Cronjob on Amazon EC2 Deleted? - cron

I had a cronjob set up to run a php script daily, which went well for about a month. Today, I realized it didn't run the script so I opened up the crontab. The crontab is completely empty - what happened?
I don't know too much about cronjobs, but as far as I understand, they do not delete themselves if the server is reset. How can I make sure cronjobs are always running and that it doesnt get deleted?

It is probably under a different user. Check root user sudo crontab -e. Each user has it's own crontab and there's one for the whole system. Note: Through the crontab configuration you can disable per-user crontabs.

Related

Node script runs manually but fails in crontab

Currently am running a few js files manually on a semi weekly bases for my company. I stumbled on the possibility of automating these runs in to cron jobs. Im fairly novice to shell scripts and was able to achieve this on an outdated personal mac mini I have.
When trying to replicate the same setup on a company owned device, I hit a wall. I think it has something to do with user permissions or current user cron differing from sudo cron. (The user I have is the only user on the device.)
I can manually run this script on the current user macserver#Mac-mini ~ % , utilizing the node NVM_BIN I downloaded through homebrew and it runs fine.
Terminal entry like this:
cd Desktop/main-tool && /Users/macserver/.nvm/versions/node/v18.12.1/bin/node main.js
I then try accessing cron using the nano editor EDITOR=nano crontab -e adding the command above except with the scheduling expression and nothing happens.
Cron entry like this:
* * * * * cd Desktop/main-tool && /Users/macserver/.nvm/versions/node/v18.12.1/bin/node main.js
Is there a way to view if cron jobs are running instead of just viewing an active list? Not sure where to start trouble shooting as the information I have come across references anywhere from changing root variables for users to complete environment overhaul which I would like to avoid.
My PATH and SHELL:
$SHELL=/bin/zsh
$PATH=/Users/macserver/.nvm/versions/node/v18.12.1/bin:/opt/homebrew/bin:/opt/homebrew/sbin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin
Let me know if any other info might help.

How do I start a cron service on a web server programatically?

I have been stuck on this for a while and this is new territory for me so I need some help. I am working on a project where a cron service is created when a user is created with a web application. However, I am running into problems actually getting the cron service to run. Here is what I have tried
1) Creating a cron service using
crontab -l | { cat; echo "'comand'"; } | crontab -
This creates the job fine. However, it creates it with www-data as the user and those do not show to execute.
I should mention that I am setting path to
PATH=/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin
as I am running a python script that I have made executable using chmod +x and put the appropriate headers to make sure it runs properly (which it does). In addition, all paths are full paths. To be more clear, here is the actual command I am using inside the crontab
*/10 * * * * /home/user/path-to script/script.py --user_id 1 --db_file /home/user/path-to-file/file.db
However, the script never runs.
2) Creating a file under /etc/cron.d, but from my testing, I have realized that this only works if the file is created as a root user, which since the user creating the file is www-data, the job will again, not execute.
for reference, I am doing that as such:
*/10 * * * * user /home/user/path-to script/script.py --user_id 1 --db_file /home/user/path-to-file/file.db
What does work is repeating steps 2 & 3 using a user that is part of the sudo group or is the root user. This tells me that I need to create the cron job using one of those two users, but I am not sure how to do that programmatically when www-data is being used for web activities.
Another option I have considered is using crontab -u user to programmatically add the job to a user I know works, but the issue with that is that in order to do that I need sudo access and I don't want to pass in the sudo password when creating the cronjob or do something that might be potentially dangerous (like removing the need to use sudo as I know that is possible, but in my opinion could be very bad is someone gains access to the account and therefore has escalated privileges)
Help would really be appreciated.
As for the stack, if it's helpful, I am using Ubuntu 18.04.3 (LTS) x64 and Apacahe2

How do I restore CronTab to my WebMin system

I don't know if this was an effect of the shellshock attack which my server was victim to (or another attack that worked) but it basically enabled the hacker to overwrite my SSH config file when the server rebooted.
This new file used wget to load in a file from a website, then another library of hack functions which I guessed he then used to run hacks/DOS from my server. I caught it pretty fast and ideally want to upgrade but because I have cancer and just had a big operation it is too much effort at the moment.
Therefore I did a lot of house keeping, changing passwords, removing shell access, reverting back to DASH, replacing the default shell for root and any other users to another folder with symbolic links, restoring the config file for SSH, removing CGI functionality from config files e.g
ScriptAlias /cgi-bin/ /home/searchmysite/cgi-bin/
#
allow from all
#
Removed AW stats and Webalizer for all virtual min sites.
I already had DenyHosts and Fail2Ban installed.
I also blocked in/outbound traffic to the IPs of the sites he was getting the files from.
However it seems since this change I have lost the visual cron manager from webmin.
When I go to the menu item "Scheduled Cron Jobs", it says, "The command crontab for managing user Cron configurations was not found. Maybe Cron is not installed on this system?"
However I can see in the file system it exists.
When I run crontab -l or crontab -e I get "Permission Denied"
whoami shows "root"
I did think at the time of the hack this was all related and he had used SSH and a Cron job to get his hack running.
What I want to know is how I can get the CronTab manager back.
All the cron jobs are still running such as importing feeds into my websites, running scheduled emails and so on, what I don't know is how to resolve this without a full rebuild.
If I had the time and energy I would do that but I am totally drained and before this hack everything was just running smoothly and my websites which bring me in money were working fine.
They currently are still working fine and I regularly check my logs for IPs that look odd, have strong htacess rules for xss/sql/path travesal/file hacks and ban whole countries from Cloudflare which the site sits behind. So I don't "think" the machine is compromised at the moment even if it is old - could be wrong though!
details of box
Operating system Debian Linux 5.0 Virtualmin version 3.98.gpl GPL WebMin Version: 1.610 Kernel and CPU Linux 2.6.32.9-rscloud on x86_64
So if anyone can help me get my crontab manager back that would be great.
Thanks
1) check if chattr exists, if not, download a new one.
2) type whereis crontab, then chattr -isa /path/to/crontab.(usually /usr/bin/cron) then chmod crontab back to it original settings.
3) navigate to /var/spool/ and
chattr -isa cron
cd cron
chattr -isa crontabs
4) remove cron entry in /etc/cron.weekly
Look in /etc/cron.weekly for any new

Why is my cron job not running?

I am trying to run a cron job at 5:20pm as below but it's not working.
20 17 * * 1 /usr/bin/php /home/myacc/public_html/job/generate.php
I basically did crontab -e and entered the above line there and saved the file.
If I try running the command directly from the command line as below, it works fine:
php /home/myacc/public_html/job/generate.php
What am I doing wrong?
Also, how do I send a message from the cron to either a log file or email so that I know what's going on?
You can record all the logs of your cronjobs by installing postfix and configuring it as local domain during installation. Such that you can see the logs of your cron jobs by vi /var/mail/<user-name>. Try looking the logs and figure out the problem. If you don't find any solution post the log so that it will help others to diagnose the problem. I'm adding this as an answer instead of comment because i think I'm answering your second query.

Apache access log automatically set permissions

For some tests I'm doing, I'm required to remotely tail the apache access log via ssh. I can successfully do that only when the permissions are accurately set for the log. I've noticed that once a week, a new apache access.log is created and the permissions are reset.
My current work around is editing the permissions on the log once a week:
chmod 644 /var/log/apache2/access.log
I was wondering if there was a more permanent solution such as extending the time that the old log remains or automatically setting permissions when the new log is created.
If it matters, I'm running the server on Ubuntu 11.10
Edit your logrotate.conf file to set the correct owner/permissions for the apache.log file. Something like this:
/var/log/apache2/access.log {
weekly
create 0644 root utmp
rotate 1
}
(Edit: Changed mode from 0744 to 0644. No need to set the execute bit.)
Maybe another application, like logrotate, is altering the logs? (Sounds like it, as it only happens weekly) I don't think Apache itself is responsible for the permissions chance.
A good place to start is check /etc/cron./* to see if any cron jobs are touching the access.log
Good luck!

Resources