[SOLVED] Having trouble running cron job script only works on terminal as root
SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Having trouble running cron job script only works on terminal as root
I have a couple scripts that needs to run but doesn't work when added to cron job. I can run it manually as root but other than that its a no-go. The script that resides in root is suppose to launch from the cron job as soon as chromium is open.
Code:
#!/bin/bash
START="/root/blahblah.sh"
PGREP="/usr/bin/pgrep"
CHROME="/usr/bin/chromium"
$PGREP ${CHROME}
if [ $? -ne 0 ]
then
$START
fi
The script is running regardless whether Chromium is open or not. I have moved the scripts to a temp location for testing.
I only want the scripts to run if Chromium is open if not I want the script to stay dormant in the cron job. I'm no scripter.
Like michaelk was saying, cron jobs provide chronological based hooks, so might not be the best choice...
If you want to use cron jobs as a regular user, your user needs to be in the same group that owns the crond binary. You could create a group, cronusers, and then "chown root:cronusers usr/sbin/crond", after that any user in the cronusers group could make their own cron tables.
As root, the easiest way to run time-based cron jobs, is just to put the scripts in the appropriate folder in etc., i.e., cron.hourly, cron.daily, cron.weekly, etc. You can manually edit a crontab file (crontab -e) and add an @reboot, to create jobs for reboot.
IMHO, the only way to use cron job when you open chromium, is to predict when you plan on opening it: therefore, cron job is probably not what you want.
You could just rename your script "chromium-launcher" or the like, and put it in /usr/bin (or somewhere else that is in your $PATH, where executable binaries are expected--though they don't have to be binaries, and can be shell scripts too). Then to start chromium, you would just type chromium-launcher at your cli. If you want a graphical icon to click or tap on, you can use chromium's icon to execute your script--however, how to do that, is dependent on which window-manager you use (i.e., kde, xfce, stumpwm, etc.)...
Last edited by slac-in-the-box; 09-15-2020 at 10:45 AM.
Reason: perfection
#!/bin/bash
[ $( id -u) != "0" ] && echo "This script needs root privileges!" && exit
printf "AutomapHostsOnResolve 1\nAvoidDiskWrites 1\nDataDirectory /var/lib/tor\nDisableAllSwap 1\nDNSPort 127.0.0.1:5353\nExcludeExitNodes {au}, {ca}, {fr}, {gb}, {nz}, {us}\nFascistFirewall 1\nGeoIPExcludeUnknown 1\nHashedControlPassword 16:C18BE92953A2240C609FD7B56C2069C639108CF4275C737D84EB519B84\nLongLivedPorts 9050\nNodeFamily {au}, {ca}, {fr}, {gb}, {nz}, {us}\nPathsNeededToBuildCircuits 0.95\nSandbox 1\nSocksPolicy accept 127.0.0.1/32\nSocksPort 127.0.0.1:9050 IsolateClientAddr IsolateSOCKSAuth IsolateClientProtocol IsolateDestAddr IsolateDestPort\nStrictNodes 1\nTransPort 127.0.0.1:9040 IsolateClientAddr IsolateClientProtocol IsolateDestAddr IsolateDestPort\nVirtualAddrNetwork 10.192.0.0/10" > torify
echo "Starting TOR..."
sh /etc/rc.d/rc.unbound stop
killall tor > /dev/null 2>&1
killall unbound > /dev/null 2>&1
tor -f /etc/tor/torify > torify.log &
echo "Wait for TOR bootstrap..."
grep -q 'Done' <(tail -f torify.log)
echo "Bootstrap ok!"
# Backup iptables rules
echo "Backup IPTABLES rules..."
iptables-save > backup
echo "Setting firewall rules..."
NON_TOR="192.168.0.0/24"
iptables -F
iptables -X
iptables -t nat -F
iptables -t mangle -F
iptables -t raw -F
iptables --delete-chain
iptables --table nat --delete-chain
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP
iptables -t nat -A OUTPUT -d 10.192.0.0/10 -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j REDIRECT --to-ports 9040
iptables -t nat -A OUTPUT -m owner --uid-owner tor -j RETURN
iptables -t nat -A OUTPUT -o lo -j RETURN
iptables -t nat -A OUTPUT -d 127.0.0.0/8 -j RETURN
# iptables -t nat -A OUTPUT -d 192.168.0.0/24 -j RETURN
iptables -t nat -A OUTPUT -p tcp -m owner --uid-owner unbound -m tcp -j REDIRECT --to-ports 9040
iptables -t filter -A OUTPUT -p tcp -m owner --uid-owner unbound -m tcp --dport 9040 -j ACCEPT
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
iptables -A OUTPUT -d 127.0.0.1/32 -o lo -j ACCEPT
iptables -A OUTPUT -o wlan0 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -i wlan0 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -t nat -A OUTPUT -m owner --uid-owner 0 -j RETURN
iptables -t nat -A OUTPUT -p udp --dport 53 -j REDIRECT --to-ports 5353
for NET in $NON_TOR 127.0.0.0/9 127.128.0.0/10; do
iptables -t nat -A OUTPUT -d $NET -j RETURN
done
iptables -t nat -A OUTPUT -p tcp --syn -j REDIRECT --to-ports 9040
iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
for NET in $NON_TOR 127.0.0.0/8; do
iptables -A OUTPUT -d $NET -j ACCEPT
done
iptables -A OUTPUT -m owner --uid-owner 0 -j ACCEPT
iptables -A OUTPUT -j REJECT
echo "Done!"
echo "Press any key to stop transparent proxy..."
read -n 1
killall tor
echo "Clear tor rules and restore previous configuration..."
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP
iptables -F
iptables -X
iptables -t nat -F
iptables -t mangle -F
iptables -t raw -F
iptables --delete-chain
iptables --table nat --delete-chain
#restore previous rules
iptables-restore < backup;
#Cleaning up
rm -rf backup
rm -rf torify
rm -rf torify.log
sh /etc/rc.d/rc.unbound start
script to run tor proxy + torify script only if Chromium is running
Code:
#!/bin/bash
START="/home/problemchyld/Desktop/torify.sh"
PGREP="/usr/bin/pgrep"
CHROME="/usr/bin/chromium"
$PGREP ${CHROME}
if [ $? -ne 0 ]
then
$START
fi
I can't or don't know how to run the proxy script without root but like a cron job to do it.
su is very different than sudo. The latter can be used in scripts and elevate only a specific program using specific parameters. It would be very useful in the task you describe.
For an in-depth explanation of the capabilities, see Michael W Lucas' book sudo Mastery, 2nd edition or one of his lectures.
sudo not su. Give permission for your regular to run your script as root.
As is there is no loop in your cron script so there is nothing to keep it running. You could add a loop with a sleep statement which basically runs continuously.
cron won't do what you're looking for unless you want to have it poll every minute or few and then run it, but you'll have some time after you started Chromium where the script wouldn't run until it reached its next scheduled job.
A better option would be to edit the script used to launch chromium (at least, I assume there's a script, since there is one for Chrome, /usr/bin/google-chrome-stable -- if there isn't one, then I'd create a script to run your commands and then run Chromium) to run your script before running the commands to start Chromium.
If he uses the script method I suggested, he could simply add a sudo (if the user is set up for it otherwise kdesu) in front of the line running the the tor script, and then the rest of the chromium script would continue to run as the normal user.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.