How can I run a cron command with existing environmental variables?
Clash Royale CLAN TAG#URR8PPP
How can I run a cron command with existing environmental variables?
If I am at a shell prompt I can type echo $ORACLE_HOME
and get a path. This is one of my environmental variables that gets set in my ~/.profile
. However, it seems that ~/.profile
does not get loaded fron cron scripts and so my scripts fail because the $ORACLE_HOME
variable is not set.
In this question the author mentions creating a ~/.cronfile
profile which sets up variables for cron, and then he does a workaround to load all his cron commands into scripts he keeps in his ~/Cron
directory. A file like ~/.cronfile
sounds like a good idea, but the rest of the answer seems a little cumbersome and I was hoping someone could tell me an easier way to get the same result.
I suppose at the start of my scripts I could add something like source ~/.profile
but that seems like it could be redundant.
So how can I get make my cron scripts load the variables from my interactive-shell profile?
shell environment-variables cron
add a comment |
How can I run a cron command with existing environmental variables?
If I am at a shell prompt I can type echo $ORACLE_HOME
and get a path. This is one of my environmental variables that gets set in my ~/.profile
. However, it seems that ~/.profile
does not get loaded fron cron scripts and so my scripts fail because the $ORACLE_HOME
variable is not set.
In this question the author mentions creating a ~/.cronfile
profile which sets up variables for cron, and then he does a workaround to load all his cron commands into scripts he keeps in his ~/Cron
directory. A file like ~/.cronfile
sounds like a good idea, but the rest of the answer seems a little cumbersome and I was hoping someone could tell me an easier way to get the same result.
I suppose at the start of my scripts I could add something like source ~/.profile
but that seems like it could be redundant.
So how can I get make my cron scripts load the variables from my interactive-shell profile?
shell environment-variables cron
How is addingsource ~/.profile
to a program redundant? Programs inherit their environment from the calling program. If that calling program is not your shell, then how will the decendant program get the environment that you want?
– Arcege
Dec 21 '11 at 5:08
I already wrote my answer to a similar question here. It simply usessu -l
to setup a normal login environment including the $PATH for either root or other specific user.
– tasket
Sep 14 '18 at 18:52
add a comment |
How can I run a cron command with existing environmental variables?
If I am at a shell prompt I can type echo $ORACLE_HOME
and get a path. This is one of my environmental variables that gets set in my ~/.profile
. However, it seems that ~/.profile
does not get loaded fron cron scripts and so my scripts fail because the $ORACLE_HOME
variable is not set.
In this question the author mentions creating a ~/.cronfile
profile which sets up variables for cron, and then he does a workaround to load all his cron commands into scripts he keeps in his ~/Cron
directory. A file like ~/.cronfile
sounds like a good idea, but the rest of the answer seems a little cumbersome and I was hoping someone could tell me an easier way to get the same result.
I suppose at the start of my scripts I could add something like source ~/.profile
but that seems like it could be redundant.
So how can I get make my cron scripts load the variables from my interactive-shell profile?
shell environment-variables cron
How can I run a cron command with existing environmental variables?
If I am at a shell prompt I can type echo $ORACLE_HOME
and get a path. This is one of my environmental variables that gets set in my ~/.profile
. However, it seems that ~/.profile
does not get loaded fron cron scripts and so my scripts fail because the $ORACLE_HOME
variable is not set.
In this question the author mentions creating a ~/.cronfile
profile which sets up variables for cron, and then he does a workaround to load all his cron commands into scripts he keeps in his ~/Cron
directory. A file like ~/.cronfile
sounds like a good idea, but the rest of the answer seems a little cumbersome and I was hoping someone could tell me an easier way to get the same result.
I suppose at the start of my scripts I could add something like source ~/.profile
but that seems like it could be redundant.
So how can I get make my cron scripts load the variables from my interactive-shell profile?
shell environment-variables cron
shell environment-variables cron
edited May 23 '17 at 12:39
Community♦
1
1
asked Dec 21 '11 at 4:40
cwdcwd
14.1k53116157
14.1k53116157
How is addingsource ~/.profile
to a program redundant? Programs inherit their environment from the calling program. If that calling program is not your shell, then how will the decendant program get the environment that you want?
– Arcege
Dec 21 '11 at 5:08
I already wrote my answer to a similar question here. It simply usessu -l
to setup a normal login environment including the $PATH for either root or other specific user.
– tasket
Sep 14 '18 at 18:52
add a comment |
How is addingsource ~/.profile
to a program redundant? Programs inherit their environment from the calling program. If that calling program is not your shell, then how will the decendant program get the environment that you want?
– Arcege
Dec 21 '11 at 5:08
I already wrote my answer to a similar question here. It simply usessu -l
to setup a normal login environment including the $PATH for either root or other specific user.
– tasket
Sep 14 '18 at 18:52
How is adding
source ~/.profile
to a program redundant? Programs inherit their environment from the calling program. If that calling program is not your shell, then how will the decendant program get the environment that you want?– Arcege
Dec 21 '11 at 5:08
How is adding
source ~/.profile
to a program redundant? Programs inherit their environment from the calling program. If that calling program is not your shell, then how will the decendant program get the environment that you want?– Arcege
Dec 21 '11 at 5:08
I already wrote my answer to a similar question here. It simply uses
su -l
to setup a normal login environment including the $PATH for either root or other specific user.– tasket
Sep 14 '18 at 18:52
I already wrote my answer to a similar question here. It simply uses
su -l
to setup a normal login environment including the $PATH for either root or other specific user.– tasket
Sep 14 '18 at 18:52
add a comment |
11 Answers
11
active
oldest
votes
In the crontab, before you command, add . $HOME/.profile
. For example:
0 5 * * * . $HOME/.profile; /path/to/command/to/run
Cron
knows nothing about your shell; it is started by the system, so it has a minimal environment. If you want anything, you need to have that brought in yourself.
11
What does the.
before the script do? (not sure how I wouldman
that). Why is this different fromsource
?
– cwd
Dec 21 '11 at 19:26
18
The.
command is the original command forsource
. They are equivalent within the shell and a bit easier to type, especially within a crontab. To get more info, typehelp .
or search for^SHELL BUILTIN COMMANDS
in the man page forbash
or at the top ofman
zshbuiltins. Running
type .` will tell you that the command is a builtin.
– Arcege
Dec 21 '11 at 19:38
9
Depending on Linux distributions, you may need to change.profile
by.bash_profile
. Check which.profile
file exists in the user's home directory.
– Frosty Z
May 17 '13 at 12:37
@Arcege This doesn't work for me (Fedora Core 21), and I presume that's because the shell level drops back down. Instead, what DOES work is if you source it.
– Richard T
Apr 14 '15 at 20:56
3
It's likely that if it isn't working, it's because the SHELL for the cron script isn't set to bash, so it's not executing the same way you might expect.
– Daniel Farrell
Jul 10 '15 at 18:32
|
show 4 more comments
Another option, which I find easier, is to run the script with cron and have the environment in the script.
In crontab -e file:
SHELL=/bin/bash
*/1 * * * * $HOME/cron_job.sh
In cron_job.sh file:
#!/bin/bash
source $HOME/.bash_profile
some_other_cmd
Any command after the source of .bash_profile will have your environment as if you logged in.
5
When running on an AWS Linux AMI, it didn't even occur to me that cron wouldn't be using/bin/bash
as the shell. I kept wondering why things likecd /path/to/project; source .vars
would work when I typed them manually but would fail (File not found
) when included in a cronjob. The key line for me was settingSHELL=/bin/bash
so that I could actually use familiar bash commands in each cronjob./bin/sh/
(the default cron shell, apparently) is very limiting.
– Hartley Brody
Sep 9 '16 at 14:05
It's too bad you can't specify Environment Files at the top of the cron like you can specify individual environment variables. Systemd has aEnvironmentFile
service unit. Too bad cron doesn't have something similar.
– radtek
Jan 30 '18 at 20:19
you FORCE all scripts to use /bin/bash in all crontab, which is not a good idea, also what is about your cron line: */1 * * * * $HOME/cron_job.sh … */1 is good for WHAT ?!? one star means it will be executed every minute /1 means will be executed every minute, as an answer in a smart community this is a nasty sin, now I believe you are very confused to say the best … sorry
– THESorcerer
Aug 24 '18 at 10:48
1
This is what is called an example. Feel free to adjust to your needs or don't use it at all. Different strokes for different folks.
– Robert Brisita
Aug 24 '18 at 11:00
1
If$SHELL
is/bin/sh
, thesource
command does not exist. Use.
instead.
– Melle
Jan 25 at 21:35
add a comment |
Another option, which I find easier, is to run the script with cron and tell bash to login (hence using /etc/profile.d/...
environment definitions)
In crontab -e
file:
*/1 * * * * bash -l -c './cron_job.sh'
*/1 * * * * bash -l -c 'php -f ./cron_job.php'
Any command after the source of .bash_profile
will have your environment as if you logged in.
add a comment |
Bad idea. The general practice is to specifically set all required environmental variables in a script that is to be run from a cron job.
I agree with @fpmurphy, that ways it also ensure the secured process environment. If you want to set only few variables from cron you can use/usr/bin/env
command to set the variables and then can act as the environment process for the cronjob.
– Nikhil Mulley
Dec 21 '11 at 6:24
daemontools'envdir
comes to mind, too.
– sr_
Dec 21 '11 at 9:42
5
I am all for security, but perhaps I can create a file~/.cronvars
and include that in the profile and also in my cron scripts. I don't want to hard code environmental variables in each of the scripts I run because when paths change hard coded paths in each file are not easy to maintain. Seems like that would allow a centralized place for the needed variables and still keep other variables from being loaded.
– cwd
Dec 21 '11 at 23:21
add a comment |
This syntax definitely helps you. I do not understand the syntax, but it works. Oracle uses this syntax, when deploys Oracle Configuration Manager to crontab, hence, I believe that this is a right solution.
0 5 * * * SOME_ENV_VAR=some_value some_command some_parameters
add a comment |
The solution, which worked for me, is described here.
You create a wrapper script, which calls . ~/.cronfile
, and then does the things you want. This script is launched by cron.
In ~/.cronfile
you specify the environment for your cron jobs.
add a comment |
Add
BASH_ENV=/home/user/.profile
to the crontab. See How to guarantee availability of $BASH_ENV
add a comment |
Instead of setting profile, what helped me was setting the PATH
. Some of the commands were not available in my cron scripts as the PATH
is different.
ENVIRONMENT=prod
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
*/30 * * * * /opt/myscript1.sh
*/30 * * * * /opt/myscript2.sh
*/30 * * * * /opt/myscript3.sh
Setting PATH
with the path of commands helped me. Even better if you can use a template and detemplatize later,
ENVIRONMENT=ENVIRONMENT
PATH=PATH
*/30 * * * * /opt/myscript1.sh
*/30 * * * * /opt/myscript2.sh
*/30 * * * * /opt/myscript3.sh
Passing variables to each item looks messy.
add a comment |
I recently came across a case where I had to execute the overall cronjob as root but, at the same time, had to execute a subcommand as a different user (which required sourcing that user's environment). I went with the following approach:
# m h dom mon dow user command
*/5 * * * * root (sudo -i -u <the user> command-to-be-run-as-user) && command-to-be-run-as-root
The crucial part is the argument -i
that's being passed to sudo
which will execute the given command in a separate login shell (which in turn means that the user's dotfiles will be sourced).
PS: Note that the user
column is only available in /etc/crontab
and the /etc/cron.d/*
files.
add a comment |
Yes, you can using "well known workarounds" (a couple of which have been listed). This is another way of saying that everyone knows it's crappy, though some people will refer to this as a "security feature" because they have spent at least as much tripping over this fail(ure) as you have, and would like to think their wasted time wasn't for naught. It's the cron equivalent of the QWERTY keyboard.
I suspect the original reason may have been for performance, such that scripts run once a minute wouldn't spend the time to read rc scripts. Also originally cron wasn't really configurable at all, so a default was really the only option.
There is no added security by not having some simple configuration or method to have cron just take on the environment of your interactive shell instead of users having to perform stupid shell gymnastics. On a modern machine there is generally no perceptible performance gain unless you have a vast quantity of jobs running every minute.
Unix culture fail. In my "humble" opinion. :-)
1
"There is no added security." That is not true. Take a look at CVE-2011-1095, CVE-2008-4304, and CVE-2010-3847.
– user26112
Jul 26 '13 at 2:20
I downvoted your answer, by the way. I usually try to avoid downvoting newcomers' answers but security is important to me. Please don't take the downvote the wrong way. Besides the part about security, your answer is excellent and would deserve an upvote. You can edit your answer here if you would like.
– user26112
Jul 26 '13 at 2:33
None of those have the slightest thing to do with having cron use a shell with the interactive flag set. This is pure FUD. Unfortunately I can't downvote your downvote. This may seem like a flame, but it's very frustrating when people think a vehicle with three wheels is better because there's a security issue to put a fourth wheel on. It isn't. People have just ridden a tricycle so long they've forgotten it's possible to add a fourth wheel.
– Austin S.
Jul 26 '13 at 16:43
Put another way: if any of the intended extra hoops the other answerers suggested are used, how do they not also gain access to any of the holes you mention? "* * * * * exec bash -i -c LOCALE=......."
– Austin S.
Jul 26 '13 at 16:56
This reads like a rant. I don't even see where it answers the question at all. Even if the security part were removed, @EvanTeitelman, I don't see why it would deserve an upvote as it doesn't answer the question.
– Wildcard
Jul 21 '17 at 1:15
add a comment |
I put . ~/.dbus/session-bus/*
at the top of my desired script :)
1
Welcome to U & L SE. Please expand your answer more so that it will benefit the readers.
– Ramesh
Sep 20 '14 at 15:25
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f27289%2fhow-can-i-run-a-cron-command-with-existing-environmental-variables%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
11 Answers
11
active
oldest
votes
11 Answers
11
active
oldest
votes
active
oldest
votes
active
oldest
votes
In the crontab, before you command, add . $HOME/.profile
. For example:
0 5 * * * . $HOME/.profile; /path/to/command/to/run
Cron
knows nothing about your shell; it is started by the system, so it has a minimal environment. If you want anything, you need to have that brought in yourself.
11
What does the.
before the script do? (not sure how I wouldman
that). Why is this different fromsource
?
– cwd
Dec 21 '11 at 19:26
18
The.
command is the original command forsource
. They are equivalent within the shell and a bit easier to type, especially within a crontab. To get more info, typehelp .
or search for^SHELL BUILTIN COMMANDS
in the man page forbash
or at the top ofman
zshbuiltins. Running
type .` will tell you that the command is a builtin.
– Arcege
Dec 21 '11 at 19:38
9
Depending on Linux distributions, you may need to change.profile
by.bash_profile
. Check which.profile
file exists in the user's home directory.
– Frosty Z
May 17 '13 at 12:37
@Arcege This doesn't work for me (Fedora Core 21), and I presume that's because the shell level drops back down. Instead, what DOES work is if you source it.
– Richard T
Apr 14 '15 at 20:56
3
It's likely that if it isn't working, it's because the SHELL for the cron script isn't set to bash, so it's not executing the same way you might expect.
– Daniel Farrell
Jul 10 '15 at 18:32
|
show 4 more comments
In the crontab, before you command, add . $HOME/.profile
. For example:
0 5 * * * . $HOME/.profile; /path/to/command/to/run
Cron
knows nothing about your shell; it is started by the system, so it has a minimal environment. If you want anything, you need to have that brought in yourself.
11
What does the.
before the script do? (not sure how I wouldman
that). Why is this different fromsource
?
– cwd
Dec 21 '11 at 19:26
18
The.
command is the original command forsource
. They are equivalent within the shell and a bit easier to type, especially within a crontab. To get more info, typehelp .
or search for^SHELL BUILTIN COMMANDS
in the man page forbash
or at the top ofman
zshbuiltins. Running
type .` will tell you that the command is a builtin.
– Arcege
Dec 21 '11 at 19:38
9
Depending on Linux distributions, you may need to change.profile
by.bash_profile
. Check which.profile
file exists in the user's home directory.
– Frosty Z
May 17 '13 at 12:37
@Arcege This doesn't work for me (Fedora Core 21), and I presume that's because the shell level drops back down. Instead, what DOES work is if you source it.
– Richard T
Apr 14 '15 at 20:56
3
It's likely that if it isn't working, it's because the SHELL for the cron script isn't set to bash, so it's not executing the same way you might expect.
– Daniel Farrell
Jul 10 '15 at 18:32
|
show 4 more comments
In the crontab, before you command, add . $HOME/.profile
. For example:
0 5 * * * . $HOME/.profile; /path/to/command/to/run
Cron
knows nothing about your shell; it is started by the system, so it has a minimal environment. If you want anything, you need to have that brought in yourself.
In the crontab, before you command, add . $HOME/.profile
. For example:
0 5 * * * . $HOME/.profile; /path/to/command/to/run
Cron
knows nothing about your shell; it is started by the system, so it has a minimal environment. If you want anything, you need to have that brought in yourself.
answered Dec 21 '11 at 4:56
ArcegeArcege
17.3k44257
17.3k44257
11
What does the.
before the script do? (not sure how I wouldman
that). Why is this different fromsource
?
– cwd
Dec 21 '11 at 19:26
18
The.
command is the original command forsource
. They are equivalent within the shell and a bit easier to type, especially within a crontab. To get more info, typehelp .
or search for^SHELL BUILTIN COMMANDS
in the man page forbash
or at the top ofman
zshbuiltins. Running
type .` will tell you that the command is a builtin.
– Arcege
Dec 21 '11 at 19:38
9
Depending on Linux distributions, you may need to change.profile
by.bash_profile
. Check which.profile
file exists in the user's home directory.
– Frosty Z
May 17 '13 at 12:37
@Arcege This doesn't work for me (Fedora Core 21), and I presume that's because the shell level drops back down. Instead, what DOES work is if you source it.
– Richard T
Apr 14 '15 at 20:56
3
It's likely that if it isn't working, it's because the SHELL for the cron script isn't set to bash, so it's not executing the same way you might expect.
– Daniel Farrell
Jul 10 '15 at 18:32
|
show 4 more comments
11
What does the.
before the script do? (not sure how I wouldman
that). Why is this different fromsource
?
– cwd
Dec 21 '11 at 19:26
18
The.
command is the original command forsource
. They are equivalent within the shell and a bit easier to type, especially within a crontab. To get more info, typehelp .
or search for^SHELL BUILTIN COMMANDS
in the man page forbash
or at the top ofman
zshbuiltins. Running
type .` will tell you that the command is a builtin.
– Arcege
Dec 21 '11 at 19:38
9
Depending on Linux distributions, you may need to change.profile
by.bash_profile
. Check which.profile
file exists in the user's home directory.
– Frosty Z
May 17 '13 at 12:37
@Arcege This doesn't work for me (Fedora Core 21), and I presume that's because the shell level drops back down. Instead, what DOES work is if you source it.
– Richard T
Apr 14 '15 at 20:56
3
It's likely that if it isn't working, it's because the SHELL for the cron script isn't set to bash, so it's not executing the same way you might expect.
– Daniel Farrell
Jul 10 '15 at 18:32
11
11
What does the
.
before the script do? (not sure how I would man
that). Why is this different from source
?– cwd
Dec 21 '11 at 19:26
What does the
.
before the script do? (not sure how I would man
that). Why is this different from source
?– cwd
Dec 21 '11 at 19:26
18
18
The
.
command is the original command for source
. They are equivalent within the shell and a bit easier to type, especially within a crontab. To get more info, type help .
or search for ^SHELL BUILTIN COMMANDS
in the man page for bash
or at the top of man
zshbuiltins. Running
type .` will tell you that the command is a builtin.– Arcege
Dec 21 '11 at 19:38
The
.
command is the original command for source
. They are equivalent within the shell and a bit easier to type, especially within a crontab. To get more info, type help .
or search for ^SHELL BUILTIN COMMANDS
in the man page for bash
or at the top of man
zshbuiltins. Running
type .` will tell you that the command is a builtin.– Arcege
Dec 21 '11 at 19:38
9
9
Depending on Linux distributions, you may need to change
.profile
by .bash_profile
. Check which .profile
file exists in the user's home directory.– Frosty Z
May 17 '13 at 12:37
Depending on Linux distributions, you may need to change
.profile
by .bash_profile
. Check which .profile
file exists in the user's home directory.– Frosty Z
May 17 '13 at 12:37
@Arcege This doesn't work for me (Fedora Core 21), and I presume that's because the shell level drops back down. Instead, what DOES work is if you source it.
– Richard T
Apr 14 '15 at 20:56
@Arcege This doesn't work for me (Fedora Core 21), and I presume that's because the shell level drops back down. Instead, what DOES work is if you source it.
– Richard T
Apr 14 '15 at 20:56
3
3
It's likely that if it isn't working, it's because the SHELL for the cron script isn't set to bash, so it's not executing the same way you might expect.
– Daniel Farrell
Jul 10 '15 at 18:32
It's likely that if it isn't working, it's because the SHELL for the cron script isn't set to bash, so it's not executing the same way you might expect.
– Daniel Farrell
Jul 10 '15 at 18:32
|
show 4 more comments
Another option, which I find easier, is to run the script with cron and have the environment in the script.
In crontab -e file:
SHELL=/bin/bash
*/1 * * * * $HOME/cron_job.sh
In cron_job.sh file:
#!/bin/bash
source $HOME/.bash_profile
some_other_cmd
Any command after the source of .bash_profile will have your environment as if you logged in.
5
When running on an AWS Linux AMI, it didn't even occur to me that cron wouldn't be using/bin/bash
as the shell. I kept wondering why things likecd /path/to/project; source .vars
would work when I typed them manually but would fail (File not found
) when included in a cronjob. The key line for me was settingSHELL=/bin/bash
so that I could actually use familiar bash commands in each cronjob./bin/sh/
(the default cron shell, apparently) is very limiting.
– Hartley Brody
Sep 9 '16 at 14:05
It's too bad you can't specify Environment Files at the top of the cron like you can specify individual environment variables. Systemd has aEnvironmentFile
service unit. Too bad cron doesn't have something similar.
– radtek
Jan 30 '18 at 20:19
you FORCE all scripts to use /bin/bash in all crontab, which is not a good idea, also what is about your cron line: */1 * * * * $HOME/cron_job.sh … */1 is good for WHAT ?!? one star means it will be executed every minute /1 means will be executed every minute, as an answer in a smart community this is a nasty sin, now I believe you are very confused to say the best … sorry
– THESorcerer
Aug 24 '18 at 10:48
1
This is what is called an example. Feel free to adjust to your needs or don't use it at all. Different strokes for different folks.
– Robert Brisita
Aug 24 '18 at 11:00
1
If$SHELL
is/bin/sh
, thesource
command does not exist. Use.
instead.
– Melle
Jan 25 at 21:35
add a comment |
Another option, which I find easier, is to run the script with cron and have the environment in the script.
In crontab -e file:
SHELL=/bin/bash
*/1 * * * * $HOME/cron_job.sh
In cron_job.sh file:
#!/bin/bash
source $HOME/.bash_profile
some_other_cmd
Any command after the source of .bash_profile will have your environment as if you logged in.
5
When running on an AWS Linux AMI, it didn't even occur to me that cron wouldn't be using/bin/bash
as the shell. I kept wondering why things likecd /path/to/project; source .vars
would work when I typed them manually but would fail (File not found
) when included in a cronjob. The key line for me was settingSHELL=/bin/bash
so that I could actually use familiar bash commands in each cronjob./bin/sh/
(the default cron shell, apparently) is very limiting.
– Hartley Brody
Sep 9 '16 at 14:05
It's too bad you can't specify Environment Files at the top of the cron like you can specify individual environment variables. Systemd has aEnvironmentFile
service unit. Too bad cron doesn't have something similar.
– radtek
Jan 30 '18 at 20:19
you FORCE all scripts to use /bin/bash in all crontab, which is not a good idea, also what is about your cron line: */1 * * * * $HOME/cron_job.sh … */1 is good for WHAT ?!? one star means it will be executed every minute /1 means will be executed every minute, as an answer in a smart community this is a nasty sin, now I believe you are very confused to say the best … sorry
– THESorcerer
Aug 24 '18 at 10:48
1
This is what is called an example. Feel free to adjust to your needs or don't use it at all. Different strokes for different folks.
– Robert Brisita
Aug 24 '18 at 11:00
1
If$SHELL
is/bin/sh
, thesource
command does not exist. Use.
instead.
– Melle
Jan 25 at 21:35
add a comment |
Another option, which I find easier, is to run the script with cron and have the environment in the script.
In crontab -e file:
SHELL=/bin/bash
*/1 * * * * $HOME/cron_job.sh
In cron_job.sh file:
#!/bin/bash
source $HOME/.bash_profile
some_other_cmd
Any command after the source of .bash_profile will have your environment as if you logged in.
Another option, which I find easier, is to run the script with cron and have the environment in the script.
In crontab -e file:
SHELL=/bin/bash
*/1 * * * * $HOME/cron_job.sh
In cron_job.sh file:
#!/bin/bash
source $HOME/.bash_profile
some_other_cmd
Any command after the source of .bash_profile will have your environment as if you logged in.
answered Sep 5 '13 at 22:36
Robert BrisitaRobert Brisita
48545
48545
5
When running on an AWS Linux AMI, it didn't even occur to me that cron wouldn't be using/bin/bash
as the shell. I kept wondering why things likecd /path/to/project; source .vars
would work when I typed them manually but would fail (File not found
) when included in a cronjob. The key line for me was settingSHELL=/bin/bash
so that I could actually use familiar bash commands in each cronjob./bin/sh/
(the default cron shell, apparently) is very limiting.
– Hartley Brody
Sep 9 '16 at 14:05
It's too bad you can't specify Environment Files at the top of the cron like you can specify individual environment variables. Systemd has aEnvironmentFile
service unit. Too bad cron doesn't have something similar.
– radtek
Jan 30 '18 at 20:19
you FORCE all scripts to use /bin/bash in all crontab, which is not a good idea, also what is about your cron line: */1 * * * * $HOME/cron_job.sh … */1 is good for WHAT ?!? one star means it will be executed every minute /1 means will be executed every minute, as an answer in a smart community this is a nasty sin, now I believe you are very confused to say the best … sorry
– THESorcerer
Aug 24 '18 at 10:48
1
This is what is called an example. Feel free to adjust to your needs or don't use it at all. Different strokes for different folks.
– Robert Brisita
Aug 24 '18 at 11:00
1
If$SHELL
is/bin/sh
, thesource
command does not exist. Use.
instead.
– Melle
Jan 25 at 21:35
add a comment |
5
When running on an AWS Linux AMI, it didn't even occur to me that cron wouldn't be using/bin/bash
as the shell. I kept wondering why things likecd /path/to/project; source .vars
would work when I typed them manually but would fail (File not found
) when included in a cronjob. The key line for me was settingSHELL=/bin/bash
so that I could actually use familiar bash commands in each cronjob./bin/sh/
(the default cron shell, apparently) is very limiting.
– Hartley Brody
Sep 9 '16 at 14:05
It's too bad you can't specify Environment Files at the top of the cron like you can specify individual environment variables. Systemd has aEnvironmentFile
service unit. Too bad cron doesn't have something similar.
– radtek
Jan 30 '18 at 20:19
you FORCE all scripts to use /bin/bash in all crontab, which is not a good idea, also what is about your cron line: */1 * * * * $HOME/cron_job.sh … */1 is good for WHAT ?!? one star means it will be executed every minute /1 means will be executed every minute, as an answer in a smart community this is a nasty sin, now I believe you are very confused to say the best … sorry
– THESorcerer
Aug 24 '18 at 10:48
1
This is what is called an example. Feel free to adjust to your needs or don't use it at all. Different strokes for different folks.
– Robert Brisita
Aug 24 '18 at 11:00
1
If$SHELL
is/bin/sh
, thesource
command does not exist. Use.
instead.
– Melle
Jan 25 at 21:35
5
5
When running on an AWS Linux AMI, it didn't even occur to me that cron wouldn't be using
/bin/bash
as the shell. I kept wondering why things like cd /path/to/project; source .vars
would work when I typed them manually but would fail (File not found
) when included in a cronjob. The key line for me was setting SHELL=/bin/bash
so that I could actually use familiar bash commands in each cronjob. /bin/sh/
(the default cron shell, apparently) is very limiting.– Hartley Brody
Sep 9 '16 at 14:05
When running on an AWS Linux AMI, it didn't even occur to me that cron wouldn't be using
/bin/bash
as the shell. I kept wondering why things like cd /path/to/project; source .vars
would work when I typed them manually but would fail (File not found
) when included in a cronjob. The key line for me was setting SHELL=/bin/bash
so that I could actually use familiar bash commands in each cronjob. /bin/sh/
(the default cron shell, apparently) is very limiting.– Hartley Brody
Sep 9 '16 at 14:05
It's too bad you can't specify Environment Files at the top of the cron like you can specify individual environment variables. Systemd has a
EnvironmentFile
service unit. Too bad cron doesn't have something similar.– radtek
Jan 30 '18 at 20:19
It's too bad you can't specify Environment Files at the top of the cron like you can specify individual environment variables. Systemd has a
EnvironmentFile
service unit. Too bad cron doesn't have something similar.– radtek
Jan 30 '18 at 20:19
you FORCE all scripts to use /bin/bash in all crontab, which is not a good idea, also what is about your cron line: */1 * * * * $HOME/cron_job.sh … */1 is good for WHAT ?!? one star means it will be executed every minute /1 means will be executed every minute, as an answer in a smart community this is a nasty sin, now I believe you are very confused to say the best … sorry
– THESorcerer
Aug 24 '18 at 10:48
you FORCE all scripts to use /bin/bash in all crontab, which is not a good idea, also what is about your cron line: */1 * * * * $HOME/cron_job.sh … */1 is good for WHAT ?!? one star means it will be executed every minute /1 means will be executed every minute, as an answer in a smart community this is a nasty sin, now I believe you are very confused to say the best … sorry
– THESorcerer
Aug 24 '18 at 10:48
1
1
This is what is called an example. Feel free to adjust to your needs or don't use it at all. Different strokes for different folks.
– Robert Brisita
Aug 24 '18 at 11:00
This is what is called an example. Feel free to adjust to your needs or don't use it at all. Different strokes for different folks.
– Robert Brisita
Aug 24 '18 at 11:00
1
1
If
$SHELL
is /bin/sh
, the source
command does not exist. Use .
instead.– Melle
Jan 25 at 21:35
If
$SHELL
is /bin/sh
, the source
command does not exist. Use .
instead.– Melle
Jan 25 at 21:35
add a comment |
Another option, which I find easier, is to run the script with cron and tell bash to login (hence using /etc/profile.d/...
environment definitions)
In crontab -e
file:
*/1 * * * * bash -l -c './cron_job.sh'
*/1 * * * * bash -l -c 'php -f ./cron_job.php'
Any command after the source of .bash_profile
will have your environment as if you logged in.
add a comment |
Another option, which I find easier, is to run the script with cron and tell bash to login (hence using /etc/profile.d/...
environment definitions)
In crontab -e
file:
*/1 * * * * bash -l -c './cron_job.sh'
*/1 * * * * bash -l -c 'php -f ./cron_job.php'
Any command after the source of .bash_profile
will have your environment as if you logged in.
add a comment |
Another option, which I find easier, is to run the script with cron and tell bash to login (hence using /etc/profile.d/...
environment definitions)
In crontab -e
file:
*/1 * * * * bash -l -c './cron_job.sh'
*/1 * * * * bash -l -c 'php -f ./cron_job.php'
Any command after the source of .bash_profile
will have your environment as if you logged in.
Another option, which I find easier, is to run the script with cron and tell bash to login (hence using /etc/profile.d/...
environment definitions)
In crontab -e
file:
*/1 * * * * bash -l -c './cron_job.sh'
*/1 * * * * bash -l -c 'php -f ./cron_job.php'
Any command after the source of .bash_profile
will have your environment as if you logged in.
edited Oct 2 '14 at 19:48
HalosGhost
3,78392236
3,78392236
answered Oct 2 '14 at 19:41
ArtistanArtistan
25825
25825
add a comment |
add a comment |
Bad idea. The general practice is to specifically set all required environmental variables in a script that is to be run from a cron job.
I agree with @fpmurphy, that ways it also ensure the secured process environment. If you want to set only few variables from cron you can use/usr/bin/env
command to set the variables and then can act as the environment process for the cronjob.
– Nikhil Mulley
Dec 21 '11 at 6:24
daemontools'envdir
comes to mind, too.
– sr_
Dec 21 '11 at 9:42
5
I am all for security, but perhaps I can create a file~/.cronvars
and include that in the profile and also in my cron scripts. I don't want to hard code environmental variables in each of the scripts I run because when paths change hard coded paths in each file are not easy to maintain. Seems like that would allow a centralized place for the needed variables and still keep other variables from being loaded.
– cwd
Dec 21 '11 at 23:21
add a comment |
Bad idea. The general practice is to specifically set all required environmental variables in a script that is to be run from a cron job.
I agree with @fpmurphy, that ways it also ensure the secured process environment. If you want to set only few variables from cron you can use/usr/bin/env
command to set the variables and then can act as the environment process for the cronjob.
– Nikhil Mulley
Dec 21 '11 at 6:24
daemontools'envdir
comes to mind, too.
– sr_
Dec 21 '11 at 9:42
5
I am all for security, but perhaps I can create a file~/.cronvars
and include that in the profile and also in my cron scripts. I don't want to hard code environmental variables in each of the scripts I run because when paths change hard coded paths in each file are not easy to maintain. Seems like that would allow a centralized place for the needed variables and still keep other variables from being loaded.
– cwd
Dec 21 '11 at 23:21
add a comment |
Bad idea. The general practice is to specifically set all required environmental variables in a script that is to be run from a cron job.
Bad idea. The general practice is to specifically set all required environmental variables in a script that is to be run from a cron job.
answered Dec 21 '11 at 4:57
fpmurphyfpmurphy
2,456916
2,456916
I agree with @fpmurphy, that ways it also ensure the secured process environment. If you want to set only few variables from cron you can use/usr/bin/env
command to set the variables and then can act as the environment process for the cronjob.
– Nikhil Mulley
Dec 21 '11 at 6:24
daemontools'envdir
comes to mind, too.
– sr_
Dec 21 '11 at 9:42
5
I am all for security, but perhaps I can create a file~/.cronvars
and include that in the profile and also in my cron scripts. I don't want to hard code environmental variables in each of the scripts I run because when paths change hard coded paths in each file are not easy to maintain. Seems like that would allow a centralized place for the needed variables and still keep other variables from being loaded.
– cwd
Dec 21 '11 at 23:21
add a comment |
I agree with @fpmurphy, that ways it also ensure the secured process environment. If you want to set only few variables from cron you can use/usr/bin/env
command to set the variables and then can act as the environment process for the cronjob.
– Nikhil Mulley
Dec 21 '11 at 6:24
daemontools'envdir
comes to mind, too.
– sr_
Dec 21 '11 at 9:42
5
I am all for security, but perhaps I can create a file~/.cronvars
and include that in the profile and also in my cron scripts. I don't want to hard code environmental variables in each of the scripts I run because when paths change hard coded paths in each file are not easy to maintain. Seems like that would allow a centralized place for the needed variables and still keep other variables from being loaded.
– cwd
Dec 21 '11 at 23:21
I agree with @fpmurphy, that ways it also ensure the secured process environment. If you want to set only few variables from cron you can use
/usr/bin/env
command to set the variables and then can act as the environment process for the cronjob.– Nikhil Mulley
Dec 21 '11 at 6:24
I agree with @fpmurphy, that ways it also ensure the secured process environment. If you want to set only few variables from cron you can use
/usr/bin/env
command to set the variables and then can act as the environment process for the cronjob.– Nikhil Mulley
Dec 21 '11 at 6:24
daemontools'
envdir
comes to mind, too.– sr_
Dec 21 '11 at 9:42
daemontools'
envdir
comes to mind, too.– sr_
Dec 21 '11 at 9:42
5
5
I am all for security, but perhaps I can create a file
~/.cronvars
and include that in the profile and also in my cron scripts. I don't want to hard code environmental variables in each of the scripts I run because when paths change hard coded paths in each file are not easy to maintain. Seems like that would allow a centralized place for the needed variables and still keep other variables from being loaded.– cwd
Dec 21 '11 at 23:21
I am all for security, but perhaps I can create a file
~/.cronvars
and include that in the profile and also in my cron scripts. I don't want to hard code environmental variables in each of the scripts I run because when paths change hard coded paths in each file are not easy to maintain. Seems like that would allow a centralized place for the needed variables and still keep other variables from being loaded.– cwd
Dec 21 '11 at 23:21
add a comment |
This syntax definitely helps you. I do not understand the syntax, but it works. Oracle uses this syntax, when deploys Oracle Configuration Manager to crontab, hence, I believe that this is a right solution.
0 5 * * * SOME_ENV_VAR=some_value some_command some_parameters
add a comment |
This syntax definitely helps you. I do not understand the syntax, but it works. Oracle uses this syntax, when deploys Oracle Configuration Manager to crontab, hence, I believe that this is a right solution.
0 5 * * * SOME_ENV_VAR=some_value some_command some_parameters
add a comment |
This syntax definitely helps you. I do not understand the syntax, but it works. Oracle uses this syntax, when deploys Oracle Configuration Manager to crontab, hence, I believe that this is a right solution.
0 5 * * * SOME_ENV_VAR=some_value some_command some_parameters
This syntax definitely helps you. I do not understand the syntax, but it works. Oracle uses this syntax, when deploys Oracle Configuration Manager to crontab, hence, I believe that this is a right solution.
0 5 * * * SOME_ENV_VAR=some_value some_command some_parameters
answered Jul 10 '13 at 10:30
meirmeir
1212
1212
add a comment |
add a comment |
The solution, which worked for me, is described here.
You create a wrapper script, which calls . ~/.cronfile
, and then does the things you want. This script is launched by cron.
In ~/.cronfile
you specify the environment for your cron jobs.
add a comment |
The solution, which worked for me, is described here.
You create a wrapper script, which calls . ~/.cronfile
, and then does the things you want. This script is launched by cron.
In ~/.cronfile
you specify the environment for your cron jobs.
add a comment |
The solution, which worked for me, is described here.
You create a wrapper script, which calls . ~/.cronfile
, and then does the things you want. This script is launched by cron.
In ~/.cronfile
you specify the environment for your cron jobs.
The solution, which worked for me, is described here.
You create a wrapper script, which calls . ~/.cronfile
, and then does the things you want. This script is launched by cron.
In ~/.cronfile
you specify the environment for your cron jobs.
edited May 23 '17 at 12:40
Community♦
1
1
answered Feb 8 '13 at 6:08
weekensweekens
1113
1113
add a comment |
add a comment |
Add
BASH_ENV=/home/user/.profile
to the crontab. See How to guarantee availability of $BASH_ENV
add a comment |
Add
BASH_ENV=/home/user/.profile
to the crontab. See How to guarantee availability of $BASH_ENV
add a comment |
Add
BASH_ENV=/home/user/.profile
to the crontab. See How to guarantee availability of $BASH_ENV
Add
BASH_ENV=/home/user/.profile
to the crontab. See How to guarantee availability of $BASH_ENV
edited Apr 13 '17 at 12:36
Community♦
1
1
answered Oct 18 '15 at 17:39
EnnoEnno
15113
15113
add a comment |
add a comment |
Instead of setting profile, what helped me was setting the PATH
. Some of the commands were not available in my cron scripts as the PATH
is different.
ENVIRONMENT=prod
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
*/30 * * * * /opt/myscript1.sh
*/30 * * * * /opt/myscript2.sh
*/30 * * * * /opt/myscript3.sh
Setting PATH
with the path of commands helped me. Even better if you can use a template and detemplatize later,
ENVIRONMENT=ENVIRONMENT
PATH=PATH
*/30 * * * * /opt/myscript1.sh
*/30 * * * * /opt/myscript2.sh
*/30 * * * * /opt/myscript3.sh
Passing variables to each item looks messy.
add a comment |
Instead of setting profile, what helped me was setting the PATH
. Some of the commands were not available in my cron scripts as the PATH
is different.
ENVIRONMENT=prod
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
*/30 * * * * /opt/myscript1.sh
*/30 * * * * /opt/myscript2.sh
*/30 * * * * /opt/myscript3.sh
Setting PATH
with the path of commands helped me. Even better if you can use a template and detemplatize later,
ENVIRONMENT=ENVIRONMENT
PATH=PATH
*/30 * * * * /opt/myscript1.sh
*/30 * * * * /opt/myscript2.sh
*/30 * * * * /opt/myscript3.sh
Passing variables to each item looks messy.
add a comment |
Instead of setting profile, what helped me was setting the PATH
. Some of the commands were not available in my cron scripts as the PATH
is different.
ENVIRONMENT=prod
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
*/30 * * * * /opt/myscript1.sh
*/30 * * * * /opt/myscript2.sh
*/30 * * * * /opt/myscript3.sh
Setting PATH
with the path of commands helped me. Even better if you can use a template and detemplatize later,
ENVIRONMENT=ENVIRONMENT
PATH=PATH
*/30 * * * * /opt/myscript1.sh
*/30 * * * * /opt/myscript2.sh
*/30 * * * * /opt/myscript3.sh
Passing variables to each item looks messy.
Instead of setting profile, what helped me was setting the PATH
. Some of the commands were not available in my cron scripts as the PATH
is different.
ENVIRONMENT=prod
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
*/30 * * * * /opt/myscript1.sh
*/30 * * * * /opt/myscript2.sh
*/30 * * * * /opt/myscript3.sh
Setting PATH
with the path of commands helped me. Even better if you can use a template and detemplatize later,
ENVIRONMENT=ENVIRONMENT
PATH=PATH
*/30 * * * * /opt/myscript1.sh
*/30 * * * * /opt/myscript2.sh
*/30 * * * * /opt/myscript3.sh
Passing variables to each item looks messy.
answered Apr 27 '18 at 8:57
Optimus PrimeOptimus Prime
1389
1389
add a comment |
add a comment |
I recently came across a case where I had to execute the overall cronjob as root but, at the same time, had to execute a subcommand as a different user (which required sourcing that user's environment). I went with the following approach:
# m h dom mon dow user command
*/5 * * * * root (sudo -i -u <the user> command-to-be-run-as-user) && command-to-be-run-as-root
The crucial part is the argument -i
that's being passed to sudo
which will execute the given command in a separate login shell (which in turn means that the user's dotfiles will be sourced).
PS: Note that the user
column is only available in /etc/crontab
and the /etc/cron.d/*
files.
add a comment |
I recently came across a case where I had to execute the overall cronjob as root but, at the same time, had to execute a subcommand as a different user (which required sourcing that user's environment). I went with the following approach:
# m h dom mon dow user command
*/5 * * * * root (sudo -i -u <the user> command-to-be-run-as-user) && command-to-be-run-as-root
The crucial part is the argument -i
that's being passed to sudo
which will execute the given command in a separate login shell (which in turn means that the user's dotfiles will be sourced).
PS: Note that the user
column is only available in /etc/crontab
and the /etc/cron.d/*
files.
add a comment |
I recently came across a case where I had to execute the overall cronjob as root but, at the same time, had to execute a subcommand as a different user (which required sourcing that user's environment). I went with the following approach:
# m h dom mon dow user command
*/5 * * * * root (sudo -i -u <the user> command-to-be-run-as-user) && command-to-be-run-as-root
The crucial part is the argument -i
that's being passed to sudo
which will execute the given command in a separate login shell (which in turn means that the user's dotfiles will be sourced).
PS: Note that the user
column is only available in /etc/crontab
and the /etc/cron.d/*
files.
I recently came across a case where I had to execute the overall cronjob as root but, at the same time, had to execute a subcommand as a different user (which required sourcing that user's environment). I went with the following approach:
# m h dom mon dow user command
*/5 * * * * root (sudo -i -u <the user> command-to-be-run-as-user) && command-to-be-run-as-root
The crucial part is the argument -i
that's being passed to sudo
which will execute the given command in a separate login shell (which in turn means that the user's dotfiles will be sourced).
PS: Note that the user
column is only available in /etc/crontab
and the /etc/cron.d/*
files.
answered May 16 '18 at 0:16
balubalu
1414
1414
add a comment |
add a comment |
Yes, you can using "well known workarounds" (a couple of which have been listed). This is another way of saying that everyone knows it's crappy, though some people will refer to this as a "security feature" because they have spent at least as much tripping over this fail(ure) as you have, and would like to think their wasted time wasn't for naught. It's the cron equivalent of the QWERTY keyboard.
I suspect the original reason may have been for performance, such that scripts run once a minute wouldn't spend the time to read rc scripts. Also originally cron wasn't really configurable at all, so a default was really the only option.
There is no added security by not having some simple configuration or method to have cron just take on the environment of your interactive shell instead of users having to perform stupid shell gymnastics. On a modern machine there is generally no perceptible performance gain unless you have a vast quantity of jobs running every minute.
Unix culture fail. In my "humble" opinion. :-)
1
"There is no added security." That is not true. Take a look at CVE-2011-1095, CVE-2008-4304, and CVE-2010-3847.
– user26112
Jul 26 '13 at 2:20
I downvoted your answer, by the way. I usually try to avoid downvoting newcomers' answers but security is important to me. Please don't take the downvote the wrong way. Besides the part about security, your answer is excellent and would deserve an upvote. You can edit your answer here if you would like.
– user26112
Jul 26 '13 at 2:33
None of those have the slightest thing to do with having cron use a shell with the interactive flag set. This is pure FUD. Unfortunately I can't downvote your downvote. This may seem like a flame, but it's very frustrating when people think a vehicle with three wheels is better because there's a security issue to put a fourth wheel on. It isn't. People have just ridden a tricycle so long they've forgotten it's possible to add a fourth wheel.
– Austin S.
Jul 26 '13 at 16:43
Put another way: if any of the intended extra hoops the other answerers suggested are used, how do they not also gain access to any of the holes you mention? "* * * * * exec bash -i -c LOCALE=......."
– Austin S.
Jul 26 '13 at 16:56
This reads like a rant. I don't even see where it answers the question at all. Even if the security part were removed, @EvanTeitelman, I don't see why it would deserve an upvote as it doesn't answer the question.
– Wildcard
Jul 21 '17 at 1:15
add a comment |
Yes, you can using "well known workarounds" (a couple of which have been listed). This is another way of saying that everyone knows it's crappy, though some people will refer to this as a "security feature" because they have spent at least as much tripping over this fail(ure) as you have, and would like to think their wasted time wasn't for naught. It's the cron equivalent of the QWERTY keyboard.
I suspect the original reason may have been for performance, such that scripts run once a minute wouldn't spend the time to read rc scripts. Also originally cron wasn't really configurable at all, so a default was really the only option.
There is no added security by not having some simple configuration or method to have cron just take on the environment of your interactive shell instead of users having to perform stupid shell gymnastics. On a modern machine there is generally no perceptible performance gain unless you have a vast quantity of jobs running every minute.
Unix culture fail. In my "humble" opinion. :-)
1
"There is no added security." That is not true. Take a look at CVE-2011-1095, CVE-2008-4304, and CVE-2010-3847.
– user26112
Jul 26 '13 at 2:20
I downvoted your answer, by the way. I usually try to avoid downvoting newcomers' answers but security is important to me. Please don't take the downvote the wrong way. Besides the part about security, your answer is excellent and would deserve an upvote. You can edit your answer here if you would like.
– user26112
Jul 26 '13 at 2:33
None of those have the slightest thing to do with having cron use a shell with the interactive flag set. This is pure FUD. Unfortunately I can't downvote your downvote. This may seem like a flame, but it's very frustrating when people think a vehicle with three wheels is better because there's a security issue to put a fourth wheel on. It isn't. People have just ridden a tricycle so long they've forgotten it's possible to add a fourth wheel.
– Austin S.
Jul 26 '13 at 16:43
Put another way: if any of the intended extra hoops the other answerers suggested are used, how do they not also gain access to any of the holes you mention? "* * * * * exec bash -i -c LOCALE=......."
– Austin S.
Jul 26 '13 at 16:56
This reads like a rant. I don't even see where it answers the question at all. Even if the security part were removed, @EvanTeitelman, I don't see why it would deserve an upvote as it doesn't answer the question.
– Wildcard
Jul 21 '17 at 1:15
add a comment |
Yes, you can using "well known workarounds" (a couple of which have been listed). This is another way of saying that everyone knows it's crappy, though some people will refer to this as a "security feature" because they have spent at least as much tripping over this fail(ure) as you have, and would like to think their wasted time wasn't for naught. It's the cron equivalent of the QWERTY keyboard.
I suspect the original reason may have been for performance, such that scripts run once a minute wouldn't spend the time to read rc scripts. Also originally cron wasn't really configurable at all, so a default was really the only option.
There is no added security by not having some simple configuration or method to have cron just take on the environment of your interactive shell instead of users having to perform stupid shell gymnastics. On a modern machine there is generally no perceptible performance gain unless you have a vast quantity of jobs running every minute.
Unix culture fail. In my "humble" opinion. :-)
Yes, you can using "well known workarounds" (a couple of which have been listed). This is another way of saying that everyone knows it's crappy, though some people will refer to this as a "security feature" because they have spent at least as much tripping over this fail(ure) as you have, and would like to think their wasted time wasn't for naught. It's the cron equivalent of the QWERTY keyboard.
I suspect the original reason may have been for performance, such that scripts run once a minute wouldn't spend the time to read rc scripts. Also originally cron wasn't really configurable at all, so a default was really the only option.
There is no added security by not having some simple configuration or method to have cron just take on the environment of your interactive shell instead of users having to perform stupid shell gymnastics. On a modern machine there is generally no perceptible performance gain unless you have a vast quantity of jobs running every minute.
Unix culture fail. In my "humble" opinion. :-)
answered Jul 26 '13 at 1:44
Austin S.Austin S.
291
291
1
"There is no added security." That is not true. Take a look at CVE-2011-1095, CVE-2008-4304, and CVE-2010-3847.
– user26112
Jul 26 '13 at 2:20
I downvoted your answer, by the way. I usually try to avoid downvoting newcomers' answers but security is important to me. Please don't take the downvote the wrong way. Besides the part about security, your answer is excellent and would deserve an upvote. You can edit your answer here if you would like.
– user26112
Jul 26 '13 at 2:33
None of those have the slightest thing to do with having cron use a shell with the interactive flag set. This is pure FUD. Unfortunately I can't downvote your downvote. This may seem like a flame, but it's very frustrating when people think a vehicle with three wheels is better because there's a security issue to put a fourth wheel on. It isn't. People have just ridden a tricycle so long they've forgotten it's possible to add a fourth wheel.
– Austin S.
Jul 26 '13 at 16:43
Put another way: if any of the intended extra hoops the other answerers suggested are used, how do they not also gain access to any of the holes you mention? "* * * * * exec bash -i -c LOCALE=......."
– Austin S.
Jul 26 '13 at 16:56
This reads like a rant. I don't even see where it answers the question at all. Even if the security part were removed, @EvanTeitelman, I don't see why it would deserve an upvote as it doesn't answer the question.
– Wildcard
Jul 21 '17 at 1:15
add a comment |
1
"There is no added security." That is not true. Take a look at CVE-2011-1095, CVE-2008-4304, and CVE-2010-3847.
– user26112
Jul 26 '13 at 2:20
I downvoted your answer, by the way. I usually try to avoid downvoting newcomers' answers but security is important to me. Please don't take the downvote the wrong way. Besides the part about security, your answer is excellent and would deserve an upvote. You can edit your answer here if you would like.
– user26112
Jul 26 '13 at 2:33
None of those have the slightest thing to do with having cron use a shell with the interactive flag set. This is pure FUD. Unfortunately I can't downvote your downvote. This may seem like a flame, but it's very frustrating when people think a vehicle with three wheels is better because there's a security issue to put a fourth wheel on. It isn't. People have just ridden a tricycle so long they've forgotten it's possible to add a fourth wheel.
– Austin S.
Jul 26 '13 at 16:43
Put another way: if any of the intended extra hoops the other answerers suggested are used, how do they not also gain access to any of the holes you mention? "* * * * * exec bash -i -c LOCALE=......."
– Austin S.
Jul 26 '13 at 16:56
This reads like a rant. I don't even see where it answers the question at all. Even if the security part were removed, @EvanTeitelman, I don't see why it would deserve an upvote as it doesn't answer the question.
– Wildcard
Jul 21 '17 at 1:15
1
1
"There is no added security." That is not true. Take a look at CVE-2011-1095, CVE-2008-4304, and CVE-2010-3847.
– user26112
Jul 26 '13 at 2:20
"There is no added security." That is not true. Take a look at CVE-2011-1095, CVE-2008-4304, and CVE-2010-3847.
– user26112
Jul 26 '13 at 2:20
I downvoted your answer, by the way. I usually try to avoid downvoting newcomers' answers but security is important to me. Please don't take the downvote the wrong way. Besides the part about security, your answer is excellent and would deserve an upvote. You can edit your answer here if you would like.
– user26112
Jul 26 '13 at 2:33
I downvoted your answer, by the way. I usually try to avoid downvoting newcomers' answers but security is important to me. Please don't take the downvote the wrong way. Besides the part about security, your answer is excellent and would deserve an upvote. You can edit your answer here if you would like.
– user26112
Jul 26 '13 at 2:33
None of those have the slightest thing to do with having cron use a shell with the interactive flag set. This is pure FUD. Unfortunately I can't downvote your downvote. This may seem like a flame, but it's very frustrating when people think a vehicle with three wheels is better because there's a security issue to put a fourth wheel on. It isn't. People have just ridden a tricycle so long they've forgotten it's possible to add a fourth wheel.
– Austin S.
Jul 26 '13 at 16:43
None of those have the slightest thing to do with having cron use a shell with the interactive flag set. This is pure FUD. Unfortunately I can't downvote your downvote. This may seem like a flame, but it's very frustrating when people think a vehicle with three wheels is better because there's a security issue to put a fourth wheel on. It isn't. People have just ridden a tricycle so long they've forgotten it's possible to add a fourth wheel.
– Austin S.
Jul 26 '13 at 16:43
Put another way: if any of the intended extra hoops the other answerers suggested are used, how do they not also gain access to any of the holes you mention? "* * * * * exec bash -i -c LOCALE=......."
– Austin S.
Jul 26 '13 at 16:56
Put another way: if any of the intended extra hoops the other answerers suggested are used, how do they not also gain access to any of the holes you mention? "* * * * * exec bash -i -c LOCALE=......."
– Austin S.
Jul 26 '13 at 16:56
This reads like a rant. I don't even see where it answers the question at all. Even if the security part were removed, @EvanTeitelman, I don't see why it would deserve an upvote as it doesn't answer the question.
– Wildcard
Jul 21 '17 at 1:15
This reads like a rant. I don't even see where it answers the question at all. Even if the security part were removed, @EvanTeitelman, I don't see why it would deserve an upvote as it doesn't answer the question.
– Wildcard
Jul 21 '17 at 1:15
add a comment |
I put . ~/.dbus/session-bus/*
at the top of my desired script :)
1
Welcome to U & L SE. Please expand your answer more so that it will benefit the readers.
– Ramesh
Sep 20 '14 at 15:25
add a comment |
I put . ~/.dbus/session-bus/*
at the top of my desired script :)
1
Welcome to U & L SE. Please expand your answer more so that it will benefit the readers.
– Ramesh
Sep 20 '14 at 15:25
add a comment |
I put . ~/.dbus/session-bus/*
at the top of my desired script :)
I put . ~/.dbus/session-bus/*
at the top of my desired script :)
edited Sep 20 '14 at 15:24
Ramesh
24k34104187
24k34104187
answered Sep 20 '14 at 15:18
EricEric
1
1
1
Welcome to U & L SE. Please expand your answer more so that it will benefit the readers.
– Ramesh
Sep 20 '14 at 15:25
add a comment |
1
Welcome to U & L SE. Please expand your answer more so that it will benefit the readers.
– Ramesh
Sep 20 '14 at 15:25
1
1
Welcome to U & L SE. Please expand your answer more so that it will benefit the readers.
– Ramesh
Sep 20 '14 at 15:25
Welcome to U & L SE. Please expand your answer more so that it will benefit the readers.
– Ramesh
Sep 20 '14 at 15:25
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f27289%2fhow-can-i-run-a-cron-command-with-existing-environmental-variables%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
How is adding
source ~/.profile
to a program redundant? Programs inherit their environment from the calling program. If that calling program is not your shell, then how will the decendant program get the environment that you want?– Arcege
Dec 21 '11 at 5:08
I already wrote my answer to a similar question here. It simply uses
su -l
to setup a normal login environment including the $PATH for either root or other specific user.– tasket
Sep 14 '18 at 18:52