Tracking Commands used at command prompt in AIX

[azrinakil]

Dear Unix gurus,
Is there any way to track commands used by users at command prompts (AIX machine)? Can it be kept in a log that is not accesible by the users? We are using /bin/sh.

regards
aixman

 

[fjw999]

Try `strings .sh_history` in the users home directory. The only user that can see this file is root

Cheers

 

[dsn1]

root is not the only file to be able to see the shell history file; the user can edit and delete it themselves if they want to as it will be owned by them. The only difference is that since it is a dot file, it will only show up when using the -a option to ls.

Dave

 

[Morsing]

And if the user turns off history nothing will be written to the file.

Cheers

Henrik Morsing
Certified AIX 4.3 Systems Administration
& p690 Technical Support

 

[Yegolev]

you can modify the $HISTFILE variable to be whatever you would like, but as for keeping the user away from it, not sure about that, perhaps do some sort of output duplication. I set my $HISTFILE var like this:

export HISTFILE=~myhome/shist/.sh_history.`hostname`

which lets me have a separate history on each server. my home is in a nfs-mount and generally accessible on all of our machines. perhaps you can do something creative with a nfs-mounted history directory.

IBM Certified -- AIX 4.3 Obfuscation