Crontab auto-updater

RaelOM · 11-02-2006, 07:38 AM

So I'm running a shared platform with about 80 apps on it.

Out of that 80 or so apps a few have crontab access which is managed through group membership.

I need to design a system that will once an hour through a root cronjob, scan the project space of those that have crontab access (Belong to bppcron group) and within that project space I'm looking for /proj/<project name>/www/.crontab-admin/crontab-DEV (Or crontab-QA Or crontab-PROD). From there i run a diff -q | wc -l against an if logic checking for 1 or 0. If it's different run crontab -u <user> crontab-DEV (Or Crontab-QA, crontab-PROD)

This root cronjob will be run locally on each host. This logic makes sense for non-load balanced env's, but how would I be able to do this in a load balanced environment? I have two QA servers and four Production servers.

Any thoughts?

chrism01 · 11-02-2006, 07:22 PM

The code would be simpler (& prob quicker) if you skip the diff part and just update cron each hour regardless.

trubled · 11-02-2006, 07:28 PM

The BEST Modifiable script (wich has a GREAT person of an author and makes an app called rKhunter dubaa,vubba dot rootkit.nl - he made the one and only Bash Installer, this basically allows you to make a coffee while it adds evey one of the commands entered, ofcourse, ohe offers Some help. amd is a very smart guy.
I recommend to look at how to modify and just use for start, his Basic-Install-Script, BUT you know, he would maybe LOVE the idea roo if it is not already in it ;p .
Let me know if this helps bro, cheers,
Drew / DX

unSpawn · 11-02-2006, 09:03 PM

I recommend to look at how to modify and just use for start, his Basic-Install-Script.
Apologies to the OP for this OT post, but where's the D/L for the "Basic-Install-Script"?

trubled · 11-02-2006, 09:14 PM

It ios an onlione generator and siots on hsi site.. you add packages to BSD or ,m its in shell so, you set it for wwhatever* distro, then maybe mod it, or write the owner , site is:
http://www.rootkit.nl/freebsd/installer.php

Also join his mailing list, and this is a MUST for BSD Admis, i was using when it was beta and was fine then :-)
enjoy.
Drew / DX

RaelOM · 11-03-2006, 06:57 AM

Quote:

Originally Posted by chrism01

The code would be simpler (& prob quicker) if you skip the diff part and just update cron each hour regardless.

The diff part is quite literally the easiest part of this entire process. No sense in updating the file and running crontab -u <user> <filename> if the file already matches.

The hardest part of this is applying the cronjob in a load balanced env. Some users want the same job run on each host, others want the job only run on one host. How do I deliminate that?

unSpawn · 11-03-2006, 08:05 AM

The hardest part of this is applying the cronjob in a load balanced env. Some users want the same job run on each host, others want the job only run on one host. How do I deliminate that?
Looks like a user configurable option. Should be read from a config file IMHO.

RaelOM · 11-06-2006, 09:49 AM

Ok, so now I need a little scripting help. Apparently I ate my bowl of dummies today and am stumbling...

I have two lists.

List a is UID'd
List b is directories.

I need to format list a and list b as so.

<UID>:<DIRECTORY>:<0|1>

$i = UID = A
$x = Directory = B
0|1 = diff -q /var/spool/cron/tabs/$i /proj/$x/www/.crontab-admin/crontab-$ENV | wc -l

How can I generate a loop of sorts to process those files and return the content I'm looking for?

EX: webserver01:webserver:0

RaelOM · 11-09-2006, 07:05 AM

If anyone was curious -- Here's the final result. This script does not take into account load balanced env however. That will be in revision two. If anyone has suggestions or comments, please feel free. I only learn to be better with criticism.

Code:

#!/bin/bash

#######################
# PURPOSE: Crontab Auto updater
# AUTHOR: Rael Mussell
# DATE: 11.3.2006
#######################

CLOC=/var/spool/cron/tabs
WEBLOC=/ford/thishost/unix/cen/ewwwadmin
CRONTABLOG=/ford/thishost/unix/cen/wftools/logs

# Set Current Hostname
HOST=`hostname`

# Set ENV
if [ `ls -d $WEBLOC/*dev | head -1 | wc -l` = "1" ]; then
		ENV=DEV
	elif [ `ls -d $WEBLOC/*qa | head -1 | wc -l` = "1" ]; then
		ENV=QA
	else 
		ENV=PROD
fi

#Get a list of UID's that can run crontab
for i in `grep bppcron /etc/group | cut -f4 -d: | tr , " "`; 
do 
	# WAS Violation Check
	X=`grep $i /var/spool/cron/deny | wc -l`;
		if [ "$X" -eq "0" ]; then
			echo $i >> /tmp/.crontab-uid;
		fi
done;

# Translate UID's into Project Directories and save to temporary file location
for i in `cat /tmp/.crontab-uid`; 
do 
	echo $i:`ls -la /proj/ | grep $i | awk '{print $9}'` >> /tmp/.crontab-mash;
done;

# Begin Housekeping
# First make sure that the /proj/<project>/www/.crontab-admin directory exists
for i in `cat /tmp/.crontab-mash`;
do
	USER=`echo $i | cut -f1 -d:`;
	PLOC=`echo $i | cut -f2 -d:`;
		if [ ! -d /proj/$PLOC/www/.crontab-admin ]; then
			mkdir -p /proj/$PLOC/www/.crontab-admin;
			chown $USER:$USER /proj/$PLOC/www/.crontab-admin;
		fi
done;

#Take .crontab-mash an run diffs on crontabs and update master file.
for i in `cat /tmp/.crontab-mash`;
do 
	USER=`echo $i | cut -f1 -d:`;
	PLOC=`echo $i | cut -f2 -d:`;
		echo $USER:$PLOC:`diff -q $CLOC/$USER /proj/$PLOC/www/.crontab-admin/crontab-$ENV | wc -l` >> /tmp/.crontab-master;
done;

#Begin updating crontabs as required
# Usage: crontab -u $USER $FILENAME
for i in `cat /tmp/.crontab-master`;
do
	USER=`echo $i | cut -f1 -d:`;
	PLOC=`echo $i | cut -f2 -d:`;
	DIFF=`echo $i | cut -f3 -d:`;
		if [ "$DIFF" -eq "1" ]; then
			echo 1 > /tmp/.crontab-change;
			cp /proj/$PLOC/www/.crontab-admin/crontab-$ENV /var/spool/cron/tabs/$USER;
			chown root:root /var/spool/cron/tabs/$USER;
			chmod 600 /var/spool/cron/tabs/$USER;
			echo $USER:$PLOC:$DIFF:UPDATED -- `date +%D" @ "%R` >> $CRONTABLOG/crontab-log.txt;
		fi
done;

#Restart crond if their has been a change.
CHANGE=`cat /tmp/.crontab-change | wc -l`
if [ "$CHANGE" -eq "1" ]; then
	/etc/init.d/cron restart;
fi
	
# Cleanup
rm /tmp/.crontab-uid
rm /tmp/.crontab-mash
rm /tmp/.crontab-master
rm /tmp/.crontab-change