[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Saving command history for non-interactive shell
From: |
Chet Ramey |
Subject: |
Re: Saving command history for non-interactive shell |
Date: |
Fri, 16 Mar 2012 18:15:35 -0400 |
User-agent: |
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2 |
On 3/16/12 12:39 PM, Lars Peterson wrote:
> Thanks Greg.
>
> I get what you're saying about the futility of recording everything users do.
> And I'm not interested in setting up a big brother / spy machine that will
> invoke the wrath of the Unix gods.
>
> I'm not interested in security here...just auditing. We have a lot of scripts
> and commands that run from remote machines and I was just hoping that there
> was a way to capture their history on the server side vs the clients and
> workstations. I realize that this is semi-doable via an audit of syslog's
> AUTHPRIV facility; it makes forensics much easier to have everything stored
> in the shell's history though.
>
> Think I'll take a pass on using the SYSLOG_HISTORY approach -- compiling a
> customized bash sounds like trouble.
There is nothing stopping you from using history in a non-interactive
shell -- it's just not enabled by default.
Turn on history with `set -o history' and set HISTFILE and HISTSIZE as you
like. You can probably set some of the right variables in .ssh/environment
and set BASH_ENV to a file that will run the commands you want.
Chet
--
``The lyf so short, the craft so long to lerne.'' - Chaucer
``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, ITS, CWRU chet@case.edu http://cnswww.cns.cwru.edu/~chet/