You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2021-04-09 21:48:13
- Altoid
- Member
- Registered: 2017-05-07
- Posts: 1,592
[SOLVED] crontab permission problem
Hello:
Now that my cron issues were taken care of, I now see the errors that crop up when it actually runs as intended. 8^7
My crontab has these three entries with the purpose of keeping log files to a manageable size till the time they get rotated:
# 1. For /home/groucho/.xsession-errors
# ---
0 */23 * * * [ $(du -k .xsession-errors | awk '{ print $1 }') -gt 5000 ] && tail -200 /home/$(whoami)/.xsession-errors > /home/$(whoami$
# ---
#
# 2. For /var/log/boot (bootlogd)
# ---
0 */23 * * * [ $(du -k /var/log/boot | awk '{ print $1 }') -gt 5000 ] && tail -200 /var/log/boot > /var/log/boot
# ---
# 3. For /var/log/cron.log
# ---
0 */23 * * * [ $(du -k /var/log/cron.log | awk '{ print $1 }') -gt 5000 ] && tail -200 /var/log/cron.log > /var/log/cron.log
# ---The first one has no issues, it is for the prolific .xsession-errors living at /home.
But the other two need admin rights:
groucho@devuan:~$ tail -200 /var/log/boot > /var/log/boot
bash: /var/log/boot: Permission denied
groucho@devuan:~$ groucho@devuan:~$ tail -200 /var/log/cron.log > /var/log/cron.log
bash: /var/log/cron.log: Permission denied
groucho@devuan:~$ My user belongs to a miriad of groups:
groucho@devuan:~$ groups
groucho adm lp mail dialout fax cdrom floppy tape sudo audio dip www-data backup video plugdev staff users crontab netdev lpadmin scanner saned fuse powerdev debian-exim
groucho@devuan:~$ As you can see, adm is one of them.
But doesn't adm have rights over /var/log/boot and /var/log/cron.log?
groucho@devuan:~$
groucho@devuan:~$ ls -l /var/log | grep adm |grep boot
-rw-r----- 1 root adm 6639408 Apr 9 17:20 boot
groucho@devuan:~$ groucho@devuan:~$
groucho@devuan:~$ ls -l /var/log | grep adm |grep cron.log
-rw-r----- 1 root adm 105594 Apr 9 18:35 cron.log
-rw-r----- 1 root adm 14428210 Apr 4 06:50 cron.log.1
groucho@devuan:~$ What am I missing?
Thanks in advance,
A.
Offline
#2 2021-04-10 10:03:47
- Head_on_a_Stick
- Member
- From: London
- Registered: 2019-03-24
- Posts: 3,125
- Website
Re: [SOLVED] crontab permission problem
-rw-r----- 1 root adm 6639408 Apr 9 17:20 boot [...] -rw-r----- 1 root adm 105594 Apr 9 18:35 cron.log -rw-r----- 1 root adm 14428210 Apr 4 06:50 cron.log.1
Those permissions indicate that root can read or write to the files but members of the adm group can only read them.
Brianna Ghey — Rest In Power
Offline
#3 2021-04-10 10:39:41
- Altoid
- Member
- Registered: 2017-05-07
- Posts: 1,592
Re: [SOLVED] crontab permission problem
Hello:
... indicate that root can read or write to the files but members of the adm group can only read them.
I see.
Crontab runs as the user that added the scripts so my only options are:
1. to put the lines needing root credentials in /etc/cron.d.
2. add them to via sudo crontab-e to root's crontab.
Is this so?
Thanks in advance,
A.
Last edited by Altoid (2021-04-14 18:55:27)
Offline
#4 2021-04-10 10:54:45
- Head_on_a_Stick
- Member
- From: London
- Registered: 2019-03-24
- Posts: 3,125
- Website
Re: [SOLVED] crontab permission problem
Yes, I think so.
But I would just use the size option described in logrotate(8) to control how big the files get before being rotated.
EDIT: and I would delete ~/.xsession-errors at the start of every X session because there doesn't seem much point keeping error logs from old sessions.
To wit:
echo 'rm ~/.xsession-errors' >> ~/.xsessionrcSee also https://wiki.debian.org/Xsession
Last edited by Head_on_a_Stick (2021-04-10 10:57:51)
Brianna Ghey — Rest In Power
Offline
#5 2021-04-10 11:16:48
- Altoid
- Member
- Registered: 2017-05-07
- Posts: 1,592
Re: [SOLVED] crontab permission problem
Hello:
Yes ...
Right.
Further thinking about it, I see it makes sense.
But I would just use the size option described in logrotate(8) to control how big the files get before being rotated.
I recall (?) thinking about that but did not see the need for the rotated files.
I'll look into that, thanks for the heads up.
... would delete ~/.xsession-errors at the start of every X session ...
... doesn't seem much point keeping error logs from old sessions.
Yes, I have seen that done.
And taking into account how unintelligible they are ...
But I have found that they have been a sort of reference for comparison purposes between boots.
Not that I actually solved anything. 8^7
Thanks a lot for your input.
Best,
A.
Offline
Pages: 1
