fix: avoid shell in miner hardware probes

[bolasse1234]

Summary:

• replace shell-based lscpu | grep ..., nproc, and free -g | awk ... probes in the Linux and POWER8 miners with argv-based subprocess calls
• move the old text extraction into small Python parsers so shell pipelines are not needed
• read the POWER8 /proc/cpuinfo fallback directly instead of invoking cat | grep | cut
• add regression tests for parser behavior and for the subprocess wrapper not passing shell=True

Security note:

• Severity: Low
• Scope: miner hardware metadata collection only
• This keeps the same local commands but removes shell interpretation from the probe path.

Verification:

• python -m pytest tests\test_miner_hardware_probes.py

Bounty note:
If this is accepted for the bounty loop, please use my GitHub-login miner_id for payout. I am not posting payment details publicly.

[github-actions]

Welcome to RustChain! Thanks for your first pull request.

Before we review, please make sure:

• Your PR has a BCOS-L1 or BCOS-L2 label
• New code files include an SPDX license header
• You've tested your changes against the live node

Bounty tiers: Micro (1-10 RTC) | Standard (20-50) | Major (75-100) | Critical (100-150)

A maintainer will review your PR soon. Thanks for contributing!

[cerredz]

Approved. This is a scoped hardening change: the shell pipelines are replaced by fixed argv calls, the POWER8 /proc/cpuinfo fallback no longer shells out through cat | grep | cut, and the parser tests cover the expected lscpu / free -g shapes.

Validation I ran:

• python -m pytest tests\\test_miner_hardware_probes.py -q => 4 passed
• python -m py_compile miners\\linux\\rustchain_linux_miner.py miners\\power8\\rustchain_power8_miner.py tests\\test_miner_hardware_probes.py => passed
• git diff --check origin/main...HEAD => passed

Non-blocking residual debt: _run_cmd() still catches all exceptions and returns an empty string, matching the pre-existing fallback behavior. That is acceptable for this patch, but future cleanup could narrow the exception handling or log probe failures.

[Scottcjn]

💰 PAID — 8 RTC pending, will confirm in 24h.

• tx hash: da376a26d5c4a05556b43108dd095e6c
• Pending ID: 1408

What worked

Removes shell pipelines from BOTH miner probes (linux + power8) and replaces them with Python parsers. Solid hardening across two miner paths in a single scoped PR. Second clean PR from you in one day — keep it coming.

— auto-triage 2026-05-10