requests, default to the previous 60-seconds scheduling method
unless there is any @every_second entries to conserve CPU cycles and
power.
This change also improves scheduling in the default mode by running
as close to the beginning of the minnute as possible by replacing
sleep(3) with nanosleep(2). Previously, the tasks would run anywhere
within the first second of the minute and that offset drifted back
and forth each time cron(8) was engaged.
MFC after: 1 month
not multiple of 1 second, which results in actual time to drift back
and forth every run within 1 second of the actual action has
been set for.
Suggested by: Ian Lepore
o Schedule the first run in 1 second after starting up, not on the
boundary of the next minute, which results in the every_second jobs
not being run.
only available via the new @every_second shortcut. ENOTIME to
implement crontab(5) format extensions to allow more flexible
scheduling.
In order to address some concerns expressed by Terry Lambert
while discussing the topic few years ago, about per-second cron
possibly causing some bad effects on /etc/crontab by stat()ing
it every second instead of every minute now (i.e. atime update),
only check that database needs to be reloaded on every 60-th
loop run. This should be close enough to the current behaviour.
Add "@every_minute" shortcut while I am here.
MFC after: 1 month
This structure is not part of POSIX. According to POSIX, gettimeofday()
has the following prototype:
int gettimeofday(struct timeval *restrict tp, void *restrict tzp);
Also, POSIX states that gettimeofday() shall return 0 (as long as tzp is
not used). Remove dead error handling code. Also use NULL for a
nul-pointer instead of integer 0.
While there, change all pieces of code that only use tv_sec to use
time(3), as this provides less overhead.
occurs in the same second as the earlier operations to create the temporary
file and the cron(8) daemon is rescans the spool directory during that
second, then the daemon may miss a cron edit and not properly update its
internal database.
MFC after: 1 month
DST should not need to worry about scheduling jobs when the DST time
changes.
Rather than removing the BUGS section in crontab(5) regarding this,
note that disabling '-s' may still cause jobs to be executed twice or
not at all.
PR: 166318
Submitted by: Florian k Unglaub (f.unglaub%googlemail!com)
MFC After: 1 week
environments.
Please note that this can't be done while such processes run in jails.
Note: in future it would be interesting to find a way to do that
selectively for any desired proccess (choosen by user himself), probabilly
via a ptrace interface or whatever.
Obtained from: Sandvine Incorporated
Reviewed by: emaste, arch@
Sponsored by: Sandvine Incorporated
MFC: 1 month
unless explicitly provided by MAILTO= line in crontab. This feature can be
useful in massive hosting environment, where most users do not care about
autogenerated mails.
Setting recipient to null string disables default mails at all.
Approved by: yar
MFC after: 4 weeks
by unavailable accounts, e.g., those locked, expired, not allowed in at
the moment by nologin(5), or whatever, depending on cron's pam.conf(5).
This applies to personal crontabs only, /etc/crontab is unaffected.
In other words, now the account management policy will apply to
commands scheduled by users via crontab(1) so that a user can no
longer use cron(8) to set up a delayed backdoor and run commands
during periods when the admin doesn't want him to.
The PAM check is done just before running a command, not when loading
a crontab, because accounts can get locked, expired, and re-enabled
any time with no changes to their crontabs. E.g., imagine that you
provide a system with payed access, or better a cluster of such
systems with centralized account management via PAM. When a user
pays for some days of access, you set his expire field respectively.
If the account expires before its owner pays more, its crontab
commands won't run until the next payment is made. Then it'll be
enough to set the expire field in future for the commands to run
again. And so on.
Document this change in the cron(8) manpage, which includes adding
a FILES section and touching the document date.
X-Security: should benefit as users have access to cron(8) by default
as crontab(5) states it can be. This is supported by all vixie-cron derived
implementations; not sure why FreeBSD was any different.
PR: bin/106442
MFC after: 2 weeks
setgid(2), setlogin(2) and initgroups(3). In theory they could
fail for root with some third party mac(4) policies.
Submitted by: Kostik Belousov
MFC after: 1 month
"crontab /etc/crontab", but not the same format due to the who field.
Add some limited anti-foot-shooting support and refuse to load
/etc/crontab as someone's crontab. Users wishing shoot their foot in
this manner may copy /etc/crontab elsewhere. :)
MFC After: 1 week
Note, that when cron(8) cannot create pidfile, it'll exit. I didn't
changed this behaviour, but its better to ignore errors other than
EEXIST, so daemon can be started on systems where /var/ file system
doesn't support locking (like NFS without rpc.lockd(8)).
entry having stepping value of zero can cause crontab to hang there,
and if the main crontab is being changed in this way, then cron(8)
will keep spining.
Obtained from: OpenBSD [src/usr.sbin/cron/entry.c,v 1.17]
PR: 68683 (my own, but forgot to commit it...)
MFC After: 1 week
to PRECIOUSLIB from bsd.lib.mk. The side effect of this
is making installing the world under jail(8) possible by
using another knob, NOFSCHG.
Reviewed by: oliver
$ crontab -e
[Add an entry with an error in the crontab file.]
crontab: errors in crontab file, can't install
Do you want to retry the same edit? yes
[Exit the editor without any changes.]
crontab: no changes made to crontab
[Entry is lost.]
Now crontab will loop until the error is fixed, or the
user answers no.
the maximum amount of time jitter for root and other users, respectively.
Before starting a job, cron(8) will sleep a random number of seconds,
from 0 to the amount specified. This can help to smooth down load spikes
when a lot of jobs are to start at the beginning of a particular minute
(e.g., the first minute of an hour.)
PR: bin/66474
Submitted by: Dmitry Morozovsky <marck <@> rinet.ru>
assignment even if it is not quoted (as advertised by the man page).
This fixes a regression wrt RELENG_4 introduced in rev. 1.11.
Problem noted and patch tested by: CHOI Junho <cjh@kr.FreeBSD.org>
Reviewed by: roberto
for any reason other than ENOENT (think resource limits). Close allow and
deny files before allowed() returns to stop the user's EDITOR being able to
read them.
Obtained from: OpenBSD (partially)
line as an environment variable assignment, is broken
and not conformant to its description in the manual page.
I think it is worthwhile to have that fix in 4.6.
PR: bin/38374
Submitted by: Thomas Quinot <thomas@cuivre.fr.eu.org>
MFC after: 2 days
the patch Matthew submitted, but I broke the lines in a more FreeBSD
way and made one small wording change.
PR: 31265
Submitted by: Matthew D. Fuller <fullermd@over-yonder.net>
MFC after: 3 weeks
monthly and weekly, respectively. Also fix the @yearly shortcut so
that it doesn't execute daily during January. OpenBSD and NetBSD also
appear to have this bug.
PR: bin/21152
e->cmd. free_entry() now does the right thing with
partially-initialized structures.
load_entry(): Don't call env_free() on e->envp throughout the routine
before jumping to eof; the free_entry() call at that label will take
care of it. The previous behavior resulted in e->envp being free'd
twice (well, the second time would usually result in a crash, but
that's besides the point); once in load_entry(), and once in
free_entry() after the former called the latter. Also note that the
check added to free_entry() (above) doesn't help, since e->envp wasn't
reset to NULL after env_free().
Submitted by: Mark Peek <mark@whistle.com>