Home > Uncategorized > Centralizing user shell history files (.sh_history)

Centralizing user shell history files (.sh_history)

Centralizing user shell history files (.sh_history) and enabling Date/Time Stamp on user shell history.

Detail Description of change:

1. Add the following entry to /etc/profile to save all users history file in a central location.
mkdir /var/adm/hist/; chmod 1777 /var/adm/hist/;
export HISTFILE=/etc/hist/.hist-$LOGNAME

##################################################
#User shell history centralization – [14092011-150500]

export HISTSIZE=10000
export HISTFILE=/var/adm/hist/.hist-$LOGNAME
typeset -r HISTSIZE
typeset -r HISTFILE
##################################################

Note:- Use of “typeset” to make those env. variables read-only and to stop being overridden by the users shell startup files.

2. Adding the following entry to /etc/environment to enable Data/Time Stamp on shell history.
EXTENDED_HISTORY=ON

###############
How This Works
###############
Each unix user’s shell history file will be created under “/var/adm/hist/”.

To view any user’s command history:
#su – <username> -c fc -t
============================================================
For bash, the EXTENDED_HISTORY variable is not supported, so you will have to set the HISTTIMEFORMAT variable to something as follows:

# HISTTIMEFORMAT=”%h/%m – %H:%M:%S ”

Now, when you run the history command, you will have the timestamp in bash.
Example:- export EXTENDED_HISTORY=ON; history; fc -t
============================================================

References
http://www.coolcommands.com/index.php?option=com_cc&task=display&id=1184
http://unix.ittoolbox.com/groups/technical-functional/ibm-aix-l/is-there-a-way-we-could-log-all-commands-executed-by-any-users-on-an-aix-server-4363412

============================================================

Following shell session will demonstrate the operation.
root@nim01:/>cd /var/adm/hist/
root@nim01:/var/adm/hist>pwd
/var/adm/hist
root@nim01:/var/adm/hist>ls -a
.              ..             .hist-ibmuser  .hist-root     .hist-sp2280
root@nim01:/var/adm/hist>ls -l .hist-*
-rw——-    1 ibmuser  staff           284 Dec 15 10:06 .hist-ibmuser
-rw——-    1 root     system        60488 Dec 15 10:06 .hist-root
-rw——-    1 sp2280   staff           270 Dec 14 13:05 .hist-sp2280
root@nim01:/var/adm/hist>cd ~
root@nim01:/>su – sp2280 -c fc -t
1       2011/12/14 13:04:23 :: alias
2       2011/12/14 13:04:32 :: echo $HISTFILE
3       2011/12/14 13:04:37 :: bash
4       ? :: ifconfig -a
exit
5       2011/12/14 13:04:43 :: df -g
6       2011/12/14 13:04:50 :: cd /var/adm/hist
7       2011/12/14 13:04:55 :: ls -a
8       2011/12/14 13:05:03 :: cat .hist-sp2280
9       2011/12/14 13:05:09 :: cd ~
10      2011/12/14 13:05:13 :: exit
root@nim01:/>
============================================================

NOTE:- This has been tested under IBM AIX environment, but should be able to applied to rest of the UNIX flavors including Linux with little or no change at all.

Advertisements
Categories: Uncategorized
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: