A small utility for tracing execve{,at}.

Levi Zim

Last update: Oct 28, 2023

Overview

tracexec

A small utility for tracing execve{,at}.

Status:

Proof of concept.
Experimental quality.
Not ready for production use.
Performance is not a focus right now.

Showcases

Default mode

By default, tracexec will print filename, argv and the diff of the environment variables.

example: tracexec log -- bash (In an interactive bash shell)

Reconstruct the command line with `--show-cmdline`

$ tracexec log --show-cmdline -- <command>
# example:
$ tracexec log --show-cmdline -- firefox

Show the interpreter indicated by shebang with `--show-interpreter`

And show the cwd with --show-cwd.

$ tracexec log --show-interpreter --show-cwd -- <command>
# example: Running Arch Linux makepkg
$ tracexec log --show-interpreter --show-cwd -- makepkg -f

Installation

From source

Via cargo:

cargo install tracexec

You can also install tracexec from AUR.

Binary

You can download the binary from the release page

You can also install tracexec-bin from AUR.

Usage

Run tracexec in logging mode

Usage: tracexec log [OPTIONS] -- <CMD>...

Arguments:
  <CMD>...  command to be executed

Options:
      --successful-only   Only show successful calls
      --show-cmdline      Print commandline that reproduces what was executed. Note that when filename and argv[0] differs, it probably won't give you the correct commandline for now. Implies --successful-only
      --show-interpreter  Try to show script interpreter indicated by shebang
      --more-colors       More colors
      --less-colors       Less colors
      --show-children     Print a message when a child is created
      --diff-env          Diff environment variables with the original environment
      --no-diff-env       Do not diff environment variables
      --show-env          Show environment variables
      --no-show-env       Do not trace environment variables
      --show-comm         Show comm
      --no-show-comm      Do not show comm
      --show-argv         Show argv
      --no-show-argv      Do not show argv
      --show-filename     Show filename
      --no-show-filename  Do not show filename
      --show-cwd          Show cwd
      --no-show-cwd       Do not show cwd
      --decode-errno      Decode errno values
      --no-decode-errno   
  -o, --output <OUTPUT>   Output, stderr by default. A single hyphen '-' represents stdout.
  -h, --help              Print help

The recommended way to use tracexec is to create an alias with your favorite options in your bashrc:

alias tracex='tracexec log --show-cmdline --show-interpreter --show-children --show-filename --'
# Now you can use
tracex <command>

Known issues

Non UTF-8 strings are converted to UTF-8 in a lossy way, which means that the output may be inaccurate.
The output is not stable yet, which means that the output may change in the future.
No tests yet.

Origin

This project was born out of the need to trace the execution of programs.

Initially I simply use strace -Y -f -qqq -s99999 -e trace=execve,execveat <command>.

But the output is still too verbose so that's why I created this project.

Credits

This project takes inspiration from strace and lurk.

Command line utility for controlling LIFX smart lights

lifxc is a command line utility for controlling LIFX smart lights. Currently, communication over the LIFX LAN protocol is supported.

1 Nov 17, 2021

Kit-kat clock utility rewritten in Rust using minifb

kitkat clock in Rust This is the plan9 cat clock utility rewritten in rust with minifb crate. $ kitkat --help Usage: kitkat [--hook|--crazy|--offset O

18 Oct 19, 2022

Gecko's trusty package manager and command-line utility.

Geckos have super-powers, ya'know? Grip is Gecko's trusty package manager and command-line utility. USAGE: grip [FLAGS] [file] [SUBCOMMAND] FLAGS

2 Jan 3, 2022

A simplified recreation of the command-line utility grep written in Rust.

smolgrep A simplified recreation of the command-line utility grep written in Rust. Download and run Download Rust On Mac/Linux Open a terminal and ent

0 Dec 27, 2021

A utility for managing cargo dependencies from the command line.

cargo edit This tool extends Cargo to allow you to add, remove, and upgrade dependencies by modifying your Cargo.toml file from the command line. Curr

2.7k Jan 6, 2023

A command line utility to easily make dank memes

meme-cli A command line utility to easily make dank memes. Yes, really. Installation cargo install meme-cli Alternatively, install from source using g

196 Dec 26, 2022

Utility library for some Lenovo IdeaPad laptops. Supports IdeaPad Intel and AMD Models (15IIL05 and 15ARE05)

ideapad A Rust utility library for some Lenovo IdeaPad specific functionality. A Fair Warning This crate calls raw ACPI methods, which on the best cas

2 Aug 31, 2022

🧠 A command-line utility for switching git branches more easily. Switch branches interactively or use a fuzzy search to find that long-forgotten branch name.

git-smart-checkout A git command extension for switching git branches more efficiently. About Interactively switch branches or fuzzy search for that f

51 Dec 29, 2022

Command line utility to remove duplicates from the given input.

Command line utility to remove duplicates from the given input. Note that huniq does not sort the input, it just removes duplicates.

189 Dec 27, 2022

Comments

Configure Mend Bolt for GitHub

Welcome to Mend Bolt for GitHub (formerly WhiteSource). This is an onboarding PR to help you understand and configure settings before Mend starts scanning your repository for security vulnerabilities.

:vertical_traffic_light: Mend Bolt for GitHub will start scanning your repository only once you merge this Pull Request. To disable Mend Bolt for GitHub, simply close this Pull Request.

What to Expect

This PR contains a '.whitesource' configuration file which can be customized to your needs. If no changes were applied to this file, Mend Bolt for GitHub will use the default configuration.

Before merging this PR, Make sure the Issues tab is enabled. Once you merge this PR, Mend Bolt for GitHub will scan your repository and create a GitHub Issue for every vulnerability detected in your repository.

If you do not want a GitHub Issue to be created for each detected vulnerability, you can edit the '.whitesource' file and set the 'minSeverityLevel' parameter to 'NONE'.

:question: Got questions? Check out Mend Bolt for GitHub docs. If you need any further assistance then you can also request help here.

opened by mend-bolt-for-github[bot] 0

Releases(v0.0.3)

v0.0.3(Nov 5, 2023)
tracexec v0.0.3 released!

Changes since v0.0.2:

Fix hangs in some cases because SIGCHILD is not delivered to tracee.

Source code(tar.gz)
Source code(zip)
tracexec-aarch64-unknown-linux-gnu.tar.gz(1.00 MB)
tracexec-riscv64gc-unknown-linux-gnu.tar.gz(2.20 MB)
tracexec-x86_64-unknown-linux-gnu.tar.gz(1.10 MB)
v0.0.2(Oct 27, 2023)
tracexec v0.0.2 released!

Changes since v0.0.1:

Add riscv64 support

Fix a bug that a equal sign incorrectly got printed in the printed cmdline when an env var got deleted.

Change description.

Source code(tar.gz)
Source code(zip)
tracexec-aarch64-unknown-linux-gnu.tar.gz(1.00 MB)
tracexec-riscv64gc-unknown-linux-gnu.tar.gz(2.20 MB)
tracexec-x86_64-unknown-linux-gnu.tar.gz(1.10 MB)
v0.0.2-rc.1(Oct 27, 2023)
tracexec v0.0.2 released!

Changes since v0.0.1:

Add riscv64 support

Fix a bug that a equal sign incorrectly got printed in the printed cmdline

Source code(tar.gz)
Source code(zip)
tracexec-aarch64-unknown-linux-gnu.tar.gz(1.00 MB)
tracexec-riscv64gc-unknown-linux-gnu.tar.gz(2.20 MB)
tracexec-x86_64-unknown-linux-gnu.tar.gz(1.10 MB)
v0.0.1(Oct 27, 2023)
tracexec v0.0.1 released!

Changes since v0.0.0-experimental.7:

feat: --output, stderr by default

feat: set foreground process group

feat: use exit code from root child

cli: allow show-filename to be used with show-cmdline

cli: rename some options

docs: update README

Source code(tar.gz)
Source code(zip)
tracexec-aarch64-unknown-linux-gnu.tar.gz(1.00 MB)
tracexec-x86_64-unknown-linux-gnu.tar.gz(1.10 MB)
v0.0.0-experimental.7(Oct 26, 2023)
Fix github release workflow

cli: add author, version, about and more help

Source code(tar.gz)
Source code(zip)
tracexec-aarch64-unknown-linux-gnu.tar.gz(1023.86 KB)
tracexec-x86_64-unknown-linux-gnu.tar.gz(1.09 MB)
v0.0.0-experimental.6(Oct 26, 2023)
Internal refactor and bug fixes

feat(cli): add color level option

--print-cmdline: show cmdline hint

more colors

deps: update shell-quote to 0.3.2, which makes the output of --print-cmdline more aesthetically pleasing.

feat: --print-children for a message when a child is created

docs: update README.

Github: add release workflow

Source code(tar.gz)
Source code(zip)

Owner

Levi Zim

Intentionally left blank.

GitHub

A small command-line utility for encoding and decoding bech32 strings

A small command-line utility for encoding and decoding bech32 strings.

5 Dec 26, 2022

Cornucopia is a small CLI utility resting on tokio-postgres and designed to facilitate PostgreSQL workflows in Rust

Cornucopia Generate type checked Rust from your SQL Install | Example Cornucopia is a small CLI utility resting on tokio-postgres and designed to faci

1 Dec 20, 2022

A lightweight command line utility with some small functions for CTFs.

Ice Ice is a lightweight command line utility to help with simple problems encountered while playing CTFs. Extracted from graveyard NOTE: Most of the

12 Dec 19, 2022

Tracing layer that automatically creates and manages progress bars for active spans.

tracing-indicatif A tracing layer that automatically creates and manages indicatif progress bars for active spans. Progress bars are a great way to ma

95 Feb 22, 2023

A CLI utility to secretly copy secrets to your clipboard. 🦀

seclip ?? ?? A CLI utility to secretly copy secrets to your clipboard. ?? Table of Contents Features Installation Usage Build From Source Contribution

34 Dec 27, 2022

mdBook is a utility to create modern online books from Markdown files.

Create book from markdown files. Like Gitbook but implemented in Rust

11.6k Jan 4, 2023

A CLI utility installed as "ansi" to quickly get ANSI escape sequences. Supports the most basic ones, like colors and styles as bold or italic.

'ansi' - a CLI utility to quickly get ANSI escape codes This Rust project called ansi-escape-sequences-cli provides an executable called ansi which ca

5 Jul 28, 2022

A small utility for tracing execve{,at}.

Related tags

Overview

You might also like...

Command line utility for controlling LIFX smart lights

Kit-kat clock utility rewritten in Rust using minifb

Gecko's trusty package manager and command-line utility.

A simplified recreation of the command-line utility grep written in Rust.

A utility for managing cargo dependencies from the command line.

A command line utility to easily make dank memes

Utility library for some Lenovo IdeaPad laptops. Supports IdeaPad Intel and AMD Models (15IIL05 and 15ARE05)

🧠 A command-line utility for switching git branches more easily. Switch branches interactively or use a fuzzy search to find that long-forgotten branch name.

Command line utility to remove duplicates from the given input.

Comments

What to Expect

Releases(v0.0.3)

v0.0.3(Nov 5, 2023)

v0.0.2(Oct 27, 2023)

v0.0.2-rc.1(Oct 27, 2023)

v0.0.1(Oct 27, 2023)

v0.0.0-experimental.7(Oct 26, 2023)

v0.0.0-experimental.6(Oct 26, 2023)

Owner

Levi Zim

A small command-line utility for encoding and decoding bech32 strings

Cornucopia is a small CLI utility resting on tokio-postgres and designed to facilitate PostgreSQL workflows in Rust

A lightweight command line utility with some small functions for CTFs.

Tracing layer that automatically creates and manages progress bars for active spans.

A CLI utility to secretly copy secrets to your clipboard. 🦀

mdBook is a utility to create modern online books from Markdown files.

A CLI utility installed as "ansi" to quickly get ANSI escape sequences. Supports the most basic ones, like colors and styles as bold or italic.

fixred is a command line utility to fix outdated links in files with redirect URLs.

Rust command line utility to quickly display useful secrets in a Kubernetes namespace

A command-line utility that creates project structure.