LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices


Reply
  Search this Thread
Old 09-24-2017, 08:37 AM   #1
pdobrien3
LQ Newbie
 
Registered: Aug 2017
Posts: 14

Rep: Reputation: Disabled
Cron job for Perl script


Good morning Linux Users,

I have a snort, barnyard2, pulled pork IDS with an Aanval web front end. I am trying to get the BPUs of Aanval to run through cron. My limited knowledge is that it uses Perl.

Here are the instructions from the Aanval Wiki to manually start the BPUs:

The Aanval Background Processing Units (BPUs) are responsible for importing events, processing actions, and ensuring the console functions properly. You must start the BPUs in order for the console to operate correctly, and it should be done with root or equivalent privileges. To start the BPUs, change into the /apps directory of your Aanval installation and run the following command:
perl idsBackground.pl -start

Here is my chron entry that doesn’t seem to work:

05 04 * * * perl /var/www/html/aanval/apps/idsBackground.pl -start

I am editing cron with the cli command of sudo crontab -e

Running “/var/www/html/aanval/apps/idsBackground.pl -start” works from the cli.

Any assistance greatly appreciated,
Dan

Last edited by pdobrien3; 09-24-2017 at 08:40 AM.
 
Old 09-24-2017, 08:48 AM   #2
Turbocapitalist
Senior Member
 
Registered: Apr 2005
Distribution: Ubuntu, Devuan, OpenBSD
Posts: 2,522
Blog Entries: 3

Rep: Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110
First off where is idsBackground.pl really supposed to be installed?

There should never, ever be any excutable scripts inside the web server's document root. So before going further it would be a good idea to move it to /usr/local/bin/ or /var/www/bin/ or something like that.

Then double check the first line of the script and the permissions:

Code:
head -n 1 /usr/local/bin/idsBackground.pl

stat --format '%A %n' /usr/local/bin/idsBackground.pl
The first line should be something like "#!/usr/bin/perl -T" or similar.

The permisssions should show that the file is executable.

Then in the cron job you should have :

Code:
05 04 * * * /usr/local/bin/idsBackground.pl -start
 
Old 09-24-2017, 09:04 AM   #3
pdobrien3
LQ Newbie
 
Registered: Aug 2017
Posts: 14

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by Turbocapitalist View Post
First off where is idsBackground.pl really supposed to be installed?

There should never, ever be any excutable scripts inside the web server's document root. So before going further it would be a good idea to move it to /usr/local/bin/ or /var/www/bin/ or something like that.

Then double check the first line of the script and the permissions:

Code:
head -n 1 /usr/local/bin/idsBackground.pl

stat --format '%A %n' /usr/local/bin/idsBackground.pl
The first line should be something like "#!/usr/bin/perl -T" or similar.

The permisssions should show that the file is executable.

Then in the cron job you should have :

Code:
05 04 * * * /usr/local/bin/idsBackground.pl -start
The first line was "#!/usr/bin/perl -w
The permissions were 0777

I removed the Perl statement from the front of the crontab job, we shall see if it works tonight :-)

Last edited by pdobrien3; 09-24-2017 at 09:05 AM.
 
Old 09-24-2017, 09:06 AM   #4
Emerson
LQ Guru
 
Registered: Nov 2004
Location: Saint Amant, Acadiana
Distribution: Gentoo ~arch
Posts: 6,147

Rep: Reputation: Disabled
If your crontab has no $PATH set then plain perl will not work.
 
Old 09-24-2017, 09:13 AM   #5
Turbocapitalist
Senior Member
 
Registered: Apr 2005
Distribution: Ubuntu, Devuan, OpenBSD
Posts: 2,522
Blog Entries: 3

Rep: Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110
Quote:
Originally Posted by pdobrien3 View Post
The permissions were 0777
They should be 0555 or 0755. How did they get to 0777 at all? That's a very bad sign, especially for something that's been floating around in the web server's document root.

You might want to do a quick check and remove or fix any files you find in violation.

Code:
find /var/www/ -type f -perm /o=w,o+x -exec stat --format "%A %n" {} \;
Which instructions are you trying to follow?
 
Old 09-24-2017, 09:14 AM   #6
pdobrien3
LQ Newbie
 
Registered: Aug 2017
Posts: 14

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by Emerson View Post
If your crontab has no $PATH set then plain perl will not work.
So then:

05 04 * * * /usr/bin/perl /var/www/html/aanval/apps/idsBackground.pl -start
 
Old 09-24-2017, 09:16 AM   #7
Turbocapitalist
Senior Member
 
Registered: Apr 2005
Distribution: Ubuntu, Devuan, OpenBSD
Posts: 2,522
Blog Entries: 3

Rep: Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110
Quote:
Originally Posted by pdobrien3 View Post
So then:

05 04 * * * /usr/bin/perl /var/www/html/aanval/apps/idsBackground.pl -start
No. The perl script, if executable, can be lauched without preceding it with perl. However, it really does need to be removed from the document root.
 
Old 09-24-2017, 09:16 AM   #8
pdobrien3
LQ Newbie
 
Registered: Aug 2017
Posts: 14

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by Turbocapitalist View Post
They should be 0555 or 0755. How did they get to 0777 at all? That's a very bad sign, especially for something that's been floating around in the web server's document root.

You might want to do a quick check and remove or fix any files you find in violation.

Code:
find /var/www/ -type f -perm /o=w,o+x -exec stat --format "%A %n" {} \;
Which instructions are you trying to follow?
It was a fairly simple install. Here are the instructions I followed:

http://wiki.aanval.com/wiki/Aanval:A...or_Setup_Guide
 
Old 09-24-2017, 09:36 AM   #9
Turbocapitalist
Senior Member
 
Registered: Apr 2005
Distribution: Ubuntu, Devuan, OpenBSD
Posts: 2,522
Blog Entries: 3

Rep: Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110
Thanks. The web server root they mention in the instructions refers to /var/www/ on your machine. That is not readable by the world. The document root, which is /var/www/html/ on your machine, is readable by the world via HTTP and/or HTTPS. So scripts should move out of the latter and into the former.

As for the 0777 permissions, those can be fixed but since the tarball is not available for download, so I can't see if they've provided files with incorrect permissions or if that came later. Either way the script should be 0755 or 0555.
 
Old 09-24-2017, 09:51 AM   #10
pdobrien3
LQ Newbie
 
Registered: Aug 2017
Posts: 14

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by Turbocapitalist View Post
Thanks. The web server root they mention in the instructions refers to /var/www/ on your machine. That is not readable by the world. The document root, which is /var/www/html/ on your machine, is readable by the world via HTTP and/or HTTPS. So scripts should move out of the latter and into the former.

As for the 0777 permissions, those can be fixed but since the tarball is not available for download, so I can't see if they've provided files with incorrect permissions or if that came later. Either way the script should be 0755 or 0555.
So, if I put it into /var/www/aanval, would I be able to access the web page? Did I totally install it wrong by putting it in /var/www/html/aanval or is that the correct place and I just need to move scripts elsewhere?

Thank you for your help on this. Great learning for me.

Last edited by pdobrien3; 09-24-2017 at 09:56 AM.
 
Old 09-24-2017, 10:01 AM   #11
Turbocapitalist
Senior Member
 
Registered: Apr 2005
Distribution: Ubuntu, Devuan, OpenBSD
Posts: 2,522
Blog Entries: 3

Rep: Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110
Quote:
Originally Posted by pdobrien3 View Post
So, if I put it into /var/www/aanval, would I be able to access the web page? Did I totally install it wrong by putting it in /var/www/html or is that the correct place and I just need to move scripts elsewhere?

Thank you for your help on this. Great learning for me.
It should work in /var/www/aanval/ but what kind of output does in produce?

It's hard to say what the scripts produce and where they put it without seeing the actual code and that's not available for general login. In general, /var/www/html/ is a very wrong place for scripts. But the instructions seem a little weird.

It is kind of weird that they say to precede the script with the perl interpreter since the script is executable and the first line points to the interpreter.
 
Old 09-24-2017, 10:17 AM   #12
pdobrien3
LQ Newbie
 
Registered: Aug 2017
Posts: 14

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by Turbocapitalist View Post
It should work in /var/www/aanval/ but what kind of output does in produce?

It's hard to say what the scripts produce and where they put it without seeing the actual code and that's not available for general login. In general, /var/www/html/ is a very wrong place for scripts. But the instructions seem a little weird.

It is kind of weird that they say to precede the script with the perl interpreter since the script is executable and the first line points to the interpreter.
I just downloaded it using this :

wget download.aanval.com/aanval-8-latest-stable.tar.gz
 
Old 09-25-2017, 04:20 AM   #13
pdobrien3
LQ Newbie
 
Registered: Aug 2017
Posts: 14

Original Poster
Rep: Reputation: Disabled
Here is the error I got:

Cron <root@Family-Room-Laptop> /var/www/html/aanval/apps/idsBackground.pl -start

---------------------------------------------------
Aanval by Tactical FLEX, Inc.
Copyright 2003-2014

http://www.tacticalflex.com/

Background Processing Unit (BPU) Initializer
Version: 8.1.810
---------------------------------------------------

Can't open perl script "./idsBackground.pl": No such file or directory
Can't open perl script "./idsBackground.pl": No such file or directory
Can't open perl script "./idsBackground.pl": No such file or directory
Can't open perl script "./idsBackground.pl": No such file or directory
 
Old 09-25-2017, 05:02 AM   #14
Turbocapitalist
Senior Member
 
Registered: Apr 2005
Distribution: Ubuntu, Devuan, OpenBSD
Posts: 2,522
Blog Entries: 3

Rep: Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110
Quote:
Originally Posted by pdobrien3 View Post
Can't open perl script "./idsBackground.pl": No such file or directory
Can't open perl script "./idsBackground.pl": No such file or directory
Can't open perl script "./idsBackground.pl": No such file or directory
Can't open perl script "./idsBackground.pl": No such file or directory
Ok. You might take a look at the script. It is probably not so complex. It is looking for a relative path and cron is not using the right directory. One work-around would be to wrap the task in a short shell script and call that from cron instead. There you can include a call to change the working directory.

Code:
#!/bin/sh

cd /var/www/aanval/
/var/www/aanval/apps/idsBackground.pl -start
Again, please see the comments before about moving the scripts out of the public part of the web server's directories.
 
Old 09-25-2017, 10:09 AM   #15
pdobrien3
LQ Newbie
 
Registered: Aug 2017
Posts: 14

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by Turbocapitalist View Post
Ok. You might take a look at the script. It is probably not so complex. It is looking for a relative path and cron is not using the right directory. One work-around would be to wrap the task in a short shell script and call that from cron instead. There you can include a call to change the working directory.
Ok, I made a backup copy of the script and called it idsBackgroundChron.pl. Then everywhere there was a ./, I filled in the relative path. Should this work? Also, twice in the script there was ../. What is the difference between ./ and ../?


Quote:
Originally Posted by Turbocapitalist View Post
Again, please see the comments before about moving the scripts out of the public part of the web server's directories.
Yes, I am onboard with this. I just need to get a known working setup before I make changes so I know what effects my changes have.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
cron job fails when script does not rkappler Linux - General 6 12-10-2015 12:53 PM
adding a perl script to cron.daily / cron.d to setup a cron job CrontabNewBIE Linux - Software 6 01-14-2008 08:16 AM
Errors when running Perl script in a cron job meshach Slackware 2 06-20-2006 09:10 PM
Cron Job with a Script bravored Linux - General 4 08-05-2005 10:27 AM
Trouble with perl script in Cron job thack111 Linux - General 7 11-25-2004 02:44 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - General

All times are GMT -5. The time now is 01:12 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration