:py:mod:`dissect.target.plugins.os.unix.linux.cmdline`
======================================================

.. py:module:: dissect.target.plugins.os.unix.linux.cmdline




Module Contents
---------------

Classes
~~~~~~~

.. autoapisummary::

   dissect.target.plugins.os.unix.linux.cmdline.CmdlinePlugin




Attributes
~~~~~~~~~~

.. autoapisummary::

   dissect.target.plugins.os.unix.linux.cmdline.CmdlineRecord


.. py:data:: CmdlineRecord

.. py:class:: CmdlinePlugin(target: dissect.target.target.Target)

   Bases: :py:obj:`dissect.target.plugin.Plugin`


   Linux volatile proc commandline plugin.


   .. py:method:: check_compatible() -> None

      Perform a compatibility check with the target.

      This function should return ``None`` if the plugin is compatible with the current target (``self.target``).
      For example, check if a certain file exists. Otherwise it should raise an
      :class:`UnsupportedPluginError`.

      :raises UnsupportedPluginError: If the plugin could not be loaded.



   .. py:method:: cmdline() -> collections.abc.Iterator[CmdlineRecord]

      Return the complete command line for all processes.

      If, after an execve(2), the process modifies its argv strings, those changes will show up here. This is not the
      same thing as modifying the argv array.

      Think of this output as the command line that the process wants you to see.

      Yields CmdlineRecord with the following fields:

      .. code-block:: text

          hostname (string): The target hostname.
          domain (string): The target domain.
          ts (datetime): The starttime of the process.
          name (string): The name of the process.
          pid (int): The process ID of the process.
          cmdline (string): The complete commandline of the process.