Solaris crontab - NCCCS Systems Office Wiki http://localhost:8000/NCCCS/solaris-crontab#preview

Solaris crontab

crontab Access Control

Here is a quick cheat sheet on how to add a crontab for a non-root user on Solaris 8. The datatel user will require permissions to be added so it can add entries in the crontab.

Users: Access to crontab is allowed:

if the user's name appears in /etc/cron.d/cron.allow. if /etc/cron.d/cron.allow does not exist and the user's name is not in /etc/cron.d/cron.deny.

Users: Access to crontab is denied:

if /etc/cron.d/cron.allow exists and the user's name is not in it. if /etc/cron.d/cron.allow does not exist and user's name is in /etc/cron.d/cron.deny. if neither file exists, only a user with the solaris.jobs.user authorization is allowed to submit a job.

Note that the rules for allow and deny apply to root only if the allow/deny files exist.

The allow/deny files consist of one user name per line.

A prompt of # means you are logged in as the root user. A prompt of $ means you are logged in as the datatel user.

Quick one-liner to add entry

# echo "datatel" >> /etc/cron.d/cron.allow

How to verify

# cd /etc/cron.d # pwd /etc/cron.d

# cat cron.allow adm lp root datatel

1 of 2 9/27/2005 1:14 PM Solaris crontab - NCCCS Systems Office Wiki http://localhost:8000/NCCCS/solaris-crontab#preview

# cat cron.deny daemon bin smtp nuucp listen nobody noaccess

Copyright 2005 - J. Michael McGarrah

2 of 2 9/27/2005 1:14 PM