Scheduling Tasks Using cron

UNIX systems have a daemon named cron that is used to schedule tasks. If you are familiar with Windows scheduler or at commands, think of cron as a similar tool. You can use cron to run any executable file, including shell scripts and other commands, at any time of the day, week, or month, at regular intervals. For example, cron is used to rotate the /var/log/messages file on the first of every month. Tasks that are scheduled through cron are typically called jobs or cron jobs.

The configuration of cron is done through a file called the crontab. Typically, each user on the system can have his or her own crontab file, which will run with whatever privileges that user possesses. Of course, the admin or root crontab file has full privileges, and most system scheduling is done through that file. In IPSO, you can find the crontab file in /etc/crontab, which is actually a symlink to /var/etc/crontab. Cron then runs as a daemon and can be viewed with the ps –aux command. If you edit the crontab file manually, you need to restart cron (or send it a HUP signal) so that it will load the new configuration file. Alternatively, there is a crontab command that you can use to both edit and list the contents of the running crontab configuration. An –e switch with the command (crontab –e) will edit the file and update the running cron daemon with any changes you make in real time. Using the –l switch allows you to list the file. The syntax of the file is important; each line should have the following values: minute hour day-of-month month day-of-week command. Here's a clip of the default /etc/crontab file on IPSO 3.6:

#minute hour    mnthday month   weekday   user    command # 5       *       *       *       *       root    /etc/hourly 2>&1 >>/var/     log/hourly 30      0       *       *       7       root    /etc/weekly 2>&1 >>/var/     log/weekly 45      23      1       *       *       admin   /etc/backup -f /var/etc/     sched_backup_vars.sh 15      0       *       *       *       root    /etc/daily 2>&1 >>/var/     log/daily 45      0       1       *       *       root    /etc/monthly 2>&1 >>/var/     log/monthly

The 2>&1 after each command specifies what to do with standard output and standard error. Basically, this code says to send standard error to standard output and redirect all output to the file specified. The >> means to append to the specified file rather than overwrite it. If no particular action is specified, typically the system messages file will receive this output. It is often useful to redirect this output to /dev/null so that there are no logs generated from the output of the file. One example of this redirection is a FireWall-1 log export command, which would normally show the progression of the export on the command line 1%, 2%, and so on. You would end up with a very large log file if you logged all this output.

Prior to IPSO 3.5, you had to manually edit the crontab file on the system to make changes to cron, but in IPSO 3.5, 3.6 and later, you can schedule cron jobs through the Voyager Web interface (or via CLISH). Click Job Scheduler from the System Configuration heading in Voyager, and fill in the requested values to schedule a cron job. See Figure 20.20 for an example.

Figure 20.20: Configuring Crontab