Pages

Friday, April 25, 2014

Bash script to save user history

Hi

Please find the below script which can save each users history to a common place for security purpose. So that later admin can review the commands performed by each user on the machine. (like who has stopped some service, who reboot the machine etc)

#!/bin/bash
echo "date > date.txt" >> .bash_profile
touch .logout.sh
read -r -d '' FILECONTENT <<'ENDFILECONTENT'
#!/bin/bash
user=`whoami`
var=`cat date.txt`
echo "The user $user logged to this machine at $var"
echo "The user $user executed the below commands"
history
echo "The session completed at `date`"
history -c
history -w
ENDFILECONTENT
echo "$FILECONTENT" > .logout.sh
chmod 700 .logout.sh
echo "source .logout.sh >> /tmp/historylog" >> .bash_logout


save this content as some file.sh like history.sh
give 700 permission
chmod 700 history.sh
./history.sh

Note : it will clear the session's history each time.


No comments: