cron and passwords

I have set up some simple scripts to execute routine operations, such as backing up and checking for viruses. I would like to set up a cron to do this kind of stuff. However, these particular activities require root to do them. I am the only user of this system and can of course become root. Now, I just start with su and execute the shell script. But how can I become superuser - it seems, su or sudo are always interactive - if the script is executed by a cron and I may not even be present at that time?.

Thank you,
pe1800

You would have cron run the script as root. That way, you would not need to be there.

On 2013-05-16, pe1800 <pe1800@no-mx.forums.opensuse.org> wrote:
>
> I have set up some simple scripts to execute routine operations, such as
> backing up and checking for viruses. I would like to set up a cron to do
> this kind of stuff. However, these particular activities require root to
> do them. I am the only user of this system and can of course become
> root. Now, I just start with su and execute the shell script. But how
> can I become superuser - it seems, su or sudo are always interactive -
> if the script is executed by a cron and I may not even be present at
> that time?.

sh-4.2$ su -
sh-4.2$ crontab -e
sh-4.2$ exit

On 05/16/2013 07:16 PM, pe1800 wrote:
>
> if the script is executed by a cron and I may not even be present at
> that time?.*

as far as i know everything executed by cron is as root…

–
dd
http://tinyurl.com/DD-Caveat

Those are system management tasks. And as such they belong in the crontab of root, or in one of the system crontabs etc/crontab /etc/cron, /etc/monthly, /etc/cron.weekly, /etc/cron.daily or /etc/cron.hourly.

The fact that you say you are the only user on the system is of no importance. To begin with it is not true.

wc -l /ettc/passwd

will at least show a number of twenty.

And then, you choose for using a multi-user system. That means that you have to live with the positive things that come with it, but also with the things you might denote as negative. You must allways be aware that you have two roles on the system. That of end-user and that of system manager. When you are the only end-user, that will keep communication lines with th system manager short, but never mix those two roles.

And of course you can not feed the root password into such a program from a script. That would mean that the root password is in clear in that script. A major security issue.

Of course not. Every user has his own crontab and it will run his scripts/programs with his uid/guid.

No, it is not. It is run as whoever created crontab or user can be explicitly given in system crontab.

On 05/16/2013 07:46 PM, arvidjaar wrote:
>
> DenverD;2557349 Wrote:
>>
>> as far as i know everything executed by cron is as root…
>>
>
> No, it is not. It is run as whoever created crontab or user can be
> explicitly given in system crontab.

well then, i guess i never needed to try to figure out how to run one
as a user…i just always dropped them into /etc/cron*

so, should i have a cron in my home?

denverd@linux-os114:~> locate cron | grep home
denverd@linux-os114:~>

–
dd

No, you do

crontab -e

And

man crontab

is your friend.

> man crontab

hmmmmmm…after looking at that i have decided i have probably never
originated a cron job, instead just edited some existing system ones
(like logrotate) as i needed…(with mc)…and, of course all of
those are in /etc and owned and executed by root…

i can’t off-hand think of a good use for user cron … hmmmm.

–
dd

On 2013-05-16 21:41, dd wrote:
>
>> man crontab
>
> hmmmmmm…after looking at that i have decided i have probably never
> originated a cron job, instead just edited some existing system ones
> (like logrotate) as i needed…(with mc)…and, of course all of those
> are in /etc and owned and executed by root…
>
> i can’t off-hand think of a good use for user cron … hmmmm.

There are

User’s cronjobs (including root’s) go into “/var/spool/cron/tabs/”.

The /etc/crontab file is different, it is called “the system crontab”.
There is another location that is “/etc/cron.d/” with a slightly
different syntax (it specifies the user that each line is executed as).

Why would you have a crontab as user? For example, to generate a
different background for your desktop periodically, for your own
session. To send periodic emails, do backup tars of your documents… I
have one to speak the time at half hour intervals.

It is a (discretionary) power given to users (it can be disabled).

Another tool is the command “at”, to run a specified command(s) at a
certain time, just that once. For example:

at -f ~/bin/givewarning "now + 10m"

would ring a scandalous bell in ten minutes:

cer@Telcontar:~> cat ~/bin/givewarning
#!/bin/sh
/usr/bin/play /usr/share/sounds/wav/churbell.wav

I use “at” as root, for example, if I leave the computer doing a long
task and I go away, to hibernate it in 3 hours time, so that it is not
using electricity till I come back.

–
Cheers / Saludos,

Carlos E. R.
(from 12.1 x86_64 “Asparagus” at Telcontar)

i don’t have /usr/bin/play or /usr/share/sounds/wav/churbell.wav on a default openSUSE 12.3 installation
Did you install some special packages ?

On 2013-05-17 02:36, vazhavandan wrote:

> i don’t have /usr/bin/play or /usr/share/sounds/wav/churbell.wav on a
> default openSUSE 12.3 installation
> Did you install some special packages ?

Ah, play us part of “sox”.

The sound files come from a much older installation, might be SuSE 7.3
or thereabouts, the boxed DVD. I don’t know why they are not distributed
anymore, license problem I guess.

From the 7.1 ARCHIVES.gz file:

>
> snd_wav.rpm:
>
>    Name        : snd_wav                      Relocations: (not relocateable)
>    Version     : 2001.1.15                         Vendor: SuSE GmbH, Nuernberg, Germany
>    Release     : 0                             Build Date: Tue Jan 16 12:09:46 2001
>    Install date: (not installed)               Build Host: kneser.suse.de
>    Group       : Applications/Sound            Source RPM: snd_wav-2001.1.15-0.src.rpm
>    Size        : 2763736                          License: unknown
>    Packager    : feedback@suse.de
>    Summary     : Soundfiles in WAV-format
>    Description :
>    These are sound files in the WAV format under /usr/share/sounds/wav.
>    So if you have a sound card and a kernel with sound support you can
>    listen to those files with a simple 'play <file>'.

There were also a snd_sf2 (Soundfont and midi sample), snd_au (Sound
files in AU-format. (Sun Audio)), snd_mod (Some MOD-files (amiga music
format)), and maybe more.

–
Cheers / Saludos,

Carlos E. R.
(from 12.1 x86_64 “Asparagus” at Telcontar)

Gentleman, you are going far off-topic. Please do not litter a clear technical question of some member with all sorts of Chitchat about sounds or whatever. Start your owm Chitchat in that subforum.

On 2013-05-16, dd <DenverD@no-mx.forums.opensuse.org> wrote:
> so, should i have a cron in my home?

IIRC the crontab schedules are not stored in $HOME but in /var/spool/cron and only through the API are non-root users able to edit their own account’s table.

User root is no exception there. He also has to use crontab -e, etc. to manage his crontab.

What you are thinking of IMHO are the system crontabs (as listed above).

hcvv wrote:
> flymail;2557524 Wrote:
>> On 2013-05-16, dd <DenverD@no-mx.forums.opensuse.org> wrote:
>>> so, should i have a cron in my home?
>> IIRC the crontab schedules are not stored in $HOME but in
>> /var/spool/cron and only through the API are non-root users able to edit
>> their own account’s table.
> User root is no exception there. He also has to use crontab -e, etc.
> to manage his crontab.
>
> What you are thinking of IMHO are the system crontabs (as listed
> above).

Indeed, but root’s personal crontab is normally empty because all cron
jobs s/he would execute are system jobs and better in a system crontab.

Look very carefully at any jobs in root’s own crontab, since it can
indicate sloppy thinking.

On 2013-05-17 11:25, Dave Howorth wrote:
> Indeed, but root’s personal crontab is normally empty because all cron
> jobs s/he would execute are system jobs and better in a system crontab.

Not always

You may leave the system crontab to the distribution, and add your own
to the “root user” crontab.

I did it that way time ago, the file is there but commented out. I use
now a file in “/etc/cron.d/mine” which is easier to backup (more visible).

–
Cheers / Saludos,

Carlos E. R.
(from 12.1 x86_64 “Asparagus” at Telcontar)