LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices


Reply
  Search this Thread
Old 02-18-2011, 07:25 AM   #16
druuna
LQ Veteran
 
Registered: Sep 2003
Posts: 10,532
Blog Entries: 7

Rep: Reputation: 2400Reputation: 2400Reputation: 2400Reputation: 2400Reputation: 2400Reputation: 2400Reputation: 2400Reputation: 2400Reputation: 2400Reputation: 2400Reputation: 2400

Hi,

I assume you use encryption for a good reason, if that is so you should not undermine its security by automating it and exposing the passphrase. Security comes with responsibility and it does make life a bit harder....

The solution is simple: Decrypt by hand, or at least make sure you need to give the passphrase by hand if you use some sort of automation. Using cron for this would be out of the question in my book.

If, on the other hand, you are also the root user on that box (and no-one else has root access!!) you can implement it the way you do (I'm sure you can trust yourself ).

Hope this helps.
 
Old 02-18-2011, 07:46 AM   #17
rivacom
LQ Newbie
 
Registered: Jul 2010
Posts: 19

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by chrism01 View Post
I also wouldn't assume gpg is always going to be in the $PATH in cron.
I think this is my problem. Seems to be working now. Will know this weekend if nothing errors out. Thanks for all the help!
 
Old 02-18-2011, 07:51 AM   #18
rivacom
LQ Newbie
 
Registered: Jul 2010
Posts: 19

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by druuna View Post
Hi,

I assume you use encryption for a good reason, if that is so you should not undermine its security by automating it and exposing the passphrase. Security comes with responsibility and it does make life a bit harder....

The solution is simple: Decrypt by hand, or at least make sure you need to give the passphrase by hand if you use some sort of automation. Using cron for this would be out of the question in my book.

If, on the other hand, you are also the root user on that box (and no-one else has root access!!) you can implement it the way you do (I'm sure you can trust yourself ).

Hope this helps.
Problem being, Our IT dept is small in comparison to how many users and projects we have to take on. If I can automate this simple routine daily, it saves us from doing one more thing daily. Our box is on a secure network with really only a few people who even know about it. I know there is always the possiblilty of someone finding it and trying to get in, but like I said with limited staff, one less thing to worry about would be great.

Now I'm open to suggestions to secure this while still being automated.
 
Old 02-18-2011, 08:10 AM   #19
druuna
LQ Veteran
 
Registered: Sep 2003
Posts: 10,532
Blog Entries: 7

Rep: Reputation: 2400Reputation: 2400Reputation: 2400Reputation: 2400Reputation: 2400Reputation: 2400Reputation: 2400Reputation: 2400Reputation: 2400Reputation: 2400Reputation: 2400
Hi,
Quote:
Originally Posted by rivacom View Post
Problem being, Our IT dept is small in comparison to how many users and projects we have to take on. If I can automate this simple routine daily, it saves us from doing one more thing daily. Our box is on a secure network with really only a few people who even know about it. I know there is always the possiblilty of someone finding it and trying to get in, but like I said with limited staff, one less thing to worry about would be great.
If all is cosy and safe at the office why use encryption in the first place?

Implementing security this way is wrong. You are aware that +/- 80% of security related incidents are inside-jobs? Automation is a great thing in general, but it comes at a cost if one isn't careful. Putting security in place and breaking it at the same time isn't smart, especially if the sole reason for it is 'one less thing to worry about'. System admins love automating things, but they should know when not to automate.

But in the end the policies of the company dictate what needs to be done and what not. I do hope the (security) managers of the company you work for are aware of this practise and agree with it, if not you could get into trouble.

BTW: Glad to see you got your original problem solved!
 
Old 02-18-2011, 09:19 AM   #20
rivacom
LQ Newbie
 
Registered: Jul 2010
Posts: 19

Original Poster
Rep: Reputation: 0
I understand security concern. The file isn't encrypted by choice, the company we get the file does it due to their rules. The data is extracted and put into our ERP system which anyone has access who would want it. I would be more concerned with them hacking into our Database then discovering known data being moved around. Like I said, we monitor activity daily and change passwords to accounts on a regular basis. Again thanks for all the help.
 
Old 02-27-2011, 09:01 AM   #21
beyond_help
LQ Newbie
 
Registered: Nov 2006
Distribution: debian
Posts: 6

Rep: Reputation: 1
Thumbs up This helped me

Quote:
Originally Posted by jsanchez2004 View Post
you can launch the script with
#!/bin/bash -l

which adds all the user env vars or

launching it from crontab or script as follows :

su USER -c " COMMAND "
Thanks jsanchez2004! I was having the same issue with Debian (wheezy). Adding -l resolved my issue.

Cheers!
Randall

Last edited by beyond_help; 02-27-2011 at 09:02 AM. Reason: Misspelled jsanchez2004--should have just copy&pasted
 
1 members found this post helpful.
Old 06-16-2011, 10:22 AM   #22
n3wtux
LQ Newbie
 
Registered: Feb 2010
Posts: 8

Rep: Reputation: 0
I was having issues running a script using java jar files until I used #!/bin/bash -l. thanks all
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
script works when run but not when called by cron grob115 Linux - Server 7 08-28-2010 11:24 AM
Bash script works from command line, fails from cron cmfarley19 Linux - General 4 08-14-2009 12:24 PM
Keep getting errors when running cron job that works in normal terminal. Techno Guy Linux - Newbie 6 05-31-2009 06:48 PM
Shell Script works different from cron necrolin Programming 2 05-07-2009 09:52 AM
bash script works when interactive, endless loop when started via cron dguy Linux - General 5 04-10-2006 11:39 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - General

All times are GMT -5. The time now is 09:09 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration