You can use two methods to disable saving shell history in bash.
Method 1:
- Add the following line at the end of /etc/profile or make a new file in /etc/profile.d/ with .sh extension.
unset HISTFILE
- With the above option, the user’s bash shell will not save history unless manually configures the HISTFILE variable.
Method 2:
- Add the following line in either /etc/profile or make a new file under /etc/profile.d/ with the .sh extension to implement the second method.
set +o history
- Users will still be able to auto-save shell history by manually setting the HISTFILE variable.
- It is possible to make it difficult for users to get their bash processes to autosave command in shell history. Follow these steps:
- Set unset HISTFILE or setting set -o history as described in the above steps. Take ownership of the ~/.bashrc and ~/.bash_profile files in all user’s $HOME directories.
chown root:root ~albert/.bashrc ~albert/.bash_profile
- Make the files immutable in all users $HOME directories as follows:
chattr +i ~albert/.bashrc ~albert/.bash_profile
