shell command history capturing

smckay at smckay at
Fri Mar 10 12:52:45 EST 2000


Once the /bin/bash shell starts (or whatever shell), it is logged in the
users .bash_history file, but by bash, not sudo. I have disabled /bin/bash
for this purpose. In my sudoers file I added:

User_Alias     USERS=bob, sue

Cmnd_Alias      SU=/bin/su, /usr/local/sbin/visudo,/bin/bash

USERS          ALL=ALL, !SU

This deters the use of sudo unless necessary because the users have to type
sudo <command> for anything they want to do, and it is logged.  But, it
still allows them to run everything else on the system, so no access is
lost.  If there are a certain subset of commands that they use sudo for,
alias them by adding the following to the /etc/profile:

alias vi='/usr/local/bin/sudo /bin/vi'

Hope this helps.

Steve McKay

"David Yates" <David.Yates at> on 03/10/2000 10:42:14 AM

To:   sudo-users at
cc:   "David Yates" <David.Yates at>
Subject:  shell command history capturing

Anyone know how to capture all commands
which are issued from a shell which has
been initially spawed by 'sudo su - USER' ?

Once the shell spawns as USER, we'd like
to capture all commands which are executed
and save to a logfile.

Any way to handle this using sudo?



More information about the sudo-users mailing list