I use this on my unix/linux boxes for eternal bash history for all users (place in /etc/bashrc)
if [ "$BASH" ]; then
export HISTTIMEFORMAT="%Y-%m-%d_%H:%M:%S "
export PROMPT_COMMAND="${PROMPT_COMMAND:+$PROMPT_COMMAND ; }"'echo "`date +'%y.%m.%d-%H:%M:%S:'`" $USER "("$ORIGINAL_USER")" "COMMAND: " "$(history 1 | cut -c8-)" >> /var/log/bash_eternal_history'
alias ehistory='cat /var/log/bash_eternal_history'
readonly PROMPT_COMMAND
readonly HISTSIZE
readonly HISTFILE
readonly HOME
readonly HISTIGNORE
readonly HISTCONTROL
fi
Then as root run the commands:
touch /var/log/bash_eternal_history chmod 777 /var/log/bash_eternal_history chattr +a /var/log/bash_eternal_history
on BSD freebsd the last command won’t work, use this instead:
# find /var/log -type f -name 'bash_eternal_history' -exec chflags uappnd {} \;
Linux Eternal Bash History One-Liner
Here is a one liner setup for eternal bash history (run as root):
sudo cat <<'EOF' > /etc/profile.d/eternal_bash_history.sh
# eternal_bash_history.sh
# Not running bash?
[ -n "$BASH_VERSION" ] || return 0
# Not an interactive shell?
[[ $- == *i* ]] || return 0
if [ "$BASH" ]; then
export HISTTIMEFORMAT="%Y-%m-%d_%H:%M:%S "
export PROMPT_COMMAND="${PROMPT_COMMAND:+$PROMPT_COMMAND ; }"'echo "`date +'%y.%m.%d-%H:%M%S:'`" $USER "("$ORIGINAL_USER")" "COMMAND: " "$(history 1 | cut -c8-)" >> /var/log/bash_eternal_history'
alias ehistory='cat /var/log/bash_eternal_history'
readonly PROMPT_COMMAND
readonly HISTSIZE
readonly HISTFILE
readonly HOME
readonly HISTIGNORE
readonly HISTCONTROL
fi
# Set up eternal log file and allow all users to write to it
# Do not allow anyone (even root) to modify eternal log or this script
if [ "$EUID" -eq 0 ]; then
touch /var/log/bash_eternal_history 2>/dev/null
chmod 777 /var/log/bash_eternal_history 2>/dev/null
chattr +a /var/log/bash_eternal_history 2>/dev/null
chattr +a /etc/profile.d/eternal_bash_history.sh 2>/dev/null
fi
EOF
export PROMPT_COMMAND=”${PROMPT_COMMAND:+$PROMPT_COMMAND ; }”‘echo “`date +’%y.%m.%d-%H:M:%S:’`” $USER “(“$ORIGINAL_USER”)” “COMMAND: ” “$(history 1 | cut -c8-)” >> /var/log/bash_eternal_history’
should be
export PROMPT_COMMAND=”${PROMPT_COMMAND:+$PROMPT_COMMAND ; }”‘echo “`date +’%y.%m.%d-%H:%M:%S:’`” $USER “(“$ORIGINAL_USER”)” “COMMAND: ” “$(history 1 | cut -c8-)” >> /var/log/bash_eternal_history’
You’re missing a % before the M after “`date” which puts an M in the entry instead of the minute.
Who’s got your back? This guy.
You da man! Thank you! Updated!
Another alternative with syslog (only for root user):
http://jablonskis.org/2011/howto-log-bash-history-to-syslog/