crond

Hurricane Electric Internet Services: Accounts starting at $9.95/month
Hurricane Electric Internet Services

NAME

       crond - cron daemon (Dillon's Cron)


SYNOPSIS

       crond [-l#] [-d[#]] [-f] [-b] [-c directory]


OPTIONS

       crond  is  a  background  daemon  that  parses  individual
       crontab files and executes commands on behalf of the users
       in question.

       -l<loglevel>
            set logging level, default is 8.

       -d[<debuglevel>]
            set debugging level, default is 0, if no level speci-
            fied with -d option default is 1.  This  option  also
            sets  the  logging level to 0 and causes crond to run
            in the foreground.

       -f   run crond in the foreground.

       -b   run crond in the background (default unless -d speci-
            fied).

       -c directory
            specify directory containing crontab files.


DESCRIPTION

       crond  is  responsible  for scanning the crontab files and
       running their  commands  at  the  appropriate  time.   The
       crontab   program  communicates  with  crond  through  the
       "cron.update" file which resides  in  crontabs  directory,
       usually /var/spool/cron/crontabs.  This is accomplished by
       appending the filename of the modified or deleted  crontab
       file  to "cron.update" which crond then picks up to resyn-
       chronize or remove  its  internal  representation  of  the
       file.

       Crond  has  a number of built in limitations to reduce the
       chance of it being ill-used.  Potentially  infinite  loops
       during  parsing are dealt with via a failsafe counter, and
       user  crontabs  are  generally  limited  to  256   crontab
       entries.   crontab lines may not be longer than 1024 char-
       acters, including the newline.

       Whenever crond must run a job, it first creates a  daemon-
       owned temporary file O_EXCL and O_APPEND to store any out-
       put, then fork()s and changes its user and  group  permis-
       sions  to match that of the user the job is being run for,
       then exec's /bin/sh -c to run the job.  The temporary file
       remains  under  the ownership of the daemon to prevent the
       user from tampering with it.  Upon job  completion,  crond
       verifies  the  secureness  of the mail file and, if it has
       been appended to, mails to the file to user.  The sendmail
       program  is  run  under  the  user's  uid  to prevent mail
       related security holes.  Unlike crontab , the  crond  pro-
       gram does not leave an open descriptor to the file for the
       duration of the job's execution as this might cause  crond
       to  run out of descriptors.  When crontab program allows a
       user to edit his crontab, it copies the crontab to a  user
       owned file before running the user's prefered editor.  The
       suid crontab programs keeps an open descriptor to the file
       which  it later uses to copy the file back, thereby ensur-
       ing the user has not tampered with the file type.

       Crond always synchronizes to the top of the minute, check-
       ing  the  current  time against the list of possible jobs.
       The list is stored such that the scan goes  very  quickly,
       and  crond  can deal with several thousand entries without
       taking any noticable amount of cpu.


AUTHOR

       Matthew Dillon (dillon@apollo.west.oic.com)
Hurricane Electric Internet Services: Accounts starting at $9.95/month
Hurricane Electric Internet Services
Copyright (C) 1998 Hurricane Electric. All Rights Reserved.