AMinerRemoteControl - lightweight tool for log checking, log
analysis
AMinerRemoteControl
--ControlSocket socket
[--Exec code]
[--ExecFile file]
[--Data data] [--StringResponse]
This manual page documents briefly the AMinerRemoteControl
command. The command executes arbitrary remote control commands in a running
AMiner child process. As child process is usually running with lowered
privileges or SELinux/AppArmor confinement, you may observe unexpected
results when accessing resources outside the child process, e.g. files. For
more details see also packaged documentation at
/usr/share/doc/logdata-anomaly-miner.
Example usecases:
Just a test: /usr/bin/AMinerRemoteControl --Data '["Some
text", 123]' --Exec 'remoteControlResponse="It works! Data
%s" % repr(remoteControlData)'
Query remote module configuration: /usr/bin/AMinerRemoteControl
--Exec
'remoteControlResponse=analysisContext.getRegisteredComponentIds()'
with long options starting with two dashes (`-'). A summary of
options is included below. For a complete description, see the
info(1) files.
--ControlSocket socket
Specify the Unix domain remote control socket path,
otherwise /var/run/aminer-remote.socket is used. The socket is opened by
AMiner when 'RemoteControlSocket' feature is enabled in configuration. As the
socket is of SOCK_STREAM type, it may also be forwarded via any other stream
forwarders, e.g. socat (see UNIX-CONNECT and UNIX-LISTEN) and SSH (see
LocalForward, DynamicForward). Access control is only done by file system
permissions (DAC) of the socket, so make sure not to widen the access on
error.
--Exec code
For each --Exec option, the next argument is sent in a
separate remote execution request using additional execution data (see
--Data). The code is executed in a separate separate execution namespace with
only some variables added to the local namespace, e.g. execution data is
available as 'remoteControlData'. When setting the local variable
'remoteControlResponse' within the executed code, the object is serialized
using json and sent back in the response.
--ExecFile file
For each --ExecFile option, the named file is loaded and
content submitted in the very same way as if --Exec parameter with content as
string would have been used.
--Data data
This parameter defines a json string defining Python
objects, that will be sent with all subsequent --Exec operations until changed
again using another --Data option. Take into account, that there are size
limits for the request, very large data objects may exceed those limits. The
execution context will expose the data as variable 'remoteControlData'.
--StringResponse
When set, AMinerRemoteControl will not pass the result to
repr. The returned object is just converted to a plain string via str(object)
and the result is printed to avoid escaping of quotation marks, newlines, ....
WARNING: This might be insecure: without escaping the printed data may contain
terminal control sequences to exploit vulnerabilities or misconfiguration of
your terminal to execute code with privileges of terminal or the process
calling AMinerRemoteControl (usually root).
/var/run/aminer-remote.socket
This is the default remote control socket used when not
changed using the --ControlSocket option.
Report bugs via your distribution's bug tracking system. For bugs
in the the software trunk, report via at
https://bugs.launchpad.net/logdata-anomaly-miner/+filebug.
Markus Wurzenberger
<markus.wurzenberger@ait.ac.at>
Wrote this manpage for the Debian system.
Copyright © 2016 Markus Wurzenberger
This manual page was written for the Debian system (and may be
used by others).
Permission is granted to copy, distribute and/or modify this
document under the terms of the GNU General Public License, Version 3.
On Debian systems, the complete text of the GNU General Public
License can be found in /usr/share/common-licenses/GPL.