#!/bin/bash
#輸入用戶名後,對用戶實施監控,監控用戶使用過的命令(/home/uname/.bash_history),利用a讓用戶不能對文件進行修改
read -p "請輸入用戶名:" uname
id $uname 1>/dev/null 2>&1
while [ 1 -ne 2 ]
do
if [ $? -ne 0 ]
then
echo "您輸入的用戶不存在,請重新輸入!"
else
break
fi
done
read -p "輸入你的選擇,開始監控【y】或者取消監控【n】:" ans
if [ "$ans" = "y" ]
then
echo "開始監控...."
touch /home/$uname/.bash_history
chown $uname /home/$uname/.bash_history
chmod 600 /home/$uname/.bash_history
chattr +a /home/$uname/.bash_history
echo 'PROMPT_COMMAND="history -a ; readonly PROMPT_COMMAND"' >> /home/$uname/.bash_profile
echo ' export PROMPT_COMMAND ' >> /home/$uname/.bash_profile
chattr +a /home/$uname/.bash_profile
echo "監控實施完畢!"
else if [ "$ans" = "n" ]
then
echo "開始取消監控"
chattr -a /home/$uname/.bash_history
chattr -a /home/$uname/.bash_profile
rm -rf /home/$uname/.bash_profile
cp /etc/skel/.bash_profile /home/$uname/.bash_profile
chown $uname /home/$uname/.bash_profile
chmod 600 /home/$uname/.bash_profile
echo "取消監控成功!"
else
echo "請輸入y/n,不對用戶執行任何操作!"
exit 1
fi
fi
改良以後的版本
#!/bin/bash
while [ 1 -ne 2 ]
do
read -p "請輸入一個用戶:" uname
id $uname 1>/dev/null 2>&1
if [ $? -ne 0 ]
then
echo "該用戶不存在,請重新輸入!!!"
else
break
fi
done
path1="/home/$uname/.bash_history"
path2="/home/$uname/.bash_profile"
while [ 1 -ne 2 ]
do
read -p "請輸入你的選擇:1、監控[y] 2、取消監控[n]" answer
if [ "$answer" = "y" ]
then #假如./bash_history不存在,創建,如果存在, #創建也不會對他有影響,然後是確保他的組的權限,
#最後讓他只能追加數據,不允許其他人改動文件
echo "開始監控用戶$uname"
touch $path1
chown $uname $path1
chmod 600 $path1
chattr +a $path1
echo "PROMPT_COMMAND='history -a' ; readonly PROMPT_COMMAND" >> $path2
echo "export PROMPT_COMMAND" >> $path2
chattr +a $path2
echo "用戶$uname監控完畢!!"
break
else
if [ $answer = "n" ]
then
echo "開始取消監控!!"
chattr -a $path1
chattr -a $path2
rm -rf $path2
cp /etc/skel/.bash_profile $path2
chown $uname $path2
chmod 600 $path2
echo "取消監控成功!!"
break
else
echo "輸入不正確,請輸入y/n!!"
fi
fi