Chapter 15 planning tasks (crontab)

15.2 what is a planned task

Remind regularly or when the conditions are met.

15.1.1 types of Linux planned tasks: at, cron

• Routine: matters to be done at regular intervals;
• Unexpected: not after this time

Types of planned tasks:

• At: can handle commands that end only once. When executing at, you need support of atd service.
• Crontab: the tasks set by this command will be executed in a circular manner, which can last for minutes, hours, weeks, months or years. In addition to command execution, crontab can also be supported by editing / etc/crontab. The service that makes crontab effective is crond.

15.1.2 common routine tasks on CentOS Linux system

1. Log rotate: the system keeps recording all kinds of information happened in the system, and the log files are getting larger and larger. Timely move the log file to store the data and new data separately, which can record these event information more effectively.
2. Log file analysis task of logwatch: if the system has software problems, hardware errors, information security problems, etc., it will be recorded in the log. Therefore, one of the important tasks of the system administrator is to analyze log files. However, it is not possible to view the log file manually through vim software because the data is too complex. The logwatch of the system is used to analyze the login information.
3. Create locate database: this command performs the query of file name through the existing file name database. The file name database is placed in / var/lib/locate, and the system actively executes updatedb to update the database.
4. The establishment of RPM software log file
5. Delete cache
6. Network related analysis operation: if a software similar to a website server (such as apache) is installed, Linux will actively analyze the log files of the software. At the same time, the Linux system will also help to automatically check the expiration of some credentials and heavy network information.

15.2 planned tasks performed only once

15.2.1 atd startup and at operation mode

[root@study ~] systemctl restart atd	restart atd service
[root@study ~] systemctl enable atd		Let this service start automatically
[root@study ~] systemctl status atd		see atd Current status
● atd.service - Job spooling tools
   Loaded: loaded (/usr/lib/systemd/system/atd.service; enabled; vendor preset: enabled)
   Active: active (running) since IV. 2020-06-11 20:28:20 CST; 31s ago
 Main PID: 6665 (atd)
   CGroup: /system.slice/atd.service
           └─6665 /usr/sbin/atd -f

6 November 20:28:20 study.centos.vbird systemd[1]: Started Job spooling tools.

Use the command at to generate the task to run, and write the task to the directory / var/spool/at / as a text file. The task can wait for the use and execution of atd.

Control at: through / etc/at.allow And / etc/at.deny These two files implement the limitation of at.

1. Whitelist: find / etc first/ at.allow File. Users who write in this file can use at. Users who don't write in this file can't use at (even if they don't write in at.deny Medium)
2. Blacklist: if / etc/at.allow File does not exist, find / etc/at.deny File. Users who write in this file cannot use at. Users who do not write in this file can use at.
3. No list: if neither file exists, only root can use at.

15.2.2 actual operation of single planned task

5 Minutes later /root/.bashrc The content of this document is sent to root user
[root@study ~] at now +5 minutes
at> /bin/mail -s "testing at job" root < /root/.bashrc
at> <EOT>
job 1 at Thu Jun 11 20:48:00 2020

List the contents of task 1:
root@study ~] at -c 1
#!/bin/sh
# atrun uid=0 gid=0
# mail root 0
umask 22
XDG_VTNR=1; export XDG_VTNR
SSH_AGENT_PID=2039; export SSH_AGENT_PID
XDG_SESSION_ID=1; export XDG_SESSION_ID
HOSTNAME=study.centos.vbird; export HOSTNAME
IMSETTINGS_INTEGRATE_DESKTOP=yes; export IMSETTINGS_INTEGRATE_DESKTOP
VTE_VERSION=5202; export VTE_VERSION
SHELL=/bin/bash; export SHELL
XDG_MENU_PREFIX=gnome-; export XDG_MENU_PREFIX
HISTSIZE=1000; export HISTSIZE
GNOME_TERMINAL_SCREEN=/org/gnome/Terminal/screen/5c2e0ba9_bff1_4e82_b9e0_c5abd2611194; export GNOME_TERMINAL_SCREEN
IMSETTINGS_MODULE=none; export IMSETTINGS_MODULE
USER=root; export USER
LS_COLORS=rs=0:di=38\;5\;27:ln=38\;5\;51:mh=44\;38\;5\;15:pi=40\;38\;5\;11:so=38\;5\;13:do=38\;5\;5:bd=48\;5\;232\;38\;5\;11:cd=48\;5\;232\;38\;5\;3:or=48\;5\;232\;38\;5\;9:mi=05\;48\;5\;232\;38\;5\;15:su=48\;5\;196\;38\;5\;15:sg=48\;5\;11\;38\;5\;16:ca=48\;5\;196\;38\;5\;226:tw=48\;5\;10\;38\;5\;16:ow=48\;5\;10\;38\;5\;21:st=48\;5\;21\;38\;5\;15:ex=38\;5\;34:\*.tar=38\;5\;9:\*.tgz=38\;5\;9:\*.arc=38\;5\;9:\*.arj=38\;5\;9:\*.taz=38\;5\;9:\*.lha=38\;5\;9:\*.lz4=38\;5\;9:\*.lzh=38\;5\;9:\*.lzma=38\;5\;9:\*.tlz=38\;5\;9:\*.txz=38\;5\;9:\*.tzo=38\;5\;9:\*.t7z=38\;5\;9:\*.zip=38\;5\;9:\*.z=38\;5\;9:\*.Z=38\;5\;9:\*.dz=38\;5\;9:\*.gz=38\;5\;9:\*.lrz=38\;5\;9:\*.lz=38\;5\;9:\*.lzo=38\;5\;9:\*.xz=38\;5\;9:\*.bz2=38\;5\;9:\*.bz=38\;5\;9:\*.tbz=38\;5\;9:\*.tbz2=38\;5\;9:\*.tz=38\;5\;9:\*.deb=38\;5\;9:\*.rpm=38\;5\;9:\*.jar=38\;5\;9:\*.war=38\;5\;9:\*.ear=38\;5\;9:\*.sar=38\;5\;9:\*.rar=38\;5\;9:\*.alz=38\;5\;9:\*.ace=38\;5\;9:\*.zoo=38\;5\;9:\*.cpio=38\;5\;9:\*.7z=38\;5\;9:\*.rz=38\;5\;9:\*.cab=38\;5\;9:\*.jpg=38\;5\;13:\*.jpeg=38\;5\;13:\*.gif=38\;5\;13:\*.bmp=38\;5\;13:\*.pbm=38\;5\;13:\*.pgm=38\;5\;13:\*.ppm=38\;5\;13:\*.tga=38\;5\;13:\*.xbm=38\;5\;13:\*.xpm=38\;5\;13:\*.tif=38\;5\;13:\*.tiff=38\;5\;13:\*.png=38\;5\;13:\*.svg=38\;5\;13:\*.svgz=38\;5\;13:\*.mng=38\;5\;13:\*.pcx=38\;5\;13:\*.mov=38\;5\;13:\*.mpg=38\;5\;13:\*.mpeg=38\;5\;13:\*.m2v=38\;5\;13:\*.mkv=38\;5\;13:\*.webm=38\;5\;13:\*.ogm=38\;5\;13:\*.mp4=38\;5\;13:\*.m4v=38\;5\;13:\*.mp4v=38\;5\;13:\*.vob=38\;5\;13:\*.qt=38\;5\;13:\*.nuv=38\;5\;13:\*.wmv=38\;5\;13:\*.asf=38\;5\;13:\*.rm=38\;5\;13:\*.rmvb=38\;5\;13:\*.flc=38\;5\;13:\*.avi=38\;5\;13:\*.fli=38\;5\;13:\*.flv=38\;5\;13:\*.gl=38\;5\;13:\*.dl=38\;5\;13:\*.xcf=38\;5\;13:\*.xwd=38\;5\;13:\*.yuv=38\;5\;13:\*.cgm=38\;5\;13:\*.emf=38\;5\;13:\*.axv=38\;5\;13:\*.anx=38\;5\;13:\*.ogv=38\;5\;13:\*.ogx=38\;5\;13:\*.aac=38\;5\;45:\*.au=38\;5\;45:\*.flac=38\;5\;45:\*.mid=38\;5\;45:\*.midi=38\;5\;45:\*.mka=38\;5\;45:\*.mp3=38\;5\;45:\*.mpc=38\;5\;45:\*.ogg=38\;5\;45:\*.ra=38\;5\;45:\*.wav=38\;5\;45:\*.axa=38\;5\;45:\*.oga=38\;5\;45:\*.spx=38\;5\;45:\*.xspf=38\;5\;45:; export LS_COLORS
GNOME_TERMINAL_SERVICE=:1.112; export GNOME_TERMINAL_SERVICE
SSH_AUTH_SOCK=/run/user/0/keyring/ssh; export SSH_AUTH_SOCK
USERNAME=root; export USERNAME
SESSION_MANAGER=local/unix:@/tmp/.ICE-unix/1888,unix/unix:/tmp/.ICE-unix/1888; export SESSION_MANAGER
GNOME_SHELL_SESSION_MODE=classic; export GNOME_SHELL_SESSION_MODE
PATH=/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/bin:/sbin:/root/bin; export PATH
MAIL=/var/spool/mail/root; export MAIL
DESKTOP_SESSION=gnome-classic; export DESKTOP_SESSION
QT_IM_MODULE=ibus; export QT_IM_MODULE
XDG_SESSION_TYPE=x11; export XDG_SESSION_TYPE
PWD=/root; export PWD
XMODIFIERS=@im=ibus; export XMODIFIERS
LANG=zh_CN.UTF-8; export LANG
GDM_LANG=zh_CN.UTF-8; export GDM_LANG
GDMSESSION=gnome-classic; export GDMSESSION
HISTCONTROL=ignoredups; export HISTCONTROL
XDG_SEAT=seat0; export XDG_SEAT
HOME=/root; export HOME
SHLVL=2; export SHLVL
GNOME_DESKTOP_SESSION_ID=this-is-deprecated; export GNOME_DESKTOP_SESSION_ID
XDG_SESSION_DESKTOP=gnome-classic; export XDG_SESSION_DESKTOP
LOGNAME=root; export LOGNAME
XDG_DATA_DIRS=/root/.local/share/flatpak/exports/share/:/var/lib/flatpak/exports/share/:/usr/local/share/:/usr/share/; export XDG_DATA_DIRS
DBUS_SESSION_BUS_ADDRESS=unix:abstract=/tmp/dbus-kYEJyFgt75,guid=1d143d87b68f769ced9acc6f5ee1c64a; export DBUS_SESSION_BUS_ADDRESS
LESSOPEN=\|\|/usr/bin/lesspipe.sh\ %s; export LESSOPEN
WINDOWPATH=1; export WINDOWPATH
XDG_RUNTIME_DIR=/run/user/0; export XDG_RUNTIME_DIR
XDG_CURRENT_DESKTOP=GNOME-Classic:GNOME; export XDG_CURRENT_DESKTOP
COLORTERM=truecolor; export COLORTERM
XAUTHORITY=/run/gdm/auth-for-root-XbAWvZ/database; export XAUTHORITY
cd /root || {
	 echo 'Execution directory inaccessible' >&2
	 exit 1
}
${SHELL:-/bin/sh} << 'marcinDELIMITER4b4fafbb'
/bin/mail -s "testing at job" root < /root/.bashrc		This is the most important sentence

marcinDELIMITER4b4fafbb

sleep timer 
You can enter multiple commands in a task:
[root@study ~] at 23:00 2020-06-11
at> /bin/sync
at> /bin/sync
at> /sbin/shutdown -h now
at> <EOT>
job 2 at Thu Jun 11 23:00:00 2020

Display content on the terminal:
echo "hello" > /dev/tty1

However, the following sentence cannot be displayed on the screen. All standard output and standard error output will be sent to the mailbox of the executor, and the terminal will not see the information
echo "hello"

At can realize the function of [background execution], which is the task to continue offline execution. Because of the use of at planning task, the system will separate the at task from your bash environment and directly give it to the atd program of the system to take over. Therefore, when you perform the task of at, you can go offline immediately, and the rest of the work will be completely managed by Linux. Therefore, when there are long-term network tasks, using at can avoid the trouble of network disconnection.

Cancel an at command. An error is found in the command after execution
 atq query how many at plan tasks are there
 atrm 2 delete this task 2

Only when the system is free can background tasks be executed. Only when the CPU task load is less than 0.8 can this task be executed. The load here is not the CPU utilization, but the number of tasks the CPU is responsible for at a single point in time.

[root@study ~] echo "scale=100000;4*a(1)" | bc -lq &	Make the system super busy
[1] 7161
[root@study ~] echo "scale=100000;4*a(1)" | bc -lq &	Make the system super busy
[2] 7171
[root@study ~] echo "scale=100000;4*a(1)" | bc -lq &	Make the system super busy
[3] 7179
[root@study ~] echo "scale=100000;4*a(1)" | bc -lq &	Make the system super busy
[4] 7187
[root@study ~] uptime
 21:01:39 up  5:50,  2 users,  load average: 1.07, 0.26, 0.12



[root@study ~] batch									Assign a task to be performed at leisure
at> /usr/bin/updatedb
at> <EOT>
job 3 at Thu Jun 11 21:01:00 2020



[root@study ~] date;atq									At this time, the task has not been executed because the system is busy
2020 Thursday, June 11, 2010 21:02:11 CST
3	Thu Jun 11 21:01:00 2020 b root
[root@study ~] jobs										Tasks in the system
[1]   In operation               echo "scale=100000;4*a(1)" | bc -lq &
[2]   In operation               echo "scale=100000;4*a(1)" | bc -lq &
[3]-  In operation               echo "scale=100000;4*a(1)" | bc -lq &
[4]+  In operation               echo "scale=100000;4*a(1)" | bc -lq &
[root@study ~] kill -9 %1 %2 %3 %4						Kill these missions
[1]   Killed               echo "scale=100000;4*a(1)" | bc -lq
[2]   Killed               echo "scale=100000;4*a(1)" | bc -lq
[3]-  Killed               echo "scale=100000;4*a(1)" | bc -lq
[4]+  Killed               echo "scale=100000;4*a(1)" | bc -lq

[root@study ~] uptime;atq								Query discovery has not been implemented yet, load reduction takes time
 21:03:32 up  5:52,  2 users,  load average: 2.06, 1.11, 0.46
3	Thu Jun 11 21:01:00 2020 b root
[root@study ~] uptime;atq								After a while, it will be executed
 21:09:26 up  5:58,  2 users,  load average: 0.02, 0.41, 0.36

Check every minute for the whole minute. The task is executed in the whole minute. At this time, the number of seconds is 0.

15.3 planned tasks for cyclic execution

The scheduled tasks of circular execution are controlled by cron, a system service. It is started by default when the machine is turned on, because Linux itself has many routine scheduled tasks.

15.3.1 user settings

Control cron: through / etc/cron.allow And / etc/cron.deny These two files implement the limitation of cron.

1. Whitelist: find / etc first/ cron.allow File. Only users who write in this file can use cron. Users who do not write in this file cannot use cron (even if they do not write in cron.deny Medium)
2. Blacklist: if / etc/cron.allow File does not exist, find / etc/cron.deny File. Users who write in this file cannot use cron. Users who do not write in this file can use cron.

After the user dj uses the crontab command to create a scheduled task, the task is recorded in / var/spool/cron/dj. Don't edit the file directly with vi, it may be unable to execute cron due to wrong input syntax. Every task executed by cron will be recorded in the log file / var/log/cron, so you can check whether Linux has been implanted into Trojans by looking for / var/log/cron Enjian.

Using the identity of dj, send a letter to yourself at 12 o'clock every day:
[ dj@study  ~]$crontab - e edit task, save and exit after editing
no crontab for dj - using an empty one
crontab: installing new crontab



[ dj@study  ~]$crontab - L view what tasks the current user DJ has
0 12 * * * mail -s "at 12:00" dj < /home/dj/.bashrc
59 11 22 8 * mail gaogao < /home/dj/.bashrc
*/5 * * * * /home/dj/test.sh
30 16 * * 5 mail friend@his.server.name </home/dj/friend.txt



[ dj@study  ~]$crontab - R delete all tasks
[dj@study ~]$ crontab -l
no crontab for dj

If you want to delete a single task, you can use - e to enter the edit document and delete it. The contents of the document are those listed in - l.

15.3.2 configuration files of the system: etc/crontab, / etc/cron.d/*

Crontab-e is designed for the user cron. To perform the routine tasks of the system, you can edit the / etc/crontab file.

Crontab in crontab -e is actually the executable file / usr/bin/crontab, but / etc/crontab is a plain text file. You can edit it as root.

After editing, the minimum detection limit of cron service is [minutes], so cron will read the contents of / etc/crontab and / var/spool/cron every minute. Once edited and saved, the settings of cron will be executed automatically.

Logout
[root@study ~] cat /etc/crontab		Take a look at the contents of the document
SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root

# For details see man 4 crontabs

# Example of job definition:
# .---------------- minute (0 - 59)
# |  .------------- hour (0 - 23)
# |  |  .---------- day of month (1 - 31)
# |  |  |  .------- month (1 - 12) OR jan,feb,mar,apr ...
# |  |  |  |  .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
# |  |  |  |  |
# *  *  *  *  * user-name  command to be executed

//Time sharing day month week identity order 

In addition to / etc/crontab, another configuration file related to system operation is / etc/cron.d:

[root@study ~] ls -l /etc/cron.d
 Total dosage 12
 -Rw-r -- R --. 1 root 128 August 9 2019 0hourly
 -Rw-r -- R --. 1 root 108 August 6 2019 raid check
 -RW ------. 1 root 235 August 9 2019 sysstat
[root@study ~] cat /etc/cron.d/0hourly
# Run the hourly jobs
SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root
 01 * * * * root run-parts /etc/cron.hourly		 There is learning here

run-part s /etc/cron.hourly Command interpretation: the run part script will randomly choose a time to execute / etc in about 5 minutes/ cron.hourly All the execution files in the directory, so the command scripts that can be executed directly must be placed in this folder.

In addition to modifying the configuration file, commands can also be placed (or linked) directly to / etc/cron.hourly/ Under the folder, let the system randomly select a time point to execute within 5 minutes after the first minute of each hour, without manually specifying minutes, hours, days, months and weeks.

15.3.3 some precautions

When using crontab a lot, there will always be problems. The most serious problem is the uneven allocation of system resources.
Detect host traffic information:

• flow
• Flow monitoring of other PC s in the area
• CPU usage
• RAM usage
• Real time monitoring of online population

Note:

1. [uneven resource allocation]: when the system is started at the same time, it will be very busy in a certain period of time. Different tasks in the task list can be set to different time points through shunting.
2. Cancel unwanted output option: if there is output data in the execution result or execution option, the data will always be mail ed to the specified account, and the result can be output to the garbage can / dev/null through data flow redirection.
3. [security check]: in many cases, Trojans are planted in the way of planning tasks. You can check the content of / var/log/cron to see if there is [non cron set by you has been executed]. Be careful at this time.
4. [week and sun cannot coexist]

15.4 work tasks during wake-up shutdown

anacron can take the initiative to help you execute [for some reason, when the time is up, but there is no planned task to perform].

15.4.1 what is anacron

Anacron is also executed once an hour by crond, and then anacron checks whether the relevant planned tasks have been executed. If there is a task beyond the deadline, it will execute the task. When the execution is completed or no task is needed, anacron will stop.

By default, anacron will detect crontab tasks that are not executed by the system in one day, seven days and one month.

Anacron will read the timestamps, analyze the current time and the last execution time of anacron recorded in the time record file. If there is any difference between the two, it is that the crontab is not executed at some time. At this time, anacron will start to execute the unexecuted crontab task.

15.4.2 anacron and / etc/anacrontab

anacron is a program, not a service, which has entered the crontab list and is executed every hour.

[root@study ~]# cat /etc/cron.hourly/0anacron
#!/bin/sh
# Check whether 0anacron was run today already		
if test -r /var/spool/anacron/cron.daily; then		Check last execution anacron Time stamp of
    day=`cat /var/spool/anacron/cron.daily`
fi
if [ `date +%Y%m%d` = "$day" ]; then
    exit 0;
fi

# Do not run jobs when on battery power
if test -x /usr/bin/on_ac_power; then
    /usr/bin/on_ac_power >/dev/null 2>&1
    if test $? -eq 1; then
    exit 0
    fi
fi
/usr/sbin/anacron -s								It's actually execution anacron -s command

Configuration file for anacron:

[root@study ~] cat /etc/anacrontab
# /etc/anacrontab: configuration file for anacron

# See anacron(8) and anacrontab(5) for details.

SHELL=/bin/sh
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root
# the maximal random delay added to the base delay of the jobs
RANDOM_DELAY=45
# the jobs will be started during the following hours only
START_HOURS_RANGE=3-22

#period in days   delay in minutes   job-identifier   command
1	5	cron.daily		nice run-parts /etc/cron.daily
7	25	cron.weekly		nice run-parts /etc/cron.weekly
@monthly 45	cron.monthly		nice run-parts /etc/cron.monthly

[root@study ~] more /var/spool/anacron/*
::::::::::::::
/var/spool/anacron/cron.daily
::::::::::::::
20200611
::::::::::::::
/var/spool/anacron/cron.monthly
::::::::::::::
20200530
::::::::::::::
/var/spool/anacron/cron.weekly
::::::::::::::
20200606