strang1ato / nhi Goto Github PK

Installed from release 0.2.1, nhi fetch shows only the creation of sessions, no commands have been logged, nor the finish of sessions. Same result from within and without tmux

$ uname -a
Linux Aostro-5468 5.14.16-arch1-1 #1 SMP PREEMPT Tue, 02 Nov 2021 22:22:59 +0000 x86_64 GNU/Linux

$ zsh --version
zsh 5.8 (x86_64-pc-linux-gnu)

I am thinking about adding nhi to AUR and ubuntu ppa, initially.
However other "package manager" suggestions are appreciated.

Hi,
This appears to be a fantastic utility.

However, following the readme, I installed nhi on ArchLinux, but it does not seem to work correctly, as the echo nhi test failed (no output).

Also, nih.bash seems to conflict with the merged_history.bash script published in http://ptspts.blogspot.com/2011/03/how-to-automatically-synchronize-shell.html to get a persistent command history, which does not work anymore if nhi.bash is sourced in .bashrc.

when i run
nhi fetch {-1}
i get
no such shell session: 0
source /etc/nhi/nhi.bash exists in ~/.bashrc , i am running everything as root
what could be wrong? Also where is the history of commands stored?
no log file in /tmp

I'm running ZSH on Arch, I've installed nhi but I have errors in the logs.

2024-07-03 16:22:13 | process_vm_readv failed at get_shell_environ
2024-07-03 16:22:13 | no such table: 0
2024-07-03 16:22:18 | process_vm_readv failed at get_shell_environ
2024-07-03 16:22:18 | no such table: 0
2024-07-03 16:22:24 | process_vm_readv failed at get_shell_environ
2024-07-03 16:22:24 | no such table: 0
2024-07-03 16:22:50 | process_vm_readv failed at get_shell_environ
2024-07-03 16:22:50 | no such table: 0
2024-07-03 16:22:52 | process_vm_readv failed at get_shell_environ
2024-07-03 16:22:52 | no such table: 0

1. Install gave me this output :

   $ sudo -E bash ./install
   wal

   I don't know why it spit this "wal" string.

2. Here is the result of getent group tty : tty:x:5:

I've looked into the get_shell_environ code, and these 2 function do not return anything :

objdump -T $(which bash) | awk -v sym=environ ' $NF == sym && $4 == ".bss"  { print $1; exit }'
objdump -T $(which zsh) | awk -v sym=environ ' $NF == sym && $4 ==".bss"  { print $1; exit }'

Digging deeper, there is indeed no match :

$ objdump -T $(which bash) | grep environ
0000000000000000      DO *UND*  0000000000000000 (GLIBC_2.2.5) environ
0000000000000000      DO *UND*  0000000000000000 (GLIBC_2.2.5) __environ
000000000010ff40 g    DO .bss   0000000000000008  Base        shell_environment
000000000010fe2c g    DO .bss   0000000000000004  Base        subshell_environment
0000000000111660 g    DO .bss   0000000000000004  Base        assigning_in_environment
$ objdump -T $(which zsh) | grep environ
0000000000000000      DO *UND*  0000000000000000 (GLIBC_2.2.5) environ
0000000000000000      DO *UND*  0000000000000000 (GLIBC_2.2.5) __environ

How can I solve this ?

Thanks :)

nhi currently doesnt save output of all shell builtins

nhi currently supports only systemd

Hello,

Thank you, this project is really cool!

However, my commands are not logged after running commands such as vim:

vagrant@bullseye:~$ nhi fetch {-1}
vagrant@bullseye:~$ echo test
test
vagrant@bullseye:~$ vim
vagrant@bullseye:~$ echo test
(nothing here)

This issue seems to come from here:

Looking in the database (at /var/nhi/db), I can see:

echo test
b'\xfftest\n'
vim
b'\xff\x1b[?1000h\xff\x1b[34h\x1b[?25h\x00\x00\x00\x00\x00\x00\x00\x00'
echo test
b''

The last 8 bytes are set to \x00 which should mean that omit_write is set to zero, but I do not understand why it still refuses to log the next commands.

On another note, it would be nice to remove the null bytes and the rest of what was logged (\x1b[?1000h\xff\x1b[34h\x1b[?25h), it messes up my terminal after executing nhi fetch (which makes me have to execute reset to clean my terminal).

I am starting to moving from ptrace to BPF

BPF will take over nhi

Not really an issue (probably because I haven't used nhi that much), but I saw this in the kernel messages:

[  +0.000004] nhid[3381461]: segfault at 0 ip 00007fed21d1f515 sp 00007ffd5ca83e38 error 4 in libc-2.33.so[7fed21be5000+14b000]
[  +0.000010] Code: 00 00 0f 1f 00 31 c0 c5 f8 77 c3 66 2e 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 89 f9 48 89 fa c5 f9 ef c0 83 e1 3f 83 f9 20 77 2b <c5> fd 74 0f c5 fd d7 c1 85 c0 0f 85 eb 00 00 00 48 83 c7 20 83 e1

I don't know why there isn't a coredump generated, but it happens inside tmux and with my .zshrc (haven't tested other conditions yet). Again, not a urgent problem for me, just something for you to look into

tracepoints are faster and are not prone to internal kernel changes

eBPF 1.0 : Support for legacy BPF map definitions in SEC("maps") was completely dropped.

so, i cant try nhi on my ArchLinux :
journalctl -u nhid.service

nhid[4612]: libbpf: elf: legacy map definitions in 'maps' section are not supported by libbpf v1.0+

BPF spin locks don't support tracing programs, although according to manual this may change in the future.

EDIT:
BPF maps are RCU protected so calls are mostly safe

Bug is caused by e73040d commit

Tip: Bash outputs error via child processes that don't run execve()

On Ubuntu, while using nhi after following the install procedures outlined in the README.md, I noticed that my system-wide /etc/bash.bashrc was not getting sourced into my interactive shells (it still worked with login shells as /etc/profile loads the /etc/bash.bashrc). After digging into the issue, it seems like the issue starts after reinstalling the bash package from ppa:strang1ato/default-bash-and-zsh. After some Googling it looks like the issue might be due to a missing option (-DSYS_BASHRC) when bash is being compiled.

Simplified steps to reproduce on a clean Ubuntu 22.04 instance...

# ssh to the instance

sudo apt update
sudo apt upgrade
sudo bash -c 'echo "echo \"Hit: /etc/bash.bashrc\"" >> /etc/bash.bashrc'
echo "echo \"Hit: ~/.bashrc\"" >> ~/.bashrc

# exit and ssh back in to the instance, note you get two echos

bash

# note you get two echos

# next we will exit the interactive shell and go back to the login shell from ssh
exit

sudo apt remove zsh-common
sudo add-apt-repository ppa:strang1ato/default-bash-and-zsh
sudo apt update
sudo apt install --reinstall bash

# exit and ssh back in to the instance, note you get two echos

bash

# note you only get one echo

Thank you for this project and work!

After following the install steps for other distributions I did run the tests commands to know if everything was good and got the following message after running nhi fetch;

$ nhi fetch {-1}
no such shell session: 0

Im using Debian bullseye and bash