Solved

crontab and user profile's questions

Posted on 2000-04-26
19
695 Views
Last Modified: 2008-03-03
2 administrators left the company and their user's ID were deleted. But I found that they left the crontab files under /var/spool/cron/crontabs. Moreover, I believe that when they were in the company, they modified their profile as root(I mean, they modified the /etc/passwd file and change their user ID number to 0).
Now I doubt if their crontab files are running, and can I use the command "crontab -r username" to remove their crontab file, or just delete their crontab files that under /var/spool/cron/crontabs directly.
If you think this question should be value more points, please let me know. Thanks a lot!
0
Comment
Question by:maixp
19 Comments
 
LVL 1

Accepted Solution

by:
struyfsj earned 75 total points
ID: 2750755
maixp

You will not be able to use the command crontab -r <username> because these users do not exist int he passwd-file anymore.

You can delete the crontab file directly in /var/spool/cron/crontabs but first make sure they have no important command running .  If they have, move them to the (real) root crontab and then delete them.

PS:  Never allow normal userid to have an ID below 100.  Certainly not 0 because these users have full root privileges.


JS
0
 
LVL 84

Expert Comment

by:ozo
ID: 2750760
Yes, you can just delete their crontab files that under /var/spool/cron/crontabs directly.
(unless they are running some vital administative function, in which case you should move those functions to root)
0
 
LVL 20

Expert Comment

by:tfewster
ID: 2751032
I suggest you reboot the system as well, as cron only reads the crontab files when it starts up.
0
Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 

Author Comment

by:maixp
ID: 2751212
Adjusted points from 50 to 75
0
 

Author Comment

by:maixp
ID: 2751213
How can I move them into the root's cronatb?
May I just modify the files under /var/spool/cron/crontabs? I tried to use command "crontab -e" after I login as root, but it only showed me a "142" and then the blank space. As long as I type any keys and press "enter", it showed a question mark to me! I even had no idea to quit this window even I try "crtl+c"( I dont' dare to try "crtl+d")! At last I had to open another Xterm and kill the crontab process. What happen?
0
 
LVL 1

Expert Comment

by:struyfsj
ID: 2751244
maixp

You can not use the crontab -e, -l or -r as root for username that have been deleted from the passwd-file.

You can edit the files under /var/spool/cron/crontabs, but be carefull the syntax is right.  When you exit out of crontab -e it checks for syntax error but a normal editor does not.

JS

0
 

Author Comment

by:maixp
ID: 2751273
To  struyfsj :
Thanks. But I don't understand. I login as root, and run "crontab -e" in order to edit root's crontab file. Why I can't?
0
 
LVL 1

Expert Comment

by:struyfsj
ID: 2754713
maixp,

Could you try (as root):
crontab -e
crontab -e root
crontab -l
crontab -l root
cat /var/spool/cron/crontabs/root

Is there a difference between the output of those commands?

Restart cron (/etc/init.d/cron stop; /etc/init.d/cron start) and try again.



JS
0
 

Author Comment

by:maixp
ID: 2758964
To struyfsj:
Thanks.
I tried the command as you told me. The first 4 lines' results are same as I described before. When I use "cat ..." it showed that file's content. When I run "/etc/init.d/cron stop" and "/etc/init.d/cron start", it both showed:
# ! Can not start cron; FIFO exists Fri Apr 28 ...
! *******CRON ABORTED*******Fri APr 28 ...

I have no idea completely. Please help!

0
 
LVL 1

Expert Comment

by:struyfsj
ID: 2759073
maixp,

could you post the output of uname -a.
This to find out at what patchlevel you are and what OS.

Is cron still running? (ps -ef | grep cron)
If it is kill it! ( kill <pid of cron>) If it doen not die kill -9 <pid of cron>
Is there a file /var/spool/cron/FIFO? (ls -ald /var/spool/cron/FIFO)
If it exists (i'm sure it exists) delete it! ( rm /var/spool/cron/FIFO)

Start cron again. (/etc/init.d/cron start)

JS
0
 

Author Comment

by:maixp
ID: 2759364
Thanks
Here is the uname's result:

# uname -a
SunOS SUN3000 5.5.1 Generic_103640-23 sun4u sparc SUNW,Ultra-Enterprise

And I run the commands as you told me. I killed the <pid of cron> successfully, but I couldn't find the FIFO file.
# ls -ald /var/spool/cron/FIFO
/var/spool/cron/FIFO: No such file or directory

Luckly, the "/etc/init.d/cron start" worked this time! It showed:
# ! No such user as zengzh - cron entries not created Fri Apr 28 21:46:22 2000
! No such user as root% - cron entries not created Fri Apr 28 21:46:22 2000
! No such user as zhangyz - cron entries not created Fri Apr 28 21:46:22 2000
PS, zengzh and zhangyz are the left administrator's userID. But why has a "root% "?

Now it seems that I can remove the left administrators' cron files directly? And modify the "crontab -e root"? Yes, or no?
0
 
LVL 1

Expert Comment

by:struyfsj
ID: 2759607
maixp,

strange things going on there.
When starting cron, is probably checks if the file in /var/spool/cron/crontabs correspond with userids.
This is not the case for zengzh and zhangyz because you deleted them and root% is possibly a backup of the root crontab.

Is there a root% file in /var/spool/cron/crontabs?


JS
0
 

Author Comment

by:maixp
ID: 2759682
Yes, there is a file named "root%" under /var/spool/cron/crontabs, and I checked it and found that its content is as same as file "root".
This situation is different from the books I have read. Do you have any suggestion for me? Can I remove those files now? And can I modify the root's crontab now?
0
 
LVL 1

Expert Comment

by:struyfsj
ID: 2764200
maixp,

You can safely remove the root%, and the 2 other crontabs in /var/spool/cron/crontabs.

If you start and stop cron you will not get any errors.

JS
0
 

Author Comment

by:maixp
ID: 2768364
Have deal with most of the problems. Thanks, struyfsj.
0
 

Author Comment

by:maixp
ID: 2768366
Have deal with most of the problems. Thanks, struyfsj.
0
 

Author Comment

by:maixp
ID: 2768368
Have deal with most of the problems. Thanks, struyfsj.
0
 

Author Comment

by:maixp
ID: 2768370
Have deal with most of the problems. Thanks, struyfsj.
0
 

Author Comment

by:maixp
ID: 2768376
Have deal with most of the problems. Thanks, struyfsj.
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
IBM flash storage 840 15 64
reinstall 1 80
to update from RHEL 6.0 to 6.8 anything needed other than "yum update"? 7 102
How to check the PVU´s on AIX TSM servers? 3 95
A metadevice consists of one or more devices (slices). It can be expanded by adding slices. Then, it can be grown to fill a larger space while the file system is in use. However, not all UNIX file systems (UFS) can be expanded this way. The conca…
FreeBSD on EC2 FreeBSD (https://www.freebsd.org) is a robust Unix-like operating system that has been around for many years. FreeBSD is available on Amazon EC2 through Amazon Machine Images (AMIs) provided by FreeBSD developer and security office…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question