linux紀錄系統使用者執行過的命令

linux紀錄系統使用者執行過的命令 在/etc/profile檔案裡添加：[plain] export HISTSIZE=50000  export HISTORY_FILE=/var/log/CommandHistory.log  export PROMPT_COMMAND='{ thisHistID=`history 1|awk "{print \\$1}"`;lastCommand=`history 1| awk "{\\$1=\"\" ;print}"`;user=`id -un`;whoStr=(`who -u am i`);realUser=${whoStr[0]};logMonth=${whoStr[2]};logDay=${whoStr[3]};pid=${whoStr[5]};ip=${whoStr[6]};if [ ${thisHistID}x != ${lastHistID}x ];then echo -E `date "+%Y/%m/%d %H:%M:%S"` $user\($realUser\)@$ip[Pid:$pid][LoginTime:$logMonth $logDay] ExecuteCommand: $lastCommand;fi; } >> $HISTORY_FILE   設定普通使用者寫日誌許可權：# chmod 777 /var/log/CommandHistory.log 定期清理指令碼：[plain] #!/bin/bash  dt=`date +"%Y%m%d%H%M"`  find /var/log/ -name "CommandHistory*.log" -mtime +15 -exec rm -f {} \;  cat /var/log/CommandHistory.log >/var/log/CommandHistory$dt.log  >/var/log/CommandHistory.log    crontab設定每天執行一次，清理15天前的命令記錄，備份前一天的命令記錄