- Community Home
- >
- Servers and Operating Systems
- >
- Operating System - HP-UX
- >
- System Administration
- >
- Capture commands ran by a user
-
- Forums
-
Blogs
- Alliances
- Around the Storage Block
- Behind the scenes @ Labs
- HPE Careers
- HPE Storage Tech Insiders
- Infrastructure Insights
- Inspiring Progress
- Internet of Things (IoT)
- My Learning Certification
- OEM Solutions
- Servers: The Right Compute
- Shifting to Software-Defined
- Telecom IQ
- Transforming IT
- Infrastructure Solutions German
- L’Avenir de l’IT
- IT e Trasformazione Digitale
- Enterprise Topics
- ИТ для нового стиля бизнеса
- Blogs
-
Quick Links
- Community
- Getting Started
- FAQ
- Ranking Overview
- Rules of Participation
- Contact
- Email us
- Tell us what you think
- Information Libraries
- Integrated Systems
- Networking
- Servers
- Storage
- Other HPE Sites
- Support Center
- Enterprise.nxt
- Marketplace
- Aruba Airheads Community
-
Forums
-
Blogs
-
InformationEnglish
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
07-17-2013 12:56 AM
07-17-2013 12:56 AM
Capture commands ran by a user
Hi ,
Am using following entry in my /etc/profile to capture commands ran by a users in our 11iv2 servers:
export LOGINNAME=`who am i | awk '{print $1}'`
export HISTFILE="/var/tmp/hist_`date +%y%m%d.%H%M%S`.${LOGINNAME}.$LOGNAME.$$"
My question is all users are able to see this setting when they log in using "env" variable ,
is there any way such that the user will never come to know as to were am i logging his/her history ???
- Tags:
- history
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
07-17-2013 01:25 AM - edited 07-17-2013 01:27 AM
07-17-2013 01:25 AM - edited 07-17-2013 01:27 AM
Re: Capture commands ran by a user
>is there any way such that the user will never know as to were am I logging his/her history?
No. The history mechanism is not meant to be the security police.
If you unset it at the end of /etc/profile, then the user could change it and start a new shell.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
07-17-2013 01:26 AM
07-17-2013 01:26 AM
Re: Capture commands ran by a user
Ok.
Can i move the entries to a location which has root access only ?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
07-17-2013 01:28 AM
07-17-2013 01:28 AM
Re: Capture commands ran by a user
>Can I move the entries to a location which has root access only?
No, the user would no longer be able to write to it. Nor read it to look at his history.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
07-17-2013 04:02 AM
07-17-2013 04:02 AM
Re: Capture commands ran by a user
We do not want to enable auditing which will create large junk files.
Instead do we have option of rotating those log files ?
Can i copy it instead of moving it?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
07-17-2013 05:06 AM
07-17-2013 05:06 AM
Re: Capture commands ran by a user
>Instead do we have option of rotating those log files?
Are you now talking about auditing or about the history file?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
07-17-2013 06:23 AM
07-17-2013 06:23 AM
Re: Capture commands ran by a user
Hi Dennis ,
Rotating am asking for audit files.
And if we can copy history , that would be really great .
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
07-18-2013 05:08 AM
07-18-2013 05:08 AM
Re: Capture commands ran by a user
Hi Guys,
Awating reply .
Hewlett Packard Enterprise International
- Communities
- HPE Blogs and Forum
© Copyright 2019 Hewlett Packard Enterprise Development LP