在/etc/profile里加入以下几行
|
1
2
3
|
export HISTORY_FILE=/var/log/command_history/`date
'+%Y-%m-%d'
`.log
export PROMPT_COMMAND=
'{ date "+%Y-%m-%d %T ##### $(who am i |awk "{print \$1\" \"\$2\" \"\$5}") #### $(history 1 | { read x cmd; echo "$cmd"; })"; } >> $HISTORY_FILE'
chmod a+w
$HISTORY_FILE
给所有用户加写权限
|
或
|
1
2
3
4
|
export HISTORY_FILE=/var/log/command_history/`date
'+%Y-%m-%d'
`.log
export PROMPT_COMMAND=
'{ date "+%Y-%m-%d %T $(history 1 | { read x cmd; echo "$cmd USER:$USER FROM IP:$SSH_CLIENT PS:$SSH_TTY"; })"; } >>$HISTORY_FILE'
export PROMPT_COMMAND=
'{ date "+[ %Y%m%d %H:%M:%S `whoami` ] `history 1 | { read x cmd; echo "$cmd USER:$USER from ip:$SSH_CLIENT $SSH_TTY"; }`"; } >> /root/test.log'
|
或
|
1
|
export
PROMPT_COMMAND=
'{ date "+%Y-%m-%d %T $(who am i |awk "{print \$1\" \"\$2\" \"\$5}") $(history 1 | { read x cmd; echo "$cmd"; })"; } >> /tmp/`date "+%F"`.`hostname`.`whoami`.history-timestamp'
|
或
|
1
|
export
PROMPT_COMMAND=
'{ msg=$(history 1 | { read x y; echo $y; });user=$(whoami);echo $(date "+%F %H:%M:%S"):$user:`pwd`/:$msg ---- $(who am i); } >> /tmp/`date "+%F"`.`hostname`.`whoami`.history-timestamp'
|
添加完成,保存退出,然后使用如下的命令使之生效:
#. /etc/profile
或
# source /etc/profile
注意:如果没有报错说明成功了。
然后每个用户执行的历史命令就会存在以当前日期命名的log文件中。
本文转自 xoyabc 51CTO博客,原文链接:http://blog.51cto.com/xoyabc/1658267,如需转载请自行联系原作者
