Login/Register
Delete BASH history on exit for all users
Asked Answered
bashrhel
B

5

6

Using Red Hat Enterprise Linux is it possible to place a global option that whenever a user exits an SSH connection the BASH history for that user is cleared?

Bourgeoisie answered 8/10, 2013 at 19:41 Comment(3)
There's not much you can do if the users have customized their bash session to save their history in an arbitrary file.Polynices
Try setting /etc/bash.bash_logout as I suggest in my answer.Emiliaemiliaromagna
None of the below suggested answers work.Bourgeoisie
E
1

In the /etc/bash.bash_logout script you can put:

unset HISTFILE

The default for HISTFILE is ~/.bash_history. The user can set this to whatever they wish. If it's not set, the logout process doesn't write the history information that's in RAM to the history file.

Emiliaemiliaromagna answered 8/10, 2013 at 19:48 Comment(7)
This would only clear the in-memory history, which doesn't persist after the shell exits anyway.Polynices
See my answer. There's no guarantee that .bash_history is used to store the history.Polynices
bash does not have a global logout file by default, although it appears you can enable it at compile time. I don't know if that is executed before or after ~/.bash_logout where available.Polynices
@Polynices I have a fairly "default" installation of Fedora 18 and /etc/bash.bash_logout is operational on my system. I didn't compile the system myself.Emiliaemiliaromagna
Looks like it's disabled in the bashs installed on my Mac OS X box, but is enabled on one of my Linux boxes at work. It also appears (which you have probably confirmed) that it is sourced after the user's logout file.Polynices
HOWEVER, :), the user could always make sure his history is written out before the global file unsets HISTFILE.Polynices
@Polynices yep, I agree, the ultimate "cheat" would be that the user could run the history command into some arbitrary file then copy it back over after they login.Emiliaemiliaromagna
M
1

Put the following in ~/.bash_logout

echo > $HISTFILE

This will erase the saved history for a user at logout, but will keep a useful running history when user is logged-in.

Meilhac answered 15/3, 2021 at 12:16 Comment(0)
C
0

I know you can manually run

history -c

I think you can put this into your ~/.bash_logout.

Creature answered 8/10, 2013 at 19:47 Comment(0)
P
0

The user can always save their history to a non-standard file and reload it on the next login, so their isn't much you can do from a global standpoint to stop it.

For example, Bob might put the following in his ~/.bash_login:

HISTFILE=~/my_secret_history_file
Polynices answered 8/10, 2013 at 20:29 Comment(2)
Is it possible globally to set history to /dev/null or something?Bourgeoisie
No, because the user configuration files are sourced after the global ones. The best you can do is set a policy that history cannot be stored, but there's no technical way to enforce such a policy.Polynices
H
0

When needed to let the histories empty - I use symlinking them to /dev/null...

lrwxrwxrwx  1 root root    9 Dez 16 19:10 .ash_history -> /dev/null
lrwxrwxrwx  1 root root    9 Dez 16 19:10 .bash_history -> /dev/null

...then the history of typed commands work only for current session.
Starting a new shell, starting a new empty temporary history.
Symlinking them for normal users to /dev/null have to be done by: root

Hallucination answered 15/3, 2021 at 12:34 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.