script run fine from ./ but when put in cron does not run

j-me · 06-15-2012, 09:04 AM

Code:

#!/bin/bash

EmailAUFrom=server.address@company.com
EmailAUTo=my.address@company.com

rm /tmp/cert_watch.log /tmp/cert_srch.log
clear

sudo /usr/bin/find / -name *.cer > /tmp/cert_srch.log 2>/dev/null

exit

###

for line in `cat /tmp/cert_srch.log`
do
##   echo "working on cert $line"
  CertExpires=`openssl x509 -in $line -inform PEM -text \
     -noout -enddate | grep "Not After" | awk '{print $4, $5, $7}'`

   TodayPlus90=`date -ud "+90 day" | awk '{print $2, $3, $6}'`

##     echo "Cert Expires ~ " $CertExpires
##     echo "Today Plus 90 ~ " $TodayPlus90

   if [[ "$CertExpires" = "$TodayPlus90" ]]
   then
   echo $line "soon to expire cert being examined" >> /tmp/cert_watch.log
   nail -s "SSL Cert Monitor ~  $line EXPIRES on $CertExpires" -R "$EmailAUFrom" "$EmailAUTo" < /dev/null
   fi
done

this script executes fine manually from >./
but
when I set up cron and run

the file does get deleted and recreated but no data from the find. therefore, the rest of the script does not execute.

FYI: I am running this as a user not administrator and this executes from the users crontab.

Snark1994 · 06-15-2012, 12:01 PM

I'd imagine the problem is that you're using "sudo find" - the sudo's going to hang, waiting for the user's password. Is it possible to put it in root's crontab?

lithos · 06-15-2012, 12:53 PM

Quote:

Originally Posted by j-me

Code:

#!/bin/bash


sudo /usr/bin/find / -name *.cer > /tmp/cert_srch.log 2>/dev/null

this script executes fine manually from >./
but
when I set up cron and run

the file does get deleted and recreated but no data from the find. therefore, the rest of the script does not execute.

FYI: I am running this as a user not administrator and this executes from the users crontab.

It won't run "sudo /usr/bin/find" because it wants password.

good luck

j-me · 06-15-2012, 01:01 PM

true

I can run this fine if looking ONLY in the home directory of the user but NOT outside. I assume because it is wanting a password.

It appears the only option is to run as root cron. Bummer! but understandable. regards

robertjinx · 06-15-2012, 03:41 PM

You can always add to /etc/sudoers something like "username ALL=NOPASSWD: ALL" and then it wont ask for pass or of course drop sudo or run the script as root.

Snark1994 · 06-16-2012, 05:49 AM

Quote:

Originally Posted by robertjinx

You can always add to /etc/sudoers something like "username ALL=NOPASSWD: ALL" and then it wont ask for pass

If you do this be aware of the massive security risk - any malicious program can include "sudo rm -rf /" and it will execute without any problem because you've set 'sudo' to not ask for a password. Running the script as root is a better solution.

robertjinx · 06-16-2012, 10:02 AM

Of course is a security risk, but it's a security risk if you let it be. There is no security risk if he knows what he's doing, or anyone, if you know how to protect your system.

I'm using this for years and somehow never ever anything happened, I wonder why