- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Crontab file permissions
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-24-2003 02:04 PM
11-24-2003 02:04 PM
Crontab file permissions
Thanks,
B
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-24-2003 02:12 PM
11-24-2003 02:12 PM
Re: Crontab file permissions
# su - otheruser
$ crontab -e
make changes, save file
$ logout
Or an even better practise, as the other user, use:
$ crontab -l >myfile
$ vi myfile
make change and save
$ crontab myfile
The files must be owned by the relevant user.
Also suggest you check patches in case there is one.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-24-2003 02:20 PM
11-24-2003 02:20 PM
Re: Crontab file permissions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-24-2003 02:26 PM
11-24-2003 02:26 PM
Re: Crontab file permissions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-24-2003 02:28 PM
11-24-2003 02:28 PM
Re: Crontab file permissions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-24-2003 02:44 PM
11-24-2003 02:44 PM
Re: Crontab file permissions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-24-2003 03:58 PM
11-24-2003 03:58 PM
Re: Crontab file permissions
I'm no expert on 10.20, though I used it as a part time admin for a while.
Got some bad news for your security group.
Proper permissions on crontab files on 11.11
-r-------- 1 root dba 3571 Oct 8 11:16 oracle
-r-------- 1 root sys 7633 Oct 2 11:10 root
-r-------- 1 root sag 1463 Sep 24 11:09 sag
Note root owns it, but the group is the primary group of the user that should own it.
I did not modify the permissions on this file.
I have found over the years that messing around with permissions on certain files is a recipe for overnight work. It might be fine to change the permissions on those files, and Michael's practices are good, should be followed.
It might be fine to put platinium tip spark plugs in my Truck. It might make me more secure because I can get away from criminals faster. But... It might damage the engine. Bad analogy, but its been a long day.
It might have an unintended nasty effect as well.
Sometimes the default permissions on files are bad. In this case, the permissions are very tight, the crontab -e command lets you access them as the user involved.
With my usual lack of subtley, your security people, do they know Unix? Why are the mandating this change? Does it make sense?
If not in this case these questions may need to be asked in other mandated standards.
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-25-2003 01:54 PM
11-25-2003 01:54 PM
Re: Crontab file permissions
Thanks for the replies.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-26-2003 04:56 AM
11-26-2003 04:56 AM
Re: Crontab file permissions
The behavior that you are seeing is normal. For 10.20 and 11.11 the behavior is exactly the same. The files are owned by root with the group ID set to the ID of the user.
A little UNIX history, many releases ago crontab files used to be owned by the user and not root. It sounds like the author of your security policy is still remembering that tidbit of information.
JL