Greetings - I can't find this documented anywhere..grr.. Anyway, here's the issue. It's pretty self-explanatory. [2:22pm] 43 [/etc]:mail2% crontab -l crontab: Permission denied. [2:22pm] 44 [/etc]:mail2% crontab -e crontab: Permission denied. [2:22pm] 45 [/etc]:mail2% I used to be able to use crontab as a regular user. I created both /etc/cron.allow and /etc/cron.d/allow as I'd do on a Solaris box and added my own username to the file, and kill -HUP'd cron. Still can't get access to it. :-( Any ideas?
Do you happen to be remote? What happens if you change the editor to e.g. joe, like; on the command line: export EDITOR=joe (I don't expect this to be solution as you've problems with crontab -l as well) Op donderdag 2 januari 2003 23:33, schreef Jonathan Nichols:
Greetings - I can't find this documented anywhere..grr..
Anyway, here's the issue. It's pretty self-explanatory.
[2:22pm] 43 [/etc]:mail2% crontab -l crontab: Permission denied. [2:22pm] 44 [/etc]:mail2% crontab -e crontab: Permission denied. [2:22pm] 45 [/etc]:mail2%
I used to be able to use crontab as a regular user.
I created both /etc/cron.allow and /etc/cron.d/allow as I'd do on a Solaris box and added my own username to the file, and kill -HUP'd cron.
Still can't get access to it. :-(
Any ideas?
-- Richard Bos Without a home the journey is endless
On Thu, Jan 02, 2003 at 11:37:27PM +0100, Richard Bos wrote:
Do you happen to be remote?
I do... And just for the record: this is 8.1
What happens if you change the editor to e.g. joe, like;
$EDITOR was unset. Setting it (e.g. export EDITOR=vim) doesn't help.
(I don't expect this to be solution as you've problems with crontab -l as well)
Indeed: jon@Scum:~> crontab -e -bash: /usr/bin/crontab: Permission denied jon@Scum:~> crontab -l -bash: /usr/bin/crontab: Permission denied jon@Scum:~> which crontab /usr/bin/crontab jon@Scum:~> ll /usr/bin/crontab -rwsr-x--- 1 root trusted 22632 Sep 9 21:05 /usr/bin/crontab Hmmm: Scum:/home/jon # find / -group trusted -ls 24832 36 -rwsr-x--- 1 root trusted 35064 Sep 9 21:56 /usr/bin/at 25316 24 -rwsr-x--- 1 root trusted 22632 Sep 9 21:05 /usr/bin/crontab 24569 36 -rwsr-x--- 1 root trusted 35320 Sep 10 21:13 /usr/bin/gpasswd A small community, eh? I suppose adding my user 'jon' to the 'trusted' group might work, but I also kind of think it might be ...well not "The Right Thing" to do?
Op donderdag 2 januari 2003 23:33, schreef Jonathan Nichols:
I created both /etc/cron.allow and /etc/cron.d/allow as I'd do on a Solaris box and added my own username to the file, and kill -HUP'd cron.
jon@Scum:~> man 1 crontab talks of: FILES /var/spool/cron/allow /var/spool/cron/deny but creating the 'allow' file, adding jon to it, and subsequently restarting cron doesn't seem to have any effect either... I think it's a permissions issue, but I'm not sure how to fix it...? It *would* be nice to not have to 'su' in order to change my cronjobs... *Should* I add 'jon' to 'trusted' ...? (I *do* ...sort of... trust myself ;) TIA Jon Clausen
On Fri, 03 Jan 2003, Jon just had to get this off his chest:
On Thu, Jan 02, 2003 at 11:37:27PM +0100, Richard Bos wrote:
Do you happen to be remote?
I do... And just for the record: this is 8.1
What happens if you change the editor to e.g. joe, like;
$EDITOR was unset. Setting it (e.g. export EDITOR=vim) doesn't help.
(I don't expect this to be solution as you've problems with crontab -l as well)
Indeed:
jon@Scum:~> crontab -e -bash: /usr/bin/crontab: Permission denied jon@Scum:~> crontab -l -bash: /usr/bin/crontab: Permission denied jon@Scum:~> which crontab /usr/bin/crontab jon@Scum:~> ll /usr/bin/crontab -rwsr-x--- 1 root trusted 22632 Sep 9 21:05 /usr/bin/crontab
Hmmm:
Scum:/home/jon # find / -group trusted -ls 24832 36 -rwsr-x--- 1 root trusted 35064 Sep 9 21:56 /usr/bin/at 25316 24 -rwsr-x--- 1 root trusted 22632 Sep 9 21:05 /usr/bin/crontab 24569 36 -rwsr-x--- 1 root trusted 35320 Sep 10 21:13 /usr/bin/gpasswd
A small community, eh? I suppose adding my user 'jon' to the 'trusted' group might work, but I also kind of think it might be ...well not "The Right Thing" to do?
Sure it is, that's what that group is there for. $ id uid=500(theo) gid=100(users) groups=100(users),14(uucp),16(dialout),17(audio),33(video),42(trusted) Theo -- Theo v. Werkhoven Registered Linux user# 99872 http://counter.li.org ICBM 52 13 27N , 4 29 45E. SuSE 8.0 x86 Kernel k_Athlon 2.4.19-4GB See headers for PGP/GPG info.
On Fri, Jan 03, 2003 at 12:32:50PM +0100, Theo v. Werkhoven wrote:
I suppose adding my user 'jon' to the 'trusted' group might work, but I also kind of think it might be ...well not "The Right Thing" to do?
Sure it is, that's what that group is there for.
Hmmm... yeah, it does work, so that's all good. FTR: Go to YaST -> Security/Users -> Edit/create users -> Edit -> Details -> Additional Group membership. Mark the group, exit YaST, saving the setting... Log out, log back in, and now I can list, edit, a.s.o crontab... Kewl! So that's all fine :) The reason for my expressed uncertainty about adding myself to the group is that 'just add the user to the group' is not always The Right Thing: As in sometimes threads about CD/HDD access and files in /dev/ being owned by root:disk (or whatever) in which case adding the user to group 'disk' is NOT the way to go... Ho hum... Thanks anyway... I'm happy :) Jon Clausen
On Fri, 03 Jan 2003, Jon just had to get this off his chest:
On Fri, Jan 03, 2003 at 12:32:50PM +0100, Theo v. Werkhoven wrote:
I suppose adding my user 'jon' to the 'trusted' group might work, but I also kind of think it might be ...well not "The Right Thing" to do?
Sure it is, that's what that group is there for.
Hmmm... yeah, it does work, so that's all good.
FTR: Go to YaST -> Security/Users -> Edit/create users -> Edit -> Details -> Additional Group membership. Mark the group, exit YaST, saving the setting...
Or the "easy" way; # vi /etc/group /trus $a,jon <Esc> ZZ
Log out, log back in, and now I can list, edit, a.s.o crontab... Kewl!
So that's all fine :)
The reason for my expressed uncertainty about adding myself to the group is that 'just add the user to the group' is not always The Right Thing:
As in sometimes threads about CD/HDD access and files in /dev/ being owned by root:disk (or whatever) in which case adding the user to group 'disk' is NOT the way to go...
Agreed, I am quit sure however that there is a note in the SuSE guide about this. The same as for e.g. group xok, which you need if you run the hardensuse script with paranoid settings.
Thanks anyway... I'm happy :)
Good. Theo -- Theo v. Werkhoven Registered Linux user# 99872 http://counter.li.org ICBM 52 13 27N , 4 29 45E. SuSE 8.0 x86 Kernel k_Athlon 2.4.19-4GB See headers for PGP/GPG info.
Sure it is, that's what that group is there for.
Hmmm... yeah, it does work, so that's all good.
Jon Clausen
Ah HA! So *you're* the Jon that took over my question! ;) Cool. Glad to have seen there's a solution. :-) -Jon
On Fri, Jan 03, 2003 at 06:20:37PM -0800, Jonathan Nichols wrote:
Ah HA! So *you're* the Jon that took over my question! ;)
Yep. :)
Cool. Glad to have seen there's a solution. :-)
Great, I'm happy you're glad ;) Jon P.S. Please don't cc: me, I'll get the message from the list ;)
participants (4)
-
Jon Clausen
-
Jonathan Nichols
-
Richard Bos
-
Theo v. Werkhoven