[HN Gopher] Show HN: Nhi - capture every information about each ...
___________________________________________________________________
Show HN: Nhi - capture every information about each executed
command [video]
Author : strang1ato
Score : 30 points
Date : 2021-11-12 22:14 UTC (1 days ago)
(HTM) web link (www.youtube.com)
(TXT) w3m dump (www.youtube.com)
| tyingq wrote:
| _" Ubuntu has oddly compiled bash and zsh binaries which are
| missing some data required by nhi."_
|
| That's interesting...could you share a bit more about that?
| strang1ato wrote:
| On ubuntu's versions of bash and zsh `environ` symbol address
| is set to 0. nhi requires `environ` address to be specified,
| before program even starts (I can elaborate on that if you
| wish).
|
| On every other distro `environ` address is set (I tested it on
| debian, fedora and arch). If you build bash or zsh from source
| `environ` will be also set to non-zero value.
|
| I don't know if the symbol addresses are the only difference
| though.
| tyingq wrote:
| Oh, I guess Ubuntu ships bash and zsh stripped then. Here's a
| post on using gdb to find the environment in a stripped
| binary: https://security.stackexchange.com/questions/13194/fi
| nding-e...
|
| And this post has a diagram:
| https://shankaraman.wordpress.com/tag/finding-environment-
| va...
| strang1ato wrote:
| Thanks for the research. I will definitely check these
| links out.
| gravypod wrote:
| For big companies where you have some people maintaining a few
| cli tools, this sort of tooling is amazing. Being able to `select
| ... from executions where exit_code != 0` gives you a lot of
| freedom to find out proactively what people are having trouble
| with in your software.
|
| Thanks for building and open sourcing this!
| purplecats wrote:
| this looks and sounds both awesome and promising. can you make
| the installation simpler than manually installing and managing a
| ton of stuff, with consideration for macs.
| strang1ato wrote:
| I plan to add an option to install nhi via some package
| manager.
|
| At least for now nhi is linux only tool.
| akavel wrote:
| Having it available via Nixpkgs could be cool! :D
| strang1ato wrote:
| I agree, Nix rocks!
| strang1ato wrote:
| Hey HN! I created a tool which automatically captures every
| potentially useful information about each executed command inside
| bash/zsh, and delivers powerful querying mechanism.
|
| These features allow retrievement of commands (with outputs)
| executed in the past and whole shell sessions, as well as every
| other useful information in a convenient way.
|
| nhi github: https://github.com/strang1ato/nhi
| CGamesPlay wrote:
| It's interesting, but what's the use case? I'm concerned about
| leaking secrets, since all command output is logged, and I'm
| concerned about denial of service, since it's easy to generate
| arbitrary amounts of output which would then be persisted (and I
| assume I could run bash within bash 10 times to 10x multiply my
| log output).
| strang1ato wrote:
| > but what's the use case?
|
| I am often in a situation where bash/zsh history is not enough
| and I need to retrieve some command executed in the past with
| its output, or I need to retrieve set of commands which were
| executed in certain directory and in certain time period etc.
|
| > I'm concerned about leaking secrets, since all command output
| is logged
|
| Normally bash does not save commands which start with space, I
| plan to implement this feature to nhi as well, namely nhi will
| ignore all commands that starts with space.
|
| Thanks for the comment, I will try to address the denial of
| service issue in the future.
___________________________________________________________________
(page generated 2021-11-13 23:02 UTC)