Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
So my cronjobs were working before I used Bastille lockdown on a particular box checked a few things so far:
/var/log/cron - the daemon is running and logs the command I want to run
The command it's self is valid, and runs fine
I have checked cron.allow and cron.deny - I'm not sure if in here lies my issue I had several things placed in my .deny file by the lockdown, however I added root to the cron.allow, tested, no joy, renamed both allow and deny and tested again No joy.
So my cronjobs were working before I used Bastille lockdown on a particular box checked a few things so far:
/var/log/cron - the daemon is running and logs the command I want to run
The command it's self is valid, and runs fine
I have checked cron.allow and cron.deny - I'm not sure if in here lies my issue I had several things placed in my .deny file by the lockdown, however I added root to the cron.allow, tested, no joy, renamed both allow and deny and tested again No joy.
I'm not sure were to go next, any suggestions?
if the command is being logged in /var/log/cron since the bastille lock down, then the issue is not with the cron.allow or cron.deny files.
root is allowed to always run cron anyway
does bastille have some sort of log you can look at?
I don't even see anything in the script that seems like it would change anything to do with cron, I'm only hypothesizing that the lockdown broke it anyway.
That's an selinux issue. It may simply be that since cron sends stderr/stdout to the user that runs cron as an email that it is trying to open exim, being denied by your selinux policy, and therefore not running the actual program. Try allowing that selinux path and see if that fixes things. If you don't know how to do this, write back.
OK, the permissive is the reason it is logging the string (basically, permissive means show me what you would not allow in the audit log, but let me do it anyway).
The line says, 'comm="exim" path="/var/spool/exim/db/retry.lockfile"'. That means it is trying to run exim (which is a sendmail replacement). I'm guessing that you do have exim running, but even if you don't, it shouldn't stop cron. Perhaps it is simply that the lockfile is stopping things from running. Try shutting down exim, removing the lockfile and then restarting exim. May not help, but that shouldn't hurt anything either.
Let us know,
Forrest
p.s. Yeah chrism01 I noticed that in another post. Is this better
So I'm looking at the latest log info and that Selinux message about exim has no correlation to my crontab, guess it was just coincidence that I saw the two at the same time.. So I"m stumped... I have no idea why my crontab isn't running.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.