HPE Community
Operating System - HP-UX
1839253 Members
2821 Online
110137 Solutions
New Discussion

Re: history file for non root users

 
Roro_2
Regular Advisor

‎04-26-2007 08:26 PM

‎04-26-2007 08:26 PM

history file for non root users

Hi,

I am working on HP integrity server rx1620 ( HP-UX 11i v2 June 2006).
I failed to change the name and the location of the shell history file (.sh_history) for non root users using HISTFILE variable through POSIX shell and korn shell ;
it is always created in users's home directory where it can be easily deleted.

Please advise.

Roger

0 Kudos
Reply
6 REPLIES 6
spex
Honored Contributor

‎04-26-2007 11:18 PM

‎04-26-2007 11:18 PM

Re: history file for non root users

Hi Roger,

Changing the location of a user's sh-posix/ksh history file is simply a matter of changing the 'HISTFILE=...' line in his/her ~/.profile (and then forcing the user to log in again). Note that the user must have write permission on this file for obvious reasons. This means that even if you disguise the file's name and path, a crafty use will still be able to alter it manually.

PCS
0 Kudos
Reply
Roro_2
Regular Advisor

‎04-26-2007 11:32 PM

‎04-26-2007 11:32 PM

Re: history file for non root users

Hi,

Thank you for your concern.

I set HISTFILE in the /etc/profile and/or in user's .profile and i set the permissions (rwx) on the destination directory but the history file .sh_history still created in user's home directory.


Roger
0 Kudos
Reply
Roro_2
Regular Advisor

‎04-26-2007 11:37 PM

‎04-26-2007 11:37 PM

Re: history file for non root users

Hi ,

Thank you for your concern.

I set HISTFILE in the /etc/profile and/or in the user's .profile and i set all permissions (rwx ) to the destination directory.
The .sh_history file is always created in users's home directory.

Roger
0 Kudos
Reply
spex
Honored Contributor

‎04-26-2007 11:53 PM

‎04-26-2007 11:53 PM

Re: history file for non root users

Roger,

This isn't a permissions issue. If the user doesn't have write permission on his $HISTFILE, it simply won't be created or updated. But ~user/.sh_history will no longer be written to.

I believe the user's $HISTFILE environmental variable isn't being set correctly, or is being overwritten (e.g. through a mismatch between /etc/profile and ~user/.profile). Check for syntax errors and ensure the user is logging out and back in again.

PCS
0 Kudos
Reply
Roro_2
Regular Advisor

‎04-27-2007 12:39 AM

‎04-27-2007 12:39 AM

Re: history file for non root users

Hi ,

1- i have created a directory called log uder root. ( /log)
2- i added the following lines in the /etc/profile :
HISTFILE=/log/hist_$LOGNAME
export HISTFILE
HISTSIZE=3000 ;export HISTSIZE
3- no HISTFILE variable in any user's . profile

when i logon using root , hist_root file is created under /log
whwn i logon using roger , .sh_history file is created under /home/roger.

Roger
0 Kudos
Reply
Bill Hassell
Honored Contributor

‎04-27-2007 02:33 PM

‎04-27-2007 02:33 PM

Re: history file for non root users

Trying to keep a protected shell history file is going to be difficult. As mentioned, the file must be readable and writable by the user.

> 1- i have created a directory called log uder root. ( /log)

Most important: /log must be 755 permissions so the file can be accessed.;

> 2- i added the following lines in the /etc/profile :
> HISTFILE=/log/hist_$LOGNAME
> export HISTFILE
> HISTSIZE=3000 ;export HISTSIZE

You can update your Bourne shell style lines to POSIX/ksh/bash form:

export HISTFILE=/log/hist_$LOGNAME
export HISTSIZE=3000

> 3- no HISTFILE variable in any user's . profile

Are your users logging in using telnet or ssh, or are they using Xwindows?

> when i logon using root , hist_root file is created under /log
> whwn i logon using roger , .sh_history file is created under /home/roger.

Sounds like the user cannot create or write to /log/hist_$LOGNAME. Make sure that the HISTFILE file has the right permissions for the users. Now it's important to note that $LOGNAME is derived from the utmp file (who also references this file) and it is quite common to find corruption in this file. Change the $LOGNAME value to use id -un as in:

export HISTFILE=/log/hist_$(id -un)

/etc/profile and .profile are ignored if users are running Xwindows. Fix this with:

echo "loginShell: true" >> $HOME/.Xdefaults


Bill Hassell, sysadmin
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.