Cron – Troubleshooting Shell Scripts Not Working with Crontab

cron

I have a little VPS I run apache and a Minecraft server on. I don't ever turn it off, but should I restart it for some reason, IPTables blocks most of my ports, including port 80. I've tried so many different suggestions on fixing this, but with no luck. Also, since the provider is OVH, the support is… lacking.

So, I've created a workaround, which I'm happy with. I created a simple shell script file to open certain ports I need opened on restart (80 and 25565 for now). The important ones such as 21 and 22 are not affected on restart.

The script looks like this:

iptables -I INPUT -p tcp --dport 80 -j ACCEPT
iptables -I INPUT -p udp --dport 80 -j ACCEPT
iptables -I INPUT -p tcp --dport 25565 -j ACCEPT
iptables -I INPUT -p udp --dport 25565 -j ACCEPT
/sbin/service iptables save

When I manually run it by typing /iptdef.sh, it runs fine, the ports become open and it's all good.

Of course, it's not practical having to remember to run it every time I restart the server, so I added a crontab. The problem is, it doesn't work/run. This is my crontab file:

*/5 * * * * /backup2.sh
*/55 * * * * /backup3.sh
@reboot /iptdef.sh
* * * * *  /iptdef.sh

The first two lines work. They are just simple scripts that make a backup of a folder for me. The second two lines are what's not working.

Is there a chance that perhaps it's not possible to run iptables commands from a cron? It sounds silly, but I can't see any other reason for it not to work. The scripts have the correct permissions.

Best Answer

It's because cron forcibly sets PATH to /usr/bin:/bin. You need to invoke iptables as /sbin/iptables or add PATH=/usr/sbin:/sbin:/usr/bin:/bin in your script or crontab. See crontab(5) for details.

Related Solutions

Shell – Crontabbed shell script not able to create/write to a file

Cron jobs can be run as root or another specified user. If that user does not have the permission to write to the .sql file the job will fail.

If the file exist and it has write permission for the user running the job the file will be written.

if the file does not exist and the user does not have permission to create files in target directory, the job will fail.

I can typically say

sudo touch /var/log/foo.log
sudo chown my_username /var/log/foo.log

now I can say:

echo bar > /var/log/foo.log

but if the file does not exist it will fail, as I have no permission to create files in /var/log/.

So question becomes if the user running the job have the right to create files where ever the output from mysqldump is written.

Now if I set up a cron job to run a script with this:

date > /var/log/foo.log

every minute, I can add:

*  *    * * *   my-user-name  /path/to/script

to /etc/crontab. As I have no permission to create files in /var/log/ the cron daemon will send me an email when the job fails.

After 1 minute there are no file. I go to a terminal and type mail:

$ mail
>N  1 Cron Daemon        Sat Jan 31 05:15   19/731   Cron <user@host>    /path/to/script
? type
...

/path/to/script: line 3: /var/log/foo.log: Permission denied

OK. My bad. I create the file and chown it to me. Now all is OK.

Have a look at these as well:

Shell – Environment variables are not passed to sub scripts while running on crontab

$SOMEPATH isn't defined within cron, so your crontab line that tries to source /$SOMEPATH/some.env will fail. (Unless //some.env exists, that is.)

For debugging cron related issues, be aware that it writes stderr messages - including its own - to the local user's mailbox. If you don't have a mail client installed (mail or mailx) you could use something like this to read these messages:

less /var/mail/$USER

Or if you want to be really generic

"${PAGER:-less}" "${MAIL:-/var/mail/${USER:-${LOGIN:-$(whoami)}}}"

Best Answer

Related Solutions

Shell – Crontabbed shell script not able to create/write to a file

Shell – Environment variables are not passed to sub scripts while running on crontab

Related Question