[deployment-guide/comm-rel: 58/727] modified Cron chapter
Jaromir Hradilek
jhradile at fedoraproject.org
Tue Oct 19 12:28:59 UTC 2010
commit 3a9536e92451faa881e2b483f4c20d8c4b970bb3
Author: Martin Prpic <mprpic at redhat.com>
Date: Mon Jul 19 09:50:48 2010 +0200
modified Cron chapter
en-US/Automated_Tasks.xml | 154 +++++++++++++++++++++++++++++++-------------
1 files changed, 108 insertions(+), 46 deletions(-)
---
diff --git a/en-US/Automated_Tasks.xml b/en-US/Automated_Tasks.xml
index 5065074..10c5af6 100644
--- a/en-US/Automated_Tasks.xml
+++ b/en-US/Automated_Tasks.xml
@@ -14,12 +14,11 @@
significance="normal">
<primary>Cron</primary>
</indexterm>
- <section
- id="s1-autotasks-cron">
+ <section id="s1-autotasks-cron-anacron">
<title>Cron and Anacron</title>
<para>Both, Cron and Anacron, are daemons that can be used to schedule the execution of recurring tasks according to a combination of the time, day of the month, month, day of the week, and week.</para>
<para>Cron assumes that the system is on continuously. If the system is not on when a job is scheduled, it is not executed. Cron allows jobs to be run as often as every minute. Anacron does not assume the system is always on, remembers every scheduled job, and executes it the next time the system is up. However, Anacron can only run a job once a day.
- To schedule reccuring jobs, refer to <xref linkend="s2-autotasks-cron-configuring"/>. To schedule one-time jobs, refer to <xref
+ To schedule reccuring jobs, refer to <xref linkend="s2-configuring-tasks"/>. To schedule one-time jobs, refer to <xref
linkend="s1-autotasks-at-batch"/>.</para>
<para>To use the cron service, the <filename>cronie</filename> RPM package must be installed and the <command>crond</command> service must be running. Anacron is sub-package of cronie. To determine if these packages are installed, use the <command>rpm -q cronie cronie-anacron</command> command. </para>
<section
@@ -30,7 +29,7 @@
linkend="ch-Controlling_Access_to_Services"/> for details on starting the cron service automatically at boot time.</para>
</section>
<section
- id="s2-autotasks-cron-configuring">
+ id="s2-configuring-tasks">
<title>Configuring Tasks</title>
<indexterm
significance="normal">
@@ -43,8 +42,11 @@
<filename>crontab</filename>
</primary>
</indexterm>
+
+ <section id="s3-configuring-anacron-jobs">
+ <title>Configuring Anacron Jobs</title>
<para>The main configuration file to schedule jobs is <filename>/etc/anacrontab</filename>, which contains the following lines:</para>
- <screen>
+<screen>
SHELL=/bin/sh
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root
@@ -65,6 +67,7 @@ START_HOURS_RANGE=3-22
The next two lines are variables that modify the time for each scheduled job. The <computeroutput>RANDOM_DELAY</computeroutput> variable denotes the maximum number of minutes that can randomly be added to the delay variable specified for each job. The minimum delay value is set, by default, to 6 minutes. A <computeroutput>RANDOM_DELAY</computeroutput> set to 12 would therefore add, randomly, between 6 and 12 minutes to the delay. <computeroutput>RANDOM_DELAY</computeroutput> can also be set to a value below 6, or even 0. When set to 0, no random delay is added. This proves to be useful when, for example, more computers that share one network connection need to download the same data every day. The <computeroutput>START_HOURS_RANGE</computeroutput> variable defines an interval (in hours) when scheduled jobs can be run. In case this time interval is missed, for example, due to a power down, then scheduled jobs are not executed that day.
</para>
<para>The rest of the lines in the <filename>/etc/anacrontab</filename> file represent scheduled jobs and have the following format:
+</para>
<screen>
period in days delay in minutes job-identifier command
</screen>
@@ -90,14 +93,71 @@ period in days delay in minutes job-identifier command
</para>
</listitem>
</itemizedlist>
-</para>
+<para>Any lines that begin with a hash mark (#) are comments and are not processed.</para>
+<section id="s4-anacron-examples">
+ <title>Examples of Anacron Jobs </title>
+ <para>The following example shows how a simple <filename>/etc/anacrontab</filename> file could look like:</para>
+<screen>
+SHELL=/bin/sh
+PATH=/sbin:/bin:/usr/sbin:/usr/bin
+MAILTO=root
+
+# the maximal random delay added to the base delay of the jobs
+RANDOM_DELAY=30
+# the jobs will be started during the following hours only
+START_HOURS_RANGE=16-20
- <para>The first four lines are variables used to configure the environment in which the cron tasks are run. The <computeroutput>SHELL</computeroutput> variable tells the system which shell environment to use (in this example the bash shell), while the <computeroutput>PATH</computeroutput> variable defines the path used to execute commands. The output of the cron tasks are emailed to the username defined with the <computeroutput>MAILTO</computeroutput> variable. If the <computeroutput>MAILTO</computeroutput> variable is defined as an empty string (<computeroutput>MAILTO=""</computeroutput>), email is not sent. The <computeroutput>HOME</computeroutput> variable can be used to set the home directory to use when executing commands or scripts.</para>
- <para>Each line in the <filename>/etc/crontab</filename> file represents a task and has the following format:</para>
- <screen>
-minute hour day month dayofweek command
+#period in days delay in minutes job-identifier command
+1 20 dailyjob nice run-parts /etc/cron.daily
+7 25 weeklyjob /etc/weeklyjob.bash
+ at monthly 45 monthlyjob ls /proc >> /tmp/proc
</screen>
- <itemizedlist>
+<para>
+ All jobs defined in this <filename>anacrontab</filename> file are randomly delayed by 6-30 minutes and can be executed between 16:00 and 20:00. Thus, the first defined job will run anywhere between 16:26 and 16:50 every day. The command specified for this job will execute all present executables in the <filename>/etc/cron.daily</filename> directory (using the <command>run-parts</command> command). The second specified job will be executed once a week and will execute the <filename>weeklyjob.bash</filename> script in the <filename>/etc</filename> directory. The third job is executed once a month and runs a command to write the contents of the <filename>/proc</filename> to the <filename>/tmp/proc</filename> file (e.g. <computeroutput>ls /proc >> /tmp/proc</computeroutput>).
+</para>
+</section>
+</section>
+<section id="s3-configuring-cron-jobs">
+ <title>Configuring Cron Jobs</title>
+ <!-- <indexterm
+ significance="normal">
+ <primary>cron</primary>
+ <secondary>user-defined tasks</secondary>
+ </indexterm>
+ <indexterm
+ significance="normal">
+ <primary>
+ <filename>/var/spool/cron</filename>
+ </primary>
+ </indexterm> -->
+ <para>
+ The configuration file to configure cron jobs, <filename>/etc/crontab</filename>, contains the following lines:
+ </para>
+ <screen>
+SHELL=/bin/bash
+PATH=/sbin:/bin:/usr/sbin:/usr/bin
+MAILTO=root
+HOME=/
+# For details see man 4 crontabs
+# Example of job definition:
+# .---------------- minute (0 - 59)
+# | .------------- hour (0 - 23)
+# | | .---------- day of month (1 - 31)
+# | | | .------- month (1 - 12) OR jan,feb,mar,apr ...
+# | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
+# | | | | |
+# * * * * * user command to be executed
+ </screen>
+ <para>
+ The first three lines contains the same variables as an anacrontab, <computeroutput>SHELL</computeroutput>, <computeroutput>PATH</computeroutput>, <computeroutput>MAILTO</computeroutput>. For more information about these variables, refer to <xref linkend="s3-configuring-anacron-jobs"/>. The fourth line contains the <computeroutput>HOME</computeroutput> variable. The <computeroutput>HOME</computeroutput> variable can be used to set the home directory to use when executing commands or scripts.
+ </para>
+ <para>
+ The rest of the lines in the <filename>/etc/crontab</filename> file represent scheduled jobs and have the following format:
+ </para>
+ <screen>
+minute hour day month day of week user command
+ </screen>
+ <itemizedlist>
<listitem>
<para>
<computeroutput>minute</computeroutput> — any integer from 0 to 59</para>
@@ -120,6 +180,11 @@ minute hour day month dayofweek command
</listitem>
<listitem>
<para>
+ <computeroutput>user</computeroutput> —
+ </para>
+ </listitem>
+ <listitem>
+ <para>
<computeroutput>command</computeroutput> — the command to execute (the command can either be a command such as <command>ls /proc >> /tmp/proc</command> or the command to execute a custom script)</para>
</listitem>
</itemizedlist>
@@ -128,49 +193,46 @@ minute hour day month dayofweek command
<para>A list of values separated by commas (,) specifies a list. For example, <userinput>3, 4, 6, 8</userinput> indicates those four specific integers.</para>
<para>The forward slash (/) can be used to specify step values. The value of an integer can be skipped within a range by following the range with <userinput>/<<replaceable>integer</replaceable>></userinput>. For example, <userinput>0-59/2</userinput> can be used to define every other minute in the minute field. Step values can also be used with an asterisk. For instance, the value <userinput>*/3</userinput> can be used in the month field to run the task every third month.</para>
<para>Any lines that begin with a hash mark (#) are comments and are not processed.</para>
- <para>As shown in the <filename>/etc/crontab</filename> file, the <command>run-parts</command> script executes the scripts in the <filename>/etc/cron.hourly/</filename>, <filename>/etc/cron.daily/</filename>, <filename>/etc/cron.weekly/</filename>, and <filename>/etc/cron.monthly/</filename> directories on an hourly, daily, weekly, or monthly basis respectively. The files in these directories should be shell scripts.</para>
- <para>If a cron task is required to be executed on a schedule other than hourly, daily, weekly, or monthly, it can be added to the <filename>/etc/cron.d/</filename> directory. All files in this directory use the same syntax as <filename>/etc/crontab</filename>. Refer to <xref
- linkend="crontab-examples"/> for examples.</para>
- <indexterm
- significance="normal">
- <primary>cron</primary>
- <secondary>example crontabs</secondary>
- </indexterm>
- <example
- id="crontab-examples">
- <title>Crontab Examples</title>
- <screen>
-# record the memory usage of the system every monday
-# at 3:30AM in the file /tmp/meminfo
-30 3 * * mon cat /proc/meminfo >> /tmp/meminfo
-# run custom script the first day of every month at 4:10AM
-10 4 1 * * /root/scripts/backup.sh
-</screen>
- </example>
- <indexterm
- significance="normal">
- <primary>cron</primary>
- <secondary>user-defined tasks</secondary>
- </indexterm>
- <indexterm
- significance="normal">
- <primary>
- <filename>/var/spool/cron</filename>
- </primary>
- </indexterm>
- <para>Users other than root can configure cron tasks by using the <command>crontab</command> utility. All user-defined crontabs are stored in the <filename>/var/spool/cron/</filename> directory and are executed using the usernames of the users that created them. To create a crontab as a user, login as that user and type the command <command>crontab -e</command> to edit the user's crontab using the editor specified by the <computeroutput>VISUAL</computeroutput> or <computeroutput>EDITOR</computeroutput> environment variable. The file uses the same format as <filename>/etc/crontab</filename>. When the changes to the crontab are saved, the crontab is stored according to username and written to the file <filename>/var/spool/cron/<replaceable>username</replaceable>
- </filename>.</para>
+ <para>Users other than root can configure cron tasks by using the <command>crontab</command> utility. All user-defined crontabs are stored in the <filename>/var/spool/cron/</filename> directory and are executed using the usernames of the users that created them. To create a crontab as a user, login as that user and type the command <command>crontab -e</command> to edit the user's crontab using the editor specified by the <computeroutput>VISUAL</computeroutput> or <computeroutput>EDITOR</computeroutput> environment variable. The file uses the same format as <filename>/etc/crontab</filename>. When the changes to the crontab are saved, the crontab is stored according to username and written to the file <filename>/var/spool/cron/<replaceable>username</replaceable></filename>.</para>
+ <note>
+ <title>Note</title>
+ <para>
+ When using the <command>crontab</command> utility, there is no need to specify a user when defining a job.
+ </para>
+ </note>
+
+ <!-- CRON.D -->
+ <para>TBD: If a cron task is required to be executed on a schedule other than hourly, daily, weekly, or monthly, it can be added to the <filename>/etc/cron.d/</filename> directory. All files in this directory use the same syntax as <filename>/etc/crontab</filename>.</para>
+
+
+
<para>The cron daemon checks the <filename>/etc/crontab</filename> file, the <filename>/etc/cron.d/</filename> directory, and the <filename>/var/spool/cron/</filename> directory every minute for any changes. If any changes are found, they are loaded into memory. Thus, the daemon does not need to be restarted if a crontab file is changed.</para>
- </section>
- <section
- id="s2-autotasks-cron-access">
+</section>
+<section
+ id="s3-autotasks-cron-access">
<title>Controlling Access to Cron</title>
<para>The <filename>/etc/cron.allow</filename> and <filename>/etc/cron.deny</filename> files are used to restrict access to cron. The format of both access control files is one username on each line. Whitespace is not permitted in either file. The cron daemon (<command>crond</command>) does not have to be restarted if the access control files are modified. The access control files are read each time a user tries to add or delete a cron task.</para>
<para>The root user can always use cron, regardless of the usernames listed in the access control files.</para>
<para>If the file <filename>cron.allow</filename> exists, only users listed in it are allowed to use cron, and the <filename>cron.deny</filename> file is ignored.</para>
<para>If <filename>cron.allow</filename> does not exist, users listed in <filename>cron.deny</filename> are not allowed to use cron.</para>
+ <para>Access can also be controlled through Pluggable authentication modules (PAM). These settings are stored in <filename>/etc/security/access.conf</filename>. For example, adding the following line in this file forbids creating crontabs for all other users than root:
+ </para>
+<screen>
+-:ALL EXCEPT root :cron
+</screen>
+ <para>
+ The forbidden jobs will be logged in an appropriate log file or, when using “crontab -e”, returned to the standard output. For more information, refer to <filename>access.conf.5</filename>.
+ </para>
</section>
+<section id="s3-black-white-listing-of-cron-jobs">
+ <title>Black/White Listing of Cron Jobs</title>
+ <para>
+ Black/White listing of jobs is used to omit parts of the defined jobs that do not need to be executed. When running the <command>run-parts</command> command on a cron folder, such as <filename>/etc/cron.daily</filename>, we can define which of the executables in this folder will not be executed by the <command>run-parts</command> command. To define a black list, create a <filename>jobs.deny</filename> file in the folder that <command>run-parts</command> will be executing from. For example, if we need to omit a particular executable from /etc/cron.daily, then, a file <filename>/etc/cron.daily/jobs.deny</filename> has to be created. In this file, specify the names of the omitted executables from the same directory. These will not be executed when a command, such as <computeroutput>run-parts /etc/cron.daily</computeroutput>, is executed by a specific job. To define a white list, create a <filename>jobs.allow</filename> file. The principles of <filename>jobs.deny</filename>
and <filename>jobs.allow</filename> are the same as those of <filename>cron.deny</filename> and <filename>cron.allow</filename> described in section <xref linkend="s3-autotasks-cron-access"/>.
+ </para>
+ </section>
+ </section>
</section>
+
<section
id="s1-autotasks-at-batch">
<title>At and Batch</title>
More information about the docs-commits
mailing list