# 2004/11/12 maasj@dm.org Original version
# 2005/02/24 Thibault Godouet Modified to be used with dnotify
# + bug fixes and enhancement.
+# 2005/04/27 Daniel Himler Security enhancements and cleanups.
#
CROND_DIR=/etc/cron.d
FCRONTAB_PROG=/usr/bin/fcrontab
CRONTAB_FILE=/etc/crontab
FCRONTAB_FILE=/etc/fcrontab
-FCRONTAB_FILE_GEN=/etc/fcrontab-script-gen
-FCRONTAB_FILE_TMP=/etc/fcrontab.tmp
+if [ -x `type -p mktemp` ]; then
+ FCRONTAB_FILE_TMP=`mktemp /tmp/fcrontab.XXXXXX`
+else
+ FCRONTAB_FILE_TMP=/tmp/fcrontab.$$
+fi
+FCRONTABS_DIR=/var/spool/fcron
SLEEP_TIME_BEFORE_REBUILD=30
# Function to build up a system crontab and tell fcron it's changed
rebuild_and_notify()
{
- logger -s -t "[check_system_crontabs]" "Rebuilding the system fcrontab ..."
+ logger -i -p cron.notice -t "check_system_crontabs" "Rebuilding the system fcrontab..."
# put a warning message at the top of the file
- echo -e "########################################" > $FCRONTAB_FILE_GEN
- echo -e "# WARNING!!! DO NOT EDIT THIS FILE!!! #" >> $FCRONTAB_FILE_GEN
- echo -e "########################################" >> $FCRONTAB_FILE_GEN
- echo -e "# Do not edit this file! It is automatically generated from" >> $FCRONTAB_FILE_GEN
- echo -e "# the $CRONTAB_FILE, the $FCRONTAB_FILE and $CROND_DIR/* files whenever one of" >> $FCRONTAB_FILE_GEN
- echo -e "# those files is changed.\n#\n\n" >> $FCRONTAB_FILE_GEN
-
- # include the standard system crontab file
- echo -e "\n\n########################################\n# $CRONTAB_FILE\n########################################\n" >> $FCRONTAB_FILE_GEN
- cat $CRONTAB_FILE >> $FCRONTAB_FILE_GEN
+ echo -e "########################################" > $FCRONTAB_FILE_TMP
+ echo -e "# WARNING!!! DO NOT EDIT THIS FILE!!! #" >> $FCRONTAB_FILE_TMP
+ echo -e "########################################" >> $FCRONTAB_FILE_TMP
+ echo -e "# Do not edit this file! It is automatically generated from" >> $FCRONTAB_FILE_TMP
+ echo -e "# the $CRONTAB_FILE, the $FCRONTAB_FILE and $CROND_DIR/* files whenever one of" >> $FCRONTAB_FILE_TMP
+ echo -e "# those files is changed.\n#\n\n" >> $FCRONTAB_FILE_TMP
+
+ # include the standard system crontab file if it is not a symbolic link
+ if [ ! -L $CRONTAB_FILE ]; then
+ echo -e "\n\n########################################\n# $CRONTAB_FILE\n########################################\n" >> $FCRONTAB_FILE_TMP
+ cat $CRONTAB_FILE >> $FCRONTAB_FILE_TMP
+ fi
# print a nice filename header for each file in /etc/cron.d/
# and include its contents into the new fcron system crontab
for i in $CROND_DIR/* ; do
if [ $i != "RCS" ] ; then
- echo -e "\n\n########################################\n# $CROND_DIR/$i\n########################################\n" >> $FCRONTAB_FILE_GEN
- cat $i >> $FCRONTAB_FILE_GEN
+ echo -e "\n\n########################################\n# $i\n########################################\n" >> $FCRONTAB_FILE_TMP
+ cat $i >> $FCRONTAB_FILE_TMP
fi
done
- # include the system fcrontab file
- echo -e "\n\n########################################\n# $FCRONTAB_FILE\n########################################\n" >> $FCRONTAB_FILE_GEN
- cat $FCRONTAB_FILE >> $FCRONTAB_FILE_GEN
+ # include the system fcrontab file if it is not a symbolic link
+ if [ ! -L $FCRONTAB_FILE ]; then
+ echo -e "\n\n########################################\n# $FCRONTAB_FILE\n########################################\n" >> $FCRONTAB_FILE_TMP
+ cat $FCRONTAB_FILE >> $FCRONTAB_FILE_TMP
+ fi
# Replace "@hourly" style Vixie cron extensions which fcron doesn't parse
- cat $FCRONTAB_FILE_GEN | sed -e "s/@yearly/0 0 1 1 */g" -e "s/@annually/0 0 1 1 */g" -e "s/@monthly/0 0 1 * */g" -e "s/@weekly/0 0 * * 0/g" -e "s/@daily/0 0 * * */g" -e "s/@midnight/0 0 * * */g" -e "s/@hourly/0 * * * */g" > $FCRONTAB_FILE_TMP
- mv -f $FCRONTAB_FILE_TMP $FCRONTAB_FILE_GEN
+ sed -i -e "s/@yearly/0 0 1 1 */g" -e "s/@annually/0 0 1 1 */g" -e "s/@monthly/0 0 1 * */g" -e "s/@weekly/0 0 * * 0/g" -e "s/@daily/0 0 * * */g" -e "s/@midnight/0 0 * * */g" -e "s/@hourly/0 * * * */g" $FCRONTAB_FILE_TMP
# notify fcron about the updated file
- $FCRONTAB_PROG $FCRONTAB_FILE_GEN -u systab
+ $FCRONTAB_PROG $FCRONTAB_FILE_TMP -u systab
}
NEED_REBUILD=0
# This test works for file creation/deletion (deletion is not detected
# by the next test)
-if [ $CROND_DIR -nt $FCRONTAB_FILE_GEN ]; then
+if [ $CROND_DIR -nt $FCRONTABS_DIR/systab.orig ]; then
NEED_REBUILD=1
# Test each one and see if it's newer than our timestamp file
for i in $CROND_DIR/* ; do
if [ $i != "RCS" ]; then
- if [ $i -nt $FCRONTAB_FILE_GEN ]; then
+ if [ $i -nt $FCRONTABS_DIR/systab.orig ]; then
NEED_REBUILD=1
fi
# Test the standard /etc/crontab file and see if it has changed
-if [ $NEED_REBUILD -eq 0 -a \( $CRONTAB_FILE -nt $FCRONTAB_FILE_GEN -o $FCRONTAB_FILE -nt $FCRONTAB_FILE_GEN \) ]; then
+if [ $NEED_REBUILD -eq 0 -a \( $CRONTAB_FILE -nt $FCRONTABS_DIR/systab.orig -o $FCRONTAB_FILE -nt $FCRONTABS_DIR/systab.orig \) ]; then
NEED_REBUILD=1
rebuild_and_notify
fi
+
+rm -f $FCRONTAB_FILE_TMP