Cron

Introduction
Cron is a server daemon that runs scheduled tasks on your computer.

Links
This page was copied from http://gentoo-wiki.com/HOWTO_use_cron


 * Crontab : Scheduling Tasks
 * Gentoo Linux Cron Guide

What this HOWTO will do
This HOWTO will tell you how to set up scheduled tasks with cron as root, based on the pre-set system crontab that executes all the files in the folder daily, and the files in  hourly etc.

Currently this HOWTO just covers the simplest and easiest way to schedule commands with cron. There are more advanced ways of using cron, but for a beginner it's very confusing to work with crontab and for most cases it's not necessary.

Installation
Gentoo proposes three implementation. Please refer to the Gentoo Linux Cron Guide to choose yours.

Vixie-cron
Most people will have installed vixie-cron with the installation of their Gentoo system.
 * 1) emerge vixie-cron
 * 2) rc-update add vixie-cron default

Dcron or fcron

 * 1) emerge -av dcron
 * 2) rc-update add dcron default

or


 * 1) emerge -av fcron
 * 2) rc-update add fcron default

Then:


 * 1) crontab /etc/crontab

Adding a scheduled service as root
In the directory there are 4 default folders corresponding to different intervals for cron to run commands. To add a service to any of these just add a file with the command you want to run in the appropriate folder:

Now we assume that you want to run the command logwatch.pl once a day. (Logwatch sends emails to root with a summary analysis of your computer's logfiles, so that you can track who has logged in, when, if your disks are running full and other useful stuff). You can install logwatch with emerge logwatch.

In order to run Logwatch once a day we go into the folder and add a file called ; in this file you type the name of the program you want to run (complete with its full path). If you are uncertain of a program's full pathname try locating it with the command which, as in which logwatch.pl. /usr/sbin/logwatch.pl
 * Example:
 * 1) ! /bin/sh

The last thing you need to do is to make the file executable:


 * 1) chmod +x /etc/cron.daily/logwatch.cron

Now logwatch is run every day and sends an email to the root user.

Tip: The files we add in cron.daily etc. are not configuration files, they are shellscripts executed by cron. In this case we've added to the file that's executed a simple line that just runs a program, but if you want you can have a more complex shellscript that runs a sequence of programs or checks. Look at the other scripts in /etc/cron.* for examples of what to do.

Logrotate
A very good thing to do for the well-being of your logs is to install logrotate - a program that goes through the log files and sequentially divide them up and archive them as they grow. If you don't rotate your logs, the files will become huge (hundreds of megabyte) and - performance for certain tasks goes down.

On Gentoo it's a no-brainer to install and activate logrotate just:
 * 1) emerge -av logrotate

That command installs logrotate and adds an entry to to run logrotate just as we did manually in the logwatch example above.

The default for logrotate is to delete log entries older than 4 weeks, if you want to keep your logs longer than that comment the line "rotate 4". You might also want to change the setting on compressing old logs; the default is to compress the logs. Below are listed the settings you might want to change from the configuration file for logrotate.


 * Example:
 * 1) keep 4 weeks worth of backlogs
 * 2) rotate 4


 * 1) uncomment this if you want your log files compressed
 * 2) compress

Webalizer
Webalizer is a program that analyses your apache webserver log and generates webpages complete with graphs of the traffics.

It's a little bit more difficult to install than logrotate. Start by emerging webalizer, which will install the files on your computer.
 * 1) emerge -av webalizer

Currently the text messages after installing webalizer are a bit outdated, contrary to what it says don't add anything to the apache.conf file, apache2 already will read the config file for webalizer because it's in the directory. But you do need to restart apache to get webalizer to work:


 * 1) /etc/runlevels/default/apache2 restart

If you look at http://localhost/webalizer you will still see nothing, this is because no stat files have been generated yet. Create a new file called (such as the  directory, if you want updated stats to build each night).

/usr/bin/webalizer
 * Example:
 * 1) ! /bin/sh

Now you have created the file, but you must also make it executable in order for cron to be able to run it.


 * 1) chmod +x /etc/cron.daily/webalizer.cron

To test that it's executable, and to generate your first stats you just run the program. Do this by typing in its name:


 * 1) /etc/cron.daily/webalizer.cron

You will see some output from webalizer that it generates the information, and you can now visit your local computer under the http://localhost/webalizer and see your stats.

Portage
While many users may like to update their Portage trees while they're at the console, many also prefer to automate the process with cron. Remember that Gentoo Netiquette specifies that you should not sync your Portage tree more than once per day, so we will do it weekly.

All you need to do is create a script that will sync the tree. So create in your  directory. exec /bin/nice /usr/bin/emerge --sync
 * Example:
 * 1) ! /bin/sh

Note: It is generally a good idea to nice every command that might take a noticeable amount of time to execute so that the cron job does not steal the computer from its user. A second thing is the use of absolute paths as a security measure because the cron jobs from this howto are executed as root.

Tmpreaper
How to set up a cron job to automatically clean out non-used files in with tmpreaper "How to clean /tmp"

Additional tasks
Please feel free to add more common tasks to use cron for.

I think that running chkrootkit regularly would be a good idea!

iptables
If you modify your rules for iptables often (or a program does it for you, such as swatch ("HOWTO Protect SSHD with Swatch") to block IPs with multiple failed login attempts), iptables normally only saves the rules when it shuts down. However if you have a kernel panic or don't stop it with the init script, it won't save your rules. This can be annoying if after 200+ days of uptime you lose all your iptables data (happened to me!).

So, having your iptables saved regularly can be a good idea.

Simply create a cron file as follows: /etc/init.d/iptables save
 * Example:
 * 1) !/bin/sh

And that's it!