[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] [cobalt-user][Qube 2] Crontab Sample File! run-parts won't run as root.

I'm responding to my own post because I found the answer in a freebsd forum.
This kind of explanation is nowhere in the cobalt forum.
Problem was I had created an admin crontab file that was exactly like the
system crontab file.
However the user(in my case "admin") crontab file cannot specify a user to
run the command as.
My solution: remove the admin crontab file, it never should have been
created in the first place.
I Live and Learn!


----Discussion from FreeBSD forum
Mike McGrath wrote:
> Hi -
>
>
> Right now I have a problem with my crontab.
>
> Here is the crontab file.
>
> silver-fox# crontab -l
> # /etc/crontab - root's crontab for FreeBSD
> #
> # $FreeBSD: src/etc/crontab,v 1.21.2.3 2000/12/08 10:56:07 obrien Exp $
> #
> SHELL=/bin/sh
> PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin
> HOME=/var/log
> #
> #minute hour    mday    month   wday    who     command
> #
> */5     *       *       *       *       root    /usr/libexec/atrun
> #
> # rotate log files every hour, if necessary
> 0       *       *       *       *       root    newsyslog
> #
> # do daily/weekly/monthly maintenance
> 1       3       *       *       *       root    periodic daily
> 15      4       *       *       6       root    periodic weekly
> 30      5       1       *       *       root    periodic monthly
> #
> # time zone change adjustment for wall cmos clock,
> # does nothing, if you have UTC cmos clock.
> # See adjkerntz(8) for details.
> 1,31    0-5     *       *       *       root    adjkerntz -a
>
>
> I keep getting these emails
>
> Message 5:
>>From root at silver-fox.us Tue Jun 17 00:20:00 2003
> Date: Tue, 17 Jun 2003 00:20:00 -0500 (CDT)
> From: root at silver-fox.us (Cron Daemon)
> To: root at silver-fox.us
> Subject: Cron <root at silver-fox> root    /usr/libexec/atrun
> X-Cron-Env: <SHELL=/bin/sh>
> X-Cron-Env: <PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin>
> X-Cron-Env: <HOME=/root>
> X-Cron-Env: <LOGNAME=root>
> X-Cron-Env: <USER=root>
>
> root: not found
>
> And the log file /var/log/crontab
>
> Jun 17 00:20:00 silver-fox /usr/sbin/cron[246]: (root) CMD
> (/usr/libexec/atrun)
> Jun 17 00:20:00 silver-fox /usr/sbin/cron[247]: (root) CMD
> (root^I/usr/libexec/atrun)
> Jun 17 00:20:23 silver-fox crontab[253]: (root) LIST (root)
>
> So I see that ^I and root and what I am assuming is the CMD, which it
really
> should not be. If I am right the cron is trying to run /usr/libexec/atrun
as
> user root and not part of the command. I just don't get it. I have tried
to
> edit the crontab with crontab -e and even copied a new file over from
> /usr/src/etc/crontab and then did crontab crontab to get updated. I'm
lost.

It looks like you've copied the system crontab to roots crontab.  It
appears as though the system is trying to run the command
"root /usr/libexec/atrun", which doesn't exist, while at the same time
the system crontab is running normally (thus the messages in your
crontab log).
The system crontab has the "user" field in it, so it can run commands
as any user.
Each user's crontab is missing that field (even root's) because it
would be a security breach to allow users to change the user that
their cronjobs ran under.
To edit the system crontab, use your favorite editor to edit /etc/crontab.
This file should have 7 fields.  The 6th is the user to run the command
as.
To edit root's crontab, log in as root and enter 'crontab -e'.  This
crontab should only have 6 fields and all commands always run as root.
root's crontab is treated just like any other user's.
For more information, see the various man pages on crontabs.

-----Original Message-----
From: cobalt-users-admin@xxxxxxxxxxxxxxx
[mailto:cobalt-users-admin@xxxxxxxxxxxxxxx]On Behalf Of Enoch Norton
Sent: Thursday, October 30, 2003 10:53 AM
To: cobalt-users@xxxxxxxxxxxxxxx
Subject: [cobalt-users] [cobalt-user][Qube 2] Crontab Sample File!
run-parts won't run as root.


Anyone, please post an working example of your crontab owned by admin.
What need to see is how to get the admin's cron jobs to run with root
permission.

#
# Additional Details
#
I have messed up the /var/spool/cron/admin file on my Qube 2
and don't have a backup to restore. opps.
First I got the error
/bin/bash: root: command not found
for every cron job that ran. At that time the crontab file looked like this

# Begin Admin's crontab file
#

SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root

# Run any at jobs every minute
* * * * * root [ -x /usr/sbin/atrun ] && /usr/sbin/atrun

# run-parts
03,18,33,48 * * * * root run-parts /etc/cron.quarter-hourly
04,34 * * * * root run-parts /etc/cron.half-hourly
01 * * * * root run-parts /etc/cron.hourly
05 0,6,12,18 * * * root run-parts /etc/cron.quarter-daily
02 1 * * * root run-parts /etc/cron.daily
02 2 * * 0 root run-parts /etc/cron.weekly
02 3 1 * * root run-parts /etc/cron.monthly

# Remove /tmp, /var/tmp files not accessed in 10 days (240 hours)
41 02 * * * root /usr/sbin/tmpwatch 24 /tmp /home/tmp /var/tmp
/var/cobalt/tmp

# Remove formatted man pages not accessed in 10 days
39 02 * * * root /usr/sbin/tmpwatch 240 /var/catman/cat?

# Monitor services to make sure everything is still okay.
0,15,30,45 * * * * root /usr/local/sbin/monitor

#
# End Admin's Crontab File

I read in the archives that someone else removed the "root" in front of the
run-parts
command. I tried that and now I get the following error.
Error:
Cannot write process cache: Permission denied at /usr/local/sbin/monitor
line 122, <PS> chunk 1.

So the process needs root permissions to run correctly. HOW dow I get
runparts to run with root permission


_____________________________________
cobalt-users mailing list
cobalt-users@xxxxxxxxxxxxxxx
To subscribe/unsubscribe, or to SEARCH THE ARCHIVES, go to:
http://list.cobalt.com/mailman/listinfo/cobalt-users