Article directory
Fundamental
-
The history of Linux commands will be persistently stored, and the default location is the
.bash_history
file . -
When a Linux system starts a Shell, the Shell will
.bash_history
read the history from the file and store it in the corresponding memory buffer. -
The Linux commands we usually operate are recorded in the buffer. The history command management, including the history command, operates on the buffer, rather than directly on the
.bash_history
file. -
When we exit the Shell, such as pressing Ctrl+D, the Shell process will write the contents of the history buffer back to the
.bash_history
file.
[So now you should know what to do to permanently delete the record? 】
Use details
Clear the basic principles of history, let's learn how to use it in detail.
Basic usage
View Records & View Specified Lines
- Enter the history command directly, and you can see that all the recently operated commands are displayed
root@ccx ~]# history
1 bash
2 ls
3 vim .bash_history
4 cat .bash_history
5 history
6 bash
- Sometimes I don't need to display all the historical commands, only the last 10 historical records, you can add the number N after the command
root@ccx ~]# history 10
Active save buffer
Normally, the buffer contents are only saved to a file when the shell exits normally. If you want to actively save the history of the buffer, execute the -w option
root@ccx ~]# history -w
delete buffer
Of course, if you perform some sensitive command operations, you can execute -c to delete the buffer content directly
root@ccx ~]# history -c
execute a command repeatedly
-
If you want to execute some commands repeatedly, you can use
!
to quickly execute the repeated commands. -
For example, to repeatedly execute the 1024th historical command, you can execute the following command
root@ccx ~]# !1024
#1024 这个编号的命令内容是可以通过 history 查看哦
- Repeat the previous command
root@ccx ~]# !!
- Repeatedly execute the last 6th history command, which can be represented by a negative number, -6 means the 6th last record
root@ccx ~]# !-6
search history command
- Sometimes, you need to repeatedly execute the last command at the beginning of a certain string. You can also use ! to operate, and then press Enter to execute it. For
example, you just executed a long command, and only recorded that the command starts with curl, then you can pass !curl executes the command quickly
# 假设我最后一次执行的是 curl 1.1.1.1
root@ccx ~]# !curl
# 上面命令呢就是会执行curl 1.1.1.1
- This usage is very efficient, but there is an insecurity factor, because it is possible to execute a command that is not what you want to execute, which is a bad thing. Can be
:p
executed safely via .
root@ccx ~]# !curl:p
curl 1.1.1.1
#加上 :p 后,只是打印出了搜索到的命令,如果要执行,请按 ↑ 键,然后回车即可。
- If you only know that a command contains x information and does not start with x, you can also use ? to execute a command containing a string
root@ccx ~]# ?x
- In fact, more people like to use grep to search
histoart | grep x
, get all the historical command content containing x and the previous serial number, and then use it!序号
to quickly execute the command.
Interactive search history command
- Searching for historical commands in Linux can also be done interactively, which is efficient and direct.
Ctrl+R
After entering on the command line , enter the interactive interface, and type the keyword to be searched. If multiple commands are matched, you can type multiple timesCtrl+R
to switch to the previous matching command.
(reverse-i-search)`sina': echo sina
It can be seen that after I input sina, it will automatically match the latest command that matches sina, and then press Enter to execute the command.
show timestamp
- Sometimes it is necessary to audit the Linux system, which is very useful to add a timestamp to the history and display.
root@ccx ~]# export HISTTIMEFORMAT='%F %T '
root@ccx ~]# history 3
46 2022-01-11 18:21:33 curl baidu.com
47 2022-01-11 18:21:35 pwd
48 2022-01-11 18:21:39 history 3
- As you can see, the history has shown the timestamp. In fact, these are not enough for auditing needs, you can add more detailed information:
root@ccx ~]# export HISTTIMEFORMAT="%F %T `who -u am i 2>/dev/null| awk '{print root@ccx ~]#NF}'|sed \-e 's/[()]//g'` `whoami` "
6 2022-01-11 18:22:48 113.200.44.237 root ls
7 2022-01-11 18:22:59 113.200.44.237 root pwd
8 2022-01-11 16:08:14 113.200.44.237 root history
Control the total number of history records
- By default, Linux systems store up to 1000 history records, which can be viewed through the HISTSIZE environment variable
root@ccx ~]# echo root@ccx ~]#HISTSIZE
1000
- For scenarios that need to be audited, 1000 historical records may be too few, we can modify it to an appropriate value
root@ccx ~]# export HISTSIZE=10000
-
Note that the HISTSIZE variable can only control the number of historical records in the buffer. If you need to control the maximum number of records stored in the
.bash_history
file , you can control it through HISTFILESIZE -
The above command line modification only takes effect in the current shell environment. If it needs to take effect permanently, it needs to be written into the configuration file
root@ccx ~]# echo "export HISTSIZE=10000" >> ~/.bash_profile
root@ccx ~]# echo "export HISTFILESIZE=200000" >> ~/.bash_profile
root@ccx ~]# source ~/.bash_profile
Change history file name
- Sometimes it is necessary to change the path and name of the history file for ease of management and backup. Simple, also change its file name through the environment variable HISTFILE
root@ccx ~]# echo "export HISTFILE=/data/backup/chopin.bash_history" >> ~/.bash_profile
root@ccx ~]# souce ~/.bash_profile
Disable history
- In some kind of special environment, we need to disable history
root@ccx ~]# echo "export HISTSIZE=0" >> ~/.bash_profile
root@ccx ~]# echo "export HISTFILESIZE=0" >> ~/.bash_profile
root@ccx ~]# source ~/.bash_profile
Haha, directly set the value of the above two variables to 0, the function of disabling history is realized.
A hacker must-know
-
Finally, share a little-known trick that hackers must know.
-
Add an extra space before the command, such a command will not be recorded in the history, doesn't it feel cool?
-
If this trick does not work on your system, please check whether the environment variable
HISTCONTROL
is includedignorespace
. It seems that the centos system does not set this value by default.
Summarize
-
In the Linux system, the history command can be very convenient to help us manage historical commands. Usually, our commands will be recorded in the cache area first, and will be recorded in the file when the Shell exits.
-
The history command provides a very convenient management function. Reasonable configuration and management of history records can make your Linux system more robust and secure.
history
Common methods of commandshistory n
: Show only the most recent n history recordshistory -c
: Clear the history in the cachehistory -w
: save the history of the buffer to a filehistory -d N
: delete the Nth history record
-
Several methods of repeatedly executing commands:
!!
,!-1
,!N
,!string
and other interactive historical command search, please useCtrl+R
shortcut keys to properly use several related environment variables to make your Linux system more secure:HISTSIZE
: Controls the maximum number of buffer history recordsHISTFILESIZE
: Controls the maximum number of records in the history fileHISTIGNORE
: Set which commands are not recorded to the historyHISTTIMEFORMAT
: Set the time format displayed by the history commandHISTCONTROL
: Extended control options
-
If in a production environment, these environment variables need to be persisted to the configuration file
~/.bash_profile
export HISTCONTROL=ignoreboth
# ignorespace: 忽略空格开头的命令
# ignoredups: 忽略连续重复命令
# ignoreboth: 表示上述两个参数都设置
# 设置追加而不是覆盖
shopt -s histappend
export HISTSIZE=1000
export HISTFILESIZE=200000
export HISTTIMEFORMAT="%F %T "
export HISTIGNORE="ls:history"
finally
I’m going to go on vacation on the 15th. There are a lot of things going back this year, and I will definitely not be able to study. Therefore, the study and notes in 2021 will come to an end, so the number of notes this month is small. Continue to work hard in 2022, come on !