Every terminal shell writes to .*sh_history independently, and if two are active at once, the file may not show all the commands of both. You might set up the .bashrc so every login gets a fresh history file named with date-time, tty and pid. And even then, anything they put is a script is not recorded, nor if they move over to ksh/csh/tcsh/sh shell, or cat -u|bash to simulate a script. Finally, these files roll over at $HISTSIZE.
First, you want to not use the shell or history file they are using, so you do not mix your history.
You can truss/tusc their bash pid and see all to much detail, if you have it or something similar. These commands give you all kernel calls, even if the app is already running and you do not have the source.
There may be network or terminal ways to watch their interactions.
HISTCONTROL
A colon-separated list of values controlling how commands are
saved on the history list. If the list of values includes
ignorespace, lines which begin with a space character are not
saved in the history list. A value of ignoredups causes lines
matching the previous history entry to not be saved. A value of
ignoreboth is shorthand for ignorespace and ignoredups. A value
of erasedups causes all previous lines matching the current line
to be removed from the history list before that line is saved.
Any value not in the above list is ignored. If HISTCONTROL is
unset, or does not include a valid value, all lines read by the
shell parser are saved on the history list, subject to the value
of HISTIGNORE. The second and subsequent lines of a multi-line
compound command are not tested, and are added to the history
regardless of the value of HISTCONTROL.
HISTFILE
The name of the file in which command history is saved (see HIS-
TORY below). The default value is ~/.bash_history. If unset,
the command history is not saved when an interactive shell
exits.
HISTFILESIZE
The maximum number of lines contained in the history file. When
this variable is assigned a value, the history file is trun-
cated, if necessary, by removing the oldest entries, to contain
no more than that number of lines. The default value is 500.
The history file is also truncated to this size after writing it
when an interactive shell exits.
HISTIGNORE
A colon-separated list of patterns used to decide which command
lines should be saved on the history list. Each pattern is
anchored at the beginning of the line and must match the com-
plete line (no implicit `*' is appended). Each pattern is
tested against the line after the checks specified by HISTCON-
TROL are applied. In addition to the normal shell pattern
matching characters, `&' matches the previous history line. `&'
may be escaped using a backslash; the backslash is removed
before attempting a match. The second and subsequent lines of a
multi-line compound command are not tested, and are added to the
history regardless of the value of HISTIGNORE.
HISTSIZE
The number of commands to remember in the command history (see
HISTORY below). The default value is 500.
Hello!
I want users in a certain group to be restricted to their home directory. So that they have full access to all files and folders in their home directory but the cant go to any directory above.
Does anyone know how to do this?
Anders (1 Reply)
I have an RS6000 server running AIX and on occasion all users are logged out of the server "connection closed by foreign host" is the error message. Normally a user can press enter and get a Login prompt, but they get the message "connection refused" and then the users can wait a minute or so and... (2 Replies)
We have two NIC cards in our IBM RS/6000 F50 running AIX 4.3.3
We are trying to make sure we have moved all users to log in through the new NIC.
10.22.x.y (old)
10.22.x.z (new)
How can I tell which users are still using the old address for logging in so I can update their work station to... (5 Replies)
I have searched the forums but have not mangaed to quite find what im looking for. I have used to /etc/passwd command to present me a list of all users the who command to present all users currently logged on, but what i want to know is what command can i use to display users that are registered... (12 Replies)
How can I get the list of logged in users in the system programmatically?
I can get the list with 'who' or 'users' commands but I need to get the list programmatically...
May someone help, please?
Thanks in advance. (2 Replies)
How do I find this out? I have a feeling its a simple command such as who, but I just don't know what it is. I've had a search on here but either I can't put it into the right search criteria or there isn't a topic on it.
Thanks.
EDIT: Delete this thread, as I posted it I noticed the... (0 Replies)
I have 2 systems. (1) RHEL5 and (2) winXP pro
from xpPRO putty i ssh into rhel5 : user root
from xpPRO i ftp into rhel5 : user abc123
when i run #uptime it only shows 1 user
when i do #ps -u abc123 : it shows vsftpd deamon PID
is there a command that can be used to show all currently... (4 Replies)
Hi,
How to find the users who did not login into a UNIX box (thru ssh/ftp or any other way) for last 90 days?
I think of using "finger" or "last" command to findout each user's last login and then find number of days between today and that day. Is there any other better way or anyone prepared... (1 Reply)
Discussion started by: reddyr
1 Replies
LEARN ABOUT OPENDARWIN
history
history(n) Tcl Built-In Commands history(n)
__________________________________________________________________________________________________________________________________________________NAME
history - Manipulate the history list
SYNOPSIS
history ?option? ?arg arg ...?
_________________________________________________________________DESCRIPTION
The history command performs one of several operations related to recently-executed commands recorded in a history list. Each of these
recorded commands is referred to as an ``event''. When specifying an event to the history command, the following forms may be used:
[1] A number: if positive, it refers to the event with that number (all events are numbered starting at 1). If the number is negative,
it selects an event relative to the current event (-1 refers to the previous event, -2 to the one before that, and so on). Event 0
refers to the current event.
[2] A string: selects the most recent event that matches the string. An event is considered to match the string either if the string
is the same as the first characters of the event, or if the string matches the event in the sense of the string match command.
The history command can take any of the following forms:
history
Same as history info, described below.
history add command ?exec?
Adds the command argument to the history list as a new event. If exec is specified (or abbreviated) then the command is also exe-
cuted and its result is returned. If exec isn't specified then an empty string is returned as result.
history change newValue ?event?
Replaces the value recorded for an event with newValue. Event specifies the event to replace, and defaults to the current event
(not event -1). This command is intended for use in commands that implement new forms of history substitution and wish to replace
the current event (which invokes the substitution) with the command created through substitution. The return value is an empty
string.
history clear
Erase the history list. The current keep limit is retained. The history event numbers are reset.
history event ?event?
Returns the value of the event given by event. Event defaults to -1.
history info ?count?
Returns a formatted string (intended for humans to read) giving the event number and contents for each of the events in the history
list except the current event. If count is specified then only the most recent count events are returned.
history keep ?count?
This command may be used to change the size of the history list to count events. Initially, 20 events are retained in the history
list. If count is not specified, the current keep limit is returned.
history nextid
Returns the number of the next event to be recorded in the history list. It is useful for things like printing the event number in
command-line prompts.
history redo ?event?
Re-executes the command indicated by event and return its result. Event defaults to -1. This command results in history revision:
see below for details.
HISTORY REVISION
Pre-8.0 Tcl had a complex history revision mechanism. The current mechanism is more limited, and the old history operations substitute and
words have been removed. (As a consolation, the clear operation was added.)
The history option redo results in much simpler ``history revision''. When this option is invoked then the most recent event is modified
to eliminate the history command and replace it with the result of the history command. If you want to redo an event without modifying
history, then use the event operation to retrieve some event, and the add operation to add it to history and execute it.
KEYWORDS
event, history, record
Tcl history(n)
10-22-2010
