Simple executable args sniffer written in golang

proxybin.go

package main

import (
	"log"
	"os"
	"os/exec"
	"path/filepath"
	"strings"

	ps "github.com/mitchellh/go-ps"
	"gopkg.in/natefinch/lumberjack.v2"
)

const proxybinReadBinPostfix = "_realbin"
const proxybinUserDir = ".proxybin"
const proxybinDefaultLogFilename = "default.log"

var logger *log.Logger

func initLogger() {
	userHomeDir, err := os.UserHomeDir()
	if err != nil {
		panic(err)
	}
	logFilePath := filepath.Join(userHomeDir, proxybinUserDir, proxybinDefaultLogFilename)
	ljRotationLog := &lumberjack.Logger{
		Filename:   logFilePath,
		MaxSize:    1,  // megabytes after which new file is created
		MaxBackups: 3,  // number of backups
		MaxAge:     28, //days
	}

	logger = log.New(ljRotationLog, "", log.Ldate|log.Ltime)
}

func main() {
	initLogger()

	pprocess, _ := ps.FindProcess(os.Getppid())
	args := strings.Join(os.Args, ", ")
	logger.Printf("uid=[%d], gid=[%d], pid=[%d], ppid=[%s(%d)], args=[%s]\n",
		os.Getuid(), os.Getgid(), os.Getpid(), pprocess.Executable(), pprocess.Pid(), args)

	realBinaryToRun := os.Args[0] + proxybinReadBinPostfix
	cmd := exec.Command(realBinaryToRun, os.Args[1:]...)
	cmd.Stdout = os.Stdout
	cmd.Stderr = os.Stderr
	cmd.Run()
}