dissect.target.plugins.os.unix.linux.cmdline
¶
Module Contents¶
Classes¶
Linux volatile proc commandline plugin. |
Attributes¶
- dissect.target.plugins.os.unix.linux.cmdline.CmdlineRecord¶
- class dissect.target.plugins.os.unix.linux.cmdline.CmdlinePlugin(target: dissect.target.Target)¶
Bases:
dissect.target.plugin.Plugin
Linux volatile proc commandline plugin.
- check_compatible() None ¶
Perform a compatibility check with the target.
This function should return
None
if the plugin is compatible with the current target (self.target
). For example, check if a certain file exists. Otherwise it should raise anUnsupportedPluginError
.- Raises:
UnsupportedPluginError – If the plugin could not be loaded.
- cmdline() Iterator[CmdlineRecord] ¶
Return the complete command line for all processes.
If, after an execve(2), the process modifies its argv strings, those changes will show up here. This is not the same thing as modifying the argv array.
Think of this output as the command line that the process wants you to see.
Yields CmdlineRecord with the following fields:
hostname (string): The target hostname. domain (string): The target domain. ts (datetime): The starttime of the process. name (string): The name of the process. pid (int): The process ID of the process. cmdline (string): The complete commandline of the process.