pyplugins.hyper.bash_command module¶
Bash Command Plugin¶
This module provides a plugin for capturing and logging Bash command executions within the Penguin hypervisor environment. It listens for Bash command events and writes details to a CSV file for coverage or auditing purposes.
Usage¶
The plugin is typically loaded by the Penguin framework and does not require direct invocation.
Example CSV Output¶
filename,lineno,pid,command
/home/user/script.sh,12,1234,ls -l
Arguments¶
outdir: Output directory for the CSV file.verbose: If set, enables debug logging.
Classes¶
BashCommand: Main plugin class for handling Bash command events.
- class pyplugins.hyper.bash_command.BashCommand[source]¶
Bases:
PluginBashCommand is a plugin that logs Bash command executions to a CSV file.
It subscribes to the “bash_command” hypercall and writes each command’s filename, line number, process ID, and command string to a CSV file.
Arguments: - outdir (str): Output directory for the CSV file. - verbose (bool): Enables debug logging if True.
- cmd_bash_command(cmd, path, lineno, pid)[source]¶
Handle a Bash command event and log it to the CSV file.
Parameters: - cmd (str): The Bash command executed. - path (str): The file path where the command was executed. - lineno (int): The line number in the file. - pid (int): The process ID of the Bash process.
Returns: - (int, str): Tuple containing status code (0 for success) and an empty string.
- Parameters:
cmd (str)
path (str)
lineno (int)
pid (int)
- Return type:
tuple[int, str]