http://www.itworld.com/operating-systems/361218/unix-rewriting-history
The history feature in Unix shells can save you a lot of time when typing long, fairly repetitious commands, but don't count on it to accurately represent history.
June 16, 2013, 3:35 PM —
The bash history feature is a commonly used feature that can save you a
lot of time when repeating commands or issuing commands nearly
identical to those you've entered previously. Still, some of the
capabilities the history feature may not be obvious to the casual user.
Let's look a little more deeply into how history works and how you
might be able to get even more out of it.
First, a rehash of how history works. History uses both a command buffer and a history file to track commands that you enter during your login session. If you type pwd, cal, date, who and ls after logging in, all five commands will be stored in your history buffer. When you log off, those commands will also be added to your history file. If you enter a subshell by typing /bin/bash and then enter commands, those command will be added to your history file before the commands you entered prior to starting the second shell. They'll be added when you exit the second shell and other commands (such as starting the subshell) will be added when you log out.
The important variables for working with command history are:
To turn off history, you can change the history setting from on to off with this command:
If you issue the history command after you turn history off, you will still see commands that you entered prior to turning history off, but new commands will not be added -- except for the set +o history command iself. That will go into your history file. So, if you're thinking of
manipulating history settings as a way of covering your tracks, keep in mind that you won't be covering the fact that you're covering them -- at least not without some additional steps.
If you really want to cover your tracks, you can turn off history by adding the set +o history command to your .bash_profile file and then clean up your .bash_history file on your next login. But keep in mind this is only cleaning up your history file. This isn't necessarily hiding your activity as other tools may be tracking system activity.
You can send command history to a different file by changing the setting of the HISTFILE variable to something else though, as with most other settings, the change won't survive a logout unless you add the command to one of your "dot files" (such as ~/.bash_profile).
You can edit a previously entered command by backing up to it with a series of up arrow presses. Then you can use the left arrow to move left through the command text, backspace and replace the part of the command that needs to be different. You can also, however, make use of some command line shortcuts that might make even this process faster and easier.
If you set HISTFILE to a different file, you will still see the commands you've just typed when you type "history" or press up arrow key, but your commands will go to that other file when you log off.
First, a rehash of how history works. History uses both a command buffer and a history file to track commands that you enter during your login session. If you type pwd, cal, date, who and ls after logging in, all five commands will be stored in your history buffer. When you log off, those commands will also be added to your history file. If you enter a subshell by typing /bin/bash and then enter commands, those command will be added to your history file before the commands you entered prior to starting the second shell. They'll be added when you exit the second shell and other commands (such as starting the subshell) will be added when you log out.
The important variables for working with command history are:
- the name of the history file, identified by the HISTFILE variable
- the size of the history, identified by the HISTSIZE variable -- the number of commands that will be stored before the old ones start falling off the end
- the bash history setting that allows you to turn history on and off (on by default)
$ set +o historyFor bash options, the set -o turns an option on and set +o turns it off. This just something you have to get used to. So, use set +o history to turn it off and then set -o history to turn it back on.
If you issue the history command after you turn history off, you will still see commands that you entered prior to turning history off, but new commands will not be added -- except for the set +o history command iself. That will go into your history file. So, if you're thinking of
manipulating history settings as a way of covering your tracks, keep in mind that you won't be covering the fact that you're covering them -- at least not without some additional steps.
If you really want to cover your tracks, you can turn off history by adding the set +o history command to your .bash_profile file and then clean up your .bash_history file on your next login. But keep in mind this is only cleaning up your history file. This isn't necessarily hiding your activity as other tools may be tracking system activity.
You can send command history to a different file by changing the setting of the HISTFILE variable to something else though, as with most other settings, the change won't survive a logout unless you add the command to one of your "dot files" (such as ~/.bash_profile).
Unix: Rewriting history
Bash provides many ways to modify previously entered commands so that you can reuse most of a command while re-specifying a particular part. For example, if I'm processing files on one system and then copying each as it's ready to another system for storage, I might use a command like this:$ scp 2013-06-16-results datastore@remhost:/2013/June/perfdataIf five minutes later, I want to copy the next file, it's a lot easier to bring back this command from my history buffer, turn the 16 to a 17 and reissue it than retype nearly the same command from scratch. History saves me from making a lot of dumb typing mistakes.
You can edit a previously entered command by backing up to it with a series of up arrow presses. Then you can use the left arrow to move left through the command text, backspace and replace the part of the command that needs to be different. You can also, however, make use of some command line shortcuts that might make even this process faster and easier.
^a = Return to the start of the command you’re typing ^e = Go to the end of the command you’re typing ^u = Cut everything before the cursor to a special clipboard ^k = Cut everything after the cursor to a special clipboard ^y = Paste from the special clipboard that ^u and ^k save their data to ^t = Swap the character under the cursor with the one to its left ^w = Delete the word / argument left of the cursor ^l = Clear the screen
Erasing history
If you issue an unset HISTFILE command, the commands you type will not be added to your history file (~/.bash_history or ~/.history) or to any file, but commands you enter will still go into your history buffer. If you put this command in your .bash_profile file, you will only see commands entered in your current login session any time you type history.If you set HISTFILE to a different file, you will still see the commands you've just typed when you type "history" or press up arrow key, but your commands will go to that other file when you log off.
No comments:
Post a Comment