m)"
	if command -v qemu-system-${VM_ARCH} > /dev/null ; then
		VM_QEMU_BIN="/usr/bin/qemu-system-${VM_ARCH}"
	else
		echo "No support for ${VM_ARCH} available" | (logerr)
		_dry_run_check || return 1
	fi

	NET_INT=( )
	if _cfgcheck; then
		# create qemu config
		_myconfig

		if _dry_run_check; then
			echo "${VM_QEMU_BIN} ${myconfig[@]}"
			echo "DRYRUN! Exiting now." | (logwarn)
			exit 1
		fi

		# create virtiofsd shares
		local vfsd
		for vfsd in "${VM_VFSD_START[@]}"; do
			# run process in the background
			nohup ${VFSD} ${vfsd} >/dev/null 2>&1 &
		done

		# create empty pciemap file
		local _pcie_ports="${VM_PCIE_PORTS:-0}"
		while [ ${_pcie_ports:-0} -gt 0 ]; do
			echo -n "|" >> ${VMPCIM}
			_pcie_ports=$(expr ${_pcie_ports} - 1)
		done

		if [ -n "${NET_INT}" ]; then
			create_network "${NET_INT[@]}"
		fi

		# start the actual vm
		TMPDIR=${TMP_DIR} ${VM_QEMU_BIN} "${myconfig[@]}" >/dev/null

		# remove tap devices if the guest system couldn't be started
		if [ "$?" != "0" ]; then
			if [ -e "${VMNET}" ]; then
				echo "Failed to start ${VMNAME}, removing qtap interfaces" | (logerr)
				delete_network "$(< ${VMNET})"
			fi
			exit 1
		fi

		# set passwords for spice/vnc
		if [ -n "${spice_password}" ]; then
			_vm_edit "set_password vnc" ${vnc_password}
		fi
		if [ -n "${vnc_password}" ]; then
			_vm_edit "set_password spice" ${spice_password}
		fi

		if ${VM_ENABLE_SPICE} && ${SPICY_AVAILABLE} && ${AUTOSTART_SPICY}; then
			nohup ${SPICY} -h ${spice_ip} -p ${spice_port} &>/dev/null &disown
		fi

	fi
}

# cleanup is only required if guest was killed or it was running as root user
# usually qemu handles this by itself and would cleanup these files anyway
__vm_cleanup(){
	for f in qga.sock qmp.sock sock pid pcie.map; do
		if [ -e "${PID_DIR}/${VMNAME}.${f}" ]; then
			rm ${PID_DIR}/${VMNAME}.${f}
		fi
	done
}

# cleanup of network interfaces is always required
__vm_cleanup_net(){
	# cleanup network interfaces
	if [ -e "${VMNET}" ]; then
		if ${TAP_DELETE}; then
			delete_network "$(< ${VMNET})"
			rm ${VMNET}
		else
			rm ${VMNET}
		fi
	fi

	# remove pcie.map
	if [ -e "${VMPCIM}" ]; then
			rm ${VMPCIM}
	fi
}

vm_kill(){
	local KVM_PID="$(< ${VMPID})"
	_check_running_vm

	# check if guest PID is actually running
	if (kill -0 ${KVM_PID} >/dev/null 2>&1); then
		echo "Killing ${VMNAME}." | (logwarn)
		kill -9 ${KVM_PID} > /dev/null 2>&1
	fi

	__vm_cleanup
	__vm_cleanup_net
}

vm_stop(){
	local KVM_PID="$(< ${VMPID})"
	_check_running_vm ${VMNAME}

	# set default kill wait to 80 seconds
	[ -z "${VM_KILL_WAIT}" ] && VM_KILL_WAIT=80

	# check if guest PID is actually running
	if (kill -0 ${KVM_PID} >/dev/null 2>&1); then
		echo "Stopping ${VMNAME} ..." | (loginfo)
		# sending system_powerdown via nc (netcat)
		echo "system_powerdown" | ${NC} -U -q1 ${VMSOCK} > /dev/null 2>&1
		# waiting for system to shutdown
		echo "Waiting ${VM_KILL_WAIT} seconds for ${VMNAME} to shutdown." | (loginfon)
		local cnt=0
		while [ -n "$(ps -p ${KVM_PID} --no-heading)" ]; do
			cnt=$(expr ${cnt} + 2)
			if [ ${cnt} -gt ${VM_KILL_WAIT} ]; then
				echo
				echo "Failed to shuddown ${VMNAME}, Guest will be killed." | (logwarn)
				# kill qemu
				kill -9 ${KVM_PID} > /dev/null 2>&1
				sleep 1
				echo "Killed ${VMNAME}" | (logwarn)
				# we need to cleanup manually in case the vm got killed
				__vm_cleanup
				break
			fi
			# send system_powerdown every 10 seconds
			if [ $(( ${cnt} % 10)) = 0 ]; then
				echo "system_powerdown" | ${NC} -U -q1 ${VMSOCK} > /dev/null 2>&1
			fi
			sleep 2
			printf "."
		done
		echo
	else
		echo "Couldn't find the process of ${VMNAME}, guest might already down." | (logwarn)
	fi

	__vm_cleanup_net
	#VMVFSDPID
	rm -f ${PID_DIR}/${VMNAME}-vfsd*

	# for some reason when running as root qemu doesn't clean up pid/sock files
	# after we stopped a vm. So lets clean them up manually.
	[ $(id -u) = 0 ] && __vm_cleanup
}

usage() {
	echo -e "qvm"
	echo -e "start,stop and manipulating qemu vms"
	echo
	echo -e "guest start/stopping"
	echo -e "qvm b|k|s|r|x|f|l|c|p [vmname] boot-options"
	echo -e " b|boot\t\t\tboot virtual machine config file"
	echo -e " k|kill\t\t\tkill virtual machine PID"
	echo -e " s|stop\t\t\tstop virtual machine"
	echo -e " x|reset\t\treset virtual machine"
	echo -e " r|reboot\t\trestart virtual machine (via qemu guest agent)"
	echo -e " f|freeze\t\tfreeze|unfreeze guest filesystem (via qemu guest agent)"
	echo -e " l|list\t\t\tlist all virtual machines|show details of [vmname]"
	echo -e " c|connect\t\tconnect to the unix socket of [vmname]"
	echo -e " p|pause\t\tpause/unpause qemu virtualization"
	echo
	echo -e "vm/guest modify"
	echo -e "qvm update [vmname] memory|sendkey|[spice|vnc] value"
	echo -e " memory 4096\t\tchange the memory of [vmname] via ballooing"
	echo -e " sendkey ctrl-alt-f1\tsend key combination to [vmname] (like ctrl-alt-f1)"
	echo -e " vnc|spice P4ssw0rd\tchange vnc or spice password of [vmname]"
	echo
	echo -e "vm/guest add/remove virtual hardware"
	echo -e "qvm hw [vmname] add|remove|list [network|harddisk] [value]"
	echo -e " add [value]\t\tadd a pci [network|harddisk] device to the guest"
	echo -e " remove [value]\t\tremove a pci device from the guest"
	echo -e " list\t\t\tlist added pci devices of the guest"
	echo
	echo -e "vm/guest snapshoting"
	echo -e "qvm snapshot [vmname] create|delete|info|load [value]"
	echo -e " create [value]\t\tcreate a new snapshot called [value(optional)]"
	echo -e " delete [value]\t\tdelete snapshot [value]"
	echo -e " snapshot list\t\tlist available snapshots"
	echo -e " load [value]\t\tload snapshot [value]"
	echo
	echo -e "host network"
	echo -e "qvm network add|del tap-name,[bridge-dev(br0)]"
	echo -e " add\t\t\tcreate a new tap device and link it to [bridge-dev]"
	echo -e " del\t\t\tremove a tap device"
}

qvm_var_setup() {
	local vm="${1}"
	# vm name
	VMNAME="${vm}"
	# vm pid
	VMPID="${PID_DIR}/${vm}.qvm.pid"
	# vm sockets
	VMSOCK="${PID_DIR}/${vm}.sock"
	VMQGASOCK="${PID_DIR}/${vm}.qga.sock"
	VMQMPSOCK="${PID_DIR}/${vm}.qmp.sock"
	# vm files
	VMNET="${PID_DIR}/${vm}.net"
	VMPCIM="${PID_DIR}/${vm}.pcie.map"
	# the final pid name contain the share name too
	VMVFSDPID="${PID_DIR}/${vm}-vfsd-"
}

# start of the script
if [ $# -lt 1 ]; then usage; exit; fi

if [ -z "${2}" ]; then
	case "${1}" in
		l|list) vm_list ;;
		h|help) usage ;;
		*) echo "Unknown command"; exit 1 ;;
	esac
else
	case "${1}" in
		b|boot) qvm_var_setup ${2} ; vm_start "${3}" ;;
		s|stop) qvm_var_setup ${2} ; vm_stop ;;
		k|kill) qvm_var_setup ${2} ; vm_kill ;;
		r|reboot) qvm_var_setup ${2} ; vm_reboot ;;
		x|reset) qvm_var_setup ${2} ; vm_reset ;;
		f|freeze) qvm_var_setup ${2} ; vm_freeze_thaw ;;
		p|pause) qvm_var_setup ${2} ; vm_pause ;;
		u|update) qvm_var_setup ${2} ; vm_update "${3}" "${4}" ;;
		c|connect) qvm_var_setup ${2} ; vm_connect ;;
		l|list) qvm_var_setup ${2} ; vm_list ;;
		e|snapshot) qvm_var_setup ${2} ; vm_snapshot "${3}" "${4}" ;;
		h|hw) qvm_var_setup ${2} ; vm_hw "${3}" "${4}" "${5}" ;;
		# host command
		n|network) host_network "${2}" "${3}" "${4}" ;;
		*) echo "Unknown command"; exit 1 ;;
	esac
fi