As a sys admin I am trying to simulate a user on a virtual machine for testing log file monitoring.
The simulated user will be automated to perform various tasks that should show up in bash history, "ls", "cd", "touch" etc. It is important that they show up in bash history because the bash history is logged.
I have thought about writing directly to the bash history but would prefer to more accurately simulate a users behavior. The reason being that the bash history is not the only log file being watched and it would be better if logs for the same event remained synchronized.
I am working on CentOS Linux release 7.3.1611
Python 2.7.5 is installed
I have already tried to use pexpect.run('ls') or pexpect.spawn('ls'), 'ls' does not show up in the bash history with either command.
Bash logging only applies to interactive shells. This will open an interactive session with Bash and run
ls in it, although it may fail if
.bashrc is customized to change
child = pexpect.spawn('bash') child.expect(r'\$') child.sendline('ls') child.expect(r'\$') child.close()
That being said, Bash history is easily bypassed. It is only written at the end of an interactive session and can be changed during the session, so
$ rm very_important_file $ history -c
$ kill -9 $$
would not appear in
.bash_history. This is possible even in restricted Bash.
If you need something more reliable, I would suggest setting up system auditing.