How to make Linux History readonly

To disallow normal linux users from changing environment variable HISTFILE, create a file

vi /etc/profile.d/readonly_history.sh

Add following content to the file:

if [[ -n $BASH_VERSION ]]; then
  HISTTIMEFORMAT="%F %T "
  HISTFILE=~/.bash_history
  HISTCONTROL=
  # append to the hsitory file, don't overwrite it
  shopt -s histappend
  # save all lines of a multiple-line command in the same history entry
  shopt -s cmdhist
  # write commands to .bash_history immediately instead of at session end
  PROMPT_COMMAND="history -a"
  # for setting history length see HISTSIZE and HISTFILESIZE in bash(1)
  HISTSIZE=65536
  HISTFILESIZE=65536
  readonly HISTTIMEFORMAT
  readonly HISTFILE
  readonly HISTCONTROL
  readonly HISTSIZE
  readonly HISTFILESIZE
fi

Back to history

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *