1.創建存儲記錄的日誌文件並對其權限進行設置。
mkdir -p /var/log/usermonitor
echo usermonitor > /var/log/usermonitor/usermonitor.log
chown nobody:nobody /var/log/usermonitor/usermonitor.log
chmod 002 /var/log/usermonitor/usermonitor.log
chattr +a /var/log/usermonitor/usermonitor.log
2.編輯/etc/profile文件,將以下內容加入最末行
export HISTORY_FILE=/var/log/usermonitor/usermonitor.log
export PROMPT_COMMAND='{ date "+%y-%m-%d %T ##### $(who am i |awk "{print \$1\" \"\$2\" \"\$5}") #### $(whoami) #### $(history 1 | { read x cmd; echo "$cmd"; })"; } >>$HISTORY_FILE'
保存 :wq
source /etc/profile
3.查看記錄:
用戶操作記錄均被記錄在列