su in crontab
Stan Tazuma
stan at tikal.UUCP
Wed Jan 15 02:27:38 AEST 1986
In article <706 at astrovax.UUCP> wls at astrovax.UUCP (William L. Sebok) writes:
>I just tripped over a rather puzzling anomaly. If I insert
>
>08 * * * * su wls % exec /usr/ucb/whoami >>/mnt/wls/TST/Errors 2>&1
>
>I get "root" in the file /mnt/wls/TST/Errors, while if instead I insert
>
>12 * * * * echo /usr/ucb/whoami | su wls >>/mnt/wls/TST/Errors 2>&1
>
The problem is that the man page for Berkeley cron lies. The man page says
that when the '%' is used, following 'line's are passed to the command as input.
This is false. When cron starts up a shell for the entire command
line, it first replaces all '%'s by new-lines. Basically, your first
example above would be executed like:
$ su wls
$ exec /usr/ucb/whoami >> .....
The first command (su) would start up a setuid shell; the shell
would see EOF, and promptly exit (uid then reverts back to cron's uid).
Then, the exec line would be executed, and the user-id would be cron's
user-id, namely root in your case.
The second of your crontab lines would be executed as expected, and
that's why it works.
To properly use the '%' char. in a crontab command line, try:
su wls <<x % /usr/ucb/whoami %x
or, since EOF (EOT) is sufficient for the su shell,
su wls <<x % /usr/ucb/whoami
will work.
Notice that this is just the 'here' document. I.e.,
$ su wls <<x
$ /usr/ucb/whoami
$ x
so 'x' can be any string.
Important: the System V cron interprets the '%' operator as documented
in the cron man page.
For those with Pyramid computers, the System V cron is being used.
More information about the Comp.unix.wizards
mailing list