HPE Community
Operating System - HP-UX
1833013 Members
2644 Online
110048 Solutions
New Discussion

History file

 
ken casazza_1
New Member

‎09-27-2001 09:43 AM

‎09-27-2001 09:43 AM

History file

We want to monitor 6 accounts' history files, so I have a tail -f running in the background for each .sh_history file. The problem is this: when one of the users types "> .sh_history", my tail -f stops displaying their subsequent commands, and I have to kill the first tail -f, and start another. Is there a better way for me to securely have a list of all their commands?
Thanks!
0 Kudos
Reply
5 REPLIES 5
Sanjay_6
Honored Contributor

‎09-27-2001 09:48 AM

‎09-27-2001 09:48 AM

Re: History file

Hi Ken,

Don't see any choice over there. If the users does a /dev/null >$USER_HOME/.sh_history it will wipe out the .sh_history and make it size as zero.

Hope this helps.

thanks
0 Kudos
Reply
linuxfan
Honored Contributor

‎09-27-2001 10:10 AM

‎09-27-2001 10:10 AM

Re: History file

Hi Ken,

An option is to use tee

tail -f ~user/.sh_history | tee /tmp/user.sh_history

This would tail the .sh_history file and copy that to /tmp/user.sh_history also.

Whenever a user issues a >.sh_history you will have to Ctrl-C your session where you are doing a tail -f but you will still have the commands listing in /tmp/user.sh_history file.


-HTH
Ramesh
They think they know but don't. At least I know I don't know - Socrates
0 Kudos
Reply
Bernie Vande Griend
Respected Contributor

‎09-27-2001 11:46 AM

‎09-27-2001 11:46 AM

Re: History file

You could also try a different tact.
You could use the "script" command sucha s "script somefilename" and place it in their .profile. Then any commands and their output that user types will go to "somefilename". You can then tail -f that if you want.
Ye who thinks he has a lot to say, probably shouldn't.
0 Kudos
Reply
Wodisch
Honored Contributor

‎09-27-2001 12:05 PM

‎09-27-2001 12:05 PM

Re: History file

Hello Ken,

make their history a link to some "save" dir
and set the "t" bit on their home dirs...
Own the link as "root", so they cannot remove
or rename it...

Just my ?0.02,
Wodisch
0 Kudos
Reply
ken casazza_1
New Member

‎10-03-2001 07:17 AM

‎10-03-2001 07:17 AM

Re: History file

Thank you all for your assistance!!
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.