I see what you're trying to do but be aware that whole process is flawed here. 1. You're relying on a file with 666 permissions. This way anyone can manipulate this file's contents in any way they s...
See more...
I see what you're trying to do but be aware that whole process is flawed here. 1. You're relying on a file with 666 permissions. This way anyone can manipulate this file's contents in any way they see fit. They can remove contents, counting on race condition so that UF won't pick it up, they can inject any contents. And you're not able to tell whether it's legitimate or not. 2. The $PROMPT_COMMAND is only run at prompt time. Which means that when there is no prompt, the command is not run. And there is a lot of situations like that. 3. You're relying on bash being spawned as a shell and being the only shell for a user. That is not true. It's trivial to spawn any other shell or any other process in a non-tracked way. 4. You're also relying that startup scripts are run for a bash session. That also doesn't have to be true. (see your "su" case). So if it's your way of providing accountability... that's not gonna work very well. For that you're gonna need other tools. For example very limited sudo configuration. (with sudo you have logging included). Or a whole user session monitoring tool but that's completely out of scope here. If it's just so that you have some form of tracking what people are doing for future reference and to avoid situaitions like "how did we do that???", that might be a way to do so. In fact I'm doing a similar thing on my computers but I use logger in my $PROMPT_COMMAND so that it gets pushed to system-wide syslog. Yes, it also has some of the aforementioned issues but the log is a bit less easy to manipulate after it's been written to. As a side remark - you have several mistakes in your script. For example, your grep -q will find _any_ PROMPT_COMMAND and even if it's commented out or being just part of an echoed string. Possible issues with the file monitoring (