su in crontab (the answer)

William L. Sebok wls at astrovax.UUCP
Tue Jan 14 04:59:39 AEST 1986


In article <706 at astrovax.UUCP> I wrote:

>I just tripped over a rather puzzling anomaly.  If I insert
(in /usr/lib/crontab)
>
>08 * * * * su wls % exec /usr/ucb/whoami >>/mnt/wls/TST/Errors 2>&1
>
>I get "root" in the file /mnt/wls/TST/Errors,

gatech!wan (Peter N Wan) and mcvax!tjalk!sjoerd (Sjoerd Mullender) sent me
what I believe to be the correct answer.  Peter Wan writes:

	"Since 'cron' runs as root, it cranks up a shell which does:

		su wls
		exec /usr/ucb/whoami >>/mnt/wls/TST/Errors 2>&1

	The 'su' dies without executing anything as "wls", and the second line
	is executed as "root" again."

The problem was that I had believed the man entry for crontab, which says:
 
"The sixth field is a string that is executed by the Shell at the specified
times.  A percent character in this field is translated to a newline character.
Only the first line (up to a % or end of line) of the command field is executed
by the Shell.  The other lines are made available to the command as standard
input."

I have now glanced at the code for cron.  All it does is translate the percent
characters to newline characters and then pass the whole string to a sh -c.
Thus the man entry for cron is incorrect and cron behaves like was indicated to
me above.  Each line separated by a % is executed as a separate line by the
shell and there is no standard input.

I could have achieved the intended result with the line (I have tested it):

08 * * * * su wls <<'EOT' >>/mnt/wls/TST/Errors 2>&1 % exec /usr/ucb/whoami %EOT

Personally I believe that it is cron rather than the man entry that should be
fixed.  The above contruction is cumbersome.  Generally with this behavior (the
above construction excepted) the '%' feature isn't needed as a ';' would
achieve the same effect.

Of course it would be even better if there was a way in which one could tell
cron directly under what uid an entry is to be run.  The System V cron and the
Version 8 cron (I think) already can do this.
-- 
Bill Sebok			Princeton University, Astrophysics
{allegra,akgua,cbosgd,decvax,ihnp4,noao,philabs,princeton,vax135}!astrovax!wls



More information about the Comp.unix.wizards mailing list