CHANGES revision 2311
1233174StheravenVixie Cron Changes from V2 to V3 2233174StheravenPaul Vixie 3233174Stheraven29-Dec-1993 4233174Stheraven 5233174StheravenThe crontab command now conforms to POSIX 1003.2. This means that when you 6233174Stheraveninstall it, if you have any "crontab" command lines floating around in shell 7233174Stheravenscripts (such as /etc/rc or /etc/rc.local), you will need to change them. 8233174Stheraven 9233174StheravenI have integrated several changes made by BSDi for their BSD/386 operating 10233174Stheravensystem; these were offerred to me before I started consulting for them, so 11233174Stheravenit is safe to say that they were intended for publication. Most notably, 12233174Stheraventhe name of the cron daemon has changed from "crond" to "cron". This was 13233174Stheravendone for compatibility with 4.3BSD. Another change made for the same reason 14233174Stheravenis the ability to read in an /etc/crontab file which has an extra field in 15233174Stheraveneach entry, between the time fields and the command. This field is a user 16233174Stheravenname, and it permits the /etc/crontab command to contain commands which are 17233174Stheravento be run by any user on the system. /etc/crontab is not "installed" via 18233174Stheraventhe crontab(1) command; it is automatically read at startup time and it will 19233174Stheravenbe reread whenever it changes. 20233174Stheraven 21233174StheravenI also added a "-e" option to crontab(1). Nine people also sent me diffs 22233174Stheravento add this option, but I had already implemented it on my own. I actually 23233174Stheravenreleased an interrim version (V2.2, I think) for limited testing, and got a 24233174Stheravenchance to fix a bad security bug in the "-e" option thanks to XXX. 25233174Stheraven 26233174StheravenThe daemon used to be extraordinarily sloppy in its use of file descriptors. 27233174StheravenA heck of a lot of them were left open in spawned jobs, which caused problems 28233174Stheravenfor the daemon and also caused problems with the spawned jobs if they were 29278724Sdimshell scripts since "sh" and "csh" have traditionally used hidden file 30233174Stheravendescriptors to pass information to subshells, and cron was causing them to 31233174Stheraventhink they were subshells. If you had trouble with "sh" or "csh" scripts in 32233174StheravenV2, chances are good that V3 will fix your problems. 33233174Stheraven 34233174StheravenAbout a dozen people have reminded me that I forgot to initialize 35233174Stheraven"crontab_fd" in database.c. Keith Cantrell was the first, so he gets the 36233174Stheravenpoint. 37233174Stheraven 38233174StheravenSteve Simmons reminded me that once an account has been deleted from the 39233174Stheravensystem, "crontab -u USER -d" will not work. My solution is to suggest to 40233174Stheravenall of you that before you delete a user's account, you first delete that 41233174Stheravenuser's crontab file if any. From cron's point of view, usernames can never 42233174Stheravenbe treated as arbitrary strings. Either they are valid user names, or they 43233174Stheravenare not. I will not make an exception for the "-d" case, for security 44233174Stheravenreasons that I consider reasonable. It is trivial for a root user to delete 45233174Stheraventhe entry by hand if necessary. 46233174Stheraven 47233174StheravenDan O'Neil reminded me that I forgot to reset "log_fd" in misc.c. A lot of 48233174Stheravenothers also reminded me of this, but Dan gets the point. I didn't fix it 49233174Stheraventhere, since the real bug was that it should have been open in the parent. 50233174Stheraven 51233174StheravenPeter Kabal reminded me that I forgot to "#ifdef DEBUGGING" some code in 52233174Stheravenmisc.c. Hans Trompert actually told me first, but Peter sent the patch so 53233174Stheravenhe gets the point. 54233174Stheraven 55233174StheravenRussell Nelson told me that I'd forgotten to "#include <syslog.h>" in misc.c, 56233174Stheravenwhich explains why a lot of other people complained that it wasn't using 57233174Stheravensyslog even when they configured it that way :-). Steve Simmons told me 58233174Stheravenfirst, though, so he gets the point. 59233174Stheraven 60233174StheravenAn interrim version of the daemon tried to "stat" every file before 61233174Stheravenexecuting it; this turned out to be a horribly bad idea since finding the 62233174Stheravenname of a file from a shell command is a hard job (that's why we have 63233174Stheravenshells, right?) I removed this bogus code. Dave Burgess gets the point. 64233174Stheraven 65233174StheravenDennis R. Conley sent a suggestion for MMDF systems, which I've added to the 66233174Stheravencomments in cron.h. 67233174Stheraven 68233174StheravenMike Heisler noted that I use comments in the CONVERSION file which are 69233174Stheravendocumented as illegal in the man pages. Thanks, Mike. 70233174Stheraven 71233174StheravenIrving Wolfe sent me some very cheerful changes for a NeXT system, but I 72233174Stheravenconsider the system itself broken and I can't bring myself to #ifdef for 73233174Stheravensomething as screwed up as this system seems to be. However, various others 74233174Stheravendid send me smaller patches which appear to have cause cron to build and run 75233174Stheravencorrectly on (the latest) NeXT machines, with or without the "-posix" CFLAG. 76233174StheravenIrving also asked for a per-job MAILTO, and this was finally added later when 77233174StheravenI integrated the BSD/386 changes contributed by BSDi, and generalized some of 78233174Stheraventhe parsing. 79233174Stheraven 80233174StheravenLots of folks complained that the autogenerated "Date:" header wasn't in 81233174StheravenARPA format. I didn't understand this -- either folks will use Sendmail and 82233174Stheravennot generate a Date: at all (since Sendmail will do it), or folks will use 83233174Stheravensomething other than Sendmail which won't care about Date: formats. But 84233174StheravenI've "fixed" it anyway... 85233174Stheraven 86233174StheravenSeveral people suggested that "*" should be able to take a "/step". One person 87233174Stheravensuggested that "N/step" ought to mean "N-last/step", but that's stretching things 88233174Stheravena bit far. "*/step" seems quite intuitive to me, so I've added it. Colin Plumb 89233174Stheravensent in the first and most polite request for this feature. 90233174Stheraven 91233174StheravenAs with every release of Cron, BIND, and seemingly everything else I do, one 92233174Stheravenuser stands out with the most critical but also the most useful analysis. 93233174StheravenCron V3's high score belongs to Peter Holzer, who sent in the nicest looking 94233174Stheravenpatch for the "%" interpretation problem and also helped me understand a 95233174Stheraventricky bit of badness in the "log_fd" problem. 96233174Stheraven 97233174Stheravenagulbra@flode.nvg.unit.no wins the honors for being the first to point out the 98233174Stheravennasty security hole in "crontab -r". 'Nuff said. 99233174Stheraven 100233174StheravenSeveral folks pointed out that log_it() needed to exist even if logging was 101233174Stheravendisabled. Some day I will create a tool that will compile a subsystem with 102233174Stheravenevery possible combination and permutation of #ifdef options, but meanwhile 103233174Stheraventhanks to everybody. 104233174Stheraven 105233174Stheravenjob_runqueue() was using storage after freeing it, since Jordan told me back 106233174Stheravenin 1983 that C let you do that, and I believed him in 1986 when I wrote all 107233174Stheraventhis junk. Linux was the first to die from this error, and the Linux people 108233174Stheravensent me the most amazing, um, collection of patches for this problem. Thanks 109233174Stheravenfor all the fish. 110233174Stheraven 111233174StheravenJeremy Bettis reminded me that popen() isn't safe. I grabbed Ken Arnold's 112233174Stheravenversion of popen/pclose from the ftpd and hacked it to taste. We're safe now, 113233174Stheravenfrom this at least. 114233174Stheraven 115261644SdimBranko Lankester sent me a very timely and helpful fix for a looming security 116261644Sdimproblem in my "crontab -e" implementation. 117261644Sdim 118261644Sdim-------- 119261644Sdim 120261644SdimVixie Cron Changes from V1 to V2 121261644SdimPaul Vixie 122261644Sdim8-Feb-1988 123261644Sdim 124261644SdimMany changes were made in a rash of activity about six months ago, the exact 125261644Sdimlist of which is no longer clear in my memory. I know that V1 used a file 126261644Sdimcalled POKECRON in /usr/spool/cron to tell it that it was time to re-read 127261644Sdimall the crontab files; V2 uses the modtime the crontab directory as a flag to 128233174Stheravencheck out the crontab files; those whose modtime has changed will be re-read, 129233174Stheravenand the others left alone. Note that the crontab(1) command will do a utimes 130233174Stheravencall to make sure the mtime of the dir changes, since the filename/inode will 131233174Stheravenoften remain the same after a replacement and the mtime wouldn't change in 132233174Stheraventhat case. 133233174Stheraven 134233174Stheraven8-Feb-88: made it possible to use much larger environment variable strings. 135233174Stheraven V1 allowed 100 characters; V2 allows 1000. This was needed for PATH 136233174Stheraven variables on some systems. Thanks to Toerless Eckert for this idea. 137233174Stheraven E-mail: UUCP: ...pyramid!fauern!faui10!eckert 138233174Stheraven 139233174Stheraven16-Feb-88: added allow/deny, moved /usr/spool/cron/crontabs to 140233174Stheraven /usr/lib/cron/tabs. allow and deny are /usr/lib/cron/{allow,deny}, 141233174Stheraven since the sysv naming for this depends on 'at' using the same 142233174Stheraven dir, which would be stupid (hint: use /usr/{lib,spool}/at). 143233174Stheraven 144233174Stheraven22-Feb-88: made it read the spool directory for crontabs and look each one 145233174Stheraven up using getpwnam() rather than reading all passwds with getpwent() 146233174Stheraven and trying to open each crontab. 147233174Stheraven 148233174Stheraven9-Dec-88: made it sync to :00 after the minute, makes cron predictable. 149233174Stheraven added logging to /var/cron/log. 150233174Stheraven 151233174Stheraven14-Apr-90: (actually, changes since December 1989) 152233174Stheraven fixed a number of bugs reported from the net and from John Gilmore. 153233174Stheraven added syslog per Keith Bostic. security features including not 154233174Stheraven being willing to run a command owned or writable by other than 155233174Stheraven the owner of the crontab 9not working well yet) 156233174Stheraven