I am creating users on our servers. the .bash_history supposed to store all the commands entered by the user. My question is, how can I prevent the user himself from editing or viewing this file?
I have tried chaning the owner of the .bash_history to be the root user but unfortunately the commands entered by the user himself were not logged in the .bash_history when the owner is root.
I want to have control to see exactly what each user is doing and to store each single command ebtered by that user but at the same time I don't want the user to have access to such file whether to view it or to edit it.
I know for redhat systems you can activate psacct. Its what you normally use for monitoring that type of activity. You can't stop a user from seeing their own bash_history, as its located in their home directory - which is their little slice of the pie. Its kind of necessary for the shell to function properly.
The dot (.bash_history) is suppose to make it hidden. What are the permission settings? Try changing it to owner has read/write and group and world have none. And change the owner to root.
Then login as the user and try to open the history file
But I think in this way, the commands entered by the user will not be stored in the .bash_history since the user will not have any permission to write into the file.
The user would be able write to it, but not read it. But then again, anybody could write to it, allowing the user or whoever really to inject bogus entries or even overwrite the file with a blank file. Since they can write to it....
