0

When I run command bellow in bash shell :

if [[ $(readonly | cut -d= -f1 | grep -qo HISTFILE && echo $?) == 0 ]]; then sudo grep -iwo "readonly HISTFILE" /etc/profile /etc/profile.d/*; else echo "HISTFILE not set or not set properly"; fi

The command above return the result with what I want, that is :

/etc/profile.d/os-security.sh:readonly HISTFILE

But when I put the command above in shell script, the result change, that is :

HISTFILE not set or not set properly

Here the full shell :

[ansible@rhel8-hardening-test ~]$ if [[ $(readonly | cut -d= -f1 | grep -qo HISTFILE && echo $?) == 0 ]]; then sudo grep -iwo "readonly HISTFILE" /etc/profile /etc/profile.d/*; else echo "HISTFILE not set or not set properly"; fi /etc/profile.d/os-security.sh:readonly HISTFILE [ansible@rhel8-hardening-test ~]$ [ansible@rhel8-hardening-test ~]$ [ansible@rhel8-hardening-test ~]$ [ansible@rhel8-hardening-test ~]$ cat test.sh #!/bin/bash if [[ $(readonly | cut -d= -f1 | grep -qo HISTFILE && echo $?) == 0 ]]; then sudo grep -iwo "readonly HISTFILE" /etc/profile /etc/profile.d/*; else echo "HISTFILE not set or not set properly"; fi [ansible@rhel8-hardening-test ~]$ [ansible@rhel8-hardening-test ~]$ [ansible@rhel8-hardening-test ~]$ [ansible@rhel8-hardening-test ~]$ bash test.sh HISTFILE not set or not set properly [ansible@rhel8-hardening-test ~]$

How can I get the same result like current shell do while using shell script with command above ??

Improve this question
3
  • Remember elements /commands /contents from a bash script normally also don’t get added to your history at all because who would want that. So HIST* variables are normally simply not set at all in scripts - IIRC that is because bash loads different profile and rc files depending on the invocation. A login or interactive shell usually loads more profile than #!/bin/bash in a script needs and the HIST* variable may simply not be set. But check the bash manual invocation section and which files get loaded when by bash. Commented Jul 25, 2024 at 4:35
  • Also - calling sudo like you’re doing from profile.d assumes that every single one of your users is allowed unrestricted NOPASS root rights. When they don’t they’ll be prompted by sudo to enter their password and possibly get an error every time they log on. Commented Jul 25, 2024 at 4:42
  • gnu.org/software/bash/manual/html_node/Interactive-Shells.html and gnu.org/software/bash/manual/html_node/Bash-Startup-Files.html Commented Jul 25, 2024 at 5:03

1 Answer 1

Reset to default
0

By default bash will only read certain startup files like profile files when the shell is interactive.

Bash in a shell script is by default non-interactive and won’t read profile files. Therefore your tests fail when running in a script.

You can force bash in a script to behave like an interactive shell with the #!bin/bash —-login option.

https://www.gnu.org/software/bash/manual/html_node/Bash-Startup-Files.html

Improve this answer
1
  • Thank you for your information, this is what I want to achieve. Commented Jul 25, 2024 at 8:14

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.