Project

General

Profile

Feature #11029

Enable command history in the shell

Added by Jim Pingle 5 months ago. Updated 4 months ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Operating System
Target version:
Start date:
11/03/2020
Due date:
% Done:

0%

Estimated time:
Release Notes:
Default

Description

Historically we disabled shell command history tracking primarily because embedded/NanoBSD had a read-only filesystem. Those platforms have been deprecated for some time now, so that roadblock is no longer in the way and we could enable command history which would be very convenient for admins who spend any significant amount of time in the shell.

There is a potential security concern if someone types a command with sensitive parameters (e.g. password, API key, etc) and that gets logged in the history file, so there are a couple choices:

1. Make history opt-in, touch a file like ~/.keephistory to enable it (more secure, but less convenient for users)
2. Make history opt-out for those who are concerned

Either way we can also document a method to clear it (history -c; history -S)

Associated revisions

Revision ce9d7ba1 (diff)
Added by Jim Pingle 5 months ago

Allow shell users to enable history. Implements #11029

History

#1 Updated by Jim Pingle 5 months ago

  • Status changed from In Progress to Feedback
  • % Done changed from 0 to 100

#2 Updated by Jim Pingle 5 months ago

  • % Done changed from 100 to 0

Went with option 1. Off by default, touch ~/.keephistory to enable. At login, the shell will print a message with instructions to clear the history if needed.

#3 Updated by Viktor Gurov 4 months ago

  • Status changed from Feedback to Resolved

works as expected on 2.5.0.a.20201130.0650 -

$ touch .keephistory

then I can login and see:
ssh  sshuser1@192.168.3.4
Password for sshuser1@pf34.lab.int:
Command history storage is enabled. Clear history with: history -c; history -S.

on next login I can check history in '~/.history' or with command 'history'

Also available in: Atom PDF