Skip to main content

Process Scheduling with Cron in Debian 6.x

The daemon cron automatically updates itself every 1 minute (assuming the cron service is running). Cron searches its spool directory "/var/spool/cron/crontabs" for new files named after user accounts in the file "/etc/passwd", then loads those new rules into memory. Users are not allowed to directly modify cron's spool. Users are supposed to modify one or more of cron's writable scheduling files and directories: "/etc/crontab", "/etc/cron.hourly", "/etc/cron.daily", "/etc/cron.weekly", "/etc/cron.monthly", and "/etc/cron.d". Access to those files and directories are controlled by entries added and removed from cron's access control lists.  

Cron uses the writable scheduling file "/etc/crontab" to allow applications finer scheduling control than what the scheduling directories "/etc/cron.{hourly,daily,weekly,monthly}" can provide. Most system administrators use the file "/etc/crontab" to schedule when the files within the directories "/etc/cron.{hourly,daily,weekly,monthly} should be ran. The writable scheduling directories "/etc/cron.{hourly,daily,weekly,monthly}" are for running commands and scripts of specified entries at specific times on specific days. The writable scheduling directory "/etc/cron.d" runs commands and scripts of specified entries at specific times throughout the day. All new entries in cron's scheduling files and directories must follow the naming convention used by the command "run-parts".

If cron's access control lists, "cron.allow" and "cron.deny", are found in the directory "/etc/" then they're used to restrict access to user accounts listed in those files. The access control list "/etc/cron.allow" has precedence over the file "/etc/cron.deny". However, if one or both of its access control lists are missing then the files that are missing are ignored.

For example, in my last post titled "TCP/UDP Whitelist Connection Script," I mentioned using cron to run the bash script "whitelist.sh" every couple of minutes to close active TCP/UDP servers and connections unknown to the user; to do that add a new file to the directory "/etc/cron.d".

1. Create a file named "whitelist" in the directory "/etc/cron.d":
touch /etc/cron.d/whitelist && chmod 644 /etc/cron.d/whitelist;

2. Edit the file "/etc/cron.d/whitelist" to include the following lines:
# Cron job for bash script whitelist.sh. Run script every 2 mintues.
# min [0-59]  hour [0-23]  day of month [1-31]  month [1-12]  day of week [1-7]  command
SHELL=/bin/bash
*/2  *  *  *  *  /home/username/whitelist.sh

Do you have a suggestion about how to improve this blog? Let's talk about it. Contact me at David.Brenner.Jr@Gmail.com or 720-584-5229.

Comments

Popular posts from this blog

The meaning of time in reinforcement learning

Reinforcement learning (RL) is one of three basic machine learning paradigms, alongside supervised learning and unsupervised learning. Reinforcement learning is concerned with how software agents ought to take actions in an environment in order to maximize the notion of cumulative reward through the process of trial and error. In reinforcement learning an agent starts at an empty state then analyzes the available datasets according to a policy of positive states and negative states. Rather than being explicitly taught as in supervised learning the correct set of actions for performing a task, reinforcement learning uses rewards as signals for positive states and punishments as signals for negative states. The agent obtains the best path to a desirable reward as a cumulation of positive states and negative states. As compared to unsupervised learning, reinforcement learning is different in terms of goals. While the goal in unsupervised learning is to find similarities and differences...

Old idea of encrypted, anonymous group chats

Encrypted, Anonymous Group Chats An owner of the chat connects through multiple VPNs, like NordVPN and SurfShark which are the most popular. Then the owner obtains access to an email provider hosted in a country outside the United States. Once the new email account has been setup and ready to use, the owner shares the login username and login password of that email account with the participants. The idea is to never send/receive any emails, only exchange messages saved as drafts in the email account. The drafts don't get sent/received anywhere. It's also important to note that messages are saved as new drafts without subject-line and recipient-info. Ideally there will be at most two drafts in the account at a time. When the chat is finished the email account is deleted. Whenever the participants are ready to chat, the participants login to that email account and compose a new email. They will write a message and encrypt it with PGP, then save it as a new draft without subjec...

Uploading files through Secure WebDAV using DAVfs

WebDAV is a protocol that facilitates uploading and downloading files through HTTP (port 80) and HTTPS (port 443). Whenever a WebDAV service is being ran over SSL it is called Secure WebDAV. DAVfs is a file system interface to the WebDAV protocol, it works with WebDAV and Secure WebDAV. The command mount uses DAVfs to recognize a WebDAV share as a regular file system so that other tools, scripts, services, and users can access the share's contents (as a file system with actual directories). Here's an easy solution for uploading files to your WebDAV account. These instructions work on Linux, FreeBSD, Solaris, and probably other distributions too. 1. Make a local directory for transferring files. mkdir <your directory>; 2. Stop other processes and users from interfering with your transfers. chown root:root <your directory> && chmod 770 <your directory>; 3. Mount your online cloud share using davfs. Enter your password when the prompt appears askin...