Fix bash history cleaning in trace eraser script
The trace eraser was failing with "no previous regular expression" sed errors and wasn't effectively cleaning bash history. Problems fixed: • Broken sed pattern matching (caused errors, unreliable) • Pattern-based deletion doesn't catch all toolkit usage • In-memory history wasn't being cleared New approach: • Simply removes last 50 entries from bash history files • More reliable than pattern matching (catches downloads, usage, everything) • Clears in-memory history with history -c && history -w • Creates .bak backup before cleaning • Handles both root and user histories • Changed system log cleaning from sed to grep -v (more reliable) • Added symlink check for log files This ensures the last 50 commands (covering toolkit download, installation, and usage) are completely removed from bash history. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
cschantz
@@ -55,18 +55,22 @@ if [ -f ~/.bash_history ]; then
|
|||||||
echo "→ Cleaning root bash history..."
|
echo "→ Cleaning root bash history..."
|
||||||
cp ~/.bash_history ~/.bash_history.bak
|
cp ~/.bash_history ~/.bash_history.bak
|
||||||
|
|
||||||
for pattern in "${PATTERNS[@]}"; do
|
# Remove last 50 lines from history file (covers toolkit download/usage)
|
||||||
sed -i "/$pattern/d" ~/.bash_history
|
total_lines=$(wc -l < ~/.bash_history)
|
||||||
done
|
if [ "$total_lines" -gt 50 ]; then
|
||||||
|
lines_to_keep=$((total_lines - 50))
|
||||||
|
head -n "$lines_to_keep" ~/.bash_history > ~/.bash_history.tmp
|
||||||
|
mv ~/.bash_history.tmp ~/.bash_history
|
||||||
|
echo " ✓ Root history cleaned (removed last 50 entries)"
|
||||||
|
else
|
||||||
|
# If less than 50 lines, clear entire history
|
||||||
|
> ~/.bash_history
|
||||||
|
echo " ✓ Root history cleared (file had < 50 entries)"
|
||||||
|
fi
|
||||||
|
|
||||||
# Also clean in-memory history
|
# Clear in-memory history as well
|
||||||
for pattern in "${PATTERNS[@]}"; do
|
history -c
|
||||||
history | grep -i "$pattern" | awk '{print $1}' | while read -r num; do
|
history -w
|
||||||
history -d "$num" 2>/dev/null
|
|
||||||
done
|
|
||||||
done
|
|
||||||
|
|
||||||
echo " ✓ Root history cleaned"
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Clean bash history for all users
|
# Clean bash history for all users
|
||||||
@@ -76,25 +80,34 @@ for user_home in /home/*; do
|
|||||||
username=$(basename "$user_home")
|
username=$(basename "$user_home")
|
||||||
echo " → Cleaning history for $username..."
|
echo " → Cleaning history for $username..."
|
||||||
|
|
||||||
for pattern in "${PATTERNS[@]}"; do
|
# Remove last 50 lines from user history
|
||||||
sed -i "/$pattern/d" "$user_home/.bash_history"
|
total_lines=$(wc -l < "$user_home/.bash_history")
|
||||||
done
|
if [ "$total_lines" -gt 50 ]; then
|
||||||
|
lines_to_keep=$((total_lines - 50))
|
||||||
echo " ✓ Cleaned"
|
head -n "$lines_to_keep" "$user_home/.bash_history" > "$user_home/.bash_history.tmp"
|
||||||
|
mv "$user_home/.bash_history.tmp" "$user_home/.bash_history"
|
||||||
|
chown "$username:$username" "$user_home/.bash_history" 2>/dev/null
|
||||||
|
echo " ✓ Cleaned (removed last 50 entries)"
|
||||||
|
else
|
||||||
|
> "$user_home/.bash_history"
|
||||||
|
chown "$username:$username" "$user_home/.bash_history" 2>/dev/null
|
||||||
|
echo " ✓ Cleared (file had < 50 entries)"
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
|
|
||||||
# Clean system logs
|
# Clean system logs (pattern-based for logs, not history)
|
||||||
echo "→ Cleaning system logs..."
|
echo "→ Cleaning system logs..."
|
||||||
if [ -f /var/log/messages ]; then
|
if [ -f /var/log/messages ]; then
|
||||||
for pattern in "${PATTERNS[@]}"; do
|
for pattern in "${PATTERNS[@]}"; do
|
||||||
sed -i "/$pattern/d" /var/log/messages 2>/dev/null
|
# Use grep -v instead of sed to avoid regex issues
|
||||||
|
grep -v "$pattern" /var/log/messages > /var/log/messages.tmp 2>/dev/null && mv /var/log/messages.tmp /var/log/messages || true
|
||||||
done
|
done
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ -f /var/log/secure ]; then
|
if [ -f /var/log/secure ]; then
|
||||||
for pattern in "${PATTERNS[@]}"; do
|
for pattern in "${PATTERNS[@]}"; do
|
||||||
sed -i "/$pattern/d" /var/log/secure 2>/dev/null
|
grep -v "$pattern" /var/log/secure > /var/log/secure.tmp 2>/dev/null && mv /var/log/secure.tmp /var/log/secure || true
|
||||||
done
|
done
|
||||||
fi
|
fi
|
||||||
|
|
||||||
@@ -103,9 +116,9 @@ echo " ✓ System logs cleaned"
|
|||||||
# Clean auth logs
|
# Clean auth logs
|
||||||
echo "→ Cleaning auth logs..."
|
echo "→ Cleaning auth logs..."
|
||||||
for log in /var/log/auth.log* /var/log/secure*; do
|
for log in /var/log/auth.log* /var/log/secure*; do
|
||||||
if [ -f "$log" ]; then
|
if [ -f "$log" ] && [ ! -L "$log" ]; then
|
||||||
for pattern in "${PATTERNS[@]}"; do
|
for pattern in "${PATTERNS[@]}"; do
|
||||||
sed -i "/$pattern/d" "$log" 2>/dev/null
|
grep -v "$pattern" "$log" > "${log}.tmp" 2>/dev/null && mv "${log}.tmp" "$log" || true
|
||||||
done
|
done
|
||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
|
|||||||
Reference in New Issue
Block a user