Results 1 to 7 of 7
hello all.
everybody knows that .bash_history in every user`s dir can be edited by the users itself, and in most of the cases this really happens. so if it does, ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 02-11-2005 #1Just Joined!
- Join Date
- Jan 2005
- Posts
- 17
.bash_history
hello all.
everybody knows that .bash_history in every user`s dir can be edited by the users itself, and in most of the cases this really happens. so if it does, what`s the alternative? how cand a sysadmin see what users are doing if the bash_history was modified?
thank you
- 02-11-2005 #2Linux Engineer
- Join Date
- Jul 2003
- Location
- England
- Posts
- 1,219
What is the problem with people editing there profile? Not sure what the problem is?
- 02-11-2005 #3Just Joined!
- Join Date
- Jan 2005
- Posts
- 17
nothing is wrong with editing their profiles, but i was talking about bash_HISTORY .. it`s a bit of a difference.
so.. anyone else?
- 02-11-2005 #4Linux Engineer
- Join Date
- Jul 2003
- Location
- England
- Posts
- 1,219
Sorry not sure what i was thinking
I would not rely on checking the users .bash_history to see what users have been doing on a system. Think about it for .bash_history to work like it is ment to (show previouse commands with the up arrow) then the users .bash_history needs to be writable by that user so how could you stop them from editiing it without stopping .bash_histrory from working all together? Then you would have nothing to look at for commands the user has issued since they would not be able to be written to there .bash_history.
- 02-11-2005 #5Linux Guru
- Join Date
- Mar 2003
- Location
- Wisconsin
- Posts
- 1,907
Write a wrapper script that outputs every command entered into .bash_history and to another file called .bash_history_unwritable that is uneditable by user.
JeremyRegistered Linux user #346571
"All The Dude ever wanted was his rug back" - The Dude
- 02-11-2005 #6Just Joined!
- Join Date
- Jan 2005
- Posts
- 17
That`s true, you have to find other alternatives to do that.
Originally Posted by Giro Sorry not sure what i was thinking I would not rely on checking the users .bash_history to see what users have been doing on a system. Think about it for .bash_history to work like it is ment to (show previouse commands with the up arrow) then the users .bash_history needs to be writable by that user so how could you stop them from editiing it without stopping .bash_histrory from working all together? Then you would have nothing to look at for commands the user has issued since they would not be able to be written to there .bash_history.
thank you for your post.
jeremy1701, you have a good idea there, but unfortunately i have no idea what the wrapper script should look like. Is it too much to ask you for some assistance in that matter?
Thank you.
- 02-11-2005 #7Just Joined!
- Join Date
- Jan 2005
- Posts
- 17
i found the solution, maybe this will help others. it`s quite simple actually..
all i had to do is chattr +au /home/user/.bash_history
in short, all commands are saved to user`s .bash_history, but the user cannot edit or delete it. pretty cool.
thanks to #linuxhelp for this.
Reply With Quote 
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
