[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Saving command history for non-interactive shell

From: dethrophes
Subject: Re: Saving command history for non-interactive shell
Date: Sat, 17 Mar 2012 22:10:54 +0100
User-agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2

Am 16.03.2012 15:56, schrieb Greg Wooledge:
On Fri, Mar 16, 2012 at 02:33:35PM +0000, Lars Peterson wrote:
Is there a way to configure bash so that commands from a non-interactive
shell are preserved in the history? I'm more interested in saving commands
invoked via ssh vs shell scrpts.
 From CHANGES, for bash 4.1:

l.  There is a new configuration option (in config-top.h) that forces bash to
     forward all history entries to syslog.

However, that only applies to commands that bash is already adding to
its history.  So you'd also have to do a "set -o history" command at
some point, since non-interactive shells don't do that by default.
That might be tricky to arrange.

And of course you'd have to force the ssh user to use your specially
compiled bash with the SYSLOG_HISTORY option, and not some other shell.

If the larger context is "I want to know everything my users are doing",
you're going to end up frustrated.  Unix simply wasn't designed to lock
users down.  Quite the opposite -- it was designed to give users full
power.  Users can make system calls without going through a shell, by
writing C code and so on.  They can also invoke processes without using
a shell, if processes are the thing you actually want to track, rather
than, for instance, file system operations.

If any of the above resembles your actual goal, then you need to look
into "accounting" ("process accounting", etc.).  It's a huge topic, and
logging shell commands doesn't even come close to addressing it.
Just a suggestion but if its only about ssh then you could chroot to a new base and replace the bash with a bash script.
or change the default shell. to something like this.
 exec /bin/realbash -o history "address@hidden"
i.e. so that when bash is called you enable history. haven't really tried it but I think it should be possible.

or do something like
  exec logapp /bin/realbash -o xtrace "address@hidden"

  exec logapp /bin/bash -o xtrace "address@hidden"

  do something here .....

just some rough ideas.

I mean depending on your setup you could either change the account default shell, only allow execution of the special logging shell, or just specify the logging shell in you hash bang entry.

heck you could even do something really crazy like manually read the bash input/script usinf read and eval each line of code,
something like
while read -re ; do
  echo "${REPLY}"
eval "${REPLY}" ## not saying its a good idea just that there are a lot of ways to skin this particular fish.

or even something like
  trap 'echo "${BASH_COMMAND}" >> Logfile' DEBUG
  source "${1}"

reply via email to

[Prev in Thread] Current Thread [Next in Thread]