本文介绍了如何在Bash中配置环境变量、设置历史记录文件,同时强化了`/var/log/history/bash_history.log`的安全性,包括更改文件权限和实施日志切割策略,以提高系统的安全性和性能。
bash 记录
配置环境变量:/etc/profile
export HISTTIMEFORMAT="%F %T "
export HISTORY_FILE=/var/log/history/bash_history.log
export PROMPT_COMMAND='{ thisHistID=`history 1|awk "{print \\$1}"`;lastCommand=`history 1| awk "{\\$1=\"\" ;print}"`;user=`id -un`;whoStr=(`who -u am i`);realUser=${whoStr[0]};logMonth=${whoStr[2]};logTime=${whoStr[3]};pid=${whoStr[6]};ip=${whoStr[7]};if [ ${thisHistID}x != ${lastHistID}x ];then echo -E `date "+%Y/%m/%d %H:%M:%S"` $user\($realUser\)@$ip[PID:$pid][LOGIN:$logMonth $logTime] --- $lastCommand ;lastHistID=$thisHistID;fi; } >> $HISTORY_FILE'安全加固
默认情况
/var/log/history/bash_history.log文件权限为所有人可写,为了进一步提升安全性,调整该文件中内容只可追加:
$ ls -l /var/log/history/bash_history.log
$ chattr +a /var/log/history/bash_history.log
$ lsattr /var/log/history/bash_history.log
-----a---------- /var/log/history/bash_history.log日志优化
进行日志切割
/var/log/history/bash_history.log {
daily
missingok
dateext
rotate 180
notifempty
copytruncate
prerotate
chattr -a /var/log/history/bash_history.log > /dev/null
endscript
postrotate
chattr +a /var/log/history/bash_history.log > /dev/null
chmod 644 /var/log/history/bash_history.log-`date '+%Y%m%d'`
endscript
}搜集学习之用
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
