View previous topic :: View next topic |
Author |
Message |
grant123 Veteran
Joined: 23 Mar 2005 Posts: 1080
|
Posted: Sun Dec 16, 2012 12:26 am Post subject: More crontab questions |
|
|
I'm finalizing my crontab stuff and I have a few questions for you guys.
Is there an ssmtp message size limit? If so, can I increase it? I'm not getting a couple of crontab messages and I think it's due to them being too large.
I'm redirecting STDOUT to /dev/null but I read about cronic and I'm wondering if I should use it instead. Has anyone found that STDERR email isn't good enough?
http://habilis.net/cronic/
Is it necessary to enter full paths into a crontab and the bash scripts called by a crontab? |
|
Back to top |
|
|
cwr Veteran
Joined: 17 Dec 2005 Posts: 1969
|
Posted: Sun Dec 16, 2012 11:40 am Post subject: |
|
|
As I recall, cron sets its own path, but I'd still use full paths to ensure
that miscellaneous binaries can't be run with cron's privileges by being
placed earlier in the path sequence.
Will |
|
Back to top |
|
|
grant123 Veteran
Joined: 23 Mar 2005 Posts: 1080
|
Posted: Sun Dec 16, 2012 10:35 pm Post subject: |
|
|
Interesting, so the danger is that I will run thiscommand in a crontab, and I mean to run /usr/bin/thiscommand, but since /bin comes before /usr/bin in $PATH, /bin/thiscommand is run instead of /usr/bin/thiscommand?
If so, shouldn't all commands be run by specifying the full path, not just those in a crontab? |
|
Back to top |
|
|
nemesisgus n00b
Joined: 17 Dec 2012 Posts: 1
|
Posted: Mon Dec 17, 2012 12:18 am Post subject: Re: More crontab questions |
|
|
grant123 wrote: |
I'm redirecting STDOUT to /dev/null but I read about cronic and I'm wondering if I should use it instead. Has anyone found that STDERR email isn't good enough?
http://habilis.net/cronic/
|
I found two possible enhancements of using Cronic over '> /dev/null':
1) Cronic reports not only STDERR but STDOUT also and traces the error.
2) Cronic reports on exit status different from 0, regardless of whether an error message is output or not.
You could find this discussion about that topic interesting:
http://news.ycombinator.com/item?id=4021497
There, reidrac states that:
"cron sends a mail if: a) there's output (stdout or stderr) or b) the command exit code isn't 0."
But I couldn't find b) to be true in my system. |
|
Back to top |
|
|
grant123 Veteran
Joined: 23 Mar 2005 Posts: 1080
|
Posted: Mon Dec 17, 2012 12:40 am Post subject: |
|
|
Thanks nemesisgus. I'm going to start a new thread about cronic. |
|
Back to top |
|
|
cwr Veteran
Joined: 17 Dec 2005 Posts: 1969
|
Posted: Fri Dec 21, 2012 5:12 pm Post subject: |
|
|
grant123 wrote: | Interesting, so the danger is that I will run thiscommand in a crontab, and I mean to run /usr/bin/thiscommand, but since /bin comes before /usr/bin in $PATH, /bin/thiscommand is run instead of /usr/bin/thiscommand?
If so, shouldn't all commands be run by specifying the full path, not just those in a crontab? |
The risk is less with an ordinary user, since they don't have a dangerous privilege levels.
Root's default path shouldn't start with '.' for that reason, so that traps can't be set
by leaving a file named after a well-known command in a directory used by root.
Will |
|
Back to top |
|
|
grant123 Veteran
Joined: 23 Mar 2005 Posts: 1080
|
Posted: Fri Dec 21, 2012 9:08 pm Post subject: |
|
|
OK, so the convention is that full paths are specified for all commands in root's crontab and in any scripts executed by root's crontab? |
|
Back to top |
|
|
Hu Moderator
Joined: 06 Mar 2007 Posts: 21607
|
Posted: Sat Dec 22, 2012 1:52 am Post subject: |
|
|
grant123 wrote: | OK, so the convention is that full paths are specified for all commands in root's crontab and in any scripts executed by root's crontab? | Yes, but some people will use unqualified commands with an explicit definition of $PATH: Code: | #!/bin/sh
PATH="/bin:/sbin:/usr/bin:/usr/sbin"
ifconfig ... | This is also safe, if you are careful to set $PATH only to include directories that are safe. |
|
Back to top |
|
|
grant123 Veteran
Joined: 23 Mar 2005 Posts: 1080
|
Posted: Sat Dec 22, 2012 7:01 pm Post subject: |
|
|
The default /etc/crontab does exactly that:
PATH=/sbin:/bin:/usr/sbin:/usr/bin
Is that safe enough to use unqualified commands in /etc/crontab? |
|
Back to top |
|
|
|