Nyx

Isolate. Execute. Forget.

Nyx is a lightweight Linux CLI utility to execute programs in a temporary workspace with resource limits and job-based logs.

Current Features

• CLI commands: run, inspect, help
• Per-run job ID generation
• Temporary workspace creation under /tmp/nyx_<job-id>
• CPU time limit (RLIMIT_CPU = 2s)
• Memory limit (RLIMIT_AS = 256MB)
• Stdout/stderr redirection into log files:
  • output.log
  • error.log
• Post-run inspection using job ID

Project Structure

nyx/
├── scr/
│   ├── main.c
│   ├── cli.c
│   ├── cli.h
│   ├── executor.c
│   └── executor.h
├── Assets/
└── README.md

Requirements

• Linux (tested in shell environment)
• GCC
• Standard POSIX runtime

Build

From the scr/ directory:

gcc *.c -o nyx

From the repository root, you can also run:

cd scr && gcc *.c -o nyx

Usage

1) Show help

./nyx help

2) Run a program

./nyx run /bin/ls -la

Nyx prints a job ID, for example:

[nyx] Job ID: 1711023456

3) Inspect logs for a job

./nyx inspect 1711023456

This prints:

• STDOUT from /tmp/nyx_1711023456/output.log
• STDERR from /tmp/nyx_1711023456/error.log

Expected output format:

[nyx] Inspecting job: 1711023456

----- STDOUT -----
...

----- STDERR -----
...

Usage flow:

1. Build Nyx
2. Execute nyx run <program> [args...]
3. Copy the printed job ID
4. Execute nyx inspect <job-id> to view logs

Notes

• Nyx currently focuses on process limits + log capture.
• Workspace cleanup is currently disabled in code to allow inspection after execution.
• This is an early-stage project; isolation and hardening can be extended further.

Known Limitations

• Not a full security sandbox yet (hardening still in progress).
• Temporary workspace cleanup is intentionally disabled for post-run inspection.

Architecture