Bash History Review operation notes

Bash is a Unix shell written for the GNU program. Its name is a series of abbreviations: Bourne-Again SHell-this is a puntion about the Bourne shell (sh) (Bourne again/born again)

Complete bash History Review

1. Download the bash-4.2 source code package and modify the source code to re-compile and install it:

Wget http://mirrors.ustc.edu.cn/gnu/bash/bash-4.2.tar.gz

2. Modify the config-top.h file in the root directory of the source package.

# Define SSH_SOURCE_BASHRC
# Define SYSLOG_HISTORY

Remove the comments of the preceding two items.

3. Modify the bashhist. c file in the root directory of the source code package, which is about 705 lines.

/* Void
Bash_syslog_history (line)
Const char * line;
{
Char trunc [SYSLOG_MAXLEN];

If (strlen (line) <SYSLOG_MAXLEN)
Syslog (SYSLOG_FACILITY | SYSLOG_LEVEL, "HISTORY: PID = % d UID = % d % s", getpid (), current_user.uid, line );
Else
{
Strncpy (trunc, line, SYSLOG_MAXLEN );
Trunc [SYSLOG_MAXLEN-1] = '';
Syslog (SYSLOG_FACILITY | SYSLOG_LEVEL, "HISTORY (TRUNCATED): PID = % d UID = % d % s", getpid (), current_user.uid, trunc );
}
}
*/
Comment out the above Code and add the Code:

#======================== Split line ======================== #

Void
Bash_syslog_history (line)
Const char * line;
{
Char trunc [SYSLOG_MAXLEN];
Const char * p;
P = getenv ("NAME_OF_KEY ");
If (strlen (line) <SYSLOG_MAXLEN)
Syslog (SYSLOG_FACILITY | SYSLOG_LEVEL, "HISTORY: PID = % d PPID = % d SID = % d User = % s USER = % s CMD = % s", getpid (), getppid (), getsid (getpid (), current_user.user_name, p, line );
Else
{
Strncpy (trunc, line, SYSLOG_MAXLEN );
Trunc [SYSLOG_MAXLEN-1] = '';
Syslog (SYSLOG_FACILITY | SYSLOG_LEVEL, "HISTORY (TRUNCATED): PID = % d PPID = % d SID = % d User = % s USER = % s CMD = % s ", getpid (), getppid (), getsid (getpid (), current_user.user_name, p, trunc );
}
}

#======================== Split line ======================== #

4. Compile and install it. It is installed under/usr/local/bin/by default.

./Configure & make install

5. Use the following script to overwrite the/root/. bashrc file.

#======================== Split line ======================== #

#. Bashrc
Fcomp = "/tmp/file"
Authorized_keys = "$ HOME/. ssh/authorized_keys"
Secure = "/var/log/secure"
Record = "/var/log/login"
Rsager = $ (awk-vp = $ PPID '/Found matching RSA key/& $0 ~ P {f = $ NF} END {print f} '$ secure)
Mkdir-p $ record

While read LINE
Do
Echo $ LINE> $ fcomp
Name = $ (echo $ LINE | awk '{print $3 }')
Nowrsa = $ (ssh-keygen-lf $ fcomp | awk '{print $2 }')
If [[$ rsager = $ nowrsa]; then
NAME_OF_KEY = $ name
Readonly NAME_OF_KEY
Export NAME_OF_KEY HISTFILE = "$ record/$ name"
Fi
Done <$ authorized_keys
Rm $ fcomp

[$ BASH_EXECUTION_STRING] & logger-t-bash-s "HISTORY $ SSH_CLIENT USER = $ NAME_OF_KEY CMD = $ BASH_EXECUTION_STRING" &>/dev/null

# User specific aliases and functions

Alias rm = 'rm-I'
Alias cp = 'cp-I'
Alias mv = 'mv-I'

# Source global definitions
If [-f/etc/bashrc]; then
./Etc/bashrc
Fi

#======================== Split line ======================== #

6. Modify the logon shell in/etc/passwd.

Sed-I. bak's #/bin/bash #/usr/local/bin/bash # G'/etc/passwd
Mv/bin/{bash, bash. bak}
Ln-s/usr/local/bin/bash

Log on again.