doc: faq: note about ttyrec/script

pull/587/head
Stéphane Lesimple 7 months ago committed by Stéphane Lesimple
parent 9529ec07fa
commit 3452682794

@ -170,3 +170,35 @@ which we override with our wrapper, but some other mechanism we can't hook into.
This is for example the case of the `network_cli` module of Ansible, which underneath uses Paramiko,
a Python library to handle SSH connections, which prevents our wrapper to be used (see
`this GitHub issue <https://github.com/ovh/the-bastion/issues/254>`_ for more information).
Can The Bastion record sessions with ``script`` or in plaintext format instead of ``ttyrec``?
=============================================================================================
The ttyrec program is actually a fork and a superset of script, and their output format is very similar.
The main change is that for ttyrec, there is timing info added in the output file, so that it can be
replayed "at the same pace" that the captured console.
With both programs, the entire console output is captured, i.e. plaintext, but also control codes,
such as "move the cursor here", "change the background color to this", etc. If you cat the output files
of script or ttyrec, you'll see plaintext but also these non-printable control-codes.
It is not trivial to convert these to "real" plaintext because you have to interpret all the control codes
correctly to reproduce the actual output, which is an actual terminal does.
For example, if I type "helk" then "backspace" then "lo", on my console, "hello" will be displayed when I'm done,
but in the output files of both script and ttyrec, this is what will be written: ``helk^H^[[Klo``.
So grepping for "hello" inside these files will not work, even if you would have expected it to work.
This even gets more complicated for programs using curses such as vim, where you can navigate in a file:
a lot of control codes are used to control what the console displays, and there is no way, from what is displayed
in the console, to know what is part of the preexisting file, and what is being typed by the person.
In both cases, it just ends up on the screen.
Now, some solutions exists. You might want to have a look at ``IPBT`` ("It's Playback Time"), which is an advanced
ttyrec player from the author of PuTTY: `IPBT <https://www.chiark.greenend.org.uk/~sgtatham/ipbt>`_.
It has the option of actually grepping for a string inside a ttyrec, and it does this by rendering each "frame"
in-memory, then actually looking for the output in the emulated console.
This would work with the "hello" example above.
It also has a tool named ``ipbt-dump`` that should help converting ttyrec files to something that you can better
work with.
(adapted from `this GitHub issue <https://github.com/ovh/the-bastion/issues/522>`_).

Loading…
Cancel
Save