Results 1 to 10 of 10

Thread: crontab and syslog, new "feature"

  1. #1
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default crontab and syslog, new "feature"

    Hi,

    I had a crontab entry for user "news" in 11.2:

    -3,8,33,38,20,50 * * * * /var/lib/news/bin/cronfetchnews

    In 11.4 if I try to edit that line, I get:

    File /tmp/crontab.kb855D saved
    crontab: installing new crontab
    "/tmp/crontab.kb855D":5: bad option
    errors in crontab file, can't install.
    Do you want to retry the same edit?


    without saying what the error is. In the syslog I get:


    <9.6> 2011-06-03 21:31:35 Telcontar crontab 19200 - - (CRON) ERROR (Only
    privileged user can disable logging)



    So, the "dash" is illegal now. How can I make it legal again? I don't want
    that feature. Nothing in the man page I can see.


    --
    Cheers / Saludos,

    Carlos E. R.
    (from 11.4 x86_64 "Celadon" at Telcontar)

  2. #2
    Join Date
    Jun 2008
    Location
    UTC+10
    Posts
    9,686
    Blog Entries
    4

    Default Re: crontab and syslog, new "feature"

    Looking at lines 109 onwards here

    https://fedorahosted.org/cronie/browser/src/entry.c

    it seems to be a standard feature of cronie. Maybe picket the cronie development HQ? I haven't checked if the latest version is displayed there.

    Looking at the man page for the old crontab which I have here, it seems it was always a restriction, only now enforced:

    If the uid of the owner is 0 (root), he can put a "-" as first charac-
    ter of a crontab entry. This will prevent cron from writing a syslog
    message about this command getting executed.

  3. #3
    Join Date
    Jun 2008
    Location
    Auckland, NZ
    Posts
    20,279
    Blog Entries
    1

    Default Re: crontab and syslog, new "feature"

    I guess you can just add some rules in /etc/rsyslog.conf to filter out (ignore) all but warnings and errors from cron if desired.

    I dump all cron output to cron.log
    Code:
    cron.*    /var/log/cron.log
    but you may prefer to filter the different message types (error,warn, info, crit, alert etc) to different places eg
    Code:
    cron.info,notice    /dev/null

  4. #4
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: crontab and syslog, new "feature"

    On 2011-06-04 01:06, ken yap wrote:
    >
    > Looking at lines 109 onwards here
    >
    > https://fedorahosted.org/cronie/browser/src/entry.c
    >
    > it seems to be a standard feature of cronie. Maybe picket the cronie
    > development HQ? I haven't checked if the latest version is displayed
    > there.


    Rings a bell. Didn't we have some other "brand" of cron, and then we, I
    mean, oS, change to cronie?

    (reading the code...)

    Argh. It is hardcoded, no bypass unless I patch the code myself. :-/


    I'll have to move the entry to /etc/crontab, which allows assigning the
    user that runs each entry. But on each upgrade, I'll get trouble.

    --
    Cheers / Saludos,

    Carlos E. R.
    (from 11.4 x86_64 "Celadon" at Telcontar)

  5. #5
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: crontab and syslog, new "feature"

    On 2011-06-04 01:06, ken yap wrote:

    > it seems to be a standard feature of cronie. Maybe picket the cronie
    > development HQ? I haven't checked if the latest version is displayed
    > there.


    Forgot to mention. If the first char is a dash, instead of ignoring the
    dash and executing the entry, it is not run at all. Not logged, not run.
    You notice the problem when you do not find the expected results elsewhere
    of the non running cron entry.

    --
    Cheers / Saludos,

    Carlos E. R.
    (from 11.4 x86_64 "Celadon" at Telcontar)

  6. #6
    Join Date
    Jun 2008
    Location
    UTC+10
    Posts
    9,686
    Blog Entries
    4

    Default Re: crontab and syslog, new "feature"

    You can also put it in /etc/cron.d which is not touched in upgrades, but if you reinstall, you have to remember to restore it.

    But as I understand the code, it tests that the uid is 0. So if you try to run the job as another user, it blocks execution. Unless it changes uid after the check. Only reading the code can tell.

    Then again, why worry about extra entries in syslog? Logrotate will take care of them.

  7. #7
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: crontab and syslog, new "feature"

    On 2011-06-04 03:36, deano ferrari wrote:
    >
    > I guess you can just add some rules in /etc/rsyslog.conf to filter out
    > (ignore) all but warnings and errors from cron if desired.


    Yes, I could do that.

    --
    Cheers / Saludos,

    Carlos E. R.
    (from 11.4 x86_64 "Celadon" at Telcontar)

  8. #8
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: crontab and syslog, new "feature"

    On 2011-06-04 14:36, ken yap wrote:
    >
    > You can also put it in /etc/cron.d which is not touched in upgrades, but
    > if you reinstall, you have to remember to restore it.
    >
    > But as I understand the code, it tests that the uid is 0. So if you try
    > to run the job as another user, it blocks execution. Unless it changes
    > uid after the check. Only reading the code can tell.


    The syntax of /etc/crontab is different, there is a field reserved for
    specifying the user. I don't remember if /etc/cron.d is that way or not.
    [...] Right, the user is specified there.

    /etc/cron.d/smolt:

    20 1 1 * * smolt /usr/bin/smoltSendProfile -c > /dev/null 2>&1

    I'll put my entry there (on another file, of course). Thanks for the idea!


    > Then again, why worry about extra entries in syslog? Logrotate will
    > take care of them.


    It runs 6 times per hour. Extra entries there distracts me from seeing the
    strange things, those that are important.

    And I keep my logs for a long time :-)

    --
    Cheers / Saludos,

    Carlos E. R.
    (from 11.4 x86_64 "Celadon" at Telcontar)

  9. #9
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: crontab and syslog, new "feature"

    On 2011-06-04 16:38, Carlos E. R. wrote:
    > I'll put my entry there (on another file, of course). Thanks for the idea!


    It works. The dash is accepted, the log keeps clear, and it runs as a plain
    user. :-)

    --
    Cheers / Saludos,

    Carlos E. R.
    (from 11.4 x86_64 "Celadon" at Telcontar)

  10. #10
    Join Date
    Jun 2008
    Location
    UTC+10
    Posts
    9,686
    Blog Entries
    4

    Default Re: crontab and syslog, new "feature"

    Well done.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •