Chapter 15 planning tasks (crontab)
15.2 what is a planned task
Remind regularly or when the conditions are met.
15.1.1 types of Linux planned tasks: at, cron
- Routine: matters to be done at regular intervals;
- Unexpected: not after this time
Types of planned tasks:
- At: can handle commands that end only once. When executing at, you need support of atd service.
- Crontab: the tasks set by this command will be executed in a circular manner, which can last for minutes, hours, weeks, months or years. In addition to command execution, crontab can also be supported by editing / etc/crontab. The service that makes crontab effective is crond.
15.1.2 common routine tasks on CentOS Linux system
- Log rotate: the system keeps recording all kinds of information happened in the system, and the log files are getting larger and larger. Timely move the log file to store the data and new data separately, which can record these event information more effectively.
- Log file analysis task of logwatch: if the system has software problems, hardware errors, information security problems, etc., it will be recorded in the log. Therefore, one of the important tasks of the system administrator is to analyze log files. However, it is not possible to view the log file manually through vim software because the data is too complex. The logwatch of the system is used to analyze the login information.
- Create locate database: this command performs the query of file name through the existing file name database. The file name database is placed in / var/lib/locate, and the system actively executes updatedb to update the database.
- The establishment of RPM software log file
- Delete cache
- Network related analysis operation: if a software similar to a website server (such as apache) is installed, Linux will actively analyze the log files of the software. At the same time, the Linux system will also help to automatically check the expiration of some credentials and heavy network information.
15.2 planned tasks performed only once
15.2.1 atd startup and at operation mode
[root@study ~] systemctl restart atd restart atd service [root@study ~] systemctl enable atd Let this service start automatically [root@study ~] systemctl status atd see atd Current status ● atd.service - Job spooling tools Loaded: loaded (/usr/lib/systemd/system/atd.service; enabled; vendor preset: enabled) Active: active (running) since IV. 2020-06-11 20:28:20 CST; 31s ago Main PID: 6665 (atd) CGroup: /system.slice/atd.service └─6665 /usr/sbin/atd -f 6 November 20:28:20 study.centos.vbird systemd[1]: Started Job spooling tools.
Use the command at to generate the task to run, and write the task to the directory / var/spool/at / as a text file. The task can wait for the use and execution of atd.
Control at: through / etc/at.allow And / etc/at.deny These two files implement the limitation of at.
- Whitelist: find / etc first/ at.allow File. Users who write in this file can use at. Users who don't write in this file can't use at (even if they don't write in at.deny Medium)
- Blacklist: if / etc/at.allow File does not exist, find / etc/at.deny File. Users who write in this file cannot use at. Users who do not write in this file can use at.
- No list: if neither file exists, only root can use at.
15.2.2 actual operation of single planned task
5 Minutes later /root/.bashrc The content of this document is sent to root user [root@study ~] at now +5 minutes at> /bin/mail -s "testing at job" root < /root/.bashrc at> <EOT> job 1 at Thu Jun 11 20:48:00 2020
List the contents of task 1: root@study ~] at -c 1 #!/bin/sh # atrun uid=0 gid=0 # mail root 0 umask 22 XDG_VTNR=1; export XDG_VTNR SSH_AGENT_PID=2039; export SSH_AGENT_PID XDG_SESSION_ID=1; export XDG_SESSION_ID HOSTNAME=study.centos.vbird; export HOSTNAME IMSETTINGS_INTEGRATE_DESKTOP=yes; export IMSETTINGS_INTEGRATE_DESKTOP VTE_VERSION=5202; export VTE_VERSION SHELL=/bin/bash; export SHELL XDG_MENU_PREFIX=gnome-; export XDG_MENU_PREFIX HISTSIZE=1000; export HISTSIZE GNOME_TERMINAL_SCREEN=/org/gnome/Terminal/screen/5c2e0ba9_bff1_4e82_b9e0_c5abd2611194; export GNOME_TERMINAL_SCREEN IMSETTINGS_MODULE=none; export IMSETTINGS_MODULE USER=root; export USER LS_COLORS=rs=0:di=38\;5\;27:ln=38\;5\;51:mh=44\;38\;5\;15:pi=40\;38\;5\;11:so=38\;5\;13:do=38\;5\;5:bd=48\;5\;232\;38\;5\;11:cd=48\;5\;232\;38\;5\;3:or=48\;5\;232\;38\;5\;9:mi=05\;48\;5\;232\;38\;5\;15:su=48\;5\;196\;38\;5\;15:sg=48\;5\;11\;38\;5\;16:ca=48\;5\;196\;38\;5\;226:tw=48\;5\;10\;38\;5\;16:ow=48\;5\;10\;38\;5\;21:st=48\;5\;21\;38\;5\;15:ex=38\;5\;34:\*.tar=38\;5\;9:\*.tgz=38\;5\;9:\*.arc=38\;5\;9:\*.arj=38\;5\;9:\*.taz=38\;5\;9:\*.lha=38\;5\;9:\*.lz4=38\;5\;9:\*.lzh=38\;5\;9:\*.lzma=38\;5\;9:\*.tlz=38\;5\;9:\*.txz=38\;5\;9:\*.tzo=38\;5\;9:\*.t7z=38\;5\;9:\*.zip=38\;5\;9:\*.z=38\;5\;9:\*.Z=38\;5\;9:\*.dz=38\;5\;9:\*.gz=38\;5\;9:\*.lrz=38\;5\;9:\*.lz=38\;5\;9:\*.lzo=38\;5\;9:\*.xz=38\;5\;9:\*.bz2=38\;5\;9:\*.bz=38\;5\;9:\*.tbz=38\;5\;9:\*.tbz2=38\;5\;9:\*.tz=38\;5\;9:\*.deb=38\;5\;9:\*.rpm=38\;5\;9:\*.jar=38\;5\;9:\*.war=38\;5\;9:\*.ear=38\;5\;9:\*.sar=38\;5\;9:\*.rar=38\;5\;9:\*.alz=38\;5\;9:\*.ace=38\;5\;9:\*.zoo=38\;5\;9:\*.cpio=38\;5\;9:\*.7z=38\;5\;9:\*.rz=38\;5\;9:\*.cab=38\;5\;9:\*.jpg=38\;5\;13:\*.jpeg=38\;5\;13:\*.gif=38\;5\;13:\*.bmp=38\;5\;13:\*.pbm=38\;5\;13:\*.pgm=38\;5\;13:\*.ppm=38\;5\;13:\*.tga=38\;5\;13:\*.xbm=38\;5\;13:\*.xpm=38\;5\;13:\*.tif=38\;5\;13:\*.tiff=38\;5\;13:\*.png=38\;5\;13:\*.svg=38\;5\;13:\*.svgz=38\;5\;13:\*.mng=38\;5\;13:\*.pcx=38\;5\;13:\*.mov=38\;5\;13:\*.mpg=38\;5\;13:\*.mpeg=38\;5\;13:\*.m2v=38\;5\;13:\*.mkv=38\;5\;13:\*.webm=38\;5\;13:\*.ogm=38\;5\;13:\*.mp4=38\;5\;13:\*.m4v=38\;5\;13:\*.mp4v=38\;5\;13:\*.vob=38\;5\;13:\*.qt=38\;5\;13:\*.nuv=38\;5\;13:\*.wmv=38\;5\;13:\*.asf=38\;5\;13:\*.rm=38\;5\;13:\*.rmvb=38\;5\;13:\*.flc=38\;5\;13:\*.avi=38\;5\;13:\*.fli=38\;5\;13:\*.flv=38\;5\;13:\*.gl=38\;5\;13:\*.dl=38\;5\;13:\*.xcf=38\;5\;13:\*.xwd=38\;5\;13:\*.yuv=38\;5\;13:\*.cgm=38\;5\;13:\*.emf=38\;5\;13:\*.axv=38\;5\;13:\*.anx=38\;5\;13:\*.ogv=38\;5\;13:\*.ogx=38\;5\;13:\*.aac=38\;5\;45:\*.au=38\;5\;45:\*.flac=38\;5\;45:\*.mid=38\;5\;45:\*.midi=38\;5\;45:\*.mka=38\;5\;45:\*.mp3=38\;5\;45:\*.mpc=38\;5\;45:\*.ogg=38\;5\;45:\*.ra=38\;5\;45:\*.wav=38\;5\;45:\*.axa=38\;5\;45:\*.oga=38\;5\;45:\*.spx=38\;5\;45:\*.xspf=38\;5\;45:; export LS_COLORS GNOME_TERMINAL_SERVICE=:1.112; export GNOME_TERMINAL_SERVICE SSH_AUTH_SOCK=/run/user/0/keyring/ssh; export SSH_AUTH_SOCK USERNAME=root; export USERNAME SESSION_MANAGER=local/unix:@/tmp/.ICE-unix/1888,unix/unix:/tmp/.ICE-unix/1888; export SESSION_MANAGER GNOME_SHELL_SESSION_MODE=classic; export GNOME_SHELL_SESSION_MODE PATH=/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/bin:/sbin:/root/bin; export PATH MAIL=/var/spool/mail/root; export MAIL DESKTOP_SESSION=gnome-classic; export DESKTOP_SESSION QT_IM_MODULE=ibus; export QT_IM_MODULE XDG_SESSION_TYPE=x11; export XDG_SESSION_TYPE PWD=/root; export PWD XMODIFIERS=@im=ibus; export XMODIFIERS LANG=zh_CN.UTF-8; export LANG GDM_LANG=zh_CN.UTF-8; export GDM_LANG GDMSESSION=gnome-classic; export GDMSESSION HISTCONTROL=ignoredups; export HISTCONTROL XDG_SEAT=seat0; export XDG_SEAT HOME=/root; export HOME SHLVL=2; export SHLVL GNOME_DESKTOP_SESSION_ID=this-is-deprecated; export GNOME_DESKTOP_SESSION_ID XDG_SESSION_DESKTOP=gnome-classic; export XDG_SESSION_DESKTOP LOGNAME=root; export LOGNAME XDG_DATA_DIRS=/root/.local/share/flatpak/exports/share/:/var/lib/flatpak/exports/share/:/usr/local/share/:/usr/share/; export XDG_DATA_DIRS DBUS_SESSION_BUS_ADDRESS=unix:abstract=/tmp/dbus-kYEJyFgt75,guid=1d143d87b68f769ced9acc6f5ee1c64a; export DBUS_SESSION_BUS_ADDRESS LESSOPEN=\|\|/usr/bin/lesspipe.sh\ %s; export LESSOPEN WINDOWPATH=1; export WINDOWPATH XDG_RUNTIME_DIR=/run/user/0; export XDG_RUNTIME_DIR XDG_CURRENT_DESKTOP=GNOME-Classic:GNOME; export XDG_CURRENT_DESKTOP COLORTERM=truecolor; export COLORTERM XAUTHORITY=/run/gdm/auth-for-root-XbAWvZ/database; export XAUTHORITY cd /root || { echo 'Execution directory inaccessible' >&2 exit 1 } ${SHELL:-/bin/sh} << 'marcinDELIMITER4b4fafbb' /bin/mail -s "testing at job" root < /root/.bashrc This is the most important sentence marcinDELIMITER4b4fafbb
sleep timer You can enter multiple commands in a task: [root@study ~] at 23:00 2020-06-11 at> /bin/sync at> /bin/sync at> /sbin/shutdown -h now at> <EOT> job 2 at Thu Jun 11 23:00:00 2020
Display content on the terminal: echo "hello" > /dev/tty1 However, the following sentence cannot be displayed on the screen. All standard output and standard error output will be sent to the mailbox of the executor, and the terminal will not see the information echo "hello"
At can realize the function of [background execution], which is the task to continue offline execution. Because of the use of at planning task, the system will separate the at task from your bash environment and directly give it to the atd program of the system to take over. Therefore, when you perform the task of at, you can go offline immediately, and the rest of the work will be completely managed by Linux. Therefore, when there are long-term network tasks, using at can avoid the trouble of network disconnection.
Cancel an at command. An error is found in the command after execution atq query how many at plan tasks are there atrm 2 delete this task 2
Only when the system is free can background tasks be executed. Only when the CPU task load is less than 0.8 can this task be executed. The load here is not the CPU utilization, but the number of tasks the CPU is responsible for at a single point in time.
[root@study ~] echo "scale=100000;4*a(1)" | bc -lq & Make the system super busy [1] 7161 [root@study ~] echo "scale=100000;4*a(1)" | bc -lq & Make the system super busy [2] 7171 [root@study ~] echo "scale=100000;4*a(1)" | bc -lq & Make the system super busy [3] 7179 [root@study ~] echo "scale=100000;4*a(1)" | bc -lq & Make the system super busy [4] 7187 [root@study ~] uptime 21:01:39 up 5:50, 2 users, load average: 1.07, 0.26, 0.12 [root@study ~] batch Assign a task to be performed at leisure at> /usr/bin/updatedb at> <EOT> job 3 at Thu Jun 11 21:01:00 2020 [root@study ~] date;atq At this time, the task has not been executed because the system is busy 2020 Thursday, June 11, 2010 21:02:11 CST 3 Thu Jun 11 21:01:00 2020 b root [root@study ~] jobs Tasks in the system [1] In operation echo "scale=100000;4*a(1)" | bc -lq & [2] In operation echo "scale=100000;4*a(1)" | bc -lq & [3]- In operation echo "scale=100000;4*a(1)" | bc -lq & [4]+ In operation echo "scale=100000;4*a(1)" | bc -lq & [root@study ~] kill -9 %1 %2 %3 %4 Kill these missions [1] Killed echo "scale=100000;4*a(1)" | bc -lq [2] Killed echo "scale=100000;4*a(1)" | bc -lq [3]- Killed echo "scale=100000;4*a(1)" | bc -lq [4]+ Killed echo "scale=100000;4*a(1)" | bc -lq [root@study ~] uptime;atq Query discovery has not been implemented yet, load reduction takes time 21:03:32 up 5:52, 2 users, load average: 2.06, 1.11, 0.46 3 Thu Jun 11 21:01:00 2020 b root [root@study ~] uptime;atq After a while, it will be executed 21:09:26 up 5:58, 2 users, load average: 0.02, 0.41, 0.36
Check every minute for the whole minute. The task is executed in the whole minute. At this time, the number of seconds is 0.
15.3 planned tasks for cyclic execution
The scheduled tasks of circular execution are controlled by cron, a system service. It is started by default when the machine is turned on, because Linux itself has many routine scheduled tasks.
15.3.1 user settings
Control cron: through / etc/cron.allow And / etc/cron.deny These two files implement the limitation of cron.
- Whitelist: find / etc first/ cron.allow File. Only users who write in this file can use cron. Users who do not write in this file cannot use cron (even if they do not write in cron.deny Medium)
- Blacklist: if / etc/cron.allow File does not exist, find / etc/cron.deny File. Users who write in this file cannot use cron. Users who do not write in this file can use cron.
After the user dj uses the crontab command to create a scheduled task, the task is recorded in / var/spool/cron/dj. Don't edit the file directly with vi, it may be unable to execute cron due to wrong input syntax. Every task executed by cron will be recorded in the log file / var/log/cron, so you can check whether Linux has been implanted into Trojans by looking for / var/log/cron Enjian.
Using the identity of dj, send a letter to yourself at 12 o'clock every day: [ dj@study ~]$crontab - e edit task, save and exit after editing no crontab for dj - using an empty one crontab: installing new crontab [ dj@study ~]$crontab - L view what tasks the current user DJ has 0 12 * * * mail -s "at 12:00" dj < /home/dj/.bashrc 59 11 22 8 * mail gaogao < /home/dj/.bashrc */5 * * * * /home/dj/test.sh 30 16 * * 5 mail friend@his.server.name </home/dj/friend.txt [ dj@study ~]$crontab - R delete all tasks [dj@study ~]$ crontab -l no crontab for dj
If you want to delete a single task, you can use - e to enter the edit document and delete it. The contents of the document are those listed in - l.
15.3.2 configuration files of the system: etc/crontab, / etc/cron.d/*
Crontab-e is designed for the user cron. To perform the routine tasks of the system, you can edit the / etc/crontab file.
Crontab in crontab -e is actually the executable file / usr/bin/crontab, but / etc/crontab is a plain text file. You can edit it as root.
After editing, the minimum detection limit of cron service is [minutes], so cron will read the contents of / etc/crontab and / var/spool/cron every minute. Once edited and saved, the settings of cron will be executed automatically.
Logout [root@study ~] cat /etc/crontab Take a look at the contents of the document SHELL=/bin/bash PATH=/sbin:/bin:/usr/sbin:/usr/bin MAILTO=root # For details see man 4 crontabs # Example of job definition: # .---------------- minute (0 - 59) # | .------------- hour (0 - 23) # | | .---------- day of month (1 - 31) # | | | .------- month (1 - 12) OR jan,feb,mar,apr ... # | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat # | | | | | # * * * * * user-name command to be executed //Time sharing day month week identity order
In addition to / etc/crontab, another configuration file related to system operation is / etc/cron.d: [root@study ~] ls -l /etc/cron.d Total dosage 12 -Rw-r -- R --. 1 root 128 August 9 2019 0hourly -Rw-r -- R --. 1 root 108 August 6 2019 raid check -RW ------. 1 root 235 August 9 2019 sysstat [root@study ~] cat /etc/cron.d/0hourly # Run the hourly jobs SHELL=/bin/bash PATH=/sbin:/bin:/usr/sbin:/usr/bin MAILTO=root 01 * * * * root run-parts /etc/cron.hourly There is learning here
run-part s /etc/cron.hourly Command interpretation: the run part script will randomly choose a time to execute / etc in about 5 minutes/ cron.hourly All the execution files in the directory, so the command scripts that can be executed directly must be placed in this folder.
In addition to modifying the configuration file, commands can also be placed (or linked) directly to / etc/cron.hourly/ Under the folder, let the system randomly select a time point to execute within 5 minutes after the first minute of each hour, without manually specifying minutes, hours, days, months and weeks.
15.3.3 some precautions
When using crontab a lot, there will always be problems. The most serious problem is the uneven allocation of system resources.
Detect host traffic information:
- flow
- Flow monitoring of other PC s in the area
- CPU usage
- RAM usage
- Real time monitoring of online population
Note:
- [uneven resource allocation]: when the system is started at the same time, it will be very busy in a certain period of time. Different tasks in the task list can be set to different time points through shunting.
- Cancel unwanted output option: if there is output data in the execution result or execution option, the data will always be mail ed to the specified account, and the result can be output to the garbage can / dev/null through data flow redirection.
- [security check]: in many cases, Trojans are planted in the way of planning tasks. You can check the content of / var/log/cron to see if there is [non cron set by you has been executed]. Be careful at this time.
- [week and sun cannot coexist]
15.4 work tasks during wake-up shutdown
anacron can take the initiative to help you execute [for some reason, when the time is up, but there is no planned task to perform].
15.4.1 what is anacron
Anacron is also executed once an hour by crond, and then anacron checks whether the relevant planned tasks have been executed. If there is a task beyond the deadline, it will execute the task. When the execution is completed or no task is needed, anacron will stop.
By default, anacron will detect crontab tasks that are not executed by the system in one day, seven days and one month.
Anacron will read the timestamps, analyze the current time and the last execution time of anacron recorded in the time record file. If there is any difference between the two, it is that the crontab is not executed at some time. At this time, anacron will start to execute the unexecuted crontab task.
15.4.2 anacron and / etc/anacrontab
anacron is a program, not a service, which has entered the crontab list and is executed every hour.
[root@study ~]# cat /etc/cron.hourly/0anacron #!/bin/sh # Check whether 0anacron was run today already if test -r /var/spool/anacron/cron.daily; then Check last execution anacron Time stamp of day=`cat /var/spool/anacron/cron.daily` fi if [ `date +%Y%m%d` = "$day" ]; then exit 0; fi # Do not run jobs when on battery power if test -x /usr/bin/on_ac_power; then /usr/bin/on_ac_power >/dev/null 2>&1 if test $? -eq 1; then exit 0 fi fi /usr/sbin/anacron -s It's actually execution anacron -s command
Configuration file for anacron:
[root@study ~] cat /etc/anacrontab # /etc/anacrontab: configuration file for anacron # See anacron(8) and anacrontab(5) for details. SHELL=/bin/sh PATH=/sbin:/bin:/usr/sbin:/usr/bin MAILTO=root # the maximal random delay added to the base delay of the jobs RANDOM_DELAY=45 # the jobs will be started during the following hours only START_HOURS_RANGE=3-22 #period in days delay in minutes job-identifier command 1 5 cron.daily nice run-parts /etc/cron.daily 7 25 cron.weekly nice run-parts /etc/cron.weekly @monthly 45 cron.monthly nice run-parts /etc/cron.monthly
[root@study ~] more /var/spool/anacron/* :::::::::::::: /var/spool/anacron/cron.daily :::::::::::::: 20200611 :::::::::::::: /var/spool/anacron/cron.monthly :::::::::::::: 20200530 :::::::::::::: /var/spool/anacron/cron.weekly :::::::::::::: 20200606