:py:mod:`dissect.target.plugins.os.unix.linux.cmdline`
======================================================

.. py:module:: dissect.target.plugins.os.unix.linux.cmdline


Module Contents
---------------

Classes
~~~~~~~

.. autoapisummary::

   dissect.target.plugins.os.unix.linux.cmdline.CmdlinePlugin




Attributes
~~~~~~~~~~

.. autoapisummary::

   dissect.target.plugins.os.unix.linux.cmdline.CmdlineRecord


.. py:data:: CmdlineRecord

   

.. py:class:: CmdlinePlugin(target: dissect.target.Target)


   Bases: :py:obj:`dissect.target.plugin.Plugin`

   Base class for plugins.

   Plugins can optionally be namespaced by specifying the ``__namespace__``
   class attribute. Namespacing results in your plugin needing to be prefixed
   with this namespace when being called. For example, if your plugin has
   specified ``test`` as namespace and a function called ``example``, you must
   call your plugin with ``test.example``::

   A ``Plugin`` class has the following private class attributes:

   - ``__namespace__``
   - ``__record_descriptors__``

   With the following three being assigned in :func:`register`:

   - ``__plugin__``
   - ``__functions__``
   - ``__exports__``

   Additionally, the methods and attributes of :class:`Plugin` receive more private attributes
   by using decorators.

   The :func:`export` decorator adds the following private attributes

   - ``__exported__``
   - ``__output__``: Set with the :func:`export` decorator.
   - ``__record__``: Set with the :func:`export` decorator.

   The :func:`internal` decorator and :class:`InternalPlugin` set the ``__internal__`` attribute.
   Finally. :func:`args` decorator sets the ``__args__`` attribute.

   :param target: The :class:`~dissect.target.target.Target` object to load the plugin for.

   .. py:method:: check_compatible() -> None

      Perform a compatibility check with the target.

      This function should return ``None`` if the plugin is compatible with
      the current target (``self.target``). For example, check if a certain
      file exists.
      Otherwise it should raise an ``UnsupportedPluginError``.

      :raises UnsupportedPluginError: If the plugin could not be loaded.


   .. py:method:: cmdline() -> Iterator[CmdlineRecord]

      Return the complete command line for all processes.

      If, after an execve(2), the process modifies its argv strings, those changes will show up here. This is not the
      same thing as modifying the argv array.

      Think of this output as the command line that the process wants you to see.

      Yields CmdlineRecord with the following fields:
          hostname (string): The target hostname.
          domain (string): The target domain.
          ts (datetime): The starttime of the process.
          name (string): The name of the process.
          pid (int): The process ID of the process.
          cmdline (string): The complete commandline of the process.