有時候我們需要對線上用戶操作記錄進行歷史記錄待出現問題追究責任人,但Linux系統自帶的history命令用戶有自行刪除權限,那怎麼設置可以讓用戶的操作記錄實時記錄,並保證普通用戶無權刪除呢?本文教你一招
1.mkdir -p /usr/local/domob/records/
chmod 777 /usr/local/domob/records/
chmod +t /usr/local/domob/records/
2.vi /etc/profile 在最後添加下面的代碼
if [ ! -d /usr/local/domob/records/${LOGNAME} ]
then
mkdir -p /usr/local/domob/records/${LOGNAME}
chmod 300 /usr/local/domob/records/${LOGNAME}
fi
export HISTORY_FILE="/usr/local/domob/records/${LOGNAME}/bash_history"
export PROMPT_COMMAND='{ date "+%Y-%m-%d %T ##### $(who am i |awk "{print \$1\" \"\$2\" \"\$5}") #### $(history 1 | { read x cmd; echo "$cmd"; })"; } >>$HISTORY_FILE'