概要

コマンド実行によってどうなるか事前に確認できる Python 製のツール maybe を使ってみる

コマンド実行によるファイルの作成、削除、移動、パーミッション変更等ファイル操作に関して事前に確認できるらしい

※公式サイトより

使用上の注意

That being said, maybe should ⚠️ NEVER ⚠️ be used to run untrusted code on a system you care about! A process running under maybe can still do serious damage to your system because only a handful of syscalls are blocked. Currently, maybe is best thought of as an (alpha-quality) “what exactly will this command I typed myself do?” tool.

インストール手順

pip でインストール

$ pip install maybe

※Python 2.7+/3.2+ が必要

maybe の使い方

コマンド実行前に maybe を足すだけ

$ maybe COMMAND [ARGUMENT]...

#使ってみる

$ ls
file1  file2  file3

ファイル削除

$ maybe rm -f ./*
maybe has prevented rm -f ./file1 ./file2 ./file3 from performing 3 file system operations:

  delete /home/*******/test/file1
  delete /home/*******/test/file2
  delete /home/*******/test/file3

Do you want to rerun rm -f ./file1 ./file2 ./file3 and permit these operations? [y/N] y
$

本当に実行するかどうか聞いてくる

ディレクトリ/ファイル追加

$ maybe mkdir test ;maybe touch test/file1
maybe has prevented mkdir test from performing 1 file system operations:

  create directory /home/*******/test/test

Do you want to rerun mkdir test and permit these operations? [y/N] y
maybe has prevented touch test/file1 from performing 1 file system operations:

  create file /home/*******/test/test/file1

Do you want to rerun touch test/file1 and permit these operations? [y/N] y

デーモン起動とか

$ sudo maybe /etc/init.d/docker start
Starting docker:
maybe has prevented /etc/init.d/docker start from performing 26 file system operations:

  write 33 bytes to /var/log/docker
  create file /root/nohup.out
  write 7 bytes to /var/log/docker
  write 35 bytes to /var/log/docker
  write 1 bytes to /var/log/docker
  create file /var/run/docker.pid
  write 4 bytes to /var/run/docker.pid
  write 91 bytes to /root/nohup.out
  write 1 bytes to /root/nohup.out
  write 1 bytes to /root/nohup.out
  write 1 bytes to /root/nohup.out
  write 1 bytes to /root/nohup.out
  write 1 bytes to /root/nohup.out
  write 1 bytes to /root/nohup.out
  write 1 bytes to /root/nohup.out
  write 1 bytes to /root/nohup.out
  write 1 bytes to /root/nohup.out
  write 1 bytes to /root/nohup.out
  write 5 bytes to /root/nohup.out
  write 1 bytes to /root/nohup.out
  write 7 bytes to /root/nohup.out
  write 6 bytes to /root/nohup.out
  write 7 bytes to /root/nohup.out
  write 1 bytes to /root/nohup.out
  write 1 bytes to /root/nohup.out
  write 1 bytes to /root/nohup.out

Do you want to rerun /etc/init.d/docker start and permit these operations? [y/N]