LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices

Reply
 
Search this Thread
Old 12-03-2013, 10:21 PM   #1
DrinkinHomeBrew
LQ Newbie
 
Registered: Oct 2011
Posts: 21

Rep: Reputation: Disabled
How can I allow user2 to view and change user1's cron jobs?


Running CentOs, user1 is an application account that has several daily cron jobs associated with it. It is in the /etc/cron.allow file. User2 is someone in support, who needs to be able to view what cron jobs user1 has set, and occasionally change them. User2 cannot be given any kind of box administrative privileges. Even if I add user2 to the /etc/cron.allow file, if I try to run 'crontab -u user1' it says I have to be privileged to to use the -u switch.

Is there a way that I can give user2 rights to run the -u switch, without making them any type of box admin? Or, possibly better, shouldn't it be possible to give a bash script that runs "crontab -l" or "crontab -e" the setuid attributes, and then have user2 run that script to view/modify the cronjobs for user1? (This didn't work when I tried it, though some online sources makes me think it should).

Last edited by DrinkinHomeBrew; 12-03-2013 at 10:23 PM.
 
Old 12-03-2013, 10:56 PM   #2
astrogeek
Senior Member
 
Registered: Oct 2008
Distribution: Slackware [64]X{.0|.1|.2|-current} ::X>=12<=14, FreeBSD_10{.0|.1}
Posts: 2,155

Rep: Reputation: 848Reputation: 848Reputation: 848Reputation: 848Reputation: 848Reputation: 848Reputation: 848
You could give user2 sudo rights explicitly for the necessary command, first choice.

Second choice, I have a similar situation on a remote box where we need several users to be able to modify cron jobs that must all run as the same user. The way I set that up was to make all those users members of a group, then created a set of cron wrapper scripts that belong to the common user but that have group r/w permission.

Then a privileged user sets the crontab to run those wrapper scripts. We have 5 minute, 1 hour and 6 hour wrappers.

Finally, when one of the group users needs to add or change a cron they add it to, or edit the corresponding wrapper.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
how to a user2 which is in same group as user1 can read files created by user1 linux_neophyte Linux - Security 1 10-17-2013 02:57 AM
[SOLVED] "finger user1" pointing user1 and user2 as well why so? manalisharmabe Linux - Newbie 3 04-26-2013 10:58 AM
Redirect ~user1 to ~user2 JRobertBuchanan Linux - Server 1 08-26-2012 03:56 PM
Access remotely as user1 and execute command as user2 archieval Programming 3 07-18-2012 07:41 AM
Kinit user1 to authenticate for ssh user2 MikeyCarter Linux - Software 0 03-01-2011 12:48 PM


All times are GMT -5. The time now is 07:27 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration