we have more then 10 jobs scheduled in cronjob.. but we can see some of the script has been changed without any notification.. can we write any script which captures any changes inside the scripts with time of change and user name like .. or any other option apart from this ??
Plz help ..
I'm confused.
- Who owns/runs the crontab? oracle? root?
- How many users on the system know the password to the account that owns the crontab file?
Since crontab executes user-written scripts and those can change at any time so:
3. Who owns the scripts that are changing?
4. Are the crontab entries themselves changing?
cron does not change scripts, people do. cron does not change it's own entries, people do. If you can tell us more maybe we can help you find the problem.
hi jm.
correct it is changed by pepole only... they are different user which have acces to cron job.. they may change .. with the requirement .i want to track .. if any change happens in between inside the script . i can track all these changes .plz provide possible way . to notice change, changed by user and change time.
One way of many to do this:
Part A.
create a list of script files with full script files names: e.g., /path/to/script.sh
Next use that list to create a file with checksums
while read fname
do
/usr/bin/cksum $fname
done < /path/to/list.txt > /path/to/checksums.txt
Now you are set up. NOTE: if your detect a change, that means you have to redo the checksums, if the change was okay and you want to keep it as part of the cron jobs.
Part B
create a script to check the files
#!/bin/ksh
# check.sh
while read fname
do
/usr/bin/cksum $fname
done < /path/to/list.txt > /tmp/test.txt
/usr/bin/diff /tmp/test/test.txt /path/to/checksums.txt > /dev/null
# diff returns 1 if the files are different - meaning code has changed
if [ $? -eq 1 ] ; then
echo 'warning files have changed check /tmp/test.txt' | /usr/bin/mailx -s 'Warning' \
netdbaind@somecompany.com
fi
exit 0
Put this entry into cron. Be sure your buddies cannot change/edit your check.sh
0,5,10,15,20,25,30,35,40,45,50,55 * * * * /path/to/check.sh
You may be tempted to make it every minute. Don't. One day you will come into work with 190 emails waiting for you.
1 Like
Thanks Jim,
if i am not wrong the diff here will come in cksum format rit.. can we change this cksum format in text so that we can easily know what has changed..?