Hello folks, I have a doubt concerning how to keep log of all action executed by users in their tty`s. In order to achieve this I would start adding "history -a" to the PROMPT_COMMAND directive.
Then I would set the .bash_history permissions to append only with:
"chattr +a .bash_history"
On the following I could add
Code:
if [ "$BASH" ]; then
PROMPT_COMMAND="history -a;$PROMPT_COMMAND";
readonly PROMPT_COMMAND
readonly HISTSIZE
readonly HISTFILE
readonly HOME
readonly HISTIGNORE
readonly HISTCONTROL
fi
to /etc/profile.
And finally deny users from executing shells in higher profiles:
Code:
Cmnd_Alias NSU = /bin/su
testing ALL= ALL, !NSHELLS, !NSU
in /etc/sudoers
My question is are any caveats on my approach? I`ve created the user accounts with the
newusers command and in result as they have not logged so far they don`t have a .bash_history in their homes is this a problem? Can I create this files or it would bring me problems regarding the order of its contents or something like that??
Regards.