Linux script for MIT Kerberos kdb5_util to backup / dump realm doesn't work in Crontab

Hi,

I have a very modest script to backup the Kerberos database that I would like to automate. The script looks like this...

backup_path=/var/kerberos/backup
/usr/sbin/kdb5_util dump $backup_path/kerberos-dump.bak


...which runs fine when I am logged on as root. However when scheduling this via Crontab, I get the following error (being posted to the root's mail folder) and as a result a dump and _ok file is not created.

Date: Tue, 28 Jul 2015 15:01:01 +0100 (BST)
kdb5_util: No such entry in the database while retrieving master entry


My Crontab file looks like this...
15 03 * * * root /root/backup_script>/tmp/backup.log
01 15 * * * root /root/kerberos_backup_script


I'm confused how this script works OK when run manually, but not when automated.

Any help greatly received!
Thanks in advance.
Neil McAlisterAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Zephyr ICTCloud ArchitectCommented:
Is there any more info in the syslog maybe?

IF not, try to add a log to the script, like this:

/usr/sbin/kdb5_util dump $backup_path/kerberos-dump.bak > $backup_path/kerberos-dump.bak.log 2>&1

Open in new window


Maybe that would give us more info on what is going wrong ... Maybe it has to do with something in the Path, though you give the complete path of the executable.
1
jmcgOwnerCommented:
The cron environment differs in a number of ways from the logged in session environment. PATH is one possibility, but you seem to have found the executable and the problem occurs a bit further down in the process. More like a permissions problem?
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Neil McAlisterAuthor Commented:
Hi, nothing of note in the syslog. Tried to output the command to a log file, got the same message as the one reported in roots mail file

kdb5_util: No such entry in the database while retrieving master entry
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

Zephyr ICTCloud ArchitectCommented:
Hmmm ... The only thing I can advice is to try with specifically adding PATHS to your cron.

Something like:

PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin

Open in new window


Or type in PATH on the command line to see what is there specifically and copy it into the cronscript, cron has the nack of overwriting the PATHS you have setup in your environment.
0
Neil McAlisterAuthor Commented:
OK , I think I have found the reason, but not the cure.

When outputting echo $KRB5_CONFIG the following value is set
/etc/alternative/krb5/krb5.conf

...yet when I echo this out as part of the crontab job for the same script (both as user root) the value is empty.

For the crontab job, do you know how I can set this $KRB5_CONFIG value for this run, and this script run only?

Thanks
0
Neil McAlisterAuthor Commented:
I have found the answer!

It needs to be (the full statement)

env KRB5_CONFIG=/etc/alternative/krb5/krb5.conf kinit -k -t etc etc

...to override the default one

Thanks for the help

Cheers

Neil
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.