サイドバー
unix:sysbox
目次
sysbox
install
$ go get github.com/skx/sysbox
help
$ sysbox help
Please specify a valid subcommand, choices are:
bash-completion Generate and output a bash completion-script.
calc A simple (floating-point) calculator.
choose-file Choose a file, interactively.
choose-stdin Choose an item from STDIN, interactively
chronic Run a command quietly, if it succeeds.
collapse Remove whitespace from input.
commands Show all available sub-commands.
env-template Populate a template-file with environmental variables.
exec-stdin Execute a command for each line of STDIN.
fingerd A small finger daemon.
help Show usage information.
http-get Download and display the contents of a remote URL.
httpd A simple HTTP server.
install Create symlinks for each known binary.
ips Show IP address information.
make-password Generate a random password.
peerd Keep track of peer hosts.
run-directory Run all the executables in a directory.
splay Sleep for a random time.
ssl-expiry Report how long until an SSL certificate expires.
timeout Run a command, but terminate after the specified number of seconds.
torrent Download a torrent-file.
tree Show filesystem contents as a tree.
urls Extract URLs from text.
validate-json Validate all JSON files for syntax.
validate-yaml Validate all YAML files for syntax.
with-lock Execute a process, with a lock.
$ sysbox help calc
Synopsis:
A simple (floating-point) calculator.
Details:
This command allows you to evaluate simple mathematical operations,
with support for floating-point operations - something the standard
'expr' command does not support.
Example:
$ sysbox calc 3 + 3
$ sysbox calc '1 / 3 * 9'
Note here we can join arguments, or accept a quoted string. The arguments
must be quoted if you use '*' because otherwise the shell's globbing would
cause surprises.
Repl:
If you execute this command with no arguments you'll be dropped into a REPL
environment. This environment is almost 100% identical to the non-interactive
use, with the exception that you can define variables:
$ sysbox calc
calc> let a = 3
3
calc> a * 3
9
calc> a / 9
0.3333
Usage:
sysbox calc
$ sysbox help chronic
Synopsis:
Run a command quietly, if it succeeds.
Details:
The chronic command allows you to execute a program, and hide the output
if the command succeeds.
The ideal use-case is for wrapping cronjobs, where you don't care about the
output unless the execution fails.
Example:
Compare the output of these two commands:
$ sysbox chronic ls
$
$ sysbox chronic ls /missing/dir
ls: cannot access '/missing/file': No such file or directory
Usage:
sysbox chronic
$ sysbox help collapse
Synopsis:
Remove whitespace from input.
Details:
This command reads input and removes all leading and trailing whitespace
from it. Empty lines are also discarded.
Usage:
sysbox collapse
$ sysbox help commands
Synopsis:
Show all available sub-commands.
Usage:
sysbox commands
$ sysbox help fingerd
Synopsis:
A small finger daemon.
Details:
This command provides a simple finger server, which allows remote users
to finger your local users.
The file ~/.plan will be served to any remote clients who inspect your
users.
Examples:
$ sysbox fingerd &
$ echo "I like cakes" > ~/.plan
$ finger $USER@localhost
Security:
To allow this to be started as a non-root user you'll want to
run something like:
$ sudo setcap cap_net_bind_service=+ep /path/to/sysbox
This is better than dropping privileges and starting as root
as a result of the lack of reliability of the latter. See
https://github.com/golang/go/issues/1435 for details
The alternative would be to bind to :7979 and use iptables
to redirect access from :79 -> 127.0.0.1:7979.
Something like this for external access:
# iptables -t nat -A PREROUTING -p tcp -m tcp --dport 79 -j REDIRECT --to-ports 7979
And finally for localhost access:
# iptables -t nat -A OUTPUT -o lo -p tcp --dport 79 -j REDIRECT --to-port 7979
Usage:
sysbox fingerd [flags]
Available flags:
-port int
The port to listen upon (default 79)
$ sysbox help help
Synopsis:
Show usage information.
Usage:
sysbox help
$ sysbox help http-get
Synopsis:
Download and display the contents of a remote URL.
Details:
This command is very much curl-lite, allowing you to fetch the contents of
a remote URL, with no configuration options of any kind.
While it is unusual to find hosts without curl or wget installed it does
happen, this command will bridge the gap a little.
Examples:
$ sysbox http-get https://steve.fi/
Usage:
sysbox http-get [flags]
Available flags:
-body
Show the response body. (default true)
-headers
Show the response headers.
$ sysbox help httpd
Synopsis:
A simple HTTP server.
Details:
This command implements a simple HTTP-server, which defaults to serving
the contents found beneath the current working directory.
By default the content is served to the localhost only, but that can
be changed.
Examples:
$ sysbox httpd
2020/04/01 21:36:27 Serving upon http://127.0.0.1:3000/
$ sysbox httpd -host=0.0.0.0 -port 8080
2020/04/01 21:36:45 Serving upon http://0.0.0.0:8080/
Usage:
sysbox httpd [flags]
Available flags:
-host string
The host to bind upon (use 0.0.0.0 for remote access) (default "127.0.0.1")
-path string
The directory to use as the HTTP root directory (default ".")
-port int
The port to listen upon (default 3000)
$ sysbox help install
Synopsis:
Create symlinks for each known binary.
Details:
The sysbox-executable has support for running a variety of sub-commands,
which are specified as the first argument to the main binary (and are
then followed by command-specific options).
To save type you can also run the subcommand "foo" by creating a symlink
from the name "foo" to the sysbox executable.
Example:
sysbox install -binary=$(pwd)/sysbox -directory=/usr/local/bin
This will output the commands to create the symlinks, which you can execute
like so:
sysbox install -binary=$(pwd)/sysbox | sudo sh
Usage:
sysbox install [flags]
Available flags:
-binary string
The path to the sysbox-executable (default "sysbox")
-directory string
The directory within which to create the symlinks. (default "/usr/local/bin")
-force
Force creation?
$ sysbox help ips
Synopsis:
Show IP address information.
Details:
This command allows you to see local/global IP addresses assigned to
the current host.
By default all IP addresses will be shown, but you can disable protocols
and types of addresses you do not wish to see.
Examples:
$ sysbox ips -4=false
::1
fe80::feaa:14ff:fe32:688
fe80::78e5:95b6:1659:b407
$ sysbox ips -local=false -4=false
2a01:4f9:c010:27d8::1
Usage:
sysbox ips [flags]
Available flags:
-4 Should we show IPv4 addresses? (default true)
-6 Should we show IPv6 addresses? (default true)
-local
Should we show local addresses? (default true)
-remote
Should we show global addresses? (default true)
$ sysbox help peerd
Synopsis:
Keep track of peer hosts.
Details:
This command works as a daemon, keeping in constant contact with a set
of peers. Peers that are known and "up" are tracked and stored in the
JSON file '/var/tmp/peerd.json'.
Usage:
Launch the daemon on one host, with the public IP specified:
peerd -ip=1.2.3.4
Now launch on the a second host, giving the IP of at least one peer:
peerd -ip=11.22.33.44 1.2.3.4
Both hosts will know about the other, and will update their local state
file if the other host goes away, or new hosts join.
Firewalling:
The communication happens over port 7946.
Usage:
sysbox peerd [flags]
Available flags:
-ip string
Our public-facing IP address
$ sysbox help splay
Synopsis:
Sleep for a random time.
Details:
This command allows you to stagger execution of things via the introduction
of random delays.
The expected use-case is that you have a number of hosts which each wish
to perform a cron-job, but you don't want to overwhelm a central system
by having all those events occur at precisely the same time (which is
likely to happen if you're running with good clocks).
Give each script a random-delay via adding a call to the splay subcommand.
Usage:
sysbox splay [flags]
Available flags:
-maximum int
The maximum amount of time to sleep for (default 300)
-verbose
Should we be verbose
$ sysbox help timeout
Synopsis:
Run a command, but terminate after the specified number of seconds.
Details:
This command allows you to execute an arbitrary command, but terminate it
after the given number of seconds.
The command is launched with a PTY to allow interactive commands to work
as expected, for example
$ sysbox timeout -duration=10 top
Usage:
sysbox timeout [flags]
Available flags:
-timeout int
The number of seconds to let the command run for (default 300)
$ sysbox help torrent
Synopsis:
Download a torrent-file.
Details:
This is a simple bittorrent client, which allows downloading the torrent
files located on the command-line.
Example:
$ sysbox torrent magnet:?xt=urn:btih:ZOCMZQIPFFW7OLLMIC5HUB6BPCSDEOQU
Usage:
sysbox torrent
$ sysbox help tree
Synopsis:
Show filesystem contents as a tree.
Details:
This is a minimal reimplementation of the standard 'tree' command, it
supports showing a directory tree.
Usage:
$ sysbox tree /etc/
To show only directory entries:
$ sysbox tree -d /opt
If there were any errors encountered then the return-code will be 1, otherwise 0.
Usage:
sysbox tree [flags]
Available flags:
-a Show all files, including dotfiles.
-d Show only directories.
$ sysbox help urls
Synopsis:
Extract URLs from text.
Details:
This command extracts URLs from STDIN, or the named files, and
prints them. Only http and https URLs will be extracted, and we
operate with a regular expression so we're a little naive.
Examples:
$ echo "https://example.com/ test " | sysbox urls
$ sysbox urls ~/Org/bookmarks.org
Limitations:
Since we're doing a naive job there are limitations, the most obvious
one is that we use a simple regular expression to find URLs. I've
chosen break URLs when I hit a ')' or ']' character, which means markdown
files can be parsed neatly. This does mean it is possible valid links
will be truncated.
For example Wikipedia will contain links like this, which will be truncated
incorrectly:
http://en.wikipedia.org/...(foo)
(i.e The trailing ')' will be removed.)
Usage:
sysbox urls
example
bash-completion
$ sysbox bash-completion
_subcommands_sysbox()
{
local cur
COMPREPLY=()
# Variable to hold the current word
cur="${COMP_WORDS[COMP_CWORD]}"
# The first argument is one of the available
# sub-commands.
#
if [ $COMP_CWORD = 1 ]; then
local subs=$(sysbox commands)
COMPREPLY=($(compgen -W "${subs}" $cur))
else
# Otherwise complete from the flags available to the specified
# sub-command.
local flags="$(sysbox help ${COMP_WORDS[1]} | awk '{print $1}' | grep -- -)"
COMPREPLY=($(compgen -W "${flags}" -- "$cur"))
fi
}
complete -F _subcommands_sysbox sysbox
$ source <(sysbox bash-completion)
~/.bashrc に書いておいて自動反映するようにしておく
$ echo "source <(sysbox bash-completion)" | tee -a ~/.bashrc source <(sysbox bash-completion)
calc
$ sysbox calc 3 + 3 $ sysbox calc '1 / 3 * 9' $ sysbox calc calc> let a = 3 3 calc> a * 3 9 calc> a / 9 0.3333
choose-file
TUIでファイル絞り込みが出来る
$ sysbox choose-file ~/Pictures
$ display $(sysbox choose-file ~/Pictures)
言葉では分かりづらいので以下のcastを.
テキストエリアに入力した文字で絞り込まれ,tab でペイン移動してEnter で確定.
choose-stdin
標準入力からのデータをTUIで絞り込める. choose-file の stdin版.
chronic
正常終了時には何も表示しない.crontabなどに.
$ sysbox chronic true $ sysbox chronic false ["false"] exited with status code 1
$ sysbox chronic cat /etc/passwd $ sysbox chronic cat /etc/shadow ["cat" "/etc/shadow"] exited with status code 1 cat: /etc/shadow: Permission denied
collapse
行頭行末の空白と余計な空行を削除する.
$ echo ' hoge fuga ' | sysbox collapse | od -xc
0000000 6f68 6567 2020 7566 6167 000a
h o g e f u g a \n
0000013
$ printf "\n\n hoge \n\tfuga\t\n" | od -xc
0000000 0a0a 6820 676f 2065 090a 7566 6167 0a09
\n \n h o g e \n \t f u g a \t \n
0000020
$ printf "\n\n hoge \n\tfuga\t\n" | sysbox collapse|od -xc
0000000 6f68 6567 660a 6775 0a61
h o g e \n f u g a \n
0000012
commands
sysboxのコマンド一覧
$ sysbox commands help commands bash-completion calc choose-file choose-stdin chronic collapse env-template exec-stdin fingerd httpd http-get install ips make-password peerd run-directory splay ssl-expiry timeout torrent tree urls validate-json validate-yaml with-lock
finger
tcp:79のウェルノウンポートを利用する必要があるのでsudoで実行したり,ケーパビリティで許可を与えたり,ハイポートで実行してポート転送したりする必要がある.
ケーパビリティで1024以下のポートを利用できるようにする(でもfingerd以外にも効いてしまう)
$ sudo setcap cap_net_bind_service=+ep /path/to/sysbox
sysbox fingerd をハイポートで起動してポート転送する.
$ sudo iptables -t nat -A PREROUTING -p tcp -m tcp --dport 79 -j REDIRECT --to-ports 1079 $ sudo iptables -t nat -A OUTPUT -o lo -p tcp --dport 79 -j REDIRECT --to-port 1079 $ sysbox fingerd -port 1079 &
シンボリックリンクを貼ってそちらにケーパビリティを設定できないかと思ったけど駄目だった.
$ ln -s ~/bin/sysbox ~/sbin/fingerd $ ~/sbin/fingerd failed to bind to port 79:nlisten tcp :79: bind: permission denied $ sudo setcap cap_net_bind_service=+ep ~/sbin/fingerd Failed to set capabilities on file `/home/matoken/sbin/fingerd' (Invalid argument) The value of the capability argument is not permitted for a file. Or the file is not a regular (non-symlink) file
情報はあまりもらえない.
$ cat ~/.plan hello $ finger `whoami`@localhost hello finger -l matoken@localhost user: unknown user /W matoken $ finger -m matoken@localhost hello $ finger -p matoken@localhost hello $ finger -s matoken@localhost hello
$ finger matoken|head Login: matoken Name: KenichiroMATOHARA Directory: /home/matoken Shell: /bin/bash On since Sun May 17 12:15 (JST) on :0 from :0 (messages off) On since Sun May 17 16:05 (JST) on pts/1 from :pts/0:S.0 12 hours 46 minutes idle On since Sun May 17 15:53 (JST) on pts/2 from :pts/0:S.1 19 hours 59 minutes idle On since Sun May 17 16:21 (JST) on pts/3 from :pts/0:S.2 1 day 2 hours idle On since Sun May 17 19:24 (JST) on pts/4 from :pts/0:S.3
help
サブコマンドを指定することでサブコマンドのヘルプの確認も出来る.
$ sysbox help subcommand
http-get
httpのコンテンツを取得する
w3m -dump_source と同じ動き
$ sysbox http-get http://matoken.org/ $ sysbox http-get -body http://matoken.org/
w3m -dump_head + w3m -dump_source のような動き
$ sysbox http-get -headers http://matoken.org/
これは w3m のほうがいいかも.
httpd
httpdになる.既定値はlocalhost殻のみ接続port3000でカレントディレクトリを公開.
-host string
The host to bind upon (use 0.0.0.0 for remote access) (default "127.0.0.1")
-path string
The directory to use as the HTTP root directory (default ".")
-port int
The port to listen upon (default 3000)
install
sysbox は(buisyboxのように)サブコマンド名のシンボリックリンクを作って呼ぶことで呼べる.
installはそのシンボリックリンクを作るコマンドを表示してくれる.
$ sysbox install -binary=$HOME/go/bin/sysbox -directory=$HOME/bin ln -s /home/matoken/go/bin/sysbox /home/matoken/bin/commands ln -s /home/matoken/go/bin/sysbox /home/matoken/bin/bash-completion ln -s /home/matoken/go/bin/sysbox /home/matoken/bin/calc ln -s /home/matoken/go/bin/sysbox /home/matoken/bin/choose-file ln -s /home/matoken/go/bin/sysbox /home/matoken/bin/choose-stdin ln -s /home/matoken/go/bin/sysbox /home/matoken/bin/chronic ln -s /home/matoken/go/bin/sysbox /home/matoken/bin/collapse ln -s /home/matoken/go/bin/sysbox /home/matoken/bin/env-template ln -s /home/matoken/go/bin/sysbox /home/matoken/bin/exec-stdin ln -s /home/matoken/go/bin/sysbox /home/matoken/bin/fingerd ln -s /home/matoken/go/bin/sysbox /home/matoken/bin/httpd ln -s /home/matoken/go/bin/sysbox /home/matoken/bin/http-get ln -s /home/matoken/go/bin/sysbox /home/matoken/bin/ips ln -s /home/matoken/go/bin/sysbox /home/matoken/bin/make-password ln -s /home/matoken/go/bin/sysbox /home/matoken/bin/peerd ln -s /home/matoken/go/bin/sysbox /home/matoken/bin/run-directory ln -s /home/matoken/go/bin/sysbox /home/matoken/bin/splay ln -s /home/matoken/go/bin/sysbox /home/matoken/bin/ssl-expiry ln -s /home/matoken/go/bin/sysbox /home/matoken/bin/timeout ln -s /home/matoken/go/bin/sysbox /home/matoken/bin/torrent ln -s /home/matoken/go/bin/sysbox /home/matoken/bin/tree ln -s /home/matoken/go/bin/sysbox /home/matoken/bin/urls ln -s /home/matoken/go/bin/sysbox /home/matoken/bin/validate-json ln -s /home/matoken/go/bin/sysbox /home/matoken/bin/validate-yaml ln -s /home/matoken/go/bin/sysbox /home/matoken/bin/with-lock $ sysbox install -binary=$HOME/go/bin/sysbox -directory=$HOME/bin | sh
ips
ipアドレス情報の表示
$ sysbox ips -6=false # IPv4のみ 127.0.0.1 192.168.1.200
helpのexampleとusage
SExamples:
$ sysbox ips -4=false
::1
fe80::feaa:14ff:fe32:688
fe80::78e5:95b6:1659:b407
$ sysbox ips -local=false -4=false
2a01:4f9:c010:27d8::1
Usage:
sysbox ips [flags]
Available flags:
-4 Should we show IPv4 addresses? (default true)
-6 Should we show IPv6 addresses? (default true)
-local
Should we show local addresses? (default true)
-remote
Should we show global addresses? (default true)
make-password
ランダムパスワードジェネレーター
$ sysbox make-password
}EX[Fv1g5hD7ysw
$ sysbox make-password -digits=false
Wp*IuR~DRUB{BSC
$ sysbox make-password -specials=false
NW69uVU83RyF3YB
$ sysbox make-password -length=24
}VJN%yda/*+4)S6~k9dTVN+i
細かい制御は出来ないようなのでapgとかのほうがいいかな?
peerd
$ sysbox peerd &
$ tail -f /var/tmp/peerd.json
{"IPs":["192.168.1.200"],"Names":["t430s"],"Members":{"t430s":"192.168.1.200"}}tail: /var/tmp/peerd.json: file truncated
{"IPs":["192.168.1.200"],"Names":["t430s"],"Members":{"t430s":"192.168.1.200"}}tail: /var/tmp/peerd.json: file truncated
よくわからない
run-directory
指定ディレクトリ内の実行可能ファイルを実行するらしい.未確認.
-exit オプションで異常終了時に実行終了
Available flags:
-exit
Exit if any command terminates with a non-zero exit-code
-verbose
Be verbose.
splay
ランダムな時間遅延してから指定コマンドを実行する. 既定値では300秒のうちのランダムな時間に実行される.
実行結果の確認方法がよくわからない.
$ sysbox splay -verbose -maximum=10 sh -c "time date 2>&1 /tmp/splay-test-$$" Sleeping for for 3 seconds, from max splay-time of 10 $ ls -l /tmp/splay-test-* ls: cannot access '/tmp/splay-test-*': No such file or directory $ sysbox splay -verbose -maximum=10 cat /etc/shadow;echo $? Sleeping for for 5 seconds, from max splay-time of 10 0
ssl-expiry
ssl証明書の残り期限を確認
$ sysbox ssl-expiry https://matoken.org
https://matoken.org
2110 hours (87 days)
$ sysbox ssl-expiry wiki.matoken.org
wiki.matoken.org
1305 hours (54 days)
$ sysbox ssl-expiry kagolug.org:993
kagolug.org:993
721 hours (30 days)
こういうことやってたけど……
# 期限切れのEpochを求める CRT_EXPIRE=`date +%s --date="\`echo ''| openssl s_client -connect kagolug.org:443 2>/dev/null | openssl x509 -text | grep 'Not After : ' | cut -f 2- -d:\`"` # 残り10日以下 if [ `date +%s --date='10 days'` -gt $CRT_EXPIRE ] ; then : # 残り1月以下 elif [ `date +%s --date='1 months'` -gt $CRT_EXPIRE ] ; then :
timeout
指定時間コマンドを実行後終了する. 既定値では300病で終了する.
help では -duration でタイムアウト時間をしてすることになっているが使えない.exampleの -timeout は使える.
$ sysbox timeout -timeout=10 top;echo $? $ sysbox timeout -timeout=10 sudo dmesg -wH
torrent
bittorrent client. だけど magnet link しか対応していないよう?
$ sysbox torrent https://downloads.raspberrypi.org/rpd_x86_latest.torrent Usage: $sysbox torrent magnet:?.... $ sysbox torrent <(curl -s https://downloads.raspberrypi.org/rpd_x86_latest.torrent) Usage: $sysbox torrent magnet:?....
magnet link の作り方がわからなかったので以下のsiteで変換してもらった.
$ sysbox torrent 'magnet:?xt=urn:btih:d7b77fc3e4f0ef5558df2787611888a11158cd23&dn=2020-02-12-rpd-x86-buster.iso' downloading "2020-02-12-rpd-x86-buster.iso": 0 B/3.1 GB, 0/1492 pieces completed (0 partial) downloading "2020-02-12-rpd-x86-buster.iso": 16 kB/3.1 GB, 0/1492 pieces completed (1 partial) downloading "2020-02-12-rpd-x86-buster.iso": 49 kB/3.1 GB, 0/1492 pieces completed (1 partial) downloading "2020-02-12-rpd-x86-buster.iso": 115 kB/3.1 GB, 0/1492 pieces completed (1 partial) :
tree
treeの再実装だそう.
$ sysbox tree /etc/|wc
6142 6211 205390
$ sysbox tree -a /etc/|wc
6167 6241 206033
$ sysbox tree -d /etc/|wc
645 645 13444
urls
テキストからURLを抜き出す
$ sysbox urls <(sysbox http-get https://wiki.matoken.org/unix/sysbox)
$ w3m -dump -o display_link_number=1 https://matoken.org | grep References: -A99 | grep http | cut -d\ -f2
validate-json
カレントディレクトリか指定ディレクトリ以下のjsonファイルの構文チェックをしてくれる.
$ sysbox validate-json ~/Downloads/
validate-yaml
カレントディレクトリか指定ディレクトリ以下のyamlファイルの構文チェックをしてくれる.
$ sysbox validate-yaml -verbose
with-lock
指定したコマンドをロックファイルを利用して複数起動しないようにする.crontabでの重複移動防止などが想定されているようだが,awesome wmのauto run にも使えそう.
-prefix オプションでロックファイルの場所を /var/tmp から変更できる.
$ sysbox with-lock xclock & [1] 1344889 $ sysbox with-lock xclock Cannot lock "/var/tmp/329746a89922b68a552bd4966f34046ab554f328", reason: Locked by other process
SEE ALSO
- coreutils
- binutils
- bsdutils
- sysadmin-utils
unix/sysbox.txt · 最終更新: 2020/06/01 23:54 by matoken
特に明示されていない限り、本Wikiの内容は次のライセンスに従います: CC Attribution-Noncommercial-Share Alike 4.0 International
コメント